EtherChannel Member Port in Suspended State
Presenting Symptom
An EtherChannel member port is in the 'suspended' state, causing traffic to not pass through that port.
Network Context
A small branch office network with two Cisco Catalyst 2960 switches connected via a 4-port EtherChannel (Port-channel 1). The switches run IOS 15.0(2) and are configured with LACP active mode. One of the member ports (GigabitEthernet0/2) shows as 'suspended' in 'show etherchannel summary', while the other three ports are bundled and forwarding traffic.
Diagnostic Steps
Check EtherChannel Summary
show etherchannel summaryFlags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------------
1 Po1(SU) LACP Gi0/1(P) Gi0/2(s) Gi0/3(P) Gi0/4(P)The output shows that Gi0/2 is in 's' (suspended) state. Suspended ports are not forwarding traffic. This indicates a problem with that specific port, such as mismatched parameters or LACP issues.
Check Port-Channel Interface Status
show interfaces port-channel 1 etherchannelPort-channel1:
Age of the Port-channel = 0d:00h:10m:32s
Logical slot/port = 2/1 Number of ports = 4
HotStandby port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Port security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+---------+----------------+-----------
0 55 Gi0/1 Active 4
1 55 Gi0/2 Suspended 4
2 55 Gi0/3 Active 4
3 55 Gi0/4 Active 4
Time since last port bundled: 0d:00h:10m:32s Gi0/1The 'EC state' for Gi0/2 is 'Suspended'. This confirms the port is not active in the bundle. The cause could be mismatched VLAN allowed list, trunk mode, or LACP parameters.
Check Interface Configuration of Suspended Port
show running-config interface gigabitEthernet 0/2interface GigabitEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk channel-group 1 mode active !
Compare this configuration with a working member port (e.g., Gi0/1). Look for mismatches in trunk encapsulation, allowed VLANs, or channel-group mode. In this case, the configuration looks identical to working ports, so the issue may be on the neighbor side.
Check LACP Neighbor Information
show lacp neighborFlags: S - Device is sending Slow LACPDUs F - Device is sending Fast LACPDUs.
A - Device is in Active mode P - Device is in Passive mode
Channel group 1 neighbors
Partner's information:
LACP port Oper Port Port
Port Flags Priority Dev ID Age key Number State
Gi0/1 SA 32768 0011.2233.4455 10s 0x1 0x102 0x3D
Gi0/2 SA 32768 0011.2233.4455 10s 0x1 0x102 0x3D
Gi0/3 SA 32768 0011.2233.4455 10s 0x1 0x102 0x3D
Gi0/4 SA 32768 0011.2233.4455 10s 0x1 0x102 0x3DIf the neighbor information for Gi0/2 shows the same partner as other ports, the issue is not LACP negotiation. If the neighbor is missing or shows different parameters, that indicates a mismatch. In this case, all neighbors look identical, so the problem may be a VLAN mismatch or STP inconsistency.
Check VLAN Allowed List on Trunk
show interfaces trunkPort Mode Encapsulation Status Native vlan Gi0/1 on 802.1q trunking 1 Gi0/2 on 802.1q trunking 1 Gi0/3 on 802.1q trunking 1 Gi0/4 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/1 1-1005 Gi0/2 1-1005 Gi0/3 1-1005 Gi0/4 1-1005 Port Vlans allowed and active in management domain Gi0/1 1,10,20,30 Gi0/2 1,10,20,30 Gi0/3 1,10,20,30 Gi0/4 1,10,20,30 Port Vlans in spanning tree forwarding state and not pruned Gi0/1 1,10,20,30 Gi0/2 1,10,20,30 Gi0/3 1,10,20,30 Gi0/4 1,10,20,30
All trunks show the same allowed VLANs. However, note that Gi0/2 is in 'trunking' status but suspended in EtherChannel. This suggests the issue is not VLAN-related. The next step is to check spanning-tree port state.
Check Spanning-Tree Port State
show spanning-tree interface gigabitEthernet 0/2Vlan Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- ------------------------- VLAN0001 Desg FWD 4 128.2 P2p VLAN0010 Desg FWD 4 128.2 P2p VLAN0020 Desg FWD 4 128.2 P2p VLAN0030 Desg FWD 4 128.2 P2p
The spanning-tree state is 'FWD' (forwarding) for all VLANs. This rules out STP blocking. The root cause must be a mismatch in EtherChannel parameters that is not immediately visible in the running config.
Check EtherChannel Port-Channel Port
show etherchannel portChannel-group listing:
----------------------
Group: 1
----------
Ports in the group:
-------------------
Port: Gi0/1
--------
Port state = Up, In-Bundle
Channel group = 1 Mode = Active Gcchange = 0
Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
Port index = 0 Load = 0x55 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending Fast LACPDUs.
A - Device is in Active mode P - Device is in Passive mode
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi0/1 SA bndl 32768 0x1 0x1 0x101 0x3D
Age of the port in the current state: 0d:00h:10m:32s
Port: Gi0/2
--------
Port state = Up, Suspended
Channel group = 1 Mode = Active Gcchange = 0
Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
Port index = 1 Load = 0x55 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending Fast LACPDUs.
A - Device is in Active mode P - Device is in Passive mode
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi0/2 SA susp 32768 0x1 0x1 0x102 0x3D
Age of the port in the current state: 0d:00h:10m:32sThe 'Port state' for Gi0/2 is 'Suspended'. The 'State' field shows 'susp'. This indicates the port is not bundled. The 'Admin Key' and 'Oper Key' are the same as working ports, so the issue is not key mismatch. The problem may be a hardware issue or a mismatch in the physical media type (e.g., one side is set to auto-negotiation and the other is not).
Check Physical Media and Duplex/Speed
show interfaces gigabitEthernet 0/2GigabitEthernet0/2 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 0011.2233.4456 (bia 0011.2233.4456)
Description: to SW2
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped outThe interface is up/up with full-duplex 1000Mb/s. No errors. This rules out physical layer issues. The problem must be a configuration mismatch on the neighbor switch.
Check Neighbor Switch Configuration
On the neighbor switch: show running-config interface gigabitEthernet 0/2interface GigabitEthernet0/2 switchport trunk encapsulation dot1q switchport mode trunk channel-group 1 mode passive !
The neighbor switch has 'channel-group 1 mode passive' while the local switch has 'mode active'. This is a valid LACP combination (active-passive) and should work. However, if the neighbor had 'mode on' (unconditional) or 'mode active' but with different parameters, it could cause suspension. In this case, the configuration looks correct. The root cause may be a mismatch in the 'channel-group' number or a different port-channel interface configuration.
Check Port-Channel Interface Configuration on Both Switches
show running-config interface port-channel 1interface Port-channel1 switchport trunk encapsulation dot1q switchport mode trunk !
Compare the port-channel interface configuration on both switches. If one switch has additional commands like 'switchport trunk allowed vlan 10,20' and the other has 'switchport trunk allowed vlan all', that mismatch can cause suspension. In this scenario, both are identical, so the issue is likely a software bug or a temporary LACP state.
Root Cause
The EtherChannel member port Gi0/2 is in suspended state due to a mismatch in the LACP system priority or port priority between the two switches. Specifically, the local switch has a default LACP system priority of 32768, but the neighbor switch has a different system priority (e.g., 4096) configured globally. This causes LACP to treat the port as incompatible and suspends it. Alternatively, a mismatch in the LACP port priority on the individual interface can also cause suspension. In this case, the neighbor switch has 'lacp port-priority 1' configured on Gi0/2, while the local switch uses the default of 32768, leading to a negotiation failure.
Resolution
Verification
Run 'show etherchannel summary' again. Expected output: Flags: D - down P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use N - not in use, no aggregation f - failed to allocate aggregator M - not in use, minimum links not met u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+---------------------------------------------- 1 Po1(SU) LACP Gi0/1(P) Gi0/2(P) Gi0/3(P) Gi0/4(P) All ports should show 'P' (bundled). Also verify with 'show lacp neighbor' to confirm consistent LACP parameters.
Prevention
1. Use consistent LACP system priority across all switches in the network to avoid negotiation mismatches. 2. Avoid manually configuring LACP port-priority unless necessary; use defaults to simplify troubleshooting. 3. Always verify EtherChannel configuration with 'show etherchannel summary' after any changes to member ports.
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where a port is suspended in an EtherChannel. The exam tests understanding of LACP modes (active/passive) and the impact of mismatched parameters (system priority, port priority, allowed VLANs). Candidates must know that suspended ports are not forwarding and how to identify the cause using 'show etherchannel summary' and 'show lacp neighbor'.
Exam Tips
Remember that 's' in 'show etherchannel summary' means suspended; the port is not forwarding traffic.
LACP system priority and port priority mismatches are common causes of suspension; check with 'show lacp neighbor'.
The command 'show etherchannel port' provides detailed LACP state information including admin and oper keys.
Commands Used in This Scenario
show etherchannel port
Displays detailed port-level information for all ports that are part of an EtherChannel bundle, including port state, aggregation protocol, and partner details.
show etherchannel summary
Displays the status and configuration of all EtherChannel interfaces on the switch, used to verify channel bundling, port membership, and protocol state.
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions