Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Link aggregation groups

A link aggregation group (LAG) combines multiple network connections into a single connection.

LAG is also known as trunking, NIC teaming, NIC bonding, and EtherChannel. Link aggregation control protocol (LACP) is a part of the IEEE specification; it groups two or more physical links into a single logical link. You must turn on LACP at both ends of the link for it to function. LAG combines multiple physical links into a single logical link to increase bandwidth and make automatic failover available.

Link aggregation handles LAN traffic in the following ways:

  • Scales bandwidth usage according to the number of links used in the group.
  • Provides link redundancy with failover and failback for a continuous session.
  • Facilitates load sharing across links, according to the algorithm applied in the xmit-hash-policy.
  • Requires no changes to the existing network deployment or any additional hardware.

Sophos Firewall supports the following LAG modes:

  • Active-Backup: Provides automatic link failover or fault tolerance. In this mode, a single secondary member of the LAG remains active. If the active secondary member fails, then another member of the LAG becomes active.
  • LACP (802.3ad): Provides load balancing and automatic failover. In this mode, all the links are used for forwarding traffic.