Nexus and vPC understanding.

Nexus and vPC ( VIRTUAL PORT CHANNEL) understanding.

I have been working on Nexus Environment, but could not get chance to document as blog for others can refer, Most of the time due to busy with  projects and tight  schedules and learning phase not got enough time to  make a Lab and share, Now since simulators available i am going to make some of my testing for your reference : keep reading the blog.

vPC technology on Nexus switches, you can now minimize the Spanning-Tree implementation between two identical Nexus switches acting as “core switches”. (Other than Nexus 2K – act as only L2 Extention switch)

vPC is Cisco Nexus MEC (Multi-chassis Ether Channel) solution. This vPC allows a downstream device running LACP (Link Aggregation Protocol) to bundle multiple links into a single logical link, which then connects to two different upstream switches configured in a common vPC domain.

A virtual port channel (vPC) allows links that are physically connected to two different Nexus 9K, 7K, 6K, 5K, or 3K switches together by doing a great job of spoofing Layer 2 (L2), including STP BPDU (Spanning Tree hellos) and FHRP (First Hop Routing Protocol such as HSRP, VRRP, GLBP) behavior. At L2, the switches behave like one switch, while retaining their distinct identities, unlike the Cisco VSS technique used with the 6500/6800 switches.

vPC terms :

vPC Components :

vPC Deployment Scenarios

vPC is typically used at the access or aggregation layer of the data center.

The 2 common deployment scenarios using vPC technology are listed as below:
● Inside Data Center:
◦ Single-sided vPC (access layer or aggregation layer)
◦ Double-sided vPC, also called multilayer vPC (access layer using vPC interconnected to aggregation layer using vPC)
● Across Data Center i.e vPC for Data Center Interconnect (DCI):
◦ Multilayer vPC for Aggregation and DCI
◦ Dual Layer 2 /Layer 3 Pod Interconnect

Below Simple typology  for testing.

 

The vPC implementation requires the following
* vPC domain ID
* vPC peer keepalive
* vPC peer

vPC domain ID :
Basically the vPC domain ID is like a domain of certain vPC members to distinguish from other vPC members. Such the domain can be seen as “virtual” Spanning-Tree domain which may consist of one or more VLAN. Similar to Spanning Tree concept, the domain ID is a number between 1 to 1000.

vPC peer keepalive:
The vPC peer keepalive is a mechanism similar to heartbeat, in order to find out whether the other Nexus “core switch” is alive. In a case where one of the core switch is unreachable from other core switch, the vPC domain is not disrupted; however it is suggested to mitigate the issue.

vPC peer:
The vPC peer is a mechanism to bundle the two “core switches” into single virtual switch from the perspective of access switch (or hosts). In Cisco implementation, this vPC peer requires identical 10 Gbps ports between the two “core switches” to form Etherchannel (Port Channel).

My  Complex LAB Setup.

Above L:ab PArt of vPC devices are :

NXOS1, NXOS2, INET, Switch3, Switch4

Example config :

INET :

INET#show run

hostname INET
vtp domain BBLB
vtp mode transparent
udld aggressive

no ip domain-lookup
ip cef
no ipv6 cef
!
!
!
vlan 100
!
interface Port-channel3
switchport trunk allowed vlan 30,100
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
!
interface GigabitEthernet0/2
switchport access vlan 100
media-type rj45
negotiation auto
!
!
interface GigabitEthernet1/0
switchport trunk allowed vlan 30,100
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
channel-group 3 mode on
!
interface GigabitEthernet1/1
switchport trunk allowed vlan 30,100
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
channel-group 3 mode on
!
interface Vlan100
ip address 192.168.1.253 255.255.255.0
!
!
ip route 0.0.0.0 0.0.0.0 192.168.1.254
!
end

 

NXOS1 :

switchname N7K1

feature udld
feature interface-vlan
feature hsrp
feature lacp
feature vpc
feature lldp
feature vtp
feature bfd

vlan 1,10,20,30,40,50,60,100,200,300,400,500,600,700,800

vrf context vpckeepalive
description vpc-keep-alive
vpc domain 1
peer-switch
role priority 2000
peer-keepalive destination 1.1.1.2 source 1.1.1.1 vrf vpckeepalive
delay restore 120
auto-recovery reload-delay 300

interface Vlan1

interface Vlan100
description global net – HSRP
no shutdown
no ip redirects
ip address 192.168.1.251/24
hsrp 100
ip 192.168.1.250

interface port-channel1
description *** vPC Peer-Link ***
switchport mode trunk
switchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
spanning-tree port type network
vpc peer-link

interface port-channel3
switchport mode trunk
switchport trunk allowed vlan 100
vpc 3

interface Ethernet1/1
description VPC-PEER-LINK
switchport mode trunk
switchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
channel-group 1 mode active
no shutdown

interface Ethernet1/2
description VPC-PEER-LINK
switchport mode trunk
switchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
channel-group 1 mode active
no shutdown

interface Ethernet1/13
description [(vPC KeepAlive link between Distribution 5K switches)]
no switchport
vrf member vpckeepalive
ip address 1.1.1.1/30
no shutdown

ip route 0.0.0.0/0 192.168.1.253

NXOS2 :

switchname N7K2
feature udld
feature interface-vlan
feature hsrp
feature lacp
feature vpc
feature vtp
!
vlan 1,10,20,30,40,50,60,100,200,300,400,500,600,700,800

vrf context management
vrf context vpckeepalive
description vpc-keepalive
vpc domain 1
peer-switch
role priority 2000
peer-keepalive destination 1.1.1.1 source 1.1.1.2 vrf vpckeepalive
delay restore 120
auto-recovery reload-delay 300
!
interface Vlan1
!
interface Vlan100
description global net – HSRP
no shutdown
no ip redirects
ip address 192.168.1.252/24
hsrp 100
ip 192.168.1.250
!
interface port-channel1
description *** vPC Peer-Link ***
switchport mode trunk
switchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
spanning-tree port type network
vpc peer-link
!
interface port-channel3
switchport mode trunk
switchport trunk allowed vlan 100
vpc 3
!
interface Ethernet1/1
description VPC-PEER-LINK
switchport mode trunk
switchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
channel-group 1 mode active
no shutdown
!
interface Ethernet1/2
description VPC-PEER-LINK
switchport mode trunk
switchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
channel-group 1 mode active
no shutdown
!
interface Ethernet1/9
description INTERNET
switchport mode trunk
switchport trunk allowed vlan 100
channel-group 3
no shutdown
!
interface Ethernet1/13
description [(vPC KeepAlive link between Distribution 5K switches)]
no switchport
vrf member vpckeepalive
ip address 1.1.1.2/30
no shutdown
!
ip route 0.0.0.0/0 192.168.1.253

 

Results :

N7K1# show vpc
Legend:
(*) – local vPC is down, forwarding via vPC peer-link

vPC domain id : 1
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 1
Peer Gateway : Disabled
Dual-active excluded VLANs : –
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled, timer is off.(timeout = 300s)
Delay-restore status : Timer is off.(timeout = 120s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled

vPC Peer-link status
———————————————————————
id Port Status Active vlans
— —- —— ————————————————-
1 Po1 up 10,20,30,40,50,100,300,400,500,600,700,800

vPC status
—————————————————————————-
Id Port Status Consistency Reason Active vlans
— ———— —— ———– —— —————
3 Po3 up success success 100

Please check “show vpc consistency-parameters vpc <vpc-num>” for the
consistency reason of down vpc and for type-2 consistency reasons for
any vpc.

N7K1# show vpc peer-keepalive

vPC keep-alive status : peer is alive
–Peer is alive for : (39483) seconds, (505) msec
–Send status : Success
–Last send at : 2017.08.20 07:22:05 707 ms
–Sent on interface : Eth1/13
–Receive status : Success
–Last receive at : 2017.08.20 07:22:05 234 ms
–Received on interface : Eth1/13
–Last update from peer : (0) seconds, (515) msec

vPC Keep-alive parameters
–Destination : 1.1.1.2
–Keepalive interval : 1000 msec
–Keepalive timeout : 5 seconds
–Keepalive hold timeout : 3 seconds
–Keepalive vrf : vpckeepalive
–Keepalive udp port : 3200
–Keepalive tos : 192

N7K1# show vpc consistency-parameters vpc 3

Legend:
Type 1 : vPC will be suspended in case of mismatch

Name Type Local Value Peer Value
————- —- ———————- ———————–
STP Port Type 1 Default Default
STP Port Guard 1 Default Default
STP MST Simulate PVST 1 Default Default
mode 1 on on
delayed-lacp 1 disabled disabled
Speed 1 1000 Mb/s 1000 Mb/s
Duplex 1 full full
Port Mode 1 trunk trunk
Native Vlan 1 1 1
MTU 1 1500 1500
LACP Mode 1 on on
Interface type 1 port-channel port-channel
Admin port mode 1 trunk trunk
Switchport Isolated 1 0 0
vPC card type 1 N9K TOR N9K TOR
Allowed VLANs – 100 100
Local suspended VLANs – – –

 

More labs will be available soon.

Good Luck !