{"id":448,"date":"2017-06-15T11:11:05","date_gmt":"2017-06-15T10:11:05","guid":{"rendered":"http:\/\/www.balajibandi.com\/?p=448"},"modified":"2017-08-20T08:24:16","modified_gmt":"2017-08-20T07:24:16","slug":"nexus-and-vpc-understanding","status":"publish","type":"post","link":"https:\/\/www.balajibandi.com\/?p=448","title":{"rendered":"Nexus and vPC understanding."},"content":{"rendered":"

Nexus and vPC ( VIRTUAL PORT CHANNEL) understanding.<\/span><\/strong><\/span><\/h1>\n

I have been working on Nexus Environment, but could not get chance to document as blog for others can refer, Most of the time due to busy with \u00a0projects and tight \u00a0schedules and learning phase not got enough time to \u00a0make a Lab and share, Now since simulators available i am going to make some of my testing for your reference : keep reading the blog.<\/p>\n

vPC technology on Nexus switches, you can now minimize the Spanning-Tree implementation between two identical Nexus switches acting as “core switches”. (Other than Nexus 2K – act as only L2 Extention switch)<\/p>\n

vPC is Cisco Nexus MEC (Multi-chassis Ether Channel) solution. This vPC allows a downstream device running LACP (Link Aggregation Protocol) to bundle multiple links into a single logical link, which then connects to two different upstream switches configured in a common vPC domain.<\/p>\n

A virtual port channel (vPC) allows links that are physically connected to two different Nexus 9K, 7K, 6K, 5K, or 3K switches together by doing a great job of spoofing Layer 2 (L2), including STP BPDU (Spanning Tree hellos) and FHRP (First Hop Routing Protocol such as HSRP, VRRP, GLBP) behavior. At L2, the switches behave like one switch, while retaining their distinct identities, unlike the Cisco VSS technique used with the 6500\/6800 switches.<\/p>\n

vPC terms :<\/p>\n

\"\"<\/p>\n

vPC Components :<\/p>\n

\"\"<\/p>\n

vPC Deployment Scenarios<\/p>\n

vPC is typically used at the access or aggregation layer of the data center.<\/p>\n

The 2 common deployment scenarios using vPC technology are listed as below:
\n\u25cf Inside Data Center:
\n\u25e6 Single-sided vPC (access layer or aggregation layer)
\n\u25e6 Double-sided vPC, also called multilayer vPC (access layer using vPC interconnected to aggregation layer using vPC)
\n\u25cf Across Data Center i.e vPC for Data Center Interconnect (DCI):
\n\u25e6 Multilayer vPC for Aggregation and DCI
\n\u25e6 Dual Layer 2 \/Layer 3 Pod Interconnect<\/p>\n

Below Simple typology \u00a0for testing.<\/p>\n

 <\/p>\n

\"\"<\/p>\n

The vPC implementation requires the following
\n* vPC domain ID
\n* vPC peer keepalive
\n* vPC peer<\/p>\n

vPC domain ID :
\nBasically the vPC domain ID is like a domain of certain vPC members to distinguish from other vPC members. Such the domain can be seen as “virtual” Spanning-Tree domain which may consist of one or more VLAN. Similar to Spanning Tree concept, the domain ID is a number between 1 to 1000.<\/p>\n

vPC peer keepalive:
\nThe vPC peer keepalive is a mechanism similar to heartbeat, in order to find out whether the other Nexus “core switch” is alive. In a case where one of the core switch is unreachable from other core switch, the vPC domain is not disrupted; however it is suggested to mitigate the issue.<\/p>\n

vPC peer:
\nThe vPC peer is a mechanism to bundle the two “core switches” into single virtual switch from the perspective of access switch (or hosts). In Cisco implementation, this vPC peer requires identical 10 Gbps ports between the two “core switches” to form Etherchannel (Port Channel).<\/p>\n

My \u00a0Complex LAB Setup.<\/p>\n

\"\"<\/p>\n

Above L:ab PArt of vPC devices are :<\/p>\n

NXOS1, NXOS2, INET, Switch3, Switch4<\/p>\n

Example config :<\/p>\n

INET :<\/p>\n

INET#show run<\/p>\n

hostname INET
\nvtp domain BBLB
\nvtp mode transparent
\nudld aggressive<\/p>\n

no ip domain-lookup
\nip cef
\nno ipv6 cef
\n!
\n!
\n!
\nvlan 100
\n!
\ninterface Port-channel3
\nswitchport trunk allowed vlan 30,100
\nswitchport trunk encapsulation dot1q
\nswitchport mode trunk
\n!
\ninterface GigabitEthernet0\/0
\nswitchport access vlan 100
\nmedia-type rj45
\nnegotiation auto
\n!
\n!
\ninterface GigabitEthernet0\/2
\nswitchport access vlan 100
\nmedia-type rj45
\nnegotiation auto
\n!
\n!
\ninterface GigabitEthernet1\/0
\nswitchport trunk allowed vlan 30,100
\nswitchport trunk encapsulation dot1q
\nswitchport mode trunk
\nmedia-type rj45
\nnegotiation auto
\nchannel-group 3 mode on
\n!
\ninterface GigabitEthernet1\/1
\nswitchport trunk allowed vlan 30,100
\nswitchport trunk encapsulation dot1q
\nswitchport mode trunk
\nmedia-type rj45
\nnegotiation auto
\nchannel-group 3 mode on
\n!
\ninterface Vlan100
\nip address 192.168.1.253 255.255.255.0
\n!
\n!
\nip route 0.0.0.0 0.0.0.0 192.168.1.254
\n!
\nend<\/p>\n

 <\/p>\n

NXOS1 :<\/p>\n

switchname N7K1<\/p>\n

feature udld
\nfeature interface-vlan
\nfeature hsrp
\nfeature lacp
\nfeature vpc
\nfeature lldp
\nfeature vtp
\nfeature bfd<\/p>\n

vlan 1,10,20,30,40,50,60,100,200,300,400,500,600,700,800<\/p>\n

vrf context vpckeepalive
\ndescription vpc-keep-alive
\nvpc domain 1
\npeer-switch
\nrole priority 2000
\npeer-keepalive destination 1.1.1.2 source 1.1.1.1 vrf vpckeepalive
\ndelay restore 120
\nauto-recovery reload-delay 300<\/p>\n

interface Vlan1<\/p>\n

interface Vlan100
\ndescription global net – HSRP
\nno shutdown
\nno ip redirects
\nip address 192.168.1.251\/24
\nhsrp 100
\nip 192.168.1.250<\/p>\n

interface port-channel1
\ndescription *** vPC Peer-Link ***
\nswitchport mode trunk
\nswitchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
\nspanning-tree port type network
\nvpc peer-link<\/p>\n

interface port-channel3
\nswitchport mode trunk
\nswitchport trunk allowed vlan 100
\nvpc 3<\/p>\n

interface Ethernet1\/1
\ndescription VPC-PEER-LINK
\nswitchport mode trunk
\nswitchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
\nchannel-group 1 mode active
\nno shutdown<\/p>\n

interface Ethernet1\/2
\ndescription VPC-PEER-LINK
\nswitchport mode trunk
\nswitchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
\nchannel-group 1 mode active
\nno shutdown<\/p>\n

interface Ethernet1\/13
\ndescription [(vPC KeepAlive link between Distribution 5K switches)]
\nno switchport
\nvrf member vpckeepalive
\nip address 1.1.1.1\/30
\nno shutdown<\/p>\n

ip route 0.0.0.0\/0 192.168.1.253<\/p>\n

NXOS2 :<\/p>\n

switchname N7K2
\nfeature udld
\nfeature interface-vlan
\nfeature hsrp
\nfeature lacp
\nfeature vpc
\nfeature vtp
\n!
\nvlan 1,10,20,30,40,50,60,100,200,300,400,500,600,700,800<\/p>\n

vrf context management
\nvrf context vpckeepalive
\ndescription vpc-keepalive
\nvpc domain 1
\npeer-switch
\nrole priority 2000
\npeer-keepalive destination 1.1.1.1 source 1.1.1.2 vrf vpckeepalive
\ndelay restore 120
\nauto-recovery reload-delay 300
\n!
\ninterface Vlan1
\n!
\ninterface Vlan100
\ndescription global net – HSRP
\nno shutdown
\nno ip redirects
\nip address 192.168.1.252\/24
\nhsrp 100
\nip 192.168.1.250
\n!
\ninterface port-channel1
\ndescription *** vPC Peer-Link ***
\nswitchport mode trunk
\nswitchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
\nspanning-tree port type network
\nvpc peer-link
\n!
\ninterface port-channel3
\nswitchport mode trunk
\nswitchport trunk allowed vlan 100
\nvpc 3
\n!
\ninterface Ethernet1\/1
\ndescription VPC-PEER-LINK
\nswitchport mode trunk
\nswitchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
\nchannel-group 1 mode active
\nno shutdown
\n!
\ninterface Ethernet1\/2
\ndescription VPC-PEER-LINK
\nswitchport mode trunk
\nswitchport trunk allowed vlan 10-50,100,300,400,500,600,700,800
\nchannel-group 1 mode active
\nno shutdown
\n!
\ninterface Ethernet1\/9
\ndescription INTERNET
\nswitchport mode trunk
\nswitchport trunk allowed vlan 100
\nchannel-group 3
\nno shutdown
\n!
\ninterface Ethernet1\/13
\ndescription [(vPC KeepAlive link between Distribution 5K switches)]
\nno switchport
\nvrf member vpckeepalive
\nip address 1.1.1.2\/30
\nno shutdown
\n!
\nip route 0.0.0.0\/0 192.168.1.253<\/p>\n

 <\/p>\n

Results :<\/p>\n

N7K1# show vpc
\nLegend:
\n(*) – local vPC is down, forwarding via vPC peer-link<\/p>\n

vPC domain id : 1
\nPeer status : peer adjacency formed ok
\nvPC keep-alive status : peer is alive
\nConfiguration consistency status : success
\nPer-vlan consistency status : success
\nType-2 consistency status : success
\nvPC role : primary
\nNumber of vPCs configured : 1
\nPeer Gateway : Disabled
\nDual-active excluded VLANs : –
\nGraceful Consistency Check : Enabled
\nAuto-recovery status : Enabled, timer is off.(timeout = 300s)
\nDelay-restore status : Timer is off.(timeout = 120s)
\nDelay-restore SVI status : Timer is off.(timeout = 10s)
\nOperational Layer3 Peer-router : Disabled<\/p>\n

vPC Peer-link status
\n———————————————————————
\nid Port Status Active vlans
\n— —- —— ————————————————-
\n1 Po1 up 10,20,30,40,50,100,300,400,500,600,700,800<\/p>\n

vPC status
\n—————————————————————————-
\nId Port Status Consistency Reason Active vlans
\n— ———— —— ———– —— —————
\n3 Po3 up success success 100<\/p>\n

Please check “show vpc consistency-parameters vpc <vpc-num>” for the
\nconsistency reason of down vpc and for type-2 consistency reasons for
\nany vpc.<\/p>\n

N7K1# show vpc peer-keepalive<\/p>\n

vPC keep-alive status : peer is alive
\n–Peer is alive for : (39483) seconds, (505) msec
\n–Send status : Success
\n–Last send at : 2017.08.20 07:22:05 707 ms
\n–Sent on interface : Eth1\/13
\n–Receive status : Success
\n–Last receive at : 2017.08.20 07:22:05 234 ms
\n–Received on interface : Eth1\/13
\n–Last update from peer : (0) seconds, (515) msec<\/p>\n

vPC Keep-alive parameters
\n–Destination : 1.1.1.2
\n–Keepalive interval : 1000 msec
\n–Keepalive timeout : 5 seconds
\n–Keepalive hold timeout : 3 seconds
\n–Keepalive vrf : vpckeepalive
\n–Keepalive udp port : 3200
\n–Keepalive tos : 192<\/p>\n

N7K1# show vpc consistency-parameters vpc 3<\/p>\n

Legend:
\nType 1 : vPC will be suspended in case of mismatch<\/p>\n

Name Type Local Value Peer Value
\n————- —- ———————- ———————–
\nSTP Port Type 1 Default Default
\nSTP Port Guard 1 Default Default
\nSTP MST Simulate PVST 1 Default Default
\nmode 1 on on
\ndelayed-lacp 1 disabled disabled
\nSpeed 1 1000 Mb\/s 1000 Mb\/s
\nDuplex 1 full full
\nPort Mode 1 trunk trunk
\nNative Vlan 1 1 1
\nMTU 1 1500 1500
\nLACP Mode 1 on on
\nInterface type 1 port-channel port-channel
\nAdmin port mode 1 trunk trunk
\nSwitchport Isolated 1 0 0
\nvPC card type 1 N9K TOR N9K TOR
\nAllowed VLANs – 100 100
\nLocal suspended VLANs – – –<\/p>\n

 <\/p>\n

More labs will be available soon.<\/p>\n

Good Luck !<\/p>\n","protected":false},"excerpt":{"rendered":"

Nexus and vPC ( VIRTUAL PORT CHANNEL) understanding. I have been working on Nexus Environment, but could not get chance to document as blog for others can refer, Most of the time due to busy with \u00a0projects and tight \u00a0schedules and learning phase not got enough time to \u00a0make a Lab and share, Now since […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,25,26],"tags":[],"class_list":["post-448","post","type-post","status-publish","format-standard","hentry","category-ccie-sec","category-ccie-dc","category-eve-unl"],"_links":{"self":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/448","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=448"}],"version-history":[{"count":2,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/448\/revisions"}],"predecessor-version":[{"id":458,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/448\/revisions\/458"}],"wp:attachment":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=448"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=448"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=448"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}