Cisco NX-OS: vPC Configuration

vPC Order of Operations

  1. IP connectivity for Peer Keepalive
  2. Enable vPC & LACP globally
  3. Create vPC domain
    • define Peer Keepalive address
    • configure vPC role priority (Optional) – lower priority => vPC primary switch. (default 32667)
  4. Establish Port Channel for vPC Peer link
  5. Verify vPC Consistency Parameters
  6. Disable vPC Member Port (optional but recommended)
  7. Configure vPC Member Ports
  8. Enable vPC Member Ports

1. Make sure keepalive links is up and check IP reachability (mgmt0 could be used)

2. Turn features on globally

conf t
 feature vpc
 feature lacp

3. Create vPC domain

conf t
 vpc domain 1
 peer-keepalive destination 192.168.0.52
 role priority 2000
!management VRF will be used as the default VRF

To use the default vrf:

Even better way – separate vrf just for keepalive link to isolate it from the data plan:

vrf context VPC-PEER-KEEPALIVE
!
interface Ethernet1/1
  no switchport
  vrf member VPC-PEER-KEEPALIVE
  ip address 192.168.1.1/30
!
vpc domain 1
  peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf VPC-PEER-KEEPALIVE

show vpc
=> peer is alive

4. Create Peer link (LACP!)

conf t
 int e1/1-3
     channel-group 50 mode active
 int po50
     switchport mode trunk
     vpc peer-link

show vpc
=> peer adjacency formed ok
=> vPC role: primary/secondary

show cfs application
=> vpc yes

show vpc peer-keepalive

5. vPC Consistency Parameters

show vpc consistency-parameters global
=> match, fix if not

6-8 Member port

conf t
 int e1/24
     shut
     channel-group 51 mode on
 int po51
     switchport mode access
     switchport access vlan 10
     vpc 51
 int e1/24
     no shut

show vpc
=> vPC status, consistency = success

How to check which link is in use on wich vPC peer:
show int e1/24 | in “input|output packet”
and check counters

VLAN needs to be added to both vPC peers and allowed over Peer Link.

Entire config:

conf t
feature vpc
feature lacp
!
vpc domain 1
peer-keepalive destination 192.168.0.52
!
!
int e1/1-3
    channel-group 50 mode active
int po50
	switchport mode trunk
	vpc peer-link
!
!
int e1/24
	shut
	channel-group 51 mode on
int po51
	switchport mode access
	switchport access vlan 10
	vpc 51
int e1/24
	no shut

vPC Loop Prevention

via vPC Check:

  • Frames received in the vPC Peer Link cannot flood out a vPC Member Port while the remote vPC Peer has active vPC Members in the same vPC
Share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *