Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1907
Views
0
Helpful
4
Replies

ACI N7K VPC configuration

Go to solution
Luke Poskitt
Level 1
Level 1

‎05-07-2017 11:07 PM - edited ‎03-01-2019 05:13 AM

Hi Guys,

I've connected my test UCS to my test ACI fabric using a vPC per fabric interconnect on my two leaf nodes, and I've connected my test ACI fabric to my N7K pair core using a double-sided vPC to my leaf nodes.

I've created a single BD containing a single EPG and a single VLAN and have deployed the EPG onto the three vPCs (UCS-A-vPC, UCS-B-vPC, and N7K-vPC) using the single VLAN ID as the primary encapsulation.

Unfortunately, the single VLAN trunked on the N7K vPC is entering a blocking state almost immediately on enabling the vPC - I can only assume that BPDUs by the ACI fabric on the N7K vPC are being re-broadcast back out the same vPC.

What is the correct spanning-tree port type and bpduguard/bpdufilter configuration that should be used on an N7K layer 2 vPC to the ACI fabric.

Apologies if this is a stupid question, but I can't seem to find this information documented in any white paper, guide, or best practice.

Cheers,

-Luke

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nik Noltenius
Spotlight
Spotlight

‎05-08-2017 12:33 AM

Hi Luke,

we have this working on an N7k vPC pair connecting to an ACI fabric:

interface port-channel1
  switchport
  switchport mode trunk
  switchport trunk allowed vlan <x,y,z>
  spanning-tree port type edge trunk
  spanning-tree bpdufilter enable
  mtu 9216
  vpc 1

Hope this helps

Nik

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Nik Noltenius
Spotlight
Spotlight

‎05-08-2017 12:33 AM

Hi Luke,

we have this working on an N7k vPC pair connecting to an ACI fabric:

interface port-channel1
  switchport
  switchport mode trunk
  switchport trunk allowed vlan <x,y,z>
  spanning-tree port type edge trunk
  spanning-tree bpdufilter enable
  mtu 9216
  vpc 1

Hope this helps

Nik

0 Helpful

Go to solution
Luke Poskitt
Level 1
Level 1
In response to Nik Noltenius

‎05-08-2017 06:06 PM

Thanks Nik, that solved the problem of the N7K vPC entering a blocking state.

However, I found it was also necessary to enable legacy mode on my bridge domain specifying the single VLAN - on checking, I found that the VLAN wasn't being programmed onto the interfaces/vPCs on which the EPG had been statically deployed, although I'm not sure why.

Cheers,

-Luke

0 Helpful

Go to solution
Luke Poskitt
Level 1
Level 1
In response to Luke Poskitt

‎05-08-2017 06:52 PM

As a follow-up; I disabled legacy mode on the BD and selected the "Enable Infrastructure VLAN" checkbox in the "default" AAEP (accidentally - I was meaning to enable it in the AAEP associated with the physical domain being used), and surprisingly this seems to have now programmed the VLAN onto the leaves (e.g. sh vlan extended).

I'm not sure how or why this worked - it continued working after I unselected the "enable Infrastructure VLAN" checkbox and I wasn't able to re-produce the issue seen.

0 Helpful

Go to solution
Shahid Raza
Level 1
Level 1
In response to Luke Poskitt

‎05-09-2017 02:31 AM

My All Dear friends,

Could you please help me, I wan to join CCIE Data center classes.I have got new job on Data center but i don't have good command of Nexus.But my expertise in  Routing and Switching. 

Could you please help me to find best Nexus trainer.

#Thank you so much# 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License