Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1026
Views
0
Helpful
3
Replies

Issue with Nexus 5K HSRP

Daniel Alberto Rodriguez Quintero
Level 1
Level 1

‎01-02-2017 03:01 PM

Hi, I´m having issues with a Nexus 5k , We have a pair of 5k with dual-home fex scenario.

The issue comes after manually shutdown one vlan (it´s configured with HSRP) the host in the fexes loose connection to host across the network, we have OSPF as a routing protocol.

The 5k have a L3 dedicated connection.

I don´t know if this is a normal behavior because of the vpc mecanism.

i hope you can help me

Labels:
0 Helpful
3 Replies 3

Mark Malone
VIP Alumni
VIP Alumni

‎01-03-2017 04:28 AM

Hi Daniel

do you also along with your keepalive heartbeat L3 link you also have a peer-link running between the 2 5ks with all vlans allowed across between the peers yes for the VPC to work  ?

Its not normal behaviour you should be still able to reach everywhere even if one side drops , that's the whole point of VPC its resiliency to connect across multiple switches with one port-channel back to 1 device


interface port-channel100
  description VPC Heartbeat
  logging event port link-status
  vrf member heartbeat
  ip address x.x.x.x/x

# sh run int po1

!Command: show running-config interface port-channel1
!Time: Tue Jan  3 12:25:58 2017

version 6.2(12)

interface port-channel1
  description VPC Peer link to xxxxxxxxxxxxx
  switchport
  switchport mode trunk
  switchport trunk allowed vlan 2,10-11,17-18,20,28,31,33-34,36-39
  switchport trunk allowed vlan add 48,50,64-67,70,72,74,76,78,80,90-108
  switchport trunk allowed vlan add 112,226,400,431,490,1226,2224
  spanning-tree port type network
  logging event port link-status
  logging event port trunk-status
  vpc peer-link

0 Helpful

Daniel Alberto Rodriguez Quintero
Level 1
Level 1
In response to Mark Malone

‎01-03-2017 12:09 PM

Hi Mark, I manually shutdown the vlan for test purposes, and what I´m seeing is that my PC attached to my fex is not reaching the gateway ( the virtual address) and if I change the gw in my PC for the physical address start to respond, here´s the Nexus configs as an attachment.

Preview file
12 KB
Preview file
12 KB
0 Helpful

Darsan Menon
Cisco Employee
Cisco Employee
In response to Daniel Alberto Rodriguez Quintero

‎01-07-2017 09:34 PM

Hi Daniel,

I assume you are shutting down the SVI and the VLAN is operational when you do that.

In this case, you must be seeing a type 2 inconsistency in for the VPC.

Here the expectation would be to have the reachability to everything in same VLAN but you may have issues in connectivity to hosts outside the vlan. This would be caused by the scenario where the return traffic for the hosts arrive on the VPC peer where the SVI is down.

However, I would expect the host to reach the gateway.

Also, the above mentioned problem would also depend on the port-channel hashing result which would decide which VPC peer gets the traffic.

What you may want to look at is, if this is hitting everything connected to that dual homed fex. I would expect it to.

Check for the mac address table on the switch in question, and see if you have gateway flag set for the VMAC. It shouldn't be.

I understand you are testing failover of the traffic, however whats the scenario thats been simulated by shutting down SVI on one of the switches.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card