Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1066
Views
0
Helpful
2
Replies

Host/port connectivty issue on FEX 2348UPQ on 93180YC-EX

Kasper Mortensen
Level 1
Level 1

‎10-19-2018 04:08 PM - edited ‎10-19-2018 04:19 PM

I have a weird connectivity issue for the ports on a pair of NX9K, which seems like one way traffic problem. The setup is:

 

NX7 --- NX7 - has HSRP gateway for the VLAN

  |      \/     |

  |      /\     |

NX9 ---  NX9 < VPC peer-link between

  |             |

FEX         FEX

  |

HOST on VLAN 2

 

So the host on VLAN 2 cant establish IP connectivity to the gateway of the VLAN. If I ping from the host towards the gateway, then the NX7 switches will create an ARP entry for the right MAC address and IP, but no ICMP reply reaches the host. If I ping from the NX7 to the host IP, then it doesn't find the host. If I create an SVI on the 9K in VLAN 2 with an IP address, then IP connectivity between the NX7 and NX9 on VLAN 2 works just fine. If I create an SVI on the 9K, then I can ping between the host and the 9K on the VLAN. So there is some layer 2 problem here. The MAC address of the host is available on all the switches. The port connected to the host is not a port-channel/VPC. The 9Ks and 7Ks are not running back to back VPC, STP is just blocking one link. 

 

Is there anything to be aware of on the 9K platform in regards to FEX access ports or something else? I've stared myself blind on this problem, so I could use some input ideas. 

 

 

 

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎10-20-2018 10:37 AM

At this moment very difficult to say where is the problem resides, if we can see you configuration 7K - 9K and Also Fex port configuration you have connected.

 

Make sure Vlans are announced in vPC peer-link. also give more inputs do you have any IGP running here ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

nazimkha
Level 4
Level 4

‎10-22-2018 07:00 AM

The 9Ks and 7Ks are not running back to back VPC, STP is just blocking one link. 

 

I would not say that it will not work with this but it is not a recommended design. For troubleshooting your problem, I would look at the STP states, vPC VLAN forwarding, ensuring vPC loop avoidance rule is not dropping packets.If possible I will shut down one N9K and test this scenario. However it would be best if you can have a back to back vPC between the N7K and N9K which is the recommended design

 

Here is snippet of vPC loop avoidance rule :

vPC loop avoidance rule states that traffic coming from vPC member port, then crossing vPC peer-link is NOT
allowed to egress any vPC member port; however it can egress any other type of port (L3 port, orphan port, ...).
 
A similar thread :
 
0 Helpful
Customers Also Viewed These Support Documents