cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1216
Views
0
Helpful
3
Replies

Nexus 7K vPC Question

Scott_22
Level 1
Level 1

If a N7K that is configured as the primary vPC peer, and it is not the root bridge for a VLAN, will the traffic for that VLAN be passed through the secondary vPC peer if it is the root bridge? 

1 Accepted Solution

Accepted Solutions

Yes, it will forward the BPDUs to the primary switch in the vPC domain.

- Orlando -

View solution in original post

3 Replies 3

Orlando Barboza
Cisco Employee
Cisco Employee

Hello Scott_22,

 

In a vPC domain the device in charge of processing and sending BPDUs is the vPC primary, even if the root is the secondary switch, what happens in this scenario is that when the secondary switch in the vPC (the root), receives a BPDU, it proxies that BPDU to the primary switch across the peer-link so it can be processed. The best practice is configure the vPC primary switch as the root.

 

This is from the control plane perspective, now, from data plane perspective, both of the switches will be able to receive and forward regular traffic since in a vPC environment we won't have STP blocked ports, loops are avoided using the vPC loop avoidance mechanism of the vPC.

 

There is a feature that was implemented to enhance the STP operation in a vPC domain, it is called peer-switch. The main advantage of vPC peer-switch is the improvement in term of convergence time during vPC primary peer device failure/recovery. Without vPC peer-switch feature, vPC primary peer device failure and recovery usually create around 3 seconds of traffic disruption (for south to north traffic). With vPC peer-switch, traffic disruption is lowered to sub-second value because peer device down an up events do not generate any Rapid Spanning Tree Protocol Sync behavior (from a STP standpoint, there is no change in L2 topology).

 

When peer-switch is enabled, each Nexus switch shares a virtual bridge ID which allows both switches to act as root for the VLAN, so both switches are capable to process BPDUs.

 

Note: For proper behavior, VLAN priorities on both Nexus 7000 switches should be configured the same.

 

Below some documentation about this:

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/interfaces/521_N11/b_5k_Interfaces_Config_Guide_Release_521N11/b_5k_Interfaces_Config_Guide_Release_521N11_chapter_0101.html

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

 

HTH

 

- Orlando -

- Orlando -

So if I don't have peer-switch enabled, then the secondary switch specified as the root bridge will forward that traffic to the primary across the peer-link since it's creating the BPDUs?

Yes, it will forward the BPDUs to the primary switch in the vPC domain.

- Orlando -

Review Cisco Networking for a $25 gift card