06-18-2023 03:38 AM
If the vpc domain ID is the same between different pairs of leaf switches in the following configuration, is there any impact?
We are aware that the vpc domain ID affects the LACP system ID, so it should not be a problem unless LACP is configured between different pairs.
We actually configured it and found no abnormality in the vpc status.
Solved! Go to Solution.
06-22-2023 11:42 AM
I think, you're absolutely right:
system-mac = 00:23:04:ee:be:<domain-id>
If you don't want to
you should be fine.
Cisco itself state at Best Practices for Virtual Port Channels (vPC) that you can re-use the same Domain-ID even in back-to-back scenarios if you manually modify the system-mac to make it unique:
"If user absolutely wants to use the same domain-id on both vPC domains, then knob system-mac (under vPC
domain configuration context) must be used to force different vPC system-mac values."
...
"However, vPC system-mac is used only with vPC attached access devices while vPC local system-mac is used
with single attached devices (orphan port or active/standby with or without STP) Figure 10 illustrates how vPC
system-mac and vPC local system-mac are used.
09-28-2023 10:16 AM
It's strongly recommended to keep vPC domain IDs unique across a broadcast domain (continuous layer 2 network). LACP is one reason, but it's not the only one. For example, two vPC pairs with peer-switch enabled* and the same vPC domain will have the same MAC address for STP purposes. This causes unexpected blocking or loops in some cases.
* It's unsupported to configure a non-root vPC pair with peer-switch, but some deployments have this regardless.
06-22-2023 11:42 AM
I think, you're absolutely right:
system-mac = 00:23:04:ee:be:<domain-id>
If you don't want to
you should be fine.
Cisco itself state at Best Practices for Virtual Port Channels (vPC) that you can re-use the same Domain-ID even in back-to-back scenarios if you manually modify the system-mac to make it unique:
"If user absolutely wants to use the same domain-id on both vPC domains, then knob system-mac (under vPC
domain configuration context) must be used to force different vPC system-mac values."
...
"However, vPC system-mac is used only with vPC attached access devices while vPC local system-mac is used
with single attached devices (orphan port or active/standby with or without STP) Figure 10 illustrates how vPC
system-mac and vPC local system-mac are used.
06-23-2023 05:55 AM
Thank you for your response.
I now understand that in the case of double-sided vPC where LACP is used between vPC domains, both domains need to be recognized as separate devices, so the vPC system-MAC needs to be different (different vPC domain id).
I am relieved to know that in the above configuration, there is no problem to build with the same vPC domain Id.
06-29-2023 08:14 AM
Hi @YEH ,
@r.heitmann gave an excellet answer. I would like to share this video made by one of my peers that discusses Layer 3 routing over vPC and the vPC enhancements needed to successfully create a routing adjacency over a vPC enabled vlan.
https://www.youtube.com/watch?v=q_xAZJpqRiM
06-30-2023 11:48 PM
Thanks for sharing the great video. I will watch and study this.
09-28-2023 10:16 AM
It's strongly recommended to keep vPC domain IDs unique across a broadcast domain (continuous layer 2 network). LACP is one reason, but it's not the only one. For example, two vPC pairs with peer-switch enabled* and the same vPC domain will have the same MAC address for STP purposes. This causes unexpected blocking or loops in some cases.
* It's unsupported to configure a non-root vPC pair with peer-switch, but some deployments have this regardless.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide