Re: Spanning tree priority with VPC recommendations NX OS

fly · ‎01-08-2019

we are facing a migration problem from traditional network to vxlan network

we want to connect two temporary layer 2 link from two traditional core switch to two vlxan layer 2 vtep gateway switch( VPC peer) , and connect many vlans in traditional network to layer 2 vni inside vxlan network as temporary migration path for layer 2 traffic between two network.

because traditional network is a very important network ,many vlans on it , and running PVST, root is on core switch.

we can't get any business traffic interrupt on traditional network when we connect two network together , we don't want spanning root move to VxLan vtep VPC peer because spanning root transfer can get whole Spanning tree converge and get traffic interrupt

after finishing migration , we will disconnect whole traditional network , after that spanning root will transfer to vxlan layer 2 VPC gateway.

is this possible to config spanning root outside VPC switch?

thank you

Andy

nazimkha · ‎01-09-2019

Hi Andy,

I did implement in one of the projects. The only difference was the switches connecting to the traditional core network were also in vPC so it was like a dual-sided vPC.
You can test out the migration by using one test VLAN (unused), trunking that only VLAN on the port-channel between the VXLAN leaf switches and the traditional core switches. Ensuring better spanning-tree priority for that VLAN and see how it works out.

I wanted to do EVPN ESI multi-homing for other edge devices but the switches didnt support it at that time

fly · ‎01-19-2019

HI,nazimkha,

Thank you!

we just connect 3560G-1 switch to Border Leaf 1and 3560G-2 to Border Leaf 2,you can see topology picture attatch

and create a vlan 21 between this switch , spanning root is on border leaf 1,3560G-2 G0/24 was blocked due to spanning tree.

this is normal behavior I think , when I disconnect link between two 3560 and two border leaf,

stp root will transit to 3560G-1, and reconnect links between two 3560 and two border leaf,

stp root will be transited to border leaf 1, and some pc connect between two 3560 switch and 2960 will lost packet for 30 seconds.

I also config vxlan l2 vni 10021 for vlan 21 in vxlan network.

I have a question is there any possible there is a loop between vxlan l2 vni 10021 and vlan 21 under traditional network on two 3560 swtiches, because vxlan l2 vni 10021 also create anther layer2 path of vlan 21 and loop strom will destroy all switch, but I didn't find layer2 loop storm

on my test.

only problem is I config many vlan on two 3560 and exceed vlan numbers 3560 permission, I found stp process cpu is very high, because PVST,I think this is not a problem, this is 3560 performance isssue

fly · ‎01-19-2019

Hi
nazimkha

I am afraid create a loop between vxlan bleaf 1 2 switch and two tradition switches, because old network is very important mwe can't use back-to-back up VPC , becuase old network core swithes are two catalyst 65, we want to link 65-1 to bleaf1 , 65-2 to bleaf2, 65-1 and 65-2 has one trunk(running many years)
that create l2 loop between two network though two 65 and two bleaf vpc peer link , also through vxlan l2vni I think.
I found spanning tree can block vlan 21 on traditional network for loop free,
I also config l2 vni for this vlan , if traffic come from one vpc bleaf 1 , traffic will send to another vpc peer bleaf 2 through l2 vni ,(although traditional path was blocked correctly by stp) then broadcast traffic send back through vpc peer link(loop link for vlan21), back to bleaf 1
there is possible for create this loop?
thank you!

Andy