cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
829
Views
5
Helpful
11
Replies

vPC in nexus

Mustapha Bassim
Beginner
Beginner

Hello Dears

 

I am trying to perform vPC configuration with Linux Server but it's still not being up take in mind the the vPC peer link is up and working normally between two switches and here is the configuration for one of them which is identical to the anther  :

 


!Command: show running-config
!No configuration change since last restart
!Time: Mon Apr 4 05:46:58 2022

version 10.1(1) Bios:version 01.03
hostname Switch-1
vdc TOR-1 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 248 maximum 248
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

cfs eth distribute
feature interface-vlan
feature lacp
feature vpc

username admin password 5 $5$LIFDDB$a9Tx/4EU6Ltgt2bU4l6tmWt9kvYvYLBLjcJ/LBj.FjB role network-admin
ip domain-lookup
copp profile strict
snmp-server user admin network-admin auth md5 0xdbf7d32b3a79f4ed9c7afa36273b643c priv aes-128 0xdbf7d32b3a79f4ed9c7afa36273b643c localizedkey
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

vlan 1,9,20-24,1000
vlan 9
name MGMT
vlan 20
name OLVM
vlan 21
name APP
vlan 22
name DB
vlan 23
name keepalive
vlan 24
name Mirgation
vlan 1000
name VPC-Peer-link

spanning-tree vlan 1,9,23,99 priority 0
vrf context keepalive
vrf context management
vpc domain 1
peer-keepalive destination 100.64.0.18 source 100.64.0.17 vrf keepalive


interface Vlan1
no shutdown

interface Vlan1000
no shutdown
vrf member keepalive
ip address 100.64.0.17/30

interface port-channel1
description VPC Peer link
switchport
switchport mode trunk
spanning-tree port type network
vpc peer-link

interface port-channel20
description To Server-3
switchport
switchport mode trunk
switchport trunk allowed vlan 20
spanning-tree port type network
vpc 20

interface port-channel21s
description To Server
switchport
switchport mode trunk
switchport trunk allowed vlan 20-22
spanning-tree port type network
vpc 21

interface Ethernet1/1
description To Server-3
switchport
switchport mode trunk
switchport trunk allowed vlan 20
channel-group 20 mode active
no shutdown

interface Ethernet1/2
description To Zabbix

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15

interface Ethernet1/16

interface Ethernet1/17

interface Ethernet1/18

interface Ethernet1/19

interface Ethernet1/20

interface Ethernet1/21

interface Ethernet1/22

interface Ethernet1/23

interface Ethernet1/24

interface Ethernet1/25

interface Ethernet1/26

interface Ethernet1/27

interface Ethernet1/28

interface Ethernet1/29

interface Ethernet1/30

interface Ethernet1/31

interface Ethernet1/32

interface Ethernet1/33

interface Ethernet1/34

interface Ethernet1/35

interface Ethernet1/36

interface Ethernet1/37

interface Ethernet1/38

interface Ethernet1/39

interface Ethernet1/40

interface Ethernet1/41
description VPC Peer Links
switchport
switchport mode trunk
channel-group 1 mode active
no shutdown

interface Ethernet1/42
description VPC Peer Links
switchport
switchport mode trunk
channel-group 1 mode active
no shutdown

interface Ethernet1/43

interface Ethernet1/44


interface Ethernet1/45
description To Server-2
switchport
switchport mode trunk
switchport trunk allowed vlan 20-22
spanning-tree port type network
channel-group 21 mode active
no shutdown

interface Ethernet1/46
description To Server-1
switchport
switchport mode trunk
switchport trunk allowed vlan 20-22
spanning-tree port type network
channel-group 21 mode active
no shutdown

interface Ethernet1/47

switchport
switchport mode trunk
no shutdown

interface Ethernet1/48
switchport
switchport mode trunk
no shutdown

 

Bests

1 ACCEPTED SOLUTION

Accepted Solutions

BA_Inc means Bridge Assurance Inconsistency. In other words, there are not STP BPDus received on that port-channel. 

I noticed you configured the Po21 as stp network type. By doing that, you automatically enable Bridge Assurance. You either change the Po21 back to port type normal or enable port type network on the remote side of Po21.

 

Stay safe,

Sergiu

View solution in original post

11 REPLIES 11

balaji.bandi
VIP Guru VIP Guru
VIP Guru

what is the issue ? you have not provided show outputs to understand. is the Linux not working when you make a VPC PO ?

 

here is example tested using Windows Server. :

 

https://www.balajibandi.com/?s=vpc

 

post show vpc (output) along with other side config also impprtant here.

what Linux distro , what is the config on the Linux box /

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

hello dear

 

thnx for reply

 

these are the outputs

 

Switch-2# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id : 1
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : failed

 

----

 

Swtich-2# show vpc consistency-parameters vpc 22

Legend:
Type 1 : vPC will be suspended in case of mismatch

Name Type Local Value Peer Value
------------- ---- ---------------------- -----------------------
STP Port Guard 1 Default Default
STP Port Type 1 Network Port Network Port
STP MST Simulate PVST 1 Default Default
Allow-Multi-Tag 1 Disabled Disabled
Vlan xlt mapping 1 Disabled Disabled
vPC card type 1 N9K TOR N9K TOR
Allowed VLANs - 20-22 20-22
Local suspended VLANs - - -


Type-2 inconsistency reason : SVI type-2 configuration incompatible
vPC role : secondary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
Virtual-peerlink mode : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po1 up 1,9,20-24,1000

vPC status
----------------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
21 Po21 up success success 20-22

22 Po22 down* success success -

MHM Cisco World
Advisor
Advisor

Type-2 consistency status : failed <- failed meaning the VLAN STP .... mismatch between the member of vPC PortChannel.
show vpc brief 
give you what is mismatch.

this is the output of show vpc brief

 

show vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id : 1
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : failed
Type-2 inconsistency reason : SVI type-2 configuration incompatible
vPC role : secondary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
Virtual-peerlink mode : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po1 up 1,9,20-25,1000

vPC status
----------------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
21 Po21 up success success 20-22

23 Po23 down* success success -


Please check "show vpc consistency-parameters vpc <vpc-num>" for the
consistency reason of down vpc and for type-2 consistency reasons for
any vpc.

One Peer config SVI and UP/UP 
other Peer don't config SVI or it Down.

check all VLAN SVI allow through vPC in both peer.

Hello dear
I noticed that one of the interfaces in SVI is up and the second is down and do them successfully to be align and make the interface between the two switches L3 interface not using SVI to avoid any issue but i had new issue as show in "show spanning-tree"

 


Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Desg FWD 1 128.4096 (vPC peer-link) Network P2p
Po21 Desg BKN*1 128.4116 (vPC) Network P2p *BA_Inc
Eth1/45 Desg FWD 2 128.177 P2p
Eth1/47 Desg FWD 2 128.185 P2p

 

could u advise about that ?

Sergiu.Daniluk
VIP Advisor VIP Advisor
VIP Advisor

There are a couple of things which are to be noted in the outputs you provided:

1. PKA is using SVI 1000, and vlan 1000 is allowed over PeerLink - you should modify this type of setup.

2. There is a type 2 mismatch: "Type-2 inconsistency reason : SVI type-2 configuration incompatible" - this indicates an SVI up on one peer and the same SVI down or not configured. Note that this is not a supported config and you should bring up SVI on both peers.

 

Take care,

Sergiu

Hi dear

thnx for interesting info and now the issue is up but i am facing anther issue in STP

 

 "show spanning-tree"

 


Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Desg FWD 1 128.4096 (vPC peer-link) Network P2p
Po21 Desg BKN*1 128.4116 (vPC) Network P2p *BA_Inc
Eth1/45 Desg FWD 2 128.177 P2p
Eth1/47 Desg FWD 2 128.185 P2p

 

could u advise about that ?

Are the Linux Server config with Ether channel?
the vPC must see one MAC address from the Linux Server not two.

BA_Inc means Bridge Assurance Inconsistency. In other words, there are not STP BPDus received on that port-channel. 

I noticed you configured the Po21 as stp network type. By doing that, you automatically enable Bridge Assurance. You either change the Po21 back to port type normal or enable port type network on the remote side of Po21.

 

Stay safe,

Sergiu

thnx very much , it solved my issue

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: