Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2700
Views
0
Helpful
2
Replies

Back To Back vPC

ThariqAli
Level 1
Level 1

‎05-26-2021 08:46 PM

I would like some clarity regarding a back-to-back vPC between 2 sets of Nexus switches running NX-OS 9.3 (pic attached). The core Nexus switches are 9508's running HSRP/OSPF and the distribution switches are various 9K's (we have a few back-to-backs). I currently have 1 vPC going down and one coming up. The question is regarding the options such as "spanning-tree port type" and "spanning-tree bpdufilter/bpduguard" options. I have referenced https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

 

And was wondering where these different configuration options should be configured as a best practice and at what end?

 

sho spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: none
L2 Gateway STP                           is disabled
Port Type Default                        is disable
Edge Port [PortFast] BPDU Guard Default  is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance                         is enabled
Loopguard Default                        is disabled
Pathcost method used                     is short
STP-Lite                                 is disabled 

 

vPCBacktoBack.jpg

Labels:
0 Helpful
2 Replies 2

kkhlebop
Cisco Employee
Cisco Employee

‎07-12-2021 01:26 PM

Found some interesting documentation that might help you in your decision. 


https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/interfaces/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Interfaces_Configuration_Guide/b_Cisco_Nexus_9000_Series_NX-OS_Interfaces_Configuration_Guide_chapter_0111.html#...

 

Using the find feature of your browser, go to the section that reads:

Features That You Must Manually Configure on the Primary and Secondary Devices

I hope this helps

0 Helpful

Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎07-12-2021 10:43 PM

Hi @ThariqAli 

The "spanning-tree port type" can help you in two situations:

  • spanning-tree port type network - this is when you want to add an extra layer of "safety" to make sure that the remote device still sends STP BPDUs, or to avoid unidirectional links, by simply leveraging the STP BPDUs. Personally, I do not use this feature, but, for your information, it is automatically enabled on VPC Peer-link.
  • spanning-tree port type edge - to be configured on any link where endpoints are connected (servers which do not run STP). Very useful and very needed feature.

"spanning-tree bpdufilter/bpduguard" these do not have any special recommendation when it comes to VPC. You use if if you need it.

 

Stay safe,

Sergiu

0 Helpful
Customers Also Viewed These Support Documents