Solved: Packet forwarding in nexus 7000 in VPC

shrivastava.am1 · ‎05-03-2018

Hello Everyone,

Its been a while i was studying about Nexus little confuse about how packet will foward in VPC

for e.g: -- nexus 7k and 7k2 Connected to Access Switch if any packet come to Access Switch hashing algorithm work. If it took the port toward primary 7k which is HSRP active it will move forward.

Now my Question :-- What if hashing algorithm chose 2nd link toward N2K i read some where there will be G bit by which it will chose the peer link but actually data will not move into the peer link please explain

ajay chauhan · ‎05-13-2018

Let's talk both the part's.

Control Plane - Active HSRP is responsible for responding ARP.

Data Plane - Both router will be active to forward data traffic .

For checking this you can login to switches and look at mac table for G flag (Gateway).

Ajay

View solution in original post

ajay chauhan · ‎05-13-2018

Let's talk both the part's.

Control Plane - Active HSRP is responsible for responding ARP.

Data Plane - Both router will be active to forward data traffic .

For checking this you can login to switches and look at mac table for G flag (Gateway).

Ajay

cassiolange · ‎05-13-2018

Hello,
From vPC Design and configuration...

vPC Data-Plane Loop Avoidance
vPC performs loop avoidance at data-plane layer instead of control plane layer for Spanning Tree Protocol.
All logics are implemented directly in hardware on vPC peer-link ports, avoiding any dependancy to CPU utilization.
vPC peer devices always forward traffic locally when possible. vPC peer-link does not typically forward data packets and it is usually considered as a control plane extension in a steady state network (vPC peer-link used to synchronize information between the 2 peer devices as mac address, vPC member state information, IGMP).
vPC loop avoidance rule states that traffic coming from vPC member port, then crossing vPC peer-link is NOT allowed to egress any vPC member port; however it can egress any other type of port (L3 port, orphan port, …).
The only exception to this rule occurs when vPC member port goes down. vPC peer devices exchange memberport states and reprogram in hardware the vPC loop avoidance logic for that particular vPC. The peer-link is then used as backup path for optimal resiliency. Traffic need not ingress a vPC member port for this rule to be applicable.

HSRP/VRRP active/active with vPC
HSRP (Hot Standby Router Protocol) and VRRP (Virtual Router Redundancy Protocol) are both network protocols that provides high availability for servers IP default gateway.
vPC domain at aggregation layer usually performs L2/L3 boundary so each vPC peer device is configure with interface VLAN (or SVI) and HSRP or VRRP runs on top of this interface.
HSRP and VRRP in the context of vPC have been improved from a functional and implementation standpoint to take full benefits of the L2 dual-active peer devices nature offered by vPC technology:
HSRP and VRRP operate in active-active mode from data plane standpoint, as opposed to classical active/standby implementation with STP based network.
No additional configuration is required. As soon as vPC domain is configured and interface VLAN with associated HSRP or VRRP group is activated, HSRP or VRRP will behave by default in active/active mode (on data plane side).
From a control plane standpoint, active-standby mode still applies for HSRP/VRRP in context of vPC; the active HSRP/VRRP intance responds to ARP request.

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf