peer-switch feature issue

Craddockc · ‎01-31-2018

Community,

I have a pair of 9396PX's running NX OS version 7.0(3)I4(6) that have two port channels between them. Po1 is the vPC peer link that carries most of the traffic between the two switches in vPC domain 1. Po2 is a "routing backbone" links that carries OSPF routing protocol traffic. The issue I am seeing is that when I implement the peer-switch feature on both switches in the "vpc domain 1"sub menu, the Po2 interface on one of the switches (PHX-AGG-1A) goes into a spanning tree Backup interface role and Blocking state. The vPC peer link (Po1) however does not. This obviously is causing the OSPF neighborship to go down.

My assumption is that since both switches are using the same exact Spanning Tree BID (0023.04ee.be01) when the peer-switch feature is implemented , the affected switch believes that it is receiving BPDUs from itself and moves the Po2 interface into a Backup role. Is this normal? I've never seen this before. I've attached a topology and some output to illustrate the issue.

PHX-AGG-1A(config)# vpc domain 1
PHX-AGG-1A(config-vpc-domain)# peer-switch
PHX-AGG-1A(config-vpc-domain)# end
PHX-AGG-1A# show spanning-tree interface po2

Vlan Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
VLAN0200 Back BLK 250 128.4097 P2p

VLAN0201 Back BLK 250 128.4097 P2p

VLAN0202 Back BLK 250 128.4097 P2p

VLAN0203 Back BLK 250 128.4097 P2p

PHX-AGG-1A# conf t
Enter configuration commands, one per line. End with CNTL/Z.
PHX-AGG-1A(config)# vpc domain 1
PHX-AGG-1A(config-vpc-domain)# no peer-switch
PHX-AGG-1A(config-vpc-domain)# end
PHX-AGG-1A# show spanning-tree int po2

Vlan Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
VLAN0200 Root FWD 250 128.4097 P2p

VLAN0201 Root FWD 250 128.4097 P2p

VLAN0202 Root FWD 250 128.4097 P2p

VLAN0203 Root FWD 250 128.4097 P2p

PHX-AGG-1A#

PHX-AGG-1A# show spanning-tree vlan 200

VLAN0200
Spanning tree enabled protocol rstp
Root ID Priority 4296
Address 0023.04ee.be01
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 4296 (priority 4096 sys-id-ext 200)
Address 0023.04ee.be01
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po2 Back BLK 250 128.4097 P2p

PHX-AGG-1B# show spanning-tree vlan 200

VLAN0200
Spanning tree enabled protocol rstp
Root ID Priority 4296
Address 0023.04ee.be01
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 4296 (priority 4096 sys-id-ext 200)
Address 0023.04ee.be01
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po2 Desg FWD 250 128.4097 P2p

Am I misconfiguring something here? I am not entirely sure as why when these were set up that 2 separate port channels were created to carry different traffic. Is this a design best practice or should I just go ahead and migrate the Po2 traffic onto Po1 and remove Po2?

Thanks.

Craddockc · ‎01-31-2018

I believe I've solved this (with the help of Cisco TAC). Po2 is not a vPC port channel. So peer-switch feature does not apply to this port channel, which means that normal spanning tree logic will apply to it. I went ahead and changed the priority of the affected vlans that are carried on Po2 on one of the switches to a lower priority and the link went forwarding as show below. This makes sense because this Port channel is not in a vPC.

PHX-AGG-1A(config)# spanning-tree vlan 200-203 priority 8192
PHX-AGG-1A(config)# exit
PHX-AGG-1A# show spanning-tree int po2

Vlan Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
VLAN0200 Root FWD 250 128.4097 P2p

VLAN0201 Root FWD 250 128.4097 P2p

VLAN0202 Root FWD 250 128.4097 P2p

VLAN0203 Root FWD 250 128.4097 P2p