01-22-2016 09:30 AM - edited 03-01-2019 08:09 AM
Hi all;
I have some questions regarding Nexus VPC.
1. I configured both of the nexus 9k switches in vpc domain 9 and set the stp priority on both of them to be lower than any other switches in the network. but after disconnecting some links for testing the redundancy and connecting them, one of the 9k switches in the vpc domain 9 announced itself as root and second 9k saw the first 9k as root. also, despite every link between downstream switches and this vpc domain were up with no errors (due to lldp and udld outputs), other switches did not receive the 9k bpdu messages and then set themselves as stp root. this issue caused the 9k switch to block the links to other switches due to STP Dispute feature. is there any rule or any other situation regarding these interesting issues?
2. if all of the links between vpc members (including peer-link and keepalive) are disconnected, but both of the switches were up and alive, what will happen? I think both of them act as standalone devices. am I right? if not, what will happen then?
3. as I know the minimum auto-recovery timeout is 240 seconds. so if we face with a situation in which the secondary vpc device needs to auto-recover in order to unblock its vpc links to other switches, due to this timeout value, the network will be down during this timeout. am I right? if it is right, what is the best practice to reduce the network downtime, in the case of failure?
thanks.
01-24-2016 12:28 AM
I see on one has responded to your question. Going sideways, since getting rid of spanning tree is always good; could you engineer spanning tree out of your network?
For example, could you use multi-chassis Etherchannel for dual links?
01-24-2016 12:57 PM
Hi; I already configured vPC to get rid of STP and it worked well until I decided to plug and unplug random links to test redundancy.
01-24-2016 04:41 PM
Will try my best to answer with the availbale information
1. I configured both of the nexus 9k switches in vpc domain 9 and set the stp priority on both of them to be lower than any other switches in the network. but after disconnecting some links for testing the redundancy and connecting them, one of the 9k switches in the vpc domain 9 announced itself as root and second 9k saw the first 9k as root. also, despite every link between downstream switches and this vpc domain were up with no errors (due to lldp and udld outputs), other switches did not receive the 9k bpdu messages and then set themselves as stp root. this issue caused the 9k switch to block the links to other switches due to STP Dispute feature. is there any rule or any other situation regarding these interesting issues?
<Raj> Is peer switch enabled?
The link that you disconnected was it the peer link?
What you saw is not expected.
STP dispute indicates that switches at both ends of the link do not agree on who the root bridge should be which as you pointed out will be caused by missed BPDU. Did by any chance the control plane of the switches got overwhelmed? For 9k you can check CoPP and see if its enabled. For the other side of the link, please check if there were any signs of control plane congestion.
2. if all of the links between vpc members (including peer-link and keepalive) are disconnected, but both of the switches were up and alive, what will happen? I think both of them act as standalone devices. am I right? if not, what will happen then?
<Raj> They will be in dual active state and will be forwarding traffic .
3. as I know the minimum auto-recovery timeout is 240 seconds. so if we face with a situation in which the secondary vpc device needs to auto-recover in order to unblock its vpc links to other switches, due to this timeout value, the network will be down during this timeout. am I right? if it is right, what is the best practice to reduce the network downtime, in the case of failure?
<Raj> Would be good to go through this doc - vpc auto recovery (same applies for 7k as well)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide