cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
26921
Views
15
Helpful
10
Replies

vpc vlan and non vpc vlan

Inni-2009
Level 1
Level 1

Hi,

when we do have non vpc vlan ?

Thank you 

1 Accepted Solution

Accepted Solutions

That Correct, As per best practice and recommendation it is always better to have an additional Layer 2 trunk port-channel as an interswitch link to transport non-vPC VLAN traffic.

This is something vPC guideline and practices. Switches which can be configured in vPC domian will follow this thumb rule.

Have look on vPC Guideline and Best Practices for more information.

Hope it Helps..

-GI

Rate if it Helpss

View solution in original post

10 Replies 10

Ganesh Hariharan
VIP Alumni
VIP Alumni

Hello,

The PortChannel connecting the vPC peers should carry all the VLANs used by the vPC member ports.

In addition, it is possible to carry also the VLAN used by orphaned ports with some special considerations.

As a general best practice, the VLANs you use for vPC-connected devices should be different from those you use for single-port attached devices (orphaned ports), and you should put those VLANs (the non-vPC VLANs) on a trunk that’s different from the one on which the peer link resides.

On the Cisco Nexus 7000 Series, when carrying vPC and non-vPC VLANs on the peer link, you may want to exclude the orphaned ports SVIs from the default behavior.Alternatively, you can use different VLANs for vPC-connected devices and single-port attached devices (orphaned ports), and put the non-vPC VLANs and the peer link on different trunks.

This recommendation applies to the aggregation layer only, not to the access layer.

Hope it Helps.

-GI

Rate if it helpss

Hi,

you said 

 " As a general best practice, the VLANs you use for vPC-connected devices should be different from those you use for single-port attached devices (orphaned ports), and you should put those VLANs (the non-vPC VLANs) on atrunk that’s different from the one on which the peer link resides." 

In aggregation layer there are ,

1 ) multiple single homed devices connected (non vpc member port ) on Aggregation switch 

for example vlan 2 and vlan 5  an

2) switch 3750 connected  (trunk) for some reason  on aggregation switch .

So we need to create another  trunk   in between  both aggregation .. Please correct me if i am wrong .

( can you share some sample configuration ) .

3 . For non vpc  vlan how the traffic flow ? 

4 . What about the STP  configuration for non vcp vlans ? 

configuration below  and topology attched .

-------------------------------

acc-sw1
------------------------
interface Ethernet1/10
switchport mode trunk
spanning-tree port type edge trunk
desc connection to esx

acc-sw1
------------------------
interface Ethernet1/10
switchport mode trunk
spanning-tree port type edge trunk
desc connection to esx

interface Ethernet1/11
switchport access vlan 3
desc connection to server

aG-sw1
-----------------------------
interface Ethernet1/47
description connection to 3850-sw1
switchport mode trunk

interface Ethernet1/8
switchport access vlan 2


aG-sw2
------------------------
interface Ethernet1/47
description connection to 3850-sw2
switchport mode trunk


sw1
--------------------------------
interface gi0/2
switchport mode trunk
description connection to aG-sw1-e1/47

interface gi0/1
switchport access vlan 2
connected host -1


sw2
-----------------------------
interface gi0/2
switchport mode trunk
description connection to aG-sw1-e1/47
interface gi0/1
switchport access vlan 2
connected host -1

interface port-channel50
switchport mode trunk
spanning-tree port type network
vpc peer-link



vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po50 up 1-4,6,9,11-17,25,33-35,50-51,64-65

Thank you for your reply . 

Hello ,

Let me try to explain in different with some example.

A vPC port is a port that is assigned to a vPC channel group. The ports that form the virtual PortChannel are split between the vPC peers and are referred to as vPC member ports.

A non-vPC port, also known as an orphaned port, is a port that is not part of a vPC.

Below diagram shows different types ports connected to a vPC system. Switch1 and Host 3 connect via vPCs.

The ports connecting devices in a non-vPC mode to a vPC topology are referred to as orphaned ports. Switch 2 connects to the Cisco Nexus Switch with a regular spanning-tree configuration: thus, one link is forwarding, and one link is blocking. These links connect to the Cisco Nexus Switch with orphaned ports.

vPC & Non vPC description

Hope it Helps..

-GI

Rate if it Helpss

Hi Ganesh ,

Thank you  for the detailed explanation . If i have server connected to a port (orphaned port or non vpc port ) and vlan 60 (Peer link: vlans 10-50 in your picture .)  As you said  for vlan 60 (here vlan 60 non vpc vlan ?) , we need to create a  separtate trunk ?

Correct me if  i am wrong ?

What are the drawbacks if we did not create  separate trunk ?

what if we go for n9k?

Thank you 

That Correct, As per best practice and recommendation it is always better to have an additional Layer 2 trunk port-channel as an interswitch link to transport non-vPC VLAN traffic.

This is something vPC guideline and practices. Switches which can be configured in vPC domian will follow this thumb rule.

Have look on vPC Guideline and Best Practices for more information.

Hope it Helps..

-GI

Rate if it Helpss

Hi Ganesh,

You were really helpful. Thank you so much .

could you provide a  topology diagram wth vpc and non vpc vlan  , how traffic flow if peer link alive and  fail cases .

It would be really grateful . 

Thank you 

Hello,

Thanks for your appreciation.

Please have look on the below link on page 6 and 7 where a clear traffic flow is show for vPC lan traffic.

http://www.cisco.com/c/dam/en/us/products/collateral/switches/nexus-7000-series-switches/C07-572835-00_NX-OS_vPC_DG.pdf

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/interfaces/configuration/guide/if_cli/if_vPC.html

Hope it Helps..

-GI

Hi Ganesh,

Im running MST in DC and my Non vpc trunk is in alt blk state.I need this also to run L3 ospf adjaceny over vlan as well since i dont want to run it via peer link.

NEXUS01-SFARM# sh spanning-tree

MST0000
  Spanning tree enabled protocol mstp
  Root ID    Priority    32768
             Address     0038.df32.6700
             Cost        0
             Port        4195 (port-channel100)
             Hello Time  2  sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     00de.fb57.27c4
             Hello Time  2  sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Desg FWD 200       128.4096 (vPC) P2p
Po2              Desg FWD 200       128.4097 (vPC) P2p
Po3              Desg FWD 200       128.4098 (vPC) P2p
Po4              Desg FWD 200       128.4099 (vPC) P2p
Po11             Root FWD 200       128.4106 (vPC) P2p
Po12             Desg FWD 200       128.4107 (vPC) P2p
Po100            Root FWD 1000      128.4195 (vPC peer-link) Network P2p
Po200            Altn BLK 1000      128.4295 Network P2p

Hi Ganesh,

 

You can try enabling separate MST instance for non-VPC VLANs, it should work.

 

Regards,

 

Dinesh Kumar EKambaram

bchintak
Cisco Employee
Cisco Employee

vpc vlan is which carried over vpc peer-link

non vpc-vlan's are modtly used for orphan ports case

Review Cisco Networking for a $25 gift card