Data Center

Anuj Singhi · ‎07-13-2015

I have a fex connected to two Nexus5596 on which few of the ports are not coming up when configured as access mode under one specific vlan. I have removed all config mode on all those four ports on both nexus and re-configured them but still its not giving result.

Nexus-2# sh log last 10
2015 Jul 10 06:38:19 rio-mn-n5k-core-s02 %LOCAL7-4-SYSTEM_MSG: service ssh, IPV6_ADDRFORM - dcos-xinetd[3233]
2015 Jul 10 06:38:32.039 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 483 on Interface Ethernet197/1/16 are being suspended. (Reason: Vlan is not configured on remote vPC interface)
2015 Jul 10 06:38:43.285 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 483 on Interface Ethernet197/1/13 are being suspended. (Reason: Vlan is not configured on remote vPC interface)
2015 Jul 10 06:38:49 rio-mn-n5k-core-s02 %USER-2-SYSTEM_MSG: unknown enum 248 - vsh
2015 Jul 10 06:38:53.887 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 483 on Interface Ethernet197/1/14 are being suspended. (Reason: Vlan is not configured on remote vPC interface)
2015 Jul 10 06:39:04.830 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 483 on Interface Ethernet197/1/15 are being suspended. (Reason: Vlan is not configured on remote vPC interface)
2015 Jul 10 06:39:32.641 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 483 on Interface Ethernet197/1/16 are being suspended. (Reason: Vlan is not configured on remote vPC interface)
2015 Jul 10 06:39:43.884 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 483 on Interface Ethernet197/1/13 are being suspended. (Reason: Vlan is not configured on remote vPC interface)
2015 Jul 10 06:39:46.942 rio-mn-n5k-core-s02 %ETHPORT-3-IF_ERROR_VLANS_REMOVED: VLANs 483 on Interface Ethernet197/1/13 are removed from suspended state.

Toggling the port also giving me no result.

Mark Malone · ‎07-13-2015

Have you checked your versions release notes to see if there's a related caveat?

Can you post the config your using

Anuj Singhi · ‎07-13-2015

No I haven't but some of the ports on same fex are working fine with same vlan. I am using n5000-uk9.5.1.3.N1.1a.bin on both Nexus.

interface Ethernet197/1/13
switchport access vlan 483
spanning-tree port type edge

above config is same on both peer devices.

Mark Malone · ‎07-13-2015

If your splinting the connection across 2 Nexus switches should you not be using a vpc setup like below on each switch

interface port-channel1
switchport access vlan 483
logging event port link-status
logging event port trunk-status
vpc 1

interface Ethernet197/1/13
switchport access vlan 483
spanning-tree port type edge
channel-group 1 mode active

Anuj Singhi · ‎07-13-2015

Fex is already connected with both Nexus in vpc so its not required to configure vpc on fex ports. Any idea what could be the issue? As I have said earlier other ports on same fex are working. Even when I moved these 4 non working ports(6,7,8,9) to ports 13,14,15,16, it didn't make any difference.

malonemark · ‎07-13-2015

See this in your logs known bug are you on 5.1(3)N1(1)

https://tools.cisco.com/bugsearch/bug/CSCtz46192/?referring_site=bugquickviewredir

Is the Fex fully working on both switchs when you compare it

Is the vlan created at layer 2 on both switches

Anuj Singhi · ‎07-13-2015

My port is not showing unknown enum under show interface status, its showing not connected and the funny part is ports on one switch keep changing its status from connected to not connected but never comes up permanently.

Yes the fex is working fully on both switches and vlan is created at layer 2 on both switches.

rio-mn-n5k-core-s01# sh int status | i 197
Po197 FEX-TOP-Rack10 connected 1 full 10G --

Eth197/1/13 -- connected 483 full 100 --
Eth197/1/14 -- notconnec 483 auto auto --
Eth197/1/15 -- notconnec 483 auto auto --
Eth197/1/16 -- notconnec 483 auto auto --

here randomly port status keep changing from connected to notconnected for these 4 ports.

sbhadrav@cisco.com · ‎03-04-2018

If you assign an access VLAN that is also a primary VLAN for a private VLAN, all access ports with that access VLAN will also receive all the broadcast traffic for the primary VLAN in the private VLAN mode
When you configure a port in access mode, you can specify which VLAN will carry the traffic for that interface. If you do not configure the VLAN for a port in access mode, or an access port, the interface carries traffic for the default VLAN (VLAN1).

You can change the access port membership in a VLAN by specifying the new VLAN. You must create the VLAN before you can assign it as an access VLAN for an access port. If you change the access VLAN on an access port to a VLAN that is not yet created, the system shuts that access port down.

If an access port receives a packet with an 802.1Q tag in the header other than the access VLAN value, that port drops the packet without learning its MAC source address.