Showing results for 
Search instead for 
Did you mean: 

Duplicate System ID in VPC Peers & Peer Link



I just wrote about the vpc technologies, and I have two questions

1. I didn't understand what can cause a case of a duplicate system ID in several vpc peers.

I underrated that stp and the lacp use the system ID for their calculations, but what exactly can go wrong if there is a duplicate?

I know that can be the issue when there is a duplicate in end devices, because the data need to be delivered for specific place, but in here it just for syn packets and algorithm calculations, so does it can cause a data loss of host/server communications?

Maybe there are network typologies that it won't disturb (for example, two core nexus that are vpc peers that working in L3, and all the other vpc peers are just for L2 communication, that connected to the core nexus)?

2.I wrote that in peer link is generally used only for  the control plane, and not for the data plane.

The reason for this that was mention was that usually the BW of the peer link lines are low then the BW of the lines that participate in the vpc port channels that goes to the downstream devices. So does its means that the peer link not used usually  for send data (from servers, hosts), or not used for send information of the data plane of each vpc peer?

1 Reply 1

Yannick Vranckx


1/ In general the VPC domain ID is used to derive the VPC system mac. This mac is used in STP. Now you can run into an issue where peer 1 is the root and peer 2 is the secondary. In this scenario if there is a failure of the root peer there will be a TCN in STP and a recalculation. You can resolve this behaviour by using the "peer-switch" command onto the VPC domain configuration and setting both the STP priorities to the same value for the VPC peers, this way there will be no TCN incase of a failure of one of the peers.

If you are creating a VPC port-channel towards members, it's good practice to match the port-channel ID with the vpc ID. So if you are creating a port-channel 27 and you just add "vpc" to the configuration, you will form the VPC and the ID is inherited of the port-channel number. This makes it a bit easier to troubleshoot the topology incase of a problem.

In general VPC topologies are for layer 2 communication, however you can add SVI capabilities to the peers of course, terminating the vlan's into layer 3 and even using a first-hop redundancy protocol like HSRP, there is also no need for aggressive timers for this. However do not mix the layer 3 capabilities of the VPC. Do not make an SVI in the access and SVI's in the VPC domain, you will generate routing problems. If for some reason you really need routing done from the access, it's better to create a separate port-channel and excluding that vlan from the VPC topology.

2/ The VPC peer link is used to sync the control plane between the 2 switches and also the MAC-address table. Data traffic from the servers going over the VPC peer-link is not preferred. This is because most of the time the aggregated bandwidth from the access servers is a lot higher that the bandwidth of the VPC peer-link, this can cause problems and control plane traffic to be dropped and break the VPC. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers