Showing results for 
Search instead for 
Did you mean: 

nexus 5548 vrf management



I am wondering about the use of the vrf management on the Nexus 5548.

The fact is I need optical fiber to configure the vpc keepalive link. So, i can't use the mgmt0 interface which is a RJ45 port. Can I configure a SVI in the vrf "management" in order to isolate the subnet used for the keepalive ? Or maybe create a new vrf and use it for the keepalive ?

Thanks for your help.

5 Replies 5

Prashanth Krishnappa
Cisco Employee
Cisco Employee

You cannot use an SVI in the mgmt vrf. However, you can use the mgmt0 interface for your vPC peer-keepalive as well as managing the switch.

Yes, It is what I used to do.

However, in this case I can't use the mgmt0 interface as it is only an RJ45 interface. I need optical fiber (1000SX) to create the VPC keepalive (and so an SVI). My question was about the use of a vrf on an SVI for the Nexus 5500 platform, which I will be used fot the VPC keepalive


So, I did the test. It is possible to create a new VRF and apply it to the SVI.

You have to use L3 routed port to configure the keepalive ports, however, this requires having L3 license and L3 module on N5k otherwise; the only possible option is to use the mgmt 0 port, the below copied from Cisco Nexus 5000 NX-OS Layer 2 switching Configuration Guide, Release 5.1(3)N2(1) 


Beginning with Cisco NX-OS Release 5.0(3)N1(1), the Cisco Nexus 5500 Platform switches support VRF

lite with Layer 3 modules and with the Base or LAN-Enterprise license installed. This capability allows you

to create a VRF and assign a specific interface to the VRF. Prior to this release, two VRFs are created by

default: VRF management and VRF default. The mgmt0 interface and all SVI interfaces reside in VRF

management and default


Fady Boules



One major caveat you need to be aware of if you move toward using an SVI for management and that is 'Switch Profiles' do not work if you are using an SVI, it has to be the Management interface. Ordinarily you can you use the Mgmt 0 for the keepalive however that is acceptable if you have other out-if-band management lan, but also a single point of failure so you could configure a single Ethernet interface or Port-channel as the Svi trunk connection using only 1G sfp's within your bespoke designated vPC-keepalive vrf if you so wish, but you need to configure mgmt 0 with another oob IP address too.

So the deployment really is centric to your requirements, depends on whether you intend to use oob mgmt, will you use switch profiles for config distribution? This is what I found recently when I used the Ethernet interfaces as access ports for the keepalive SVI within a port-channel, switch-profiles failed so resorted to using mgmt 0 as before as a P2P link due to no oob LAN.


Sent from Cisco Technical Support iPad App

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: