1. With peer-switch turned on, do I give same priority on non-vPC vlans like the vPC ones, or do I give lower value on the primary and higher on the secondary?
2. I will have a separate port-channel to carry non-vPC vlans. Can I use one vlan for L3 routing peering between the two Nexus?
I Strongly suggest look at the Desing guide.
If you have still question, we would like to know how is your network and where you placing this nexus switches ? do you have exiting network with spanning tree.
vPC designed meant to mitigate the spanning tree in DC Environment.
Thanks Balaji. I am asking after I read the design guide. It did not mention what I should do with the non-vPC vlans. The Nexus switches are the core and L2/L3 boundary. I will have EIGRP and BGP peering with other routers and firewalls and all of them will not be on the vPC.
This is a new data center I am building. The switches I have are Nexus 9732.
Is there not a general recommendation for what we should do with STP config with the non-vPC vlans? Thanks
If this is Core then Nexus will be Root bridge for your no vPC VLAN, the document also give you information regarding Spanning Tree priorities.
Best Practices for Spanning Tree Protocol Interoperability
The guide says that I should use the same STP priority for vPC Vlans but did not mention if I should use the same or different priority for non-vPC vlans.
It is all depends on how layered network and your boundary of network.
suggest to make HLD Diagram to look how is your network and your approach, we can only suggest based on the understand.of your information.
Case to Case core changes from enterprice network vs Data center work.
Please explain in detailed diagram how you like to be your network, so we can suggest where STP need to as root bridge for best practice ?
make sense ?
I don't understand. Why would it be different in a different design? My switches will be the core. You suggested (in the guide) the same STP priority on the vPC vlans on both peers. Why would that recommendation not design specific?
Ok let's say I have a device that doesn't support etherchannel so can't do vPC but need to be dual connected to the Nexus peers. As per page 55 the second best alternative is to connect the device to the peers using a non-vPC vlan. In this case, should I set STP priority to be the same or different on the Nexus?
Lets me Claify once again.
If this is only core you have in the network, then suggest nexus will be suggested to be Root for all the Vlans. immeterial either vPC or non-vPC.
You need to configure your network, Nexus select as root always ( so suggest to keep lower Value), rest of the device keep higher value so they not particiate as root for the VLAN.
Make Sense ?
Depends on Design requirement.
Options 1 : They can be Same Priority for all the VLAN.
Nexus Switch 1 : root bridge for Odd VLAN ( Example Vlan 3 5 7 So on)
Nexus Switch 2 : root bridge for Even VLAN ( Example Vlan 2 4 6 So on)
You know what, the same priority does not work. I have Vlan 1 in the non-vPC port-channel (between the two Nexus) and exclude it from the vPC peer-link. Here is what I see. Even if the non-vPC port-channel is the only link in the vlan, it is blocked on one Nexus peer.
# sh spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 1 Address 0023.04ee.be28 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 1 (priority 0 sys-id-ext 1) Address 0023.04ee.be28 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Po900 Back BLK 1 128.4995 P2p
I think that with peer-switch, both Nexus use the same bridge ID. When the priority is set to be the same, it is conflicting. It is like plug a cable into itself
Another scenario is on page 101 shown in the Figure 75. In this case, what STP priority do I set on both of my peers for the non-vPC vlan used for the Layer3 peering?
plz check my simple topology which it may helps and cut it short.
1-for VPC connected switches we should consider STP priority and keep it the same to prevent split brain loop issue.
but lets consider for non port channel connected switches/nodes, without changing the STP priority for their vlans.
so these devices will receive the same BPDUs packet with the same priority from two switches (N9K-1 and N9k-2) so it will think that there is a loop. and will block one of them in err-disabled state.
so we should allow the vlans for switches connected via port channel facing vpc in the peer-link, and keep both cores switch are the STP root switch.
and for non port-channel devices change the core priority for primary and secondary switches.
as the second case is like vpc failure scenario when peelink and keep alive link is disconnected which lead to network failures.
hope it help you and plz rate if yes, and keep me updated for any clarification.
Thanks for confirming. Even without the two green lines to your sw2, the link carrying the non-vPC vlans between the two switches is blocked on one side...