Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15111
Views
5
Helpful
5
Replies

vpc orphan-port suspend

steve554365
Level 1
Level 1

‎12-18-2012 12:31 PM

Does "vpc orphan-port suspend" command have to be configured on orphan ports on both VPC switches, only on the primary one or only on the secondary one?

Labels:
0 Helpful
5 Replies 5

ieffinger
Level 1
Level 1

‎12-18-2012 02:09 PM

Hey Steve,

From the vPC design configuration guide:

vPC orphan ports suspend feature was developed for single-attached devices to vPC domain and optionally

working in active/standby mode (firewall or load-balancer for instance).

When a vPC peer-link goes down, the vPC secondary peer device shuts all of its vPC member ports, but it does

not shut down vPC orphan ports. With vPC orphan-ports suspend configured, an orphan port is also shut down

along with the vPC member ports when the peer-link goes down (figure 98). When the vPC peer-link is restored,

configured vPC orphan ports on the secondary vPC peer device are brought up along with vPC member ports.

vPC orphan port that must be suspended when vPC peer-link fails must be explicitly configured using the

command:

N7K (config)# int eth 1/1

N7K (config-if)# vpc orphan-ports suspend

vPC orphan-port suspend CLI is available only on physical ports, not on port-channels. To configure orphan ports

suspend for the port-channel, apply the above configuration for all member ports of the port-channel.

Strong Recommendation:

Use vPC orphan port suspend when single-attached devices connected to vPC domain need to be disconnected

from network when vPC peer-link fails.

Let me know if this helps.

steve554365
Level 1
Level 1
In response to ieffinger

‎12-20-2012 06:17 PM

sounds like both sides need it, thanks!

0 Helpful

ksrinu1230
Level 1
Level 1
In response to ieffinger

‎07-24-2018 04:49 AM

Hi ieffinger,

 

Cheers for the detailed explanation. But i think below statement is wrong

"When the vPC peer-link is restored,

configured vPC orphan ports on the secondary vPC peer device are brought up along with vPC member ports"

 

i think when VPC peer link comes up only Vpc member ports will be brought up, but for orphan ports we need to use "no vpc orphan-ports suspend" manually to bring up.

0 Helpful

dukenuk96
Level 3
Level 3
In response to ksrinu1230

‎08-15-2019 01:35 AM

No, we do not need to "no vpc orphan-ports suspend" manually to bring up these ports, it will happen automatically after delay-restore timer has gone. Checked on n9k 7.x.

0 Helpful

j.a.m.e.s
Level 3
Level 3
In response to dukenuk96

‎04-10-2023 01:41 PM

Just a quick note to mention that if you are using vpc orphan-port suspend on your NIC teaming ports, do not use the system interface shutdown as a failover strategy.

This command will shutdown everything on the switch, excluding mgmt0 but including the vpc peer-links. You will most likely end up with the orphan-ports suspended (i.e. down) on the operational-secondary and the equivalent ports on the operational-primary also shut. Instead, do a vpc domain X shutdown to bring down the VPC process and make the secondary the "operational primary".

0 Helpful
Customers Also Viewed These Support Documents