Hi Ali,Having a Portchannel

ali16122012 · ‎07-03-2014

Dear All,

we have two CISCO nexus 7010, we was originally have one link between two nexus for keepalive, we decided to make it two links for redundancy purpose,

we made L3 port channel with below configuration,

interface Ethernet1/1
channel-group 100 mode active
no shutdown

interface Ethernet2/1
channel-group 100 mode active
no shutdown

interface port-channel100
vrf member vrf_ka
ip address 192.168.1.2/24

vpc domain 10
peer-keepalive destination 192.168.1.1 source 192.168.1.2 vrf vrf_ka
peer-gateway
reload restore

note: module 1 is Base-T, while module 2 is SFP-based

since that time we recieve below errors, and we can`t recognize the reson of such error

Nexus_BK %VPC-6-PEER_KEEP_ALIVE_RECV_INT_LATEST: In domain 10, VPC peer-keepalive received on interface Po100
Nexus_BK %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 10, VPC peer keep-alive receive has failed
Nexus_BK %VPC-6-PEER_KEEP_ALIVE_RECV_INT_LATEST: In domain 10, VPC peer-keepalive received on interface Po100
Nexus_BK %VPC-6-PEER_KEEP_ALIVE_RECV_SUCCESS: In domain 10, vPC peer keep-alive receive is successful
Nexus_BK %VPC-6-PEER_KEEP_ALIVE_RECV_INT_LATEST: In domain 10, VPC peer-keepalive received on interface Po100
Nexus_BK %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 10, VPC peer keep-alive receive has failed
Nexus_BK %VPC-6-PEER_KEEP_ALIVE_RECV_INT_LATEST: In domain 10, VPC peer-keepalive received on interface Po100
Nexus_BK %VPC-6-PEER_KEEP_ALIVE_RECV_SUCCESS: In domain 10, vPC peer keep-alive receive is successful

we also notice that HSRP between two nexus flapping right after the above errors

if anyone has any clue for this issue

thanks in advance

/Ali

Reza Sharifi · ‎07-03-2014

Hi,

Can you post the output of "sh vpc" and sh run vpc" from both 7ks?

HTH

ali16122012 · ‎07-04-2014

Dear Reza,

thanks for your reply, attached the command output from both Nexus

/Ali

Reza Sharifi · ‎07-04-2014

Hi,

Not sure if VPC peer-keepalive is supported using a Portchannel. Also, usually VPC peer-keepalive needs to be up before the VPC peer-link.

If you have multiple supervisors on each 7k, you can use the management ports from both primary sup and the backup. That will give you link redundancy.

Here is good document on VPC peer-keepalive best practice:

http://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

HTH

ali16122012 · ‎07-04-2014

Dear Reza,

Thanks for your fast response, in the document you post it you can find in page 27 the below strong recommendation for keepalive link

Dedicated link(s) (1-Gigabit Ethernet port is enough) configured as L3. Port-channel with 2 X 1G port is even better.

and that what we depend on for creating port channel,

but what i am not sure from is there is a problem with port channel with one fiber link and the other is UTP as this is our situation and what is the relation between HSRP and keepalive or it is just a considance

i hope to find any solution to this strange problem

again thanks for you support

/Ali

Reza Sharifi · ‎07-04-2014

Hi Ali,

Having a Portchannel with one copper interface and one fiber interface is not an issue at all, as long as both interfaces have the same speed and duplex.

As for Portchannel not working, it maybe because you are bringing up the Portchannel after the VPC peer-link is up and running, but not very sure.

One question: is the other side of the Portchannel configured correctly?

Can you post the config?

What device is connected to the 7ks for the keep-alive?

HTH

ali16122012 · ‎07-05-2014

Dear Reza,

please find below config for other nexus

interface Ethernet1/1
channel-group 100 mode active
no shutdown

interface Ethernet2/1
channel-group 100 mode active
no shutdown

vpc domain 10
peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf vrf_ka
peer-gateway
reload restore

interface port-channel100
vrf member vrf_ka
ip address 192.168.1.1/24

note: for keepalive two nexus are directly connected

/Ali

Cisco N7k keepalive and HSRP issue