Solved: doublesided vPC set STP blocking portchannel and uses peerlink instead - Page 2

moelka · ‎01-24-2023

Hi all,

I have the following doublesided vPC topology

wfw

Say, vlan 10 traffic passes through NX9K3, instead of using the port channel, it goes through the vPC peerlink, and through NX9K4. STP is blocking the port channel, and designating the peerlink, which is an indication of a loop detection. Is it normal behavior, or did I just make a bad design or wrong configuration?

EDIT: Just to make it clear, NX9k1&2 are spines, and 3&4 are leaf switches, each pair have their own vpc domains. So, the spines provide vpc to the leafs, and leafs provide vpc to the clients. I'm thinking that if a client connected on NX9K3 with vlan 10, the traffick should go NX9K3 -> Spines, and not through NX9K3 -> NX9K4 -> Spines.

Heres is the config for the 4 switches:

NX9K1# sh run vpc && sh run int po1 membership
feature vpc
vpc domain 10
role priority 20
peer-keepalive destination 10.0.0.2 source 10.0.0.1

interface port-channel1
  description vPC link - NX9K3
  switchport mode trunk
  mtu 9216
  vpc 1

interface Ethernet1/3
  description vPC link - NX9K3
  switchport mode trunk
  mtu 9216
  channel-group 1 mode active
  no shutdown

interface port-channel2
  description vPC link - NX9K4
  switchport mode trunk
  mtu 9216
  vpc 2

interface Ethernet1/4

  description vPC link - NX9K4
  switchport mode trunk
  mtu 9216
  channel-group 2 mode active
  no shutdown

NX9K2# sh run vpc && sh run int po1 membership
feature vpc
vpc domain 10
role priority 30
peer-keepalive destination 10.0.0.1 source 10.0.0.2

interface port-channel1
  description vPC link - NX9K3
  switchport mode trunk
  mtu 9216
  vpc 1

interface Ethernet1/3
  description vPC link - NX9K3
  switchport mode trunk
  mtu 9216
  channel-group 1 mode active
  no shutdown

interface port-channel2
  description vPC link - NX9K4
  switchport mode trunk
  mtu 9216
  vpc 2

interface Ethernet1/4

  description vPC link - NX9K4
  switchport mode trunk
  mtu 9216
  channel-group 2 mode active
  no shutdown

NX9K3# sh run vpc && sh run int po1 membership
feature vpc
vpc domain 20
role priority 20
peer-keepalive destination 10.0.1.2 source 10.0.1.1

interface port-channel53
  description Link - Spines
  switchport mode trunk
  mtu 9216

interface Ethernet1/53
  description Link - NX9K1
  switchport mode trunk
  mtu 9216
  channel-group 53 mode active
  no shutdown

interface Ethernet1/54
  description Link - NX9K2
  switchport mode trunk
  mtu 9216
  channel-group 53 mode active
  no shutdown

NX9K4# sh run vpc && sh run int po1 membership
feature vpc
vpc domain 20
role priority 300
peer-keepalive destination 10.0.1.1 source 10.0.1.2

interface port-channel53
  description Link - Spines
  switchport mode trunk
  mtu 9216

interface Ethernet1/53
  description Link - NX9K1
  switchport mode trunk
  mtu 9216
  channel-group 53 mode active
  no shutdown

interface Ethernet1/54
  description Link - NX9K2
  switchport mode trunk
  mtu 9216
  channel-group 53 mode active
  no shutdown

MHM Cisco World · ‎02-07-2023

https://www.cisco.com/c/en/us/support/docs/routers/7000-series-routers/116140-config-nexus-peer-00.html

With peer-switch enabled, each Nexus 7000 switch generates BPDUs with the root bridge set to the virtual bridge ID and the designated bridge set to the physical bridge ID. Since the priorities are the same, all non-vPC connections always forward on the link connected to the Nexus 7000 switch with the lower bridge ID (N7K-1 in this example) and block on the links connected to the Nexus 7000 switch with the higher bridge ID (N7K-2 in this example).

I try lab, but always the PC is hang, the reason is NSL-9k need 4 CPUv and 6-8 g RAM and that approximate the max I get in my PC.
sorry
but I attach link for Peer-Switch and where we can use it.
thanks
@Christopher Hart
@moelka