Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
888
Views
0
Helpful
2
Replies

Nexus 5k VPC with Nexus 2k

Mukund Sandur
Level 1
Level 1

‎08-28-2012 03:43 AM - edited ‎03-07-2019 08:34 AM

Hi,

I am designing a new DC. In server zone of DC, I want to build a topology with Nexus 5k and Nexus 2K.

Nexus 5K will be the VPC cores wheres as 2K will form VPC with 5K. 5K in turn are connected with firewall.

All servers are connected to 2K in active-standby fashion as servers are yet to be upgraded.

Servers are in 3 different VLANs 10,20 & 30 with IP address 10.10.10.0/24, 10.10.20.0/24 and 10.10.30.0/24 respectively.

Gateway for servers in VLAN 10 & 20 will be Nexus 5K whereas gateway for servers in VLAN 30 would be firewall.

No VPC between firewall and Nexus 5k nor between 2K and servers.

VLAN 30 servers traffic needs to cross the firewall to speak with other DC segments whereas VLAN 10 & 20 servers do not need to cross the firewall. VLAN 10 & 20 servers direclty speak with other segments through 5K only.

Will this topology work for VLAN 30 servers with VPC between 5K and 2k and their default gateway as firewall.

Attached sample topology for reference.

Thanks & Rgds,

Mukund

Labels:
Preview file
87 KB
0 Helpful
2 Replies 2

Jerry Ye
Cisco Employee
Cisco Employee

‎08-28-2012 06:31 AM

Yes, the firewall is cosider as orphan port. You should implement the following command on the Nexus 5000 interface toward the firewall:

vpc orphan-port suspend

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/layer2/513_n1_1/b_Cisco_n5k_layer2_config_gd_rel_513_N1_1_chapter_01001.html#task_35CE3B4AEE75485AB7A22C3A085D2F99

HTH,

jerry

0 Helpful

jkilleda
Level 3
Level 3

‎03-14-2018 12:28 AM

Hello Mukund,

Nexus 5k VPC with Nexus 2k
Yes , it works for VLAN 30 , as Firewall acts as a non VPC member port which is connected to VPC peer switch forwarding VPC VLAN traffic and the devide connected to it will be called as orphan port

We strive to provide you with excellent service. Please feel free to reach out to me or any member of the SAC team if we can be of any further assistance or if you have any other related questions in the future. We value your input and look forward to serving you moving forward.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card