Solved: Re: Nexus 9k Switches - vPC config

toprock1970 · ‎01-13-2022

I have a pair of Cisco Nexus 9k switches configured for vPC and recently one of my switches developed a fault which resulted in the working switch suspending all the vPC ports. Further investigation revealed the layer 3 vlan that had the IP addresses for the vpc keep-alive was down, which wasn't expected. To get the interface back I had to remove the 'vpc peer-link' from my port-channel and put it back.

Below is the config relating to my vPC - i've not included the entire config

-----------------------------------------

Swicth01

-----------------------------------------

feature lacp
feature vpc

vlan 901
name keepalive

vrf context management
vpc domain 1
role priority 900
peer-keepalive destination 10.70.108.13 source 10.70.108.12 vrf default
auto-recovery

interface Vlan8
no shutdown
management
ip address 10.70.108.12/24

interface port-channel10
switchport
switchport mode trunk
switchport trunk allowed vlan 1-5,8,10-12,201-202,300
spanning-tree port type network
vpc peer-link

interface Ethernet1/49
description *** VPC PEER LINKS ***
switchport
switchport mode trunk
switchport trunk allowed vlan 1-5,8,10-12,201-202,300
channel-group 10 mode active
no shutdown

interface Ethernet1/50
description *** VPC PEER LINKS ***
switchport
switchport mode trunk
switchport trunk allowed vlan 1-5,8,10-12,201-202,300
channel-group 10 mode active
no shutdown

interface mgmt0
vrf member management

-----------------------------------------

Switch02 - this one developed the fault

-----------------------------------------

feature lacp
feature vpc

vlan 901
name keepalive

vrf context management
vpc domain 1
role priority 10000
peer-keepalive destination 10.70.108.12 source 10.70.108.13 vrf default
auto-recovery

interface Vlan8
no shutdown
management
ip address 10.70.108.13/24

interface port-channel10
switchport
switchport mode trunk
switchport trunk allowed vlan 1-5,8,10-12,201-202,300
spanning-tree port type network
vpc peer-link

interface Ethernet1/49
description *** VPC PEER LINKS ***
switchport
switchport mode trunk
switchport trunk allowed vlan 1-5,8,10-12,201-202,300
channel-group 10 mode active
no shutdown

interface Ethernet1/50
description *** VPC PEER LINKS ***
switchport
switchport mode trunk
switchport trunk allowed vlan 1-5,8,10-12,201-202,300
channel-group 10 mode active
no shutdown

interface mgmt0
shutdown force
vrf member management

----------------------------------------------------------------------------------------------

I am not using the management interfaces - they are not plugged in.
My questions:

1. Does the config look correct

2. Should I expect to see this behaviour if either switch fails

Any help would be greatly appreciated

Regards

JB

Reza Sharifi · ‎01-13-2022

peer-keepalive destination 10.70.108.13 source 10.70.108.12 vrf default
auto-recovery

interface Vlan8
no shutdown
management
ip address 10.70.108.12/24

The Keep-alive interface needs to be a physical interface and not a vlan.

Most of the time mgmt0 interface is used for the keep-alive.

See page-28 in this document:

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

HTH

View solution in original post

Reza Sharifi · ‎01-13-2022

peer-keepalive destination 10.70.108.13 source 10.70.108.12 vrf default
auto-recovery

interface Vlan8
no shutdown
management
ip address 10.70.108.12/24

The Keep-alive interface needs to be a physical interface and not a vlan.

Most of the time mgmt0 interface is used for the keep-alive.

See page-28 in this document:

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

HTH

toprock1970 · ‎01-17-2022

Thank you for your help.

Regards

JB