cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2993
Views
20
Helpful
8
Replies

Nexus Switch VPC Behaviour - Unicast Traffic via peer link ?

SJ K
Contributor
Contributor

Hi all,

 

Read from the doc that the VPC peer link only carry multicast/broadcast traffic under normal circumstances ->

The vPC peer link carries control traffic between two vPC switches and also multicast, broadcast data traffic. 

In such scenario below, which path will be taken for the workstation to reach the Primary F5 Firewall ?

 

 vpc2.gif

Red path -> via Peer2 -> vpc peer link -> Peer1 -> Primary FW or

Blue path -> via Peer2 -> then through the vpc port channel -> 2960 switch -> Peer1

 

My take would be via the Red path as it make no sense for the 2960 switch to send the traffic via its port-channel up (and what if it take the 2nd physical link? wouldn't it send the traffic right back to Peer2 ?)

 

But how does a Nexus switch decides when it would send traffic via its peer link vs vpc port-channel ? and again, the doc says earlier the peer link does not carry unicast traffic ... so will it still take the red path and send the traffic via its peer link up to the FW ?

 

Hope some gurus can shed some light here and point me to the right place in the documentation that states such scenario.

 

Confused

Noob

3 Accepted Solutions

Accepted Solutions

Mark Malone
Mentor
Mentor
Hi
Looking at the picture its directly connected to the right nexus so It will go across the vpc peer-link , that rule is to prevent looping in the domain but when a pc is single linked that and it has no option it wont take a path down through an access switch and back up through the other nexus it will just be shifted across the vpc peerlink

why not track the mac through the network to be sure as it moves
http://packetpushers.net/tracing-a-layer-2-path-on-cisco-nexus-switches/

View solution in original post

if the end destination is a VPC leg, then it can switch from Nexus where packet lands.

Richard: what i mean is, if the packet arrives on a switch B which is a VPC Peer to switch A.

1. If the DMAC of the packet is learnt via VPC peer-link then that DMAC is either residing on a Orphan port or if its a L3 packet, the NH is learnt via the PL.

2. if the Same DMAC of the packet is learnt via a VPC Legs or a VPC port-channel (Meaning: a switch connected to the Nexus switch A and B with a VPC port-channel) then the packet will get routed or switched by the same Nexus box where the packet arrives and will not take VPC peer-link.

 

Good read:

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

 

- Richard

View solution in original post