cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

197
Views
0
Helpful
4
Replies
Highlighted
Beginner

NX-OS OSPF over vPC HSRP VIP

we have N7K1 -- N7K1 vPC pair. 3750 switch is connected to each of these N7K using port-channel vPC.

what are the best practices for OSPF ? can 3750 form OSPF neighbor ship with N7K HSRP VIP? 

Everyone's tags (3)
4 REPLIES 4
Highlighted
VIP Mentor

Re: NX-OS OSPF over vPC HSRP VIP

Best and recomendation is peer with point to point link.

 

here is the best practice good document to understand and config reference :

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/BRKDCN-2378.pdf

BB
*** Rate All Helpful Responses ***
Highlighted
Hall of Fame Expert

Re: NX-OS OSPF over vPC HSRP VIP

Hi,

Not sure if you necessarily need HSRP for this. You can possibly use a transit vlan with a /29 subnet, assign one IP to the 3750 side and one to each Nexus switch and than add the same transit vlan to vPC peer-link.

 

HTH

Highlighted
Hall of Fame Guru

Re: NX-OS OSPF over vPC HSRP VIP

@Reza Sharifi makes an interesting point about whether you need HSRP. But the original poster asks a question which has an answer. The question was "can 3750 form OSPF neighbor ship with N7K HSRP VIP?"   and the answer is that NO OSPF forms neighbor ship with physical interface addresses and not with the VIP.

HTH

Rick
Highlighted
Beginner

Re: NX-OS OSPF over vPC HSRP VIP

Hello,

If you would like to have dynamic routing between 3750 and each N7k in vPC pair, you don't need HSRP (I believe it would not work anyway, since OSPF will use interface address as source). Also, you can't use single vPC VLAN with /29 mask and assign address for each device (3750 and 2xN7k). Because in this case, traffic might be incorrectly forwarded. It means, that traffic from 3750 perspective might be routed over 1st N7K, but switched over 2nd N7K. In this case traffic will cross vPC peer-link and will be dropped by loop prevention mechanism.

 

The solution here would be following:

1. Use 3 separate VLANs with /30 subnet each. Establish OSPF neighborship between devices in each of these VLANs.

a. VLAN between 3750 and 1st N7k

b. VLAN between 3750 and 2nd N7k

c. VLAN between 1st N7k and 2nd N7k - this VLAN should be not allowed on vPC peer.-link. Instead your vPC pair should have separate link for non-vPC VLANs, and this VLAN should be allowed there.

2. Use separate L3 links with the same logical design.

CreatePlease to create content
Content for Community-Ad