Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3512
Views
20
Helpful
11
Replies

NX-OS OSPF over vPC HSRP VIP

gavinhans
Level 1
Level 1

‎06-30-2020 06:15 AM

we have N7K1 -- N7K1 vPC pair. 3750 switch is connected to each of these N7K using port-channel vPC.

what are the best practices for OSPF ? can 3750 form OSPF neighbor ship with N7K HSRP VIP? 

Labels:
0 Helpful
11 Replies 11

balaji.bandi
Hall of Fame
Hall of Fame

‎06-30-2020 06:35 AM

Best and recomendation is peer with point to point link.

 

here is the best practice good document to understand and config reference :

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/BRKDCN-2378.pdf

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ปลาวาฬทราย RMUTT CPE IX
Level 4
Level 4
In response to balaji.bandi

‎07-15-2020 12:35 AM

 

Do I configure correctly? I found when reload the active HSRP box, it takes a long time to standby for about four minutes. How should I do?

image.png

Thank you very much.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ปลาวาฬทราย RMUTT CPE IX

‎07-15-2020 11:26 AM - edited ‎07-15-2020 11:27 AM

we required more information about HSRP config and timers

 

also post-show standby brief.

 

you can refer NX OS config :

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/unicast/configuration/guide/l3_cli_nxos/l3_hsrp.html#95333

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ปลาวาฬทราย RMUTT CPE IX
Level 4
Level 4
In response to balaji.bandi

‎07-15-2020 10:19 PM - edited ‎07-15-2020 10:30 PM

Configuration:

feature hsrp

interface Vlan1000
 no shutdown
 no ip redirects
 ip address x.151.177.252/25
 no ipv6 redirects
 ip router ospf 100 area 0.0.0.40
 hsrp version 2
 hsrp 1000
  preempt
  priority 110
  ip x.151.177.254

image.png

Thank you very much.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ปลาวาฬทราย RMUTT CPE IX

‎07-16-2020 01:16 AM

i will come back to you later related to the HSRP timer issue.

 

quick question the screenshot posted for both the switches or single? switch for the vpc output?

 

if they posted both the switches, how come both are primary? ( am i missing something here ?) can you post both the configuration of vPC?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ปลาวาฬทราย RMUTT CPE IX
Level 4
Level 4
In response to balaji.bandi

‎07-16-2020 02:25 AM

 

oh, sorry, I'm using the wrong picture. This is the right one:

image.png01.jpg

Thank you very much.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ปลาวาฬทราย RMUTT CPE IX

‎07-16-2020 04:16 AM

Thanks much better, can you post "show hsrp standby" from both the box to look.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Reza Sharifi
Hall of Fame
Hall of Fame

‎06-30-2020 07:26 AM

Hi,

Not sure if you necessarily need HSRP for this. You can possibly use a transit vlan with a /29 subnet, assign one IP to the 3750 side and one to each Nexus switch and than add the same transit vlan to vPC peer-link.

 

HTH

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Reza Sharifi

‎06-30-2020 10:14 AM

@Reza Sharifi makes an interesting point about whether you need HSRP. But the original poster asks a question which has an answer. The question was "can 3750 form OSPF neighbor ship with N7K HSRP VIP?"   and the answer is that NO OSPF forms neighbor ship with physical interface addresses and not with the VIP.

HTH

Rick
0 Helpful

vb10
Level 1
Level 1

‎07-01-2020 02:25 AM

Hello,

If you would like to have dynamic routing between 3750 and each N7k in vPC pair, you don't need HSRP (I believe it would not work anyway, since OSPF will use interface address as source). Also, you can't use single vPC VLAN with /29 mask and assign address for each device (3750 and 2xN7k). Because in this case, traffic might be incorrectly forwarded. It means, that traffic from 3750 perspective might be routed over 1st N7K, but switched over 2nd N7K. In this case traffic will cross vPC peer-link and will be dropped by loop prevention mechanism.

 

The solution here would be following:

1. Use 3 separate VLANs with /30 subnet each. Establish OSPF neighborship between devices in each of these VLANs.

a. VLAN between 3750 and 1st N7k

b. VLAN between 3750 and 2nd N7k

c. VLAN between 1st N7k and 2nd N7k - this VLAN should be not allowed on vPC peer.-link. Instead your vPC pair should have separate link for non-vPC VLANs, and this VLAN should be allowed there.

2. Use separate L3 links with the same logical design.

0 Helpful

Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to vb10

‎07-15-2020 12:10 PM

Hi @vb10 

Actually, using peer-gateway & layer3 peer-router you can form adjacency between vpc peers and vpc connected routers over peer-link: https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/118997-technote-nexus-00.html 

No need for dedicated l3 interfaces anymore.

 

Stay safe,

Sergiu

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card