Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
953
Views
10
Helpful
5
Replies

On N5Ks, HSRP gateway on orphan port routers?

Go to solution
ck.chaminda
Level 1
Level 1

‎07-07-2015 05:23 PM - edited ‎03-08-2019 12:52 AM

Hello,

We have a situation, where on a 2 x N5K environment it is necessary for a VPC VLAN to be terminated on down stream routers via HSRP. The routers themselves are single armed to each Nexus, so are orphan ports.The design constraints are forced on us by the WAN-OP PBR design.

The implication is packets hitting the secondary N5K via VPC will need to travel the VPC peer-link to reach the active HSRP gateway.

Does anyone know if this causes any restriction on future TAC support for the environment?

Thanks,

CK.

1 person had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Madhukrishnan Gopinathan Nair
Level 7
Level 7
In response to ck.chaminda

‎07-13-2015 05:28 AM

Hi Chaminda,

 

The peer-gateway feature will not help you in this sitaution since these are orphan ports. Peer-gateway help to forward packet irrespective of whether it is received on HSRP standby or active but this happens only when traffic received on VPC ports. 

Does anyone know if this causes any restriction on future TAC support for the environment?

It may not, but TAC may advice you to change the design  as it is not a good practice to use the Peer-link for non VPC traffic. So as a best practice use another L2 trunk port between N5k to carry this Orphan traffic.

Hope this helps you.

Thanks,

Madhu.

 

 

View solution in original post

5 Replies 5

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎07-07-2015 05:33 PM

Hi,

There is feature in Nexus OS called "peer-gateway".  If you add this command to both 5ks, than when a packet hits the secondary 5k, it will forward it upstream without sending it over the VPC peer-link.

Here is more info:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/command/reference/vpc/n5k-vpc-cr/n5k-vpc_cmds_p.html#wp1219702

HTH

0 Helpful

Go to solution
ck.chaminda
Level 1
Level 1
In response to Reza Sharifi

‎07-07-2015 05:43 PM

Unfortunately as each router is connected to each N5K via a single link only, there is no way for packets ending up on the secondary N5K to hit the primary ASR (which has HSRP Active) without crossing the peer-link :(.

0 Helpful

Go to solution
s.lachica
Level 1
Level 1
In response to ck.chaminda

‎07-12-2015 08:20 PM

Hi ck.chaminda,

 

when using orphan ports in nexus, it is recommended to provide a separate "ordinary trunk" between the 2 nexus device. This is so that non-vpc vlans will use this link for their ordinary trunking needs.

 

Regards,

CCIE (R&S) #27666 CCSI HP MASE
0 Helpful

Go to solution
ck.chaminda
Level 1
Level 1
In response to s.lachica

‎07-13-2015 05:40 PM

Thanks every one for your replies. Madhu hit the nail here. 

Well I submitted a case with TAC, and was told it will be supported, because it is not explicitly defined anywhere in documentation the topology is not supported.

0 Helpful

Go to solution
Madhukrishnan Gopinathan Nair
Level 7
Level 7
In response to ck.chaminda

‎07-13-2015 05:28 AM

Hi Chaminda,

 

The peer-gateway feature will not help you in this sitaution since these are orphan ports. Peer-gateway help to forward packet irrespective of whether it is received on HSRP standby or active but this happens only when traffic received on VPC ports. 

Does anyone know if this causes any restriction on future TAC support for the environment?

It may not, but TAC may advice you to change the design  as it is not a good practice to use the Peer-link for non VPC traffic. So as a best practice use another L2 trunk port between N5k to carry this Orphan traffic.

Hope this helps you.

Thanks,

Madhu.

 

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card