Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
745
Views
3
Helpful
5
Replies

Port channel config: endpoint traffic crosses both Nexus' or only one?

Go to solution
jmaxwellUSAF
VIP
VIP

‎05-04-2023 07:46 AM - edited ‎05-04-2023 07:48 AM

Hello.

GIVEN: Below configs are for 2 Nexus 9300s NOT in a HA pair config. They exist for redundancy. An HSRP config exists between them.

QUESTIONS:

1. Does the endpoint server traffic traverse both Nexus' or only one Nexus?
2. If this data does traverse both Nexus', what are the commands that instruct these 2 Nexus' to communicate to each other?
3. What are the commands that would make the transmitted packets rotate egress ports across all 4 paths, so the port channel includes 4 ports across 2 switches?

4. (different topic) In below configs, is the command needed "switchport trunk encapsulation dot1.q" , or is that a default?

Thank you.
-------

-Nexus 1

interface port-channel8
switchport mode trunk
switchport trunk allowed vlan 2,3
speed 10000
no negotiate auto
vpc 8

interface Ethernet1/5
switchport mode trunk
switchport trunk allowed vlan 2,3
spanning-tree port type edge
speed 10000
no negotiate auto
channel-group 8 mode active

interface Ethernet1/6
switchport mode trunk
switchport trunk allowed vlan 2,3
spanning-tree port type edge
speed 10000
no negotiate auto
channel-group 8 mode active
----------

-Nexus 2 (same config at Nexus 1)

interface port-channel8
switchport mode trunk
switchport trunk allowed vlan 2,3
speed 10000
no negotiate auto
vpc 8

interface Ethernet1/5
switchport mode trunk
switchport trunk allowed vlan 2,3
spanning-tree port type edge
speed 10000
no negotiate auto
channel-group 8 mode active

interface Ethernet1/6
switchport mode trunk
switchport trunk allowed vlan 2,3
spanning-tree port type edge
speed 10000
no negotiate auto
channel-group 8 mode active

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎05-04-2023 07:54 AM

1. Does the endpoint server traffic traverse both Nexus' or only one Nexus? if the GW is HSRP VIP then both NSK forward traffic if the GW is VLAN SVI of one NSK vPC pair then you need "peer-gateway"
2. If this data does traverse both Nexus', what are the commands that instruct these 2 Nexus' to communicate to each other? see above 
3. What are the commands that would make the transmitted packets rotate egress ports across all 4 paths, so the port channel includes 4 ports across 2 switches?NO clear 

4. (different topic) In below configs, is the command needed "switchport trunk encapsulation dot1.q" , or is that a default? NO need this command anymore in new cisco catalyst SW and NSK

View solution in original post

Go to solution
MHM Cisco World
VIP
VIP
In response to jmaxwellUSAF

‎05-04-2023 09:25 AM

Traffic is divided into two l2 and l3

L2 using hash so there is no round Robin 

L3 if the host send traffic to hsrp VIP' then the traffic will send using l2 hash to any NSK and NSK that receive traffic forward it 

If the host send to SVI of vlan of one NSK there is chance that receive NSK pair (because of l2 hash) is not have this IP and NSK forwars traffic through peer -link to other NSK to forward it.

Here cisco add peer-gateway to solve this issue 

View solution in original post

5 Replies 5

Go to solution
M02@rt37
VIP
VIP

‎05-04-2023 07:51 AM

Hello @jmaxwellUSAF,

1. The endpoint server traffic will only traverse one Nexus switch at a time. When the Nexus switches are configured in a VPC, only one switch will be forwarding traffic for a particular VLAN at any given time, while the other switch is in standby mode. This is to prevent any forwarding loops or duplicate frames.

2. The commands that allow the Nexus switches to communicate with each other are related to the Virtual Port Channel (VPC) configuration. In the provided configuration, VPC 8 is used to bundle the Ethernet1/5 and Ethernet1/6 interfaces on both Nexus switches. The "vpc" command is used to configure VPC. The "vpc domain" command is used to define a unique domain ID for the VPC domain. The "peer-link" command is used to configure the VPC peer-link between the two switches. The "peer-gateway" command is used to enable the use of the peer switch as the active gateway for packets forwarded to the Layer 3 gateway address.

I don't understand 3.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
jmaxwellUSAF
VIP
VIP
In response to M02@rt37

‎05-04-2023 09:04 AM

Thank you for your inspired reply...

"1. The endpoint server traffic will only traverse one Nexus switch at a time. When the Nexus switches are configured in a VPC, only one switch will be forwarding traffic for a particular VLAN at any given time, while the other switch is in standby mode."

It seems this contradicts MHM Cisco world's reply...

"if the GW is HSRP VIP then both NSK forward traffic if the GW is VLAN SVI of one NSK vPC pair then you need "peer-gateway""

Please explain?

Thank you.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎05-04-2023 07:54 AM

1. Does the endpoint server traffic traverse both Nexus' or only one Nexus? if the GW is HSRP VIP then both NSK forward traffic if the GW is VLAN SVI of one NSK vPC pair then you need "peer-gateway"
2. If this data does traverse both Nexus', what are the commands that instruct these 2 Nexus' to communicate to each other? see above 
3. What are the commands that would make the transmitted packets rotate egress ports across all 4 paths, so the port channel includes 4 ports across 2 switches?NO clear 

4. (different topic) In below configs, is the command needed "switchport trunk encapsulation dot1.q" , or is that a default? NO need this command anymore in new cisco catalyst SW and NSK

Go to solution
jmaxwellUSAF
VIP
VIP
In response to MHM Cisco World

‎05-04-2023 09:08 AM

Thank you for your reply. I don't understand your reply below. Please explain?...

"3. What are the commands that would make the transmitted packets rotate egress ports across all 4 paths, so the port channel includes 4 ports across 2 switches? NO clear "

From your first reply, I'm understanding that with the command "peer-gateway", this enables packets to round robin across all 4 ports. Is my understanding correct?

Thank you.

 

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to jmaxwellUSAF

‎05-04-2023 09:25 AM

Traffic is divided into two l2 and l3

L2 using hash so there is no round Robin 

L3 if the host send traffic to hsrp VIP' then the traffic will send using l2 hash to any NSK and NSK that receive traffic forward it 

If the host send to SVI of vlan of one NSK there is chance that receive NSK pair (because of l2 hash) is not have this IP and NSK forwars traffic through peer -link to other NSK to forward it.

Here cisco add peer-gateway to solve this issue 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card