Re: Support for HSRP for Sub-Interfaces on N2K-C2232PP-10GE <-> Nexus 7K Scenario

dsantunes · ‎10-31-2018

Hello.

We have a couple of Nexus7000 C7010 models, with port-channels between them. Under each of these 7k switches we have a single-home FEX 2232PP.

For a given service we are aiming to use subinterfaces on both FEXs, with HSRP. We cannot use SVIs, we have to use subinterfaces.

Additionally, on the 7k switches we want to put some of these subinterfaces over one VRF and other subinterfaces over another VRF, which we think should not be an issue.

We have read that there is no support of HSRP on FEX subinterfaces when these are tied up with Nexus 9k:

"FEX Layer 3 does not support HSRP, ACLs, QoS, BFD, or DHCP on FEX Layer 3 ports and subinterfaces" in Here

However we do not find a similar reference to the scenario in which the FEXs are under 7k switches, as in our case.

Can anyone help clarifying whether is it possible to have HSRP for subinterfaces in 2238 fabric extenders when these are controlled by Nexus 7k switches?

Thank you.

Reza Sharifi · ‎10-31-2018

Hi,

It should work fine as long as the interface is layer-3

You can create virtual subinterfaces on a parent interface configured as a Layer 3 interface. A parent interface can be a physical port or a port channel.

link to 7k config guide:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_2/nx-os/interfaces/configuration/guide/if_nxos/if_layer3int.html#48044

HTH

dsantunes · ‎10-31-2018

Hi Reza.

Thank you for your message.

I understand that this should not be an issue when using HSRP directly on layer 3 interfaces of the Nexus 7k ports.

But my doubt concerns doing it over subinterfaces configured over FEX physical ports. For example:

-On FEX1, subinterface Eth101/1/1.20 with IP address 10.10.10.1;

-On FEX2, subinterface Eth101/1/1.20 with IP address 10.10.10.2;

-Both subinterfaces are under the same HSRP group, with a VIP equal to, let's say, 10.10.10.6

I remind that the parent switch is from Nexus 7k family. As written in my original post, Cisco acknowledges that this should not work when the parent switch is a 9k (at least that is my understanding from the manual). But since in my case we do not have a 9k parent switch but instead a 7k, it is unclear.

Thank you.

Kind regards,

David

nazimkha · ‎10-31-2018

Hi David,

The support for HSRP is mainly due to queuing not supported on FEX host interfaces prior to 6.2.2
For Cisco NX-OS Release 6.2(2) and later releases,the Cisco Fabric Extenders
support Layer 3 protocol adjacencies onhostinterfaces (HIFs)and DSCP to queue mapping.
Before CiscoNX-OS Release 6.2(2),you can configure a Fabric Extender (FEX) port as a Layer 3 interface
for host connectivity, but not for routing.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/interfaces/configuration/guide/b-Cisco-Nexus-7000-Series-NX-OS-Interfaces-Configuration-Guide-Book/configuring-layer-3-interfaces.pdf

FEX supports Layer-3 sub-interface

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus2000/sw/configuration/guide/rel_521/b_Configuring_the_Cisco_Nexus_2000_Series_Fabric_Extender_rel_5_2/b_Configuring_the_Cisco_Nexus_2000_Series_Fabric_Extender_rel_5_2_chapter_01.html#d25...

Reza Sharifi · ‎10-31-2018

Hi David,

-On FEX1, subinterface Eth101/1/1.20 with IP address 10.10.10.1;

-On FEX2, subinterface Eth101/1/1.20 with IP address 10.10.10.2;

I am not sure if your setup will work as each sub-interface needs to be in a different subnet.

In your setup, as soon as you try to put FEX2 in the same subnet as FEX1, you will see an overlapping subnet error.

HTH

dsantunes · ‎11-02-2018

Hi Reza.

Unless you are referring specifically to how FEX behave, I believe this should not be an issue as we have it in other devices (not on FEXs) and it is the basis underneath HSRP, as detailed in here, Fig. 43-1.

Kind regards,

David