Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1161
Views
0
Helpful
3
Replies

Trunk links with vPC on Nexus 7K-to-closet

Go to solution
Matt Glosson
Level 1
Level 1

‎01-12-2018 10:18 AM - edited ‎03-08-2019 01:23 PM

Greetings. We have two Nexus 7K switches, each with two N7K-SUP1 and N7K-M132XP-12L modules. It's in a vPC configuration. We're on 6.2(16) code. The 7K switches are basically acting as cores that do DC functions and general campus core switches.

We have about 15 stacks of 3750-X and 2960-X switches that connect directly back to the 7Ks, each with a vPC. There are several VLANs on these vPCs, and they match in the switchport trunk allowed vlan list. What happens when I want to add a VLAN during production? I have done this a lot of times, but it always scares me, because I believe LACP is quite sensitive about mismatched VLANs. Here's what I do to each switch (with the PuTTY ssh windows open side-by-side):

  1. Go into the appropriate Port-Channel interface context
  2. Type switchport trunk allowed vlan add X but I don't pretty enter.
  3. Go to the N7K1 window and press enter
  4. Immediately press enter on the N7K2 window
  5. Immediately press enter on the 3750X-stack window

The command is then applied to all three in less than a second and I have not had an incident where a user on an existing VLAN has lost connectivity.

Keep in mind, most of these switch stacks are in use all the time (it's a hospital). My heart always races, before doing this. My question are:

  1. Do I need to get nervous?
  2. What if I add VLAN X to N7K1 but don't immediately add it to N7K2 or the 3750X-stack?
  3. What if I add VLAN X to the 3750X-stack before adding it to N7K1 or 2?
  4. Is there a time that if I go over it, LACP will freak out and take the whole mismatched link offline?

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎01-12-2018 11:08 AM

Hi,

Vlan mismatch between the 2 switches is a type-1 inconsistency but it will only affect the new vlan you are adding and not anything else that is already in production.  So, I don't think you need to add the vlans to both sides or all 3 sides as only that vlan will be suspended until it is added to all switches.

See link for more info:

Depending on the severity of the misconfiguration, vPC may either warn the user (Type-2 misconfiguration) or suspend the PortChannel (Type-1 misconfiguration). In the specific case of a VLAN mismatch, only the VLAN that differs between the vPC member ports will be suspended on all the vPC PortChannels.

Link:

https://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/design_guide_c07-625857.html

HTH

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎01-12-2018 10:40 AM

Hi,

When we are changing any allowed VLAN information in a production environment, should enter the command "switchport trunk allowed vlan add X" or "switchport trunk allowed vlan remove X"  otherwise it will rewrite the VLAN information on given interface and will cause loss of connectivity and downtime.

 

 

1. Do I need to get nervous?

No, Only need some practice and experience. I am always making a configuration in "Notepad", verifying the configuration with current running configuration and after that applying on switch or router. It will take some time but be minimize the chance of typo.

 

2. What if I add VLAN X to N7K1 but don't immediately add it to N7K2 or the 3750X-stack?

If you are not rewriting current configuration and adding new VLAN then there will be no impact on the running network. But If you rewrite the configuration then you will lose the connectivity.

 

3. What if I add VLAN X to the 3750X-stack before adding it to N7K1 or 2?

The answer is same as question 2.

 

4.Is there a time that if I go over it, LACP will freak out and take the whole mismatched link offline?

It will take place immediately without any warning and link goes down.

 

Thanks,

Deepak Kumar  

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎01-12-2018 11:08 AM

Hi,

Vlan mismatch between the 2 switches is a type-1 inconsistency but it will only affect the new vlan you are adding and not anything else that is already in production.  So, I don't think you need to add the vlans to both sides or all 3 sides as only that vlan will be suspended until it is added to all switches.

See link for more info:

Depending on the severity of the misconfiguration, vPC may either warn the user (Type-2 misconfiguration) or suspend the PortChannel (Type-1 misconfiguration). In the specific case of a VLAN mismatch, only the VLAN that differs between the vPC member ports will be suspended on all the vPC PortChannels.

Link:

https://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/design_guide_c07-625857.html

HTH

0 Helpful

Go to solution
Matt Glosson
Level 1
Level 1
In response to Reza Sharifi

‎01-12-2018 11:19 AM

This is the answer I was looking for... and a link included to boot... thank you!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card