11-07-2012 01:06 PM - edited 03-07-2019 09:55 AM
We have a vPC cluster of two Nexus 7009 that needs to be connected with a VSS cluster of two Catalyst 6509s. The VSS has been working fine for a while and the vPC cluster is new equipment.
Attached there is a detailed diagram of the connections; the VSS cluster connects the interfaces Ten1/2/8 and Ten 2/2/8 using the PortChannel 28 going to the the vPC cluster to the interfaces Eth 4/18 of each switch.
Both the vPC and the VSS are well configured; last night we tried to brought up the connection between the two clusters but only the first interface comes up within the etherchannel; the secondary one did not come up and shows (not receiving LACP packets).
We know Layer 1 is fine because if we remove the interface from the EtherChannel it does come up; but causes some STP loop and bring the network down; thus the solution is to form a EtherChannel.
At the VSS Clúster we see LACP packets being sent with sh lacp counters but we DO NOT see LACP packets being received in the interface of the secondary Nexus.
Right now, this is not possible to troubleshoot since it is a production enviroment; so I'm looking for problems with the configuration or recommendations to follow in order to apply them tomorrow night during a new maintenance window.
These are the configurations:
#######vPC cluster of Nexus 7009######
--N7K-1--
interface port-channel418
description Uplink 20 GE hacia VSS
switchport
switchport mode trunk
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112
switchport trunk allowed vlan add 120,149-152,154-160,163-164,170
switchport trunk allowed vlan add 172,190,200,801,900,905,910,920
switchport trunk allowed vlan add 925,960
spanning-tree port type network
vpc 418
no shut
interface Ethernet4/18
description Uplink 10 GE hacia VSS-1 Ten 1/2/8
switchport
switchport mode trunk
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112
switchport trunk allowed vlan add 120,149-152,154-160,163-164,170
switchport trunk allowed vlan add 172,190,200,801,900,905,910,920
switchport trunk allowed vlan add 925,960
rate-mode dedicated force
udld aggressive
channel-group 418 mode active
no shutdown
--N7K-2--
interface port-channel418
description Uplink 20 GE hacia VSS
switchport
switchport mode trunk
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112
switchport trunk allowed vlan add 120,149-152,154-160,163-164,170
switchport trunk allowed vlan add 172,190,200,801,900,905,910,920
switchport trunk allowed vlan add 925,960
spanning-tree port type network
vpc 418
interface Ethernet4/18
description Uplink 10 GE hacia VSS-2 Ten 2/2/8
switchport
switchport mode trunk
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112
switchport trunk allowed vlan add 120,149-152,154-160,163-164,170
switchport trunk allowed vlan add 172,190,200,801,900,905,910,920
switchport trunk allowed vlan add 925,960
rate-mode dedicated force
udld aggressive
channel-group 418 mode active
no shutdown
#######vPC cluster of Nexus 7009######
interface TenGigabitEthernet1/2/8
description CONEXION HACIA ETHERNET 4/1 NEXUS 7K PRIMARIO CAP
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112,120,149-152
switchport trunk allowed vlan add 154-160,163,164,170,172,190,200,801,900,905
switchport trunk allowed vlan add 910,920,925,960
switchport mode trunk
no shutdown
udld port aggressive
storm-control broadcast level 1.00
channel-group 28 mode active
interface TenGigabitEthernet2/2/8
description CONEXION HACIA ETHERNET 4/1 NEXUS 7K SECUNDARIO CAP
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112,120,149-152
switchport trunk allowed vlan add 154-160,163,164,170,172,190,200,801,900,905
switchport trunk allowed vlan add 910,920,925,960
switchport mode trunk
no shutdown
udld port aggressive
storm-control broadcast level 1.00
channel-group 28 mode active
interface Port-channel28
description Trunk hacia Switches NEXUS 7K CAP
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,4,10,17,35,37,39,60,63,100,112,120,149-152
switchport trunk allowed vlan add 154-160,163,164,170,172,190,200,801,900,905
switchport trunk allowed vlan add 910,920,925,960
switchport mode trunk
11-07-2012 01:18 PM
any logs that you saw when the etherhcnael failed to establish the neighbor?
Looking at your configuration:
" spanning-tree port type network" on N7K indicates you enable the Bridge Assurance feautre but not on VSS side.
Try with type normal if BA is not needed between VSS/N7K.
11-07-2012 01:45 PM
Thanks for the reply Dazhi; actually we did enable that after some attempts but at the beginnning it was not configured.
I saw that in a config guide, but I'm not really sure what is the effect of that command.
I'm attaching a debug from the N7K that was able to capture.
11-07-2012 03:53 PM
Spanning-tree port type nework will enable bridge assurance. It is bi-directional BPDU. Since you are using vPC to the VSS, it is not recommended to enable BA over vPC port-channels. You should use Normal like what Derek said.
Secondary, you are using UDLD aggressive, this is also not recommended. UDLD normal should do the job on fiber link. Can you check the interface and post the output?
show interface e4/18 !!! on the Nexus
show interface ten1/2/8 !!! on the C6K
show interface ten2/2/8 !!! on the C6K
Regards,
jerry
03-28-2016 10:05 AM
Hi Dennis Ariel Leon Murillo,
I am also facing same issue , I am seeing (suspended(no lacp pdus)) on secondary N7K interface. Can you tell us if you able to solve this issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide