cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
42025
Views
1
Helpful
14
Replies

vPC Member ports in suspended state.

Carl Williams
Level 1
Level 1

Can someone indicate why my ethernet ports are in suspended state for some reason, i need an indication why this may be and what i can do to fix this issue.

configuration below. I have a 7010 which i'm using to connect to two 5510's. I have one vPC connecting the two 5510's to the 7010.

I have a vPC domain configured between the 5510's. and no issues at all.

My Nexus 7010 port channel members are suspended for some reason. Need to figure out what the problem is.

Nexus 7010

vpc domain 100

role priority 100

peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf vpc-keepalive

!

interface Ethernet 3/1

description ** trunked connection - CH-G21-O4-5510-PAS-001 e1/1 ***

switchport

switchport mode trunk

channel-group 100 mode active

no shut

!

interface Ethernet 8/1

description ** trunked connection - CH-G21-O4-5510-PAS-001 e1/20 ***

switchport

switchport mode trunk

switchport mode trunk allowed vlan 1-3967,4048-4093

channel-group 100 mode active

no shut

interface port-channel 100

description *** Connections to 5510' * *****

switchport

switchport mode trunk

vpc 100

spanning-tree port type network

-----

-----

5510-A

vpc domain 300

  role priority 110

  peer-keepalive destination 192.168.1.1 source 192.168.1.2 vrf default

interface Ethernet1/1

switchport mode trunk

description *** Trunk Uplink to Nexus A  ******

channel-group 100 mode active

interface Ethernet1/20

description *** Trunk Uplink to Nexus B  ******

switchport mode trunk

channel-group 100

interface port-channel100

description ** Port channel to Nexus Platforms to Nexus A ***** 

switchport mode trunk

spanning-tree port type network

vpc 100

14 Replies 14

p.mcgowan
Level 3
Level 3

are you trying to create a vPC domain between the 7k and 5k?? if so you have configuration problems

Your vPC domain has a different ID for each switch, these should be the same. also you have your peer-keepalives configured in different vrf's, these should be the same

where is config for the second 5K??

5510-B

vpc domain 300

  role priority 100

  peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf default

interface Ethernet1/1

switchport mode trunk

description *** Trunk Uplink to Nexus A  *****

channel-group 100

interface Ethernet1/20

description *** Trunk Uplink to Nexus A  ****

switchport mode trunk

channel-group 100

interface port-channel100

description ** Port channel to Nexus Platforms to Nexus CH-G21-O1-7010-CX01, CH-G21-N2-7010-CX-O1 ***** 

switchport mode trunk

spanning-tree port-type network

vpc 100

The VPC domain is up between the 5510's, but the port-channels don't come up between the nexus 7010 and the Nexus 5510's.

Hi Carl,

On the 7010 It appears there is a mismatch on the configuration between  the two physical interfaces of Po100 (Ethernet

3/1 and Ethernet 8/1.

Difference = switchport mode trunk allowed vlan 1-3967,4048-4093 on Eth8/1 and switchport mode trun on Eth3/1 ).

You need to have a similar config on the physical interfaces of the VpC.

You can also check the consistency of the config throughout the two vpc peers =>

sh vpc consistency-parameters interface Po100

Regards.

Karim

Is there anything else you can spot.

remember i only have one nexus switch 7010 configured.

5510 - A

vpc domain 300

  role priority 100

  peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf default

interface Ethernet1/1

  description *** Trunk Uplink to Nexus A 3/8 CH-G21-O1-7010-CX01 *****

  switchport mode trunk

  channel-group 100 mode active

interface Ethernet1/20

  description *** Trunk Uplink to Nexus A CH-G21-O1-7010-CX01 3/1 ****

  switchport mode trunk

  channel-group 100 mode active

interface port-channel100

  switchport mode trunk

  vpc 100

  spanning-tree port type network

-----

-----

7010 --

vpc domain 300

  role priority 100

  peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf vpc-keepalive

interface Ethernet3/1

  description ** trunked connection - CH-G21-O4-5510-PAS-001 e1/1 ***

  switchport

  switchport mode trunk

  channel-group 100 mode active

  no shutdown

interface Ethernet8/1

  description ** trunked connection - CH-G21-O4-5510-PAS-001 e1/20 ***

  switchport

  switchport mode trunk

  channel-group 100 mode active

  no shutdown

interface port-channel100

  description *** Connections to CH-G21-S3,CH-G21-S2 5510s * *****

  switchport

  switchport mode trunk

  vpc 100

  spanning-tree port type network

--

--

problem on 7010 ...

vPC status

----------------------------------------------------------------------

id   Port   Status Consistency Reason                     Active vlans

--   ----   ------ ----------- -------------------------- ------------

100  Po100  down   failed      Consistency Check Not      -

                               Performed

--

--

I suspect that this is because i need to bring up the vpc peer link between the 7010's first. So i can't have po 100 working without having the vpc domain up between 7010's.

Legend:

                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                   : 300

Peer status                     : peer link not configured

vPC keep-alive status           : Suspended (Destination IP not reachable)

Configuration consistency status: failed

Configuration consistency reason: vPC peer-link does not exist

Type-2 consistency status       : failed

Type-2 consistency reason       : vPC peer-link does not exist

vPC role                        : none established

Number of vPCs configured       : 1

Peer Gateway                    : Disabled

Dual-active excluded VLANs      : -

vPC status

----------------------------------------------------------------------

id   Port   Status Consistency Reason                     Active vlans

--   ----   ------ ----------- -------------------------- ------------

100  Po100  down   failed      Consistency Check Not      -

                               Performed

---

--

Anyway around this i only have one 7010 available at the moment. need to get the po100 up and working.

Since you only have one nexus 7k you have to use either the reload restore command or auto-recovery (depending on what version of code you are running). 

Check out this link:

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/interfaces/configuration/guide/if_vPC.html#wp1832762

-Matt

Any Alternatives, I'm using. Command not available.

http://www.opensource.org/licenses/lgpl-2.1.php

Software

  BIOS:      version 3.17.0

  loader:    version N/A

  kickstart: version 5.0(2a)

  system:    version 5.0(2a)

The reload restore command should be available in 5.0(2a).  It goes under the vpc domain configuration.  Did you try and add it there?

-Matt

Still no luck mate.

CH-G21-O1-7010-CX01# show vpc

Legend:

                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                   : 300

Peer status                     : peer link is down

vPC keep-alive status           : Suspended (Destination IP not reachable)

Configuration consistency status: failed

Configuration consistency reason: Consistency Check Not Performed

Type-2 consistency reason       : Consistency Check Not Performed

vPC role                        : none established

Number of vPCs configured       : 1

Peer Gateway                    : Disabled

Dual-active excluded VLANs      : -

vPC Peer-link status

---------------------------------------------------------------------

id   Port   Status Active vlans

--   ----   ------ --------------------------------------------------

1    Po1000 down   -

vPC status

----------------------------------------------------------------------

id   Port   Status Consistency Reason                     Active vlans

--   ----   ------ ----------- -------------------------- ------------

100  Po100  down   failed      Consistency Check Not      -

                               Performed

CH-G21-O1-7010-CX01#

----

----

CH-G21-O4-5510-PAS-001# show vpc

Legend:

                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                   : 300

Peer status                     : peer adjacency formed ok

vPC keep-alive status           : peer is alive

Configuration consistency status: success

vPC role                        : primary

vPC Peer-link status

---------------------------------------------------------------------

id   Port   Status Active vlans

--   ----   ------ --------------------------------------------------

1    Po1000 up     1-100,1010,3007,3010,3091,3100-3101,3103,3110-3111

                   ,3113,3200-3201,3203,3210-3211,3213,3300-3301,3303

                   ,3310-3311,3313,3400-3401,3403,3410-3411,3413,3500

                   -3501,3503,3510-3511,3513,3709

vPC status

----------------------------------------------------------------------------

id     Port        Status Consistency Reason                     Active vlans

------ ----------- ------ ----------- -------------------------- -----------

31     Po31        down*  failed      Peer does not have         -

                                      corresponding vPC

32     Po32        down*  failed      Peer does not have         -

                                      corresponding vPC

33     Po33        down*  failed      Peer does not have         -

                                      corresponding vPC

34     Po34        down*  failed      Peer does not have         -

                                      corresponding vPC

100    Po100       down*  success     success                    -

----------

----------

Can you also tell me what the priorities should be i'm going to configure all my switches within the same VPC domain.

But what should the vpc priorities be.

I have

2 Nexus 7010's = VPC domain 300, priority 100, 110

4 Nexus 5510's  = VPC domain 300, priority ?

Carl Williams wrote:

But what should the vpc priorities be.

I have

2 Nexus 7010's = VPC domain 300, priority 100, 110

4 Nexus 5510's  = VPC domain 300, priority ?

Can you post a diagram of what you're trying to do?

At the very first thread of this post you say you have one 7010 - now you say you have two??

What have you got, and how is it physically connected? And what are you trying to achieve? Redundancy in 5510 uplinks to the 7010's? Redundancy in 5510 uplinks to 7010's *and* redundancy for nodes connected across 5510's? Something else?

From what I can see, your 7010's are not establishign the VPC peer-keepalive-link, and without that any VPC configuration is destined to fail. Also, you don't appear to have a VPC peer-link configured on your 7010, which is the core fo the whole VPC process.

I'm somewhat confused as to what you're trying to do, but you've got errors all over the palce from the output you're posting above.

Darren. I was using one nexus 7010 just for testing between two nexus 5510's.

The end game is. I require two nexus 7010's connected redundantly to four nexus 5510's.

2 Nexus 7010's core

2x 5510's = po 100

2x 5510's = po 200

I Configured each switch in the same vpc domain. WHich is fine.

My question is what should the priorities be.

The nexus switches are configured for 100 and 110  = prim secondary

What should the nexus 5510's be. They will be in the same Vpc domain.

Carl Williams wrote:

Darren. I was using one nexus 7010 just for testing between two nexus 5510's.

The end game is. I require two nexus 7010's connected redundantly to four nexus 5510's.

2 Nexus 7010's core

2x 5510's = po 100

2x 5510's = po 200

I Configured each switch in the same vpc domain. WHich is fine.

My question is what should the priorities be.

The nexus switches are configured for 100 and 110  = prim secondary

What should the nexus 5510's be. They will be in the same Vpc domain.

I'm still confused as to what you're trying to do

You have the 7010's linked together in a VPC domain. That I can understand, and is dead easy to do.

What VPC domain do you need for the 5000's? If all you want to do is configure uplinks from the 5000's to each 7000, you don't need a VPC from the 5000's point of view - just make a regular channel group and plug one leg into 7010 number one and the other into 7010 number 2.

If you want to do something else, please draw out what you're trying to do so I can get my head around it.

Cheers.

Review Cisco Networking for a $25 gift card