VPC peer-link configuration for L3 routing

irenof · ‎11-05-2024

Hi all,

I have designed a topology for a migration, but after trying it on eve-ng I found a problem. The topology is the one in figure:

I have the two n9k configured with vpc domain:

vpc domain 1
peer-switch
role priority 8000
system-priority 8000
peer-keepalive destination 192.168.1.2 source 192.168.1.3 vrf FT_LINK
peer-gateway
layer3 peer-router
ip arp synchronize

the port channel for the vpc peer-link allows all Vlans

First problem: Type 2 inconsistency, since SVI A is configured only in device A and SVI B in device B. I read that this problem can be solved by removing the vlan form the trunk. I done it, and forcing the SVI to be up (no autostate).

The real problem is that if I try a Ping from dev A to Router SVI A, the response is forwarded by the CE (due to the hashing) to the link connected to device B. So the ping is lost.

Even if I leave the 2 VLANs (A and B) in the trunk, the problem remains I think (need to check).

Is there a way to solve this situation, leaving the topology connection as it is? I cannot for example, remove the po15 from router and configure 2 different links to the N9l devices

Thanks

MHM Cisco World · ‎11-07-2024

Why you use PO in CE config as trunk carry two vlan??

Config one link as trunk (or access port) to each NSK this link have only one vlan whcih connect to one NSK.

No need to config PO

MHM

irenof · ‎11-15-2024

Hi @MHM Cisco World sorry for the delay, unfortunately I cannot remove the PO, so I had to resolve the problem. I finally solved it with the command: peer-gateway exclude vlan SVIA, SVIB on both the peer devices. This removes G flag on the SVI MAC ADDRESS and the packet traverses the peer-link.

edit: typos

MHM Cisco World · ‎11-15-2024

Thanks alot for update me.

Have a nice weekend

MHM