Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1644
Views
0
Helpful
13
Replies

VPC_PEER_LINK_INCONSIST_BLOCK issue on cisco nexus 9k image on eve ng

kbk989
Level 1
Level 1

‎08-14-2025 12:45 PM - edited ‎08-14-2025 01:31 PM

So ive been completely stumped for a few months now regarding this issue, i have a lab running on eve ng with nexus 9k images and this happens regardless of the version, ive used 9500 images, 9300 images and different versions of each and i still get the same errors no matter what.

Error looks something like this-

2025 Aug 14 19:09:49 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected !BPDU receive timeout blocking port-channel200 VLAN0100.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_UNBLOCK: vPC peer-link inconsistency cleared unblocking Po200 VLAN: 100.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_UNBLOCK: vPC peer-link inconsistency cleared unblocking Po80 VLAN: 100.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected Bridge Assurance Inconsistency blocking port-channel200 VLAN0090.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected Bridge Assurance Inconsistency blocking port-channel200 VLAN0099.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected Bridge Assurance Inconsistency blocking port-channel200 VLAN0999.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected Bridge Assurance Inconsistency blocking port-channel200 VLAN0080.
2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected Bridge Assurance Inconsistency blocking port-channel200 VLAN0085.
2025 Aug 14 19:09:59 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_UNBLOCK: vPC peer-link inconsistency cleared unblocking Po200 VLAN: 100.
2025 Aug 14 19:09:59 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_UNBLOCK: vPC peer-link inconsistency cleared unblocking Po30 VLAN: 80.
2025 Aug 14 19:09:59 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_UNBLOCK: vPC peer-link inconsistency cleared unblocking Po200 VLAN: 80.
2025 Aug 14 19:09:59 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_UNBLOCK: vPC peer-link inconsistency cleared unblocking Po80 VLAN: 85.

This happens every few minutes and when it happens whole lab freezes for about 30-50 seconds until stp starts unblocking and it goes to normal (during this whole process the cpu usage hits 100 simultaneously for most of the nodes turned on in the lab which causes the lag).

I need help from all the experienced folks out here who may knwo whats going on.

The topology looks something like this-

 

kbk989_1-1755199920274.png

As you can see im using port channel with a single link for both pair of switches, top 2 switches are in a vpc pair and bottom 2 are in a vpc pair, i get the errors on mostly one of the top 2 switches but it happens sometimes on the bottom 2 pair as well, vpc configuration for both pairs is similar.

For top pair-

N9K-1# show running-config vpc

!Command: show running-config vpc
!Running configuration last done at: Thu Aug 14 18:42:23 2025
!Time: Thu Aug 14 19:25:25 2025

version 10.4(5) Bios:version
feature vpc

vpc domain 1
peer-switch
role priority 8192
peer-keepalive destination 10.1.1.2 source 10.1.1.1 interval 10000 timeout 20
hold-timeout 10
peer-gateway
layer3 peer-router
auto-recovery
ip arp synchronize

interface port-channel5
vpc 5

interface port-channel30
vpc 30

interface port-channel40
vpc 40

interface port-channel80
vpc 80

interface port-channel200
vpc peer-link

Config is exact same on both switches but source and dest ips are reversed in peer-keepalive line and higher priorit for the other switch in the pair.

N9K-1# show running-config interface port-channel 200

version 10.4(5) Bios:version

interface port-channel200
description vPC Peerlink
switchport
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 10,80,85,90,99-100,999
spanning-tree port type network
vpc peer-link

above is the exact same on the other member as well.

For bottom pair-

!Command: show running-config vpc
!Running configuration last done at: Thu Aug 14 18:43:35 2025
!Time: Thu Aug 14 19:28:29 2025

version 10.4(5) Bios:version
feature vpc

vpc domain 20
role priority 5000
peer-keepalive destination 10.2.1.2 source 10.2.1.1 interval 10000 timeout 20
hold-timeout 10
auto-recovery

interface port-channel20
vpc peer-link

interface port-channel30
vpc 30

interface port-channel50
vpc 50

Same config on the 2nd switch in the pair with source and dest ips reversed in the peer-keepalive command and higher priority.

show running-config interface port-channel 20

version 10.4(5) Bios:version

interface port-channel20
description vPC PeerLink
switchport
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 80,85,90,99,999
spanning-tree port type normal
vpc peer-link

above is the exact same on the other member as well.

 

What am i doing wrong? Or am i even doing anything wrong since we have production switches and all i did was do configure it similarly and prod swicthes are al working fine with 0 issues with a similar config.

Also both switches in the top pair are root bridges and have the following commands on them-

spanning-tree pathcost method long
spanning-tree vlan 10,80,85,90,99,999 priority 4096

Ive been struggling with this issue for many months now, i have other stuff in this lab that i want to work on but the constant lagging because of these errors makes it extremely difficultt to lab since sometimes i just have to turn off these 9k nodes and i do need them on for labbing in most situations.

Let me know if i need to post any more configs, i didnt post the show run as its just going to make the post extremely long but if i need to ill do it.

Please help guys!

Thank You

Labels:
0 Helpful
13 Replies 13

MHM Cisco World
VIP
VIP

‎08-14-2025 02:06 PM

spanning-tree port type normal <<- this need to be network not normal' 

MHM

0 Helpful

kbk989
Level 1
Level 1
In response to MHM Cisco World

‎08-14-2025 02:31 PM

Yes I have tried network initially as well which was causing issues which is why I went with normal, either way makes no difference in my setup and I still see errors.

0 Helpful

MHM Cisco World
VIP
VIP
In response to kbk989

‎08-14-2025 02:37 PM

Both side of peer link must be network.

Do that then do shut/no shut to peer-link and then share 

Show vpc consistency-para interface port-channel <peer-like>

MHM

0 Helpful

kbk989
Level 1
Level 1
In response to MHM Cisco World

‎08-14-2025 04:03 PM - edited ‎08-14-2025 04:05 PM

yes of course i know that, ive already tried everythign and nothing works but anyways-

N9K-3# show running-config interface port-channel 20

!Command: show running-config interface port-channel20
!Running configuration last done at: Thu Aug 14 22:46:08 2025
!Time: Thu Aug 14 22:48:40 2025

version 10.4(5) Bios:version

interface port-channel20
description vPC PeerLink
switchport
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 80,85,90,99,999
spanning-tree port type network
vpc peer-link

N9K-4(config)# show running-config interface port-channel 20

!Command: show running-config interface port-channel20
!Running configuration last done at: Thu Aug 14 22:39:57 2025
!Time: Thu Aug 14 22:42:40 2025

version 10.4(5) Bios:version

interface port-channel20
description vPC PeerLink
switchport
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 80,85,90,99,999
spanning-tree port type network
vpc peer-link

 




this time the link wont even come up, shows suspended.

kbk989_0-1755212668992.png

 

N9K-3# show port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
b - BFD Session Wait
S - Switched R - Routed
U - Up (port-channel)
p - Up in delay-lacp mode (member)
M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
20 Po20(SD) Eth LACP Eth1/6(s)


These are for the bottom 2 switches by the way.

0 Helpful

MHM Cisco World
VIP
VIP
In response to kbk989

‎08-15-2025 01:22 AM

Allow vlan is empty' check again vlan allow in show vpc breif 

Also do 

 Show vpc consistency-para global 

MHM

0 Helpful

MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎08-18-2025 07:35 AM

Any update 

MHM

0 Helpful

Pavel Tarakanov
Cisco Employee
Cisco Employee

‎08-14-2025 11:01 PM

Bridge Assurance makes sure that switch receive BPDU.

2025 Aug 14 19:09:53 N9K-1 %$ VDC-1 %$ %STP-2-VPC_PEER_LINK_INCONSIST_BLOCK: vPC peer-link detected Bridge Assurance Inconsistency blocking port-channel200 VLAN0999.

This and similar messages most likely means that BPDU not arrived at time and port blocked. Usually I observe the same when don't have enough resources for nodes.

Can you try to start only two nodes and check if the issue persists?

0 Helpful

kbk989
Level 1
Level 1
In response to Pavel Tarakanov

‎08-15-2025 06:24 AM

ok i will try with 2 nodes, do i need to assign like 4 vcpus to each node? i have tried upto 3 vcpus to no avail

0 Helpful

Pavel Tarakanov
Cisco Employee
Cisco Employee
In response to kbk989

‎08-16-2025 12:07 AM

https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/102x/configuration/n9000v/cisco-nexus-9000v-guide-102x/m-cisco-nexus-9000v.html

The Cisco Nexus 9000v uses the Cisco Nexus 9000 Series hardware software image. It requires the minimum resources as shown in the following list. These resources are generally not oversubscribed on any server.

  • Minimum 6G. We recommend a 8G VM configuration for complex topology and enabling features.

  • 1-4 vCPUs

  • 8G hard disk

  • 1 serial port

  • 1 network interface card (NIC)

0 Helpful

kbk989
Level 1
Level 1
In response to Pavel Tarakanov

‎08-15-2025 06:27 AM

too many resources makes sense as well i guess since i do have at least another 10 nodes (palo alto, windows, cisco stuff etc) turned on at the same time whenever i turn these on as well

0 Helpful

Mr Andersen
Level 1
Level 1
In response to kbk989

‎08-16-2025 03:56 AM - edited ‎08-16-2025 04:17 AM

I run this setup with 1 vCPU. It's just more stable. Dont know much about eve ng but i assume it works kinda like GNS 3.

Are you running the N9K on server or locally on PC?

Also, try and shut them all down and create two nodes with vPC starting with absolute minimum, then add the necessary configuration one by one and see if it breaks. Remember to shut/no shut between configuration additions since STP is ******** with you.

Regarding the suspended link.

A bit of a reach. The xconnect VLANS has a "-" on local one from the output. Not sure if that's supposed to be like that, I don't have access to a switch as of right now. 

0 Helpful

kbk989
Level 1
Level 1
In response to Mr Andersen

‎08-19-2025 04:42 PM

So I'm trying something right now, until now I've always assigned all vcpus to my eve VM (all 88 out of 88), now I'm trying to only assign 86 vcpus and leave 2 vcpus to my esxi host, maybe that's why it was unstable? Let's see what happens, I'll leave everything turned on for a day and if all my Nexus nodes remain stable then that means that was the issue.

0 Helpful

MHM Cisco World
VIP
VIP

‎08-31-2025 04:08 AM

Still waiting answer for this Issue?

MHM

0 Helpful
Customers Also Viewed These Support Documents