Solved: vPC peer-link

Vivek Ganapathi · ‎11-16-2015

Hello All,

We have a requirement to enable Jumbo frame support in our nexus infrastructure. We have 2 x Nexus 7k with each of them with 1 x FEX each. During my investigation, i found that the vPC peer-link is by default MTU 1500 (as per cisco documentation, by default it is 9000). Unfortunately, Nexus doesn't permit to change the MTU on a vPC peer-link until the peer-link statement is removed from the port-channel configuration. As per my understanding, if the vPC peer-link statement is removed & peer keep alive is up, the secondary vPC peer will take down all the vPC member SVI/ports which is very important behaviour to tackle a dual-active or split brain scenario. Question is, when the vPC peer link is restored, will the member SVIs / ports automatically come back online or it has to be manually enabled?

Regards

Vivek

Ganesh Hariharan · ‎11-16-2015

Hello Vivek,

If only vPC peer-link down, but keep-alive link up, the vPC secondary peer will suspend all its vPC port-channels. However when the vPC peer-link comes back up, the expected behavior is for the vPC secondary switch to bring back up all its vPC channels. No manual intervention is needed for this. This can be achive with Auto recovery feature in Nexus.

Auto recovery covers the use case that reload restore addressed in early IOS features. If both switches reload, and only one switch boots up, auto-recovery allows that switch to assume the role of the primary switch.

If the vPC peer-link and the peer-keepalive fail to become operational within that time. If the peer-link comes up but the peer-keepalive does not come up, both peer switches keep the vPC links down.

As vPC consistency check cannot be performed when the peer link is lost during the vPC peer link failure , the operational secondary switch suspends all of its vPC member ports while the vPC member ports remain on the operational primary switch.

If the vPC member ports on the primary switch flaps afterwards (for example, when the switch or server that connects to the vPC primary switch is reloaded), the ports remain down due to the vPC consistency check and you cannot add or bring up more vPCs.

Have a look on best practice on vPC

Hope it Helps..

-GI

Rate if it Helps..

View solution in original post

InayathUlla Sharieff · ‎11-17-2015

Hi Vivek,

No the links would come up( when the peer-link is back onlin) you dont need to unshut the ports as the ports will be in suspended state.(But it would take a bit time).

HTH

Regards

Inayath

View solution in original post

Ganesh Hariharan · ‎11-16-2015

Hello Vivek,

If only vPC peer-link down, but keep-alive link up, the vPC secondary peer will suspend all its vPC port-channels. However when the vPC peer-link comes back up, the expected behavior is for the vPC secondary switch to bring back up all its vPC channels. No manual intervention is needed for this. This can be achive with Auto recovery feature in Nexus.

Auto recovery covers the use case that reload restore addressed in early IOS features. If both switches reload, and only one switch boots up, auto-recovery allows that switch to assume the role of the primary switch.

If the vPC peer-link and the peer-keepalive fail to become operational within that time. If the peer-link comes up but the peer-keepalive does not come up, both peer switches keep the vPC links down.

As vPC consistency check cannot be performed when the peer link is lost during the vPC peer link failure , the operational secondary switch suspends all of its vPC member ports while the vPC member ports remain on the operational primary switch.

If the vPC member ports on the primary switch flaps afterwards (for example, when the switch or server that connects to the vPC primary switch is reloaded), the ports remain down due to the vPC consistency check and you cannot add or bring up more vPCs.

Have a look on best practice on vPC

Hope it Helps..

-GI

Rate if it Helps..

Vivek Ganapathi · ‎11-16-2015

Thanks a lot for your response Ganesh. Unfortunately, i do not have the auto-recovery feature enabled under the vPC domain. Does this mean, if the vPC peer-link comes back online, i may need to manually enable back all the vPC member SVI/Ports?

Regards

Vivek

InayathUlla Sharieff · ‎11-17-2015

Hi Vivek,

No the links would come up( when the peer-link is back onlin) you dont need to unshut the ports as the ports will be in suspended state.(But it would take a bit time).

HTH

Regards

Inayath

Vivek Ganapathi · ‎11-17-2015

Thanks Inayath. I can confirm your statement is 100% correct as i did the change few hours ago & the port-channels were in suspended state & came back online after few minutes.

Regards

Vivek

Vivek Ganapathi · ‎11-17-2015

In my view, auto-recovery feature is used to ensure that the secondary vPC peer starts to accept the traffic in the data plane after x seconds rather than waiting for Primary to come up. Without this feature enabled, if the primary was never going to come up, then the secondary will keep waiting forever.

Regards

Vivek

InayathUlla Sharieff · ‎11-17-2015

Auto-Recovery helps when you have power outage and one/both of the devices went down and what happens after it comes up.

Here is good explanation on about the VPC auto-recovery:-

https://supportforums.cisco.com/document/102781/vpc-auto-recovery-feature-nexus-7000#Why_do_we_need_vPC_Auto-Recovery

HTH