cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2995
Views
8
Helpful
32
Replies

VPC with HSRP and Intervlan Routing Design

Sajid Khan
Level 1
Level 1

We two nexus switch 9k and configured with VPC and HSRP, we have configured three vlan on that three switches. Vlan 2 for CCTV , vlan 3 for Monitering PC and vlan 1 for Dell Server that connected with two 9k switches by port channel.  The two nexus switches is also connected two one distribution switch by port channel. when i do not know how , these two 9k switches are active / active in hsrp when i shutdown one uplink Eth1/2 of 9k1 which is active  then traffic do not move on 9k2. let me correct if my design is okay.

9K1 Configuration ------------

config t
hostname 9K1-SW1
vlan 1
name DellRecordingServer
exit
vlan 2
name CCTV
exit
vlan 3
name MonitoringPC
exit
feature vpc
feature lacp
feature interface-vlan
int vlan 1
ip add 1.1.1.1 255.255.255.0
no shut
int vlan 2
ip add 192.168.2.1 255.255.255.0
no shut
int vlan 3
ip add 192.168.3.1 255.255.255.0
no shut
exit
vrf context VPC-KEEPALIVE
interface Ethernet 1/51
no shutdown
no switchport
vrf member VPC-KEEPALIVE
ip address 50.50.50.1 255.255.255.0
exit
interface Ethernet 1/49, Ethernet 1/50
no shut
switchport mode trunk
switchport trunk allowed vlan 1-3
description **VPC-PEERLINK**
channel-group 100 mode active
no shutdown
vpc domain 50
peer-gateway
role priority 20
peer-keepalive destination 50.50.50.2 source 50.50.50.1 vrf VPC-KEEPALIVE
exit
interface port-channel 100
description **VPC-PEERLINK**
no shutdown
switchport
switchport mode trunk
switchport trunk allowed vlan 1-3
spanning-tree port type network
vpc peer-link
exit
interface Ethernet 1/2
no shutdown
switchport mode trunk
switchport trunk allowed vlan 1-3
channel-group 2 mode on
interface port-channel 2
no shutdown
switchport mode trunk
switchport trunk allowed vlan 1-3
vpc 2
exit
interface eth 1/1
no shutdown
channel-group 1 mode on
interface port-channel 1
description *** Po1 to Server-1 ***
switchport
switchport mode access
switchport access vlan 1
vpc 1
exit


feature hsrp
interface Vlan 1
no shutdown
hsrp 1
ip 1.1.1.254
priority 200
preempt
exit
interface Vlan 2
no shutdown
hsrp 2
ip 192.168.2.254
priority 200
preempt
exit
interface Vlan 3
no shutdown
hsrp 3
ip 192.168.3.254
priority 200
preempt
exit

9K2 Configuration ------------

config t
hostname 9K2-SW2
vlan 1
name DellRecordingServer
exit
vlan 2
name CCTV
exit
vlan 3
name MonitoringPC
exit
feature vpc
feature lacp
feature interface-vlan
int vlan 1
ip add 1.1.1.2 255.255.255.0
no shut
int vlan 2
ip add 192.168.2.2 255.255.255.0
no shut
int vlan 3
ip add 192.168.3.2 255.255.255.0
no shut
exit
vrf context VPC-KEEPALIVE
interface Ethernet 1/51
no shutdown
no switchport
vrf member VPC-KEEPALIVE
ip address 50.50.50.2 255.255.255.0
exit
interface Ethernet 1/49, Ethernet 1/50
description **VPC-PEERLINK**
channel-group 100 mode active
no shutdown
vpc domain 50
peer-gateway
role priority 40
peer-keepalive destination 50.50.50.1 source 50.50.50.2 vrf VPC-KEEPALIVE
exit
interface port-channel 100
description **VPC-PEERLINK**
no shutdown
switchport
switchport mode trunk
switchport trunk allowed vlan 1-3
spanning-tree port type network
vpc peer-link
exit

interface Ethernet 1/2
no shutdown
switchport mode trunk
switchport trunk allowed vlan 1-3
channel-group 2 mode on
interface port-channel 2
no shutdown
switchport mode trunk
switchport trunk allowed vlan 1-3
vpc 2
exit
interface eth 1/1
no shutdown
channel-group 1 mode on
interface port-channel 1
description *** Po1 to Server-1 ***
switchport
switchport mode access
switchport access vlan 1
vpc 1
exit


feature hsrp
interface Vlan 1
no shutdown
hsrp 1
ip 1.1.1.254
priority 150
preempt
exit
interface Vlan 2
no shutdown
hsrp 2
ip 192.168.2.254
priority 150
preempt
exit
interface Vlan 3
no shutdown
hsrp 3
ip 192.168.3.254
priority 150
preempt
exit

Distribution switch configuration .....................

config t
hostname DistSW
vlan 1
name DellRecordingServer
exit
vlan 2
name CCTV
exit
vlan 3
name MonitoringPC
exit
interface range ethernet 0/0-1
no shutdown
switchport mode trunk
switchport trunk allowed vlan 1-3
channel-group 2 mode on
exit

 

3 Accepted Solutions

Accepted Solutions

Sajid Khan
Level 1
Level 1

No one can reply to me?

View solution in original post

PING 2000, 
the disruption in traffic when I shut one of port member, the only one loss when I no shut the port 

Screenshot (733).png

View solution in original post

this OK, 
show port-channel in three SW (two NSK and one other SW) when link is UP and Down, 

NOTE:- you use RSTP as MODE ? if Yes and it Lab change the config to be PVST

View solution in original post

32 Replies 32

HSRP in vPC of NSK is active/active, this the goal of vPC NSK

Yes, i know that HSRP is active /active in VPC but if one link goes down then traffic should move to another switch and there should be no drop in traffic.

Sajid Khan
Level 1
Level 1

Kindly check my topology, this design is okay. 

I will check it 

so you mean that for po1 and po2 the vpc number shoud be  50 for both. i think vpc number and vpc domain number are different things.

Can you correct my configuration file.

I will check it 

can I see 
show vpc brief <<-
show port-channel summary <<-

9K1-SW1# show vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id : 50
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Enabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po100 up 1-3


vPC status
----------------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
1 Po1 up success success 1

 

2 Po2 up success success 1-3

 


Please check "show vpc consistency-parameters vpc <vpc-num>" for the
consistency reason of down vpc and for type-2 consistency reasons for
any vpc.

 

9K1-SW1# show port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
b - BFD Session Wait
S - Switched R - Routed
U - Up (port-channel)
p - Up in delay-lacp mode (member)
M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
1 Po1(SU) Eth NONE Eth1/1(P)
2 Po2(SU) Eth NONE Eth1/2(P)
100 Po100(SU) Eth LACP Eth1/49(P) Eth1/50(P)
9K1-SW1#

every this is perfect the vPC keepalive alive and Peer link is UP and OK and all config check is success 
vPC domain id : 50

Peer status : peer adjacency formed ok 
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Enabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po100 up 1-3

1 Po1(SU) Eth NONE Eth1/1(P) 
2 Po2(SU) Eth NONE Eth1/2(P)
100 Po100(SU) Eth LACP Eth1/49(P) Eth1/50(P) <<- this Peer-link 

all PO is SU and port member is Pending, so all config is correct 

Sajid Khan
Level 1
Level 1

Ok, configuration is correct but when i shut down  Eth1/2 of NK1  on nexus switch then the traffic drop and it passing through Nk2.

In normal Hsrp when we shut down a link then traffic should move on another switch.

Ok, configuration is correct but when i shut down  Eth1/2 of NK1  on nexus switch then the traffic drop and it should  pass through Nk2, just like normal hsrp.

In normal Hsrp when we shut down a link then traffic should move on another switch.

I think from Yesterday about this issue, are you sure you push HSRP VIP to host not IP of VLAN SVI of NSK1  via DHCP as GW?
can you check the GW in Host/server?

Review Cisco Networking for a $25 gift card