cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
703
Views
0
Helpful
2
Replies
Frank Hoeben
Beginner

VRRP on Nexus pair not working correctly

Setup:

2x Nexus 5672UP

NX-OS version 7.0

 

vPC seems to be operational (via 2x 40gb link).

However the VRRP links I have created show as master on both sides (with the accompanying error message in the logs).

I must be forgetting something.

 

interface Vlan19
  description Switches
  no shutdown
  vrf member standaard
  ip address 10.0.19.253/24
  ip dhcp relay address 10.0.10.7
  vrrp 19
    priority 120
    authentication text password
    address 10.0.19.254
    no shutdown

 

interface Vlan19
  description Switches
  no shutdown
  vrf member standaard
  ip address 10.0.19.252/24
  ip dhcp relay address 10.0.10.7
  vrrp 19
    authentication text password
    address 10.0.19.254
    no shutdown

 

 

Switch-01# sh vrrp
      Interface  VR IpVersion Pri   Time Pre State   VR IP addr
---------------------------------------------------------------
         Vlan10  10   IPV4    100    1 s  Y  Master  10.0.10.254
         Vlan19  19   IPV4    100    1 s  Y  Master  10.0.19.254
         Vlan21  21   IPV4    100    1 s  Y  Master  10.0.21.254
         Vlan40  40   IPV4    100    1 s  Y  Master  10.0.99.254
         Vlan55  55   IPV4    100    1 s  Y  Master  10.0.55.254
         Vlan56  56   IPV4    100    1 s  Y  Master  10.0.56.254
         Vlan57  57   IPV4    100    1 s  Y  Master  10.0.57.254

 

2015 Sep 16 15:56:24 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
137 on Vlan55(port-channel1000) is duplicate of local virtual ip, 10.0.55.254
2015 Sep 16 15:56:34 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
10a on Vlan10(port-channel1000) is duplicate of local virtual ip, 10.0.10.254
2015 Sep 16 15:56:44 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
128 on Vlan40(port-channel1000) is duplicate of local virtual ip, 10.0.99.254
2015 Sep 16 15:56:54 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
113 on Vlan19(port-channel1000) is duplicate of local virtual ip, 10.0.19.254
2015 Sep 16 15:57:05 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
138 on Vlan56(port-channel1000) is duplicate of local virtual ip, 10.0.56.254
2015 Sep 16 15:57:16 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
10a on Vlan10(port-channel1000) is duplicate of local virtual ip, 10.0.10.254
2015 Sep 16 15:57:26 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP:  arp [3760]  Source address of packet received from 0000.5e00.0
113 on Vlan19(port-channel1000) is duplicate of local virtual ip, 10.0.19.254

 

Switch-01# sh vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     : 100
Peer status                       : peer adjacency formed ok
vPC keep-alive status             : peer is alive
Configuration consistency status  : success
Per-vlan consistency status       : success
Type-2 consistency status         : success
vPC role                          : primary
Number of vPCs configured         : 0
Peer Gateway                      : Disabled
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              : Enabled (timeout = 240 seconds)

vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po1000 up     1,10-11,19-21,40-41,55-57

2 REPLIES 2
Reza Sharifi
Hall of Fame Expert

Hi,

What port is your VPC peer link?

Have you allowed all vlans on that link?

HTH

I have connected ports E2/5 and E2/6 in channel group 1000 with vPC domain 100.

There are no restrictions placed on vlans in the vPV config, nor are there any access-lists active.

I've also tried hsrp instead of vrrp, which had the same problem.

So I'm fairly sure it's got something to do with the vPC config