VRRP on Nexus pair not working correctly

Frank Hoeben · ‎09-16-2015

Setup:

2x Nexus 5672UP

NX-OS version 7.0

vPC seems to be operational (via 2x 40gb link).

However the VRRP links I have created show as master on both sides (with the accompanying error message in the logs).

I must be forgetting something.

interface Vlan19
description Switches
no shutdown
vrf member standaard
ip address 10.0.19.253/24
ip dhcp relay address 10.0.10.7
vrrp 19
    priority 120
    authentication text password
    address 10.0.19.254
    no shutdown

interface Vlan19
description Switches
no shutdown
vrf member standaard
ip address 10.0.19.252/24
ip dhcp relay address 10.0.10.7
vrrp 19
    authentication text password
    address 10.0.19.254
    no shutdown

Switch-01# sh vrrp
      Interface VR IpVersion Pri   Time Pre State   VR IP addr
---------------------------------------------------------------
         Vlan10 10   IPV4    100    1 s Y Master 10.0.10.254
         Vlan19 19   IPV4    100    1 s Y Master 10.0.19.254
         Vlan21 21   IPV4    100    1 s Y Master 10.0.21.254
         Vlan40 40   IPV4    100    1 s Y Master 10.0.99.254
         Vlan55 55   IPV4    100    1 s Y Master 10.0.55.254
         Vlan56 56   IPV4    100    1 s Y Master 10.0.56.254
         Vlan57 57   IPV4    100    1 s Y Master 10.0.57.254

2015 Sep 16 15:56:24 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
137 on Vlan55(port-channel1000) is duplicate of local virtual ip, 10.0.55.254
2015 Sep 16 15:56:34 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
10a on Vlan10(port-channel1000) is duplicate of local virtual ip, 10.0.10.254
2015 Sep 16 15:56:44 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
128 on Vlan40(port-channel1000) is duplicate of local virtual ip, 10.0.99.254
2015 Sep 16 15:56:54 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
113 on Vlan19(port-channel1000) is duplicate of local virtual ip, 10.0.19.254
2015 Sep 16 15:57:05 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
138 on Vlan56(port-channel1000) is duplicate of local virtual ip, 10.0.56.254
2015 Sep 16 15:57:16 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
10a on Vlan10(port-channel1000) is duplicate of local virtual ip, 10.0.10.254
2015 Sep 16 15:57:26 NH1816-NO2 %ARP-3-DUP_VADDR_SRC_IP: arp [3760] Source address of packet received from 0000.5e00.0
113 on Vlan19(port-channel1000) is duplicate of local virtual ip, 10.0.19.254

Switch-01# sh vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     : 100
Peer status                       : peer adjacency formed ok
vPC keep-alive status             : peer is alive
Configuration consistency status : success
Per-vlan consistency status       : success
Type-2 consistency status         : success
vPC role                          : primary
Number of vPCs configured         : 0
Peer Gateway                      : Disabled
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              : Enabled (timeout = 240 seconds)

vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po1000 up     1,10-11,19-21,40-41,55-57

Reza Sharifi · ‎09-16-2015

Hi,

What port is your VPC peer link?

Have you allowed all vlans on that link?

HTH

Frank Hoeben · ‎09-17-2015

I have connected ports E2/5 and E2/6 in channel group 1000 with vPC domain 100.

There are no restrictions placed on vlans in the vPV config, nor are there any access-lists active.

I've also tried hsrp instead of vrrp, which had the same problem.

So I'm fairly sure it's got something to do with the vPC config