I agree but the system mac command will change the bridge ID for both vpc and non-vpc vlans. Another option is to disable peer-switch. However, in this case, switches will use their own system MAC as the bridge ID for both vpc and non-vpc vlans as well. ... View more

Still the same... The bridge assurance really just take care of the uni-directional problem. It won't make a difference in this case. You essentially look at connecting the two exactly same switches together who has the exact same bridge ID. ... View more

Same: Po900 is the inter-switch link that carries the non-vPC vlans. The E1/47 and 48 are the member ports in the Po900. On the other switch, the spanning-tree status is forwarding # sh vlan id 941 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 941 VLAN0941 active Po900, Eth1/47, Eth1/48 # sh spanning-tree vlan 941 VLAN0941 Spanning tree enabled protocol rstp Root ID Priority 941 Address 0023.04ee.be28 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 941 (priority 0 sys-id-ext 941) Address 0023.04ee.be28 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Po900 Back BLK 1 128.4995 P2p ... View more

Thanks for confirming. Even without the two green lines to your sw2, the link carrying the non-vPC vlans between the two switches is blocked on one side... ... View more

You know what, the same priority does not work. I have Vlan 1 in the non-vPC port-channel (between the two Nexus) and exclude it from the vPC peer-link. Here is what I see. Even if the non-vPC port-channel is the only link in the vlan, it is blocked on one Nexus peer.  # sh spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 1 Address 0023.04ee.be28 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 1 (priority 0 sys-id-ext 1) Address 0023.04ee.be28 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Po900 Back BLK 1 128.4995 P2p I think that with peer-switch, both Nexus use the same bridge ID. When the priority is set to be the same, it is conflicting. It is like plug a cable into itself     ... View more

Let me clarify myself one more time too. I have TWO nexus switches. Should they have the same priority value or not ... View more

Another scenario is on page 101 shown in the Figure 75. In this case, what STP priority do I set on both of my peers for the non-vPC vlan used for the Layer3 peering? ... View more

I don't understand. Why would it be different in a different design? My switches will be the core. You suggested (in the guide) the same STP priority on the vPC vlans on both peers. Why would that recommendation not design specific?  Ok let's say I have a device that doesn't support etherchannel so can't do vPC but need to be dual connected to the Nexus peers. As per page 55 the second best alternative is to connect the device to the peers using a non-vPC vlan. In this case, should I set STP priority to be the same or different on the Nexus? ... View more

The guide says that I should use the same STP priority for vPC Vlans but did not mention if I should use the same or different priority for non-vPC vlans. ... View more

Thanks Balaji. I am asking after I read the design guide. It did not mention what I should do with the non-vPC vlans. The Nexus switches are the core and L2/L3 boundary. I will have EIGRP and BGP peering with other routers and firewalls and all of them will not be on the vPC.    This is a new data center I am building. The switches I have are Nexus 9732.    Is there not a general recommendation for what we should do with STP config with the non-vPC vlans? Thanks ... View more

I am mentioning SUP2 because in this document it says it is for Cat 6500 however the config seems to be for Nexus switch. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/config_guide/sup2T/15_1_sy_swcg_2T/span_rspan_erspan.html   Here are my show version and show module output   wsw01#sh version Cisco IOS Software, c6880x Software (c6880x-ADVENTERPRISEK9-M), Version 15.1(2)SY4, RELEASE SOFTWARE (fc5) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2014 by Cisco Systems, Inc. Compiled Wed 05-Nov-14 16:37 by prod_rel_team ROM: System Bootstrap, Version 15.1(02)SY01 [ Rel 1.1], RELEASE SOFTWARE BOOTLDR: wsw01-00rm255r2r1 uptime is 4 years, 13 weeks, 3 days, 22 hours, 49 minutes Uptime for this control processor is 4 years, 13 weeks, 3 days, 22 hours, 50 minutes System returned to ROM by reload at 20:40:31 UTC Tue Dec 23 2014 System restarted at 16:21:15 EST Tue Dec 23 2014 System image file is "bootdisk:c6880x-adventerprisek9-mz.SPA.151-2.SY4.bin" Last reload reason: Reload Command This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. Cisco C6880-X ( Intel(R) Core(TM) i3- CPU @ 2.00GHz ) processor (revision ) with 3144704K/262144K bytes of memory. Processor board ID SAL1749HGXQ Processor signature 0xA7060200 Last reset from s/w reset 16 Virtual Ethernet interfaces 1 Gigabit Ethernet interface 64 Ten Gigabit Ethernet interfaces 1966064K bytes of USB Flash bootdisk (Read/Write) Configuration register is 0x2102 wsw01# show module Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 1 20 DCEF-X 16P SFP+ Multi-Rate C6880-X-16P10G SAL1819SBPE 5 20 6880-X 16P SFP+ Multi-Rate (Active) C6880-X-SUP SAL1749HEXJ Mod MAC addresses Hw Fw Sw Status --- ---------------------------------- ------ ------------ ------------ ------- 1 6c41.6a49.461f to 6c41.6a49.4632 2.0 15.1(50r)SYL 15.1(2)SY4 Ok 5 c08c.60d7.9e4c to c08c.60d7.9e64 1.1 15.1(02)SY01 15.1(2)SY4 Ok Mod Sub-Module Model Serial Hw Status ---- --------------------------- ------------------ ----------- ------- ------- 1 Distributed Forwarding Card C6880-X-DFC SAL1819SBRR 1.0 Ok 5 Policy Feature Card 4 C6880-X-PFC SAL1749HEWS 1.2 Ok Mod Online Diag Status ---- ------------------- 1 Pass 5 Pass Could you still elaborate more on local-tx? Thanks! ... View more

Thanks Balaji. On my 6880 I don't have the option available. Actually, the config syntax is different. It looks like Nexus switch configuration. Can I assume that I am not using SUP2 in my switch?   Thanks for the links however I still don't know what local-tx is. Is it related to SPAN on FEX? Does "local" mean that the source and destination interface have to be on the same FEX?  ... View more