N5K vPC Keepalive link and management concerns

Unanswered Question
Apr 8th, 2010
User Badges:

I need help with the concept of the vPC keepalive link.  I am trying to get my head round some configs before the kit turns up which is on order...


I have seen a Cisco doc that says you can use an SVI for the keepalive link on the N5K, but how do you do that as I though the N5K was a L2 switch and the command references I have searched through dont show a the command: interface vlan x


Basically I am trying to work out how to manage this switch remotely and and get the Keepalive operational, but I dont have a separate dedicated management LAN to use (who does these days?).  So if I have to use an SVI, that means it runs on a VLAN, which will have to cross the vPC PeerLink, and this I thought was a fundamental no-no of the vPC design rules: dont send the keepalive across the peerlink.


On the N7K I will use a dedicated L3 point-to-point fibre interface for the Keepalive as a I dont have a management LAN, so that seems easy enough, yes/no?


Thanks for any explanation attempts in advance...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Mon, 04/12/2010 - 05:12
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

I need help with the concept of the vPC keepalive link.  I am trying to get my head round some configs before the kit turns up which is on order...


I have seen a Cisco doc that says you can use an SVI for the keepalive link on the N5K, but how do you do that as I though the N5K was a L2 switch and the command references I have searched through dont show a the command: interface vlan x


Basically I am trying to work out how to manage this switch remotely and and get the Keepalive operational, but I dont have a separate dedicated management LAN to use (who does these days?).  So if I have to use an SVI, that means it runs on a VLAN, which will have to cross the vPC PeerLink, and this I thought was a fundamental no-no of the vPC design rules: dont send the keepalive across the peerlink.


On the N7K I will use a dedicated L3 point-to-point fibre interface for the Keepalive as a I dont have a management LAN, so that seems easy enough, yes/no?


Thanks for any explanation attempts in advance...


Hi,


Check out the below link for vpc configuration on nexus 5k hope that helps.


http://jasonnash.wordpress.com/2009/08/10/vpc-virtual-port-channel-and-the-nexus-platform/


Ganesh.H


If helpful do rate the post

Nicholas Poole Tue, 04/13/2010 - 01:52
User Badges:

Thanks for posting but your blog doesnt answer my concern.  Your post shows using the mgmt0 port, which I know is what you can do, but without a seperate dedicated management LAN infrastructure how can I use it?  If I just put a xover cable between them then I cant remotely connect to the switch as the IP addresses are on a private wire only.  Im looking for an example of how to use an SVI instead of the mgmt0 interface, thanks.

selhassbaoui Wed, 05/19/2010 - 04:07
User Badges:

Hi,



I worked on the same thing last Week, and to separate The peer Link and the keepalive link:


Commun Config
feature interface-vlan
feature lacp
feature vpc
feature fex


  - I used one link 10Gig as trunk  with a dedicated Intervace VLAN  for a KeepAlive.


keepAlive Config

------------------config for 1st N5K--------------------------------

vlan 900

name VLAN-KeepAlive
exit
!
interface Vlan900
  ip address 192.168.250.5/30

  no shutdown

!

vpc domain 10
peer-keepalive destination 192.168.250.6 source 192.168.250.5 vrf default
exit

!

interface Ethernet1/33
description To-5020-RDC-132-Eth1/33-KeepAlive
switchport mode trunk
switchport trunk allowed vlan 900
no shut
exit
!

------------------config for 2nd N5K--------------------------------

vlan 900

name VLAN-KeepAlive
  exit
!
interface Vlan900
   ip address 192.168.250.6/30

  no shutdown

!

vpc domain 10
  peer-keepalive destination 192.168.250.5 source 192.168.250.6 vrf default
  exit

!

interface Ethernet1/33
  description To-5020-RDC-131-Eth1/33-KeepAlive
  switchport mode trunk
  switchport trunk allowed vlan 900
  no shut
  exit
!


  - Two links 10Gig bundled in a portchannel on each N5K for pee link


Peer Link Config

------------------config for 1st N5K--------------------------------

interface port-channel10
  description To-5020-RDC-132-vPCpeer
  switchport mode trunk
  switchport trunk allowed vlan 1
  vpc peer-link
  spanning-tree port type network
  no shut
!
interface Ethernet1/35
  description To-5020-RDC-132-Eth1/35
  switchport mode trunk
  switchport trunk allowed vlan 1
  channel-group 10 mode active
  no shut
  exit
!
interface Ethernet1/36
  description To-5020-RDC-132-Eth1/36
  switchport mode trunk
  switchport trunk allowed vlan 1
  channel-group 10 mode active
  no shut
  exit
!

------------------config for 2nd N5K--------------------------------

interface port-channel10
   description To-5020-RDC-131-vPCpeer
   switchport mode trunk
   switchport trunk allowed vlan 1
   vpc peer-link
   spanning-tree port type network
   no shut
!
interface Ethernet1/35
   description To-5020-RDC-131-Eth1/35
   switchport mode trunk
   switchport trunk allowed vlan 1
   channel-group 10 mode active
   no shut
   exit
!
interface Ethernet1/36
   description To-5020-RDC-131-Eth1/36
   switchport mode trunk
   switchport trunk allowed vlan 1
   channel-group 10 mode active
   no shut
   exit
  !


I used the interface VLAN 1 for management.


BR;

ppflaum12 Fri, 07/23/2010 - 18:34
User Badges:

Do you have to use a seperate svi? Or could you use vlan 1 in your configuration?

benedict lawrence Mon, 04/30/2012 - 01:27
User Badges:

Dear,

There is also some additionnal considerations to set up VPC peer keep-alive with a SVI:


Please find below recommandations from CISCO :



In  an emulated switch setup, inband keepalive does not work. The following  steps are recommended for peer keepalive over SVI when a switch is in  FabricPath mode:


Use a dedicated front panel port as a vPC+ keepalive. The port should be in CE mode.


Use a dedicated VLAN to carry the keepalive interface. The VLAN should be CE VLAN.


Add  the management keyword to the corresponding SVI so that the failure of a  Layer 3 module will not bring down the SVI interface.


Enter the dual-active exclude interface-vlan keepalive-vlan command to prevent the SVI from going down on the secondary when a peer-link goes down





The "management" keyword have to be applied on the vlan interface (with dedicated VLAN), and  "dual-active" command....

Because else interface VLAN is considered as a common forwarding interface.


Please find below the related link :


http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_5_1_3_N2_1/Nexus5000_Release_Notes_5_1_3_N2.html


I hope it will be helpfull,



Best Regards,

Actions

This Discussion

Related Content

 

 

Trending Topics: Other DC Subjects