cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
16990
Views
0
Helpful
7
Replies

N5K vPC Keepalive link and management concerns

Nicholas Poole
Level 1
Level 1

I need help with the concept of the vPC keepalive link.  I am trying to get my head round some configs before the kit turns up which is on order...

I have seen a Cisco doc that says you can use an SVI for the keepalive link on the N5K, but how do you do that as I though the N5K was a L2 switch and the command references I have searched through dont show a the command: interface vlan x

Basically I am trying to work out how to manage this switch remotely and and get the Keepalive operational, but I dont have a separate dedicated management LAN to use (who does these days?).  So if I have to use an SVI, that means it runs on a VLAN, which will have to cross the vPC PeerLink, and this I thought was a fundamental no-no of the vPC design rules: dont send the keepalive across the peerlink.

On the N7K I will use a dedicated L3 point-to-point fibre interface for the Keepalive as a I dont have a management LAN, so that seems easy enough, yes/no?

Thanks for any explanation attempts in advance...

7 Replies 7

Ganesh Hariharan
VIP Alumni
VIP Alumni

I need help with the concept of the vPC keepalive link.  I am trying to get my head round some configs before the kit turns up which is on order...

I have seen a Cisco doc that says you can use an SVI for the keepalive link on the N5K, but how do you do that as I though the N5K was a L2 switch and the command references I have searched through dont show a the command: interface vlan x

Basically I am trying to work out how to manage this switch remotely and and get the Keepalive operational, but I dont have a separate dedicated management LAN to use (who does these days?).  So if I have to use an SVI, that means it runs on a VLAN, which will have to cross the vPC PeerLink, and this I thought was a fundamental no-no of the vPC design rules: dont send the keepalive across the peerlink.

On the N7K I will use a dedicated L3 point-to-point fibre interface for the Keepalive as a I dont have a management LAN, so that seems easy enough, yes/no?

Thanks for any explanation attempts in advance...

Hi,

Check out the below link for vpc configuration on nexus 5k hope that helps.

http://jasonnash.wordpress.com/2009/08/10/vpc-virtual-port-channel-and-the-nexus-platform/

Ganesh.H

If helpful do rate the post

Thanks for posting but your blog doesnt answer my concern.  Your post shows using the mgmt0 port, which I know is what you can do, but without a seperate dedicated management LAN infrastructure how can I use it?  If I just put a xover cable between them then I cant remotely connect to the switch as the IP addresses are on a private wire only.  Im looking for an example of how to use an SVI instead of the mgmt0 interface, thanks.

Hello,

you still need the answer or you solved this issue?

still looking for more info

Hi,


I worked on the same thing last Week, and to separate The peer Link and the keepalive link:

Commun Config
feature interface-vlan
feature lacp
feature vpc
feature fex

  - I used one link 10Gig as trunk  with a dedicated Intervace VLAN  for a KeepAlive.

keepAlive Config

------------------config for 1st N5K--------------------------------

vlan 900

name VLAN-KeepAlive
exit
!
interface Vlan900
  ip address 192.168.250.5/30

  no shutdown

!

vpc domain 10
peer-keepalive destination 192.168.250.6 source 192.168.250.5 vrf default
exit

!

interface Ethernet1/33
description To-5020-RDC-132-Eth1/33-KeepAlive
switchport mode trunk
switchport trunk allowed vlan 900
no shut
exit
!

------------------config for 2nd N5K--------------------------------

vlan 900

name VLAN-KeepAlive
  exit
!
interface Vlan900
   ip address 192.168.250.6/30

  no shutdown

!

vpc domain 10
  peer-keepalive destination 192.168.250.5 source 192.168.250.6 vrf default
  exit

!

interface Ethernet1/33
  description To-5020-RDC-131-Eth1/33-KeepAlive
  switchport mode trunk
  switchport trunk allowed vlan 900
  no shut
  exit
!

  - Two links 10Gig bundled in a portchannel on each N5K for pee link

Peer Link Config

------------------config for 1st N5K--------------------------------

interface port-channel10
  description To-5020-RDC-132-vPCpeer
  switchport mode trunk
  switchport trunk allowed vlan 1
  vpc peer-link
  spanning-tree port type network
  no shut
!
interface Ethernet1/35
  description To-5020-RDC-132-Eth1/35
  switchport mode trunk
  switchport trunk allowed vlan 1
  channel-group 10 mode active
  no shut
  exit
!
interface Ethernet1/36
  description To-5020-RDC-132-Eth1/36
  switchport mode trunk
  switchport trunk allowed vlan 1
  channel-group 10 mode active
  no shut
  exit
!

------------------config for 2nd N5K--------------------------------

interface port-channel10
   description To-5020-RDC-131-vPCpeer
   switchport mode trunk
   switchport trunk allowed vlan 1
   vpc peer-link
   spanning-tree port type network
   no shut
!
interface Ethernet1/35
   description To-5020-RDC-131-Eth1/35
   switchport mode trunk
   switchport trunk allowed vlan 1
   channel-group 10 mode active
   no shut
   exit
!
interface Ethernet1/36
   description To-5020-RDC-131-Eth1/36
   switchport mode trunk
   switchport trunk allowed vlan 1
   channel-group 10 mode active
   no shut
   exit
  !

I used the interface VLAN 1 for management.

BR;

Do you have to use a seperate svi? Or could you use vlan 1 in your configuration?

Dear,

There is also some additionnal considerations to set up VPC peer keep-alive with a SVI:

Please find below recommandations from CISCO :

In  an emulated switch setup, inband keepalive does not work. The following  steps are recommended for peer keepalive over SVI when a switch is in  FabricPath mode:

Use a dedicated front panel port as a vPC+ keepalive. The port should be in CE mode.

Use a dedicated VLAN to carry the keepalive interface. The VLAN should be CE VLAN.

Add  the management keyword to the corresponding SVI so that the failure of a  Layer 3 module will not bring down the SVI interface.

Enter the dual-active exclude interface-vlan keepalive-vlan command to prevent the SVI from going down on the secondary when a peer-link goes down

The "management" keyword have to be applied on the vlan interface (with dedicated VLAN), and  "dual-active" command....

Because else interface VLAN is considered as a common forwarding interface.

Please find below the related link :

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_5_1_3_N2_1/Nexus5000_Release_Notes_5_1_3_N2.html

I hope it will be helpfull,

Best Regards,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: