×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

NEXUS7K vPC question

Answered Question
Jul 14th, 2013
User Badges:

Guyz please correct me if im wrong ,  i have 2 x Nexus7k and lets say 1 3750 switch now i need to have them connected and have vPC enabled also  inter-vlan routing for VLAN10 on both Nexus switchs as follow :-



Nexus SW1--------2x10G-----Nexus SW2


         (Gi0/3)  \                    /(Gi0/2)

                      3750 Switch3

                             |

                       VLAN 10


Configuration needed on both Nexus SWs

------------------------------------------------------------

1 ) enable vPC on both Nexus switchs

2) create vPC domain 8 on both switchs

3)use managment interface of both switchs to configure the keepalive vPC peer

4)configure on both 10G links from both sides to port channel 5 , enable trunk and do spanning tree type network

5) activate vPC Peer on port-channel 5 from both sides

6)create VLAN 10 on Nexus SW1 <<<<<< by doing this shouldnt VLAN 10 be created on Nexus SW2 by default ????

7) create interface for Vlan 10 and assign IP address <<<< is there anything i need to add here other than this ???? Also the interface vlan will be added automatically on the other switch with the same IP address ???

8) create port channel 7 , assign Gi0/3 and Gi0/2 and enable trunk on both

9) Enable vPC 101 on port channel 7 on both sides


Configuration needed on both 3750 SW1

------------------------------------------------------------


1) create vlan 10

2) assign interface to vlan access 10

3) activate trunk on Gi0/3 and Gi0/2

4) Create port channel 7 and add both links to it



--- NOW assuming that everything is configured fine all links between switchs none should be blocked by STP and VLAN 10 traffic should be handled by both Nexus switchs ???

Correct Answer by Steve Fuller about 4 years 1 month ago

Hi,


Most of the steps you outlined are correct, although a couple of comments:

3) use managment interface of both switchs to configure the keepalive vPC peer

One point to note here is that if you have dual Supervisor Engines (SE) in your Nexus 7K, then you need to connect the management interface from both SE i.e., the current active and standby SE, from both N7K to the same LAN. This way you'll always have vPC peer connectivity irrespective of which SE is active.


6) create VLAN 10 on Nexus SW1 <<<<<< by doing this shouldnt VLAN 10 be created on Nexus SW2 by default ????

The VLANs are not created on the second switch unless you're using switch profiles i.e., config-sync, and this feature is not supported on the Nexus 7K.


7) create interface for Vlan 10 and assign IP address <<<< is there anything i need to add here other than this ???? Also the interface vlan will be added automatically on the other switch with the same IP address ???

I guess the obvious thing is to enable a First Hop Router Protocol such as HSRP. note that when using HSRP in conjunction with vPC, while the control plane still operates as active/standby, from a data plane perspective both routers are able to forward data from the VLAN i.e., active-active.


With respect to the SVI being automatically created, as per the note for point 6 above, the SVI will not be created as there's not config-sync feature on the Nexus 7K.

--- NOW assuming that everything is configured fine all links between switchs none should be blocked by STP and VLAN 10 traffic should be handled by both Nexus switchs ???


Correct. You should probably also follow best practice spanning tree configuration such as ensuring the root bridge is located on one of the Nexus 7K, the backup root is the second Nexus 7K etc.


This, and more, are covered in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches on CCO. This is a very good reference and well worth taking a look through.


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (3 ratings)
Loading.
Correct Answer
Steve Fuller Sun, 07/14/2013 - 09:32
User Badges:
  • Blue, 1500 points or more
  • Community Spotlight Award,

    Member's Choice, September 2015

Hi,


Most of the steps you outlined are correct, although a couple of comments:

3) use managment interface of both switchs to configure the keepalive vPC peer

One point to note here is that if you have dual Supervisor Engines (SE) in your Nexus 7K, then you need to connect the management interface from both SE i.e., the current active and standby SE, from both N7K to the same LAN. This way you'll always have vPC peer connectivity irrespective of which SE is active.


6) create VLAN 10 on Nexus SW1 <<<<<< by doing this shouldnt VLAN 10 be created on Nexus SW2 by default ????

The VLANs are not created on the second switch unless you're using switch profiles i.e., config-sync, and this feature is not supported on the Nexus 7K.


7) create interface for Vlan 10 and assign IP address <<<< is there anything i need to add here other than this ???? Also the interface vlan will be added automatically on the other switch with the same IP address ???

I guess the obvious thing is to enable a First Hop Router Protocol such as HSRP. note that when using HSRP in conjunction with vPC, while the control plane still operates as active/standby, from a data plane perspective both routers are able to forward data from the VLAN i.e., active-active.


With respect to the SVI being automatically created, as per the note for point 6 above, the SVI will not be created as there's not config-sync feature on the Nexus 7K.

--- NOW assuming that everything is configured fine all links between switchs none should be blocked by STP and VLAN 10 traffic should be handled by both Nexus switchs ???


Correct. You should probably also follow best practice spanning tree configuration such as ensuring the root bridge is located on one of the Nexus 7K, the backup root is the second Nexus 7K etc.


This, and more, are covered in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches on CCO. This is a very good reference and well worth taking a look through.


Regards

Maro.Cisco Sun, 07/14/2013 - 09:47
User Badges:

steve-fuller thank you but could u please explain how if i enabled HSRP under interface vlan 10 on both switchs , how is it going to work as Active-Active??? shouldnt one be working as active and other as standby ???

Steve Fuller Sun, 07/14/2013 - 10:02
User Badges:
  • Blue, 1500 points or more
  • Community Spotlight Award,

    Member's Choice, September 2015

Hi,


This is an enhancement that Cisco have added to the HSRP functionality when using vPC. This is explained more fully in the section HSRP/VRRP active/active with vPC on page 79 of the design document I referenced above.


Essentially what happens is that the Nexus 7K is programs the HSRP MAC address as a Routed MAC such that if either of the peers receive a packet destined to the HSRP MAC address, they will forward it. Once HSRP is running, if you look at the MAC address table with the show mac address-table vlan command you should see the HSRP MAC address in both routers with a G entry. This indicates the router will act as a gateway for that MAC address.


This is needed with vPC as the traffic could quite possibly be forwarded from your C3750 on the physical link of its port-channel interface that connects to the Nexus switch that is HSRP standby. By having the standby router forward the traffic directly, it saves that traffic being sent across the vPC peer-link.


Regards

Marwan ALshawi Sun, 07/14/2013 - 10:08
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

Also look into enabling vPC peer-gateway feature

Actions

This Discussion