cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2436
Views
9
Helpful
4
Replies

NEXUS7K vPC question

Maro.Cisco
Level 1
Level 1

Guyz please correct me if im wrong ,  i have 2 x Nexus7k and lets say 1 3750 switch now i need to have them connected and have vPC enabled also  inter-vlan routing for VLAN10 on both Nexus switchs as follow :-

Nexus SW1--------2x10G-----Nexus SW2

         (Gi0/3)  \                    /(Gi0/2)

                      3750 Switch3

                             |

                       VLAN 10

Configuration needed on both Nexus SWs

------------------------------------------------------------

1 ) enable vPC on both Nexus switchs

2) create vPC domain 8 on both switchs

3)use managment interface of both switchs to configure the keepalive vPC peer

4)configure on both 10G links from both sides to port channel 5 , enable trunk and do spanning tree type network

5) activate vPC Peer on port-channel 5 from both sides

6)create VLAN 10 on Nexus SW1 <<<<<< by doing this shouldnt VLAN 10 be created on Nexus SW2 by default ????

7) create interface for Vlan 10 and assign IP address <<<< is there anything i need to add here other than this ???? Also the interface vlan will be added automatically on the other switch with the same IP address ???

8) create port channel 7 , assign Gi0/3 and Gi0/2 and enable trunk on both

9) Enable vPC 101 on port channel 7 on both sides

Configuration needed on both 3750 SW1

------------------------------------------------------------

1) create vlan 10

2) assign interface to vlan access 10

3) activate trunk on Gi0/3 and Gi0/2

4) Create port channel 7 and add both links to it

--- NOW assuming that everything is configured fine all links between switchs none should be blocked by STP and VLAN 10 traffic should be handled by both Nexus switchs ???

1 Accepted Solution

Accepted Solutions

Steve Fuller
Level 9
Level 9

Hi,

Most of the steps you outlined are correct, although a couple of comments:

3) use managment interface of both switchs to configure the keepalive vPC peer

One point to note here is that if you have dual Supervisor Engines (SE) in your Nexus 7K, then you need to connect the management interface from both SE i.e., the current active and standby SE, from both N7K to the same LAN. This way you'll always have vPC peer connectivity irrespective of which SE is active.

6) create VLAN 10 on Nexus SW1 <<<<<< by doing this shouldnt VLAN 10 be created on Nexus SW2 by default ????

The VLANs are not created on the second switch unless you're using switch profiles i.e., config-sync, and this feature is not supported on the Nexus 7K.

7) create interface for Vlan 10 and assign IP address <<<< is there anything i need to add here other than this ???? Also the interface vlan will be added automatically on the other switch with the same IP address ???

I guess the obvious thing is to enable a First Hop Router Protocol such as HSRP. note that when using HSRP in conjunction with vPC, while the control plane still operates as active/standby, from a data plane perspective both routers are able to forward data from the VLAN i.e., active-active.

With respect to the SVI being automatically created, as per the note for point 6 above, the SVI will not be created as there's not config-sync feature on the Nexus 7K.

--- NOW assuming that everything is configured fine all links between switchs none should be blocked by STP and VLAN 10 traffic should be handled by both Nexus switchs ???

Correct. You should probably also follow best practice spanning tree configuration such as ensuring the root bridge is located on one of the Nexus 7K, the backup root is the second Nexus 7K etc.

This, and more, are covered in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches on CCO. This is a very good reference and well worth taking a look through.

Regards

View solution in original post

4 Replies 4

Steve Fuller
Level 9
Level 9

Hi,

Most of the steps you outlined are correct, although a couple of comments:

3) use managment interface of both switchs to configure the keepalive vPC peer

One point to note here is that if you have dual Supervisor Engines (SE) in your Nexus 7K, then you need to connect the management interface from both SE i.e., the current active and standby SE, from both N7K to the same LAN. This way you'll always have vPC peer connectivity irrespective of which SE is active.

6) create VLAN 10 on Nexus SW1 <<<<<< by doing this shouldnt VLAN 10 be created on Nexus SW2 by default ????

The VLANs are not created on the second switch unless you're using switch profiles i.e., config-sync, and this feature is not supported on the Nexus 7K.

7) create interface for Vlan 10 and assign IP address <<<< is there anything i need to add here other than this ???? Also the interface vlan will be added automatically on the other switch with the same IP address ???

I guess the obvious thing is to enable a First Hop Router Protocol such as HSRP. note that when using HSRP in conjunction with vPC, while the control plane still operates as active/standby, from a data plane perspective both routers are able to forward data from the VLAN i.e., active-active.

With respect to the SVI being automatically created, as per the note for point 6 above, the SVI will not be created as there's not config-sync feature on the Nexus 7K.

--- NOW assuming that everything is configured fine all links between switchs none should be blocked by STP and VLAN 10 traffic should be handled by both Nexus switchs ???

Correct. You should probably also follow best practice spanning tree configuration such as ensuring the root bridge is located on one of the Nexus 7K, the backup root is the second Nexus 7K etc.

This, and more, are covered in the Design and Configuration Guide: Best Practices for Virtual Port Channels (vPC) on Cisco Nexus 7000 Series Switches on CCO. This is a very good reference and well worth taking a look through.

Regards

steve-fuller thank you but could u please explain how if i enabled HSRP under interface vlan 10 on both switchs , how is it going to work as Active-Active??? shouldnt one be working as active and other as standby ???

Hi,

This is an enhancement that Cisco have added to the HSRP functionality when using vPC. This is explained more fully in the section HSRP/VRRP active/active with vPC on page 79 of the design document I referenced above.

Essentially what happens is that the Nexus 7K is programs the HSRP MAC address as a Routed MAC such that if either of the peers receive a packet destined to the HSRP MAC address, they will forward it. Once HSRP is running, if you look at the MAC address table with the show mac address-table vlan command you should see the HSRP MAC address in both routers with a G entry. This indicates the router will act as a gateway for that MAC address.

This is needed with vPC as the traffic could quite possibly be forwarded from your C3750 on the physical link of its port-channel interface that connects to the Nexus switch that is HSRP standby. By having the standby router forward the traffic directly, it saves that traffic being sent across the vPC peer-link.

Regards

Also look into enabling vPC peer-gateway feature

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: