Cisco Support Community
Community Member



Please find the attached topology.

I met with an strange situation and i need help from you experts,

i have 2 core and N7K in vPC+ and below that N5K also in vPC+ connecting the fabric extenders on it, I have a connectivity to 6500 from N7K-1 with an layer 3 interface pointing a default route towards 6500, I have pointed a default route from N7K-2 to N7K-1 because i have only 1 link towards 6500 from N7K1.

The strange part what i want to highlight is whenever i shut the SVI interface for any subnet on N7K1 the users in that subnet are not able to reach 6500 though i have a N7K-2 interface live with an HSRP active role.

Any hint please 

Community Member


Hello Experts,

Anybody can help me to solve the issue.


Cisco Employee


Hello Jack,

Remember that hsrp in vPC has a active/active behavior.

The issue is when the SVI goes up in the second peer, the SVI is the GW of the network and requires to the second router do the packet forward.

If a receive a packet from a vpc peer by the peer-link, and to reach out the network I need send traffic back to the same peer, this will not be allowed. As a chicken or the egg dilemma.

To solve this, keep the SVI on the peer that have connection to outside the network (makes sense because if your SW1 goes down, your outside communication goes together and the SVI on the second peer will be a black hole), or connect the 6500 as a vpc member instead a orphan port.

This kind of traffic will be not allowed.

Community Member


Dear Richard,

Sorry to reply late , your reply is not clear for me canyou elaborate more  for me please

Cisco Employee


What I mean is that you can't send out a packet to a peer-switch to receive back, this is not allowed.

In your scenario you can enable the peer-gateway feature to avoid this black hole.

CreatePlease to create content