Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2534
Views
0
Helpful
2
Replies

Nexus7000 and Peer Switch Feature Question

Go to solution
dumlutimuralp
Level 1
Level 1

‎11-24-2010 04:27 AM - edited ‎03-01-2019 06:53 AM

Hi all,

In a presentation on the web it says that :

If you connect the edge switch via two independent links towards a Nexus 7K vPC cluster using STP (Use vPC VLANs on this switch), pros and cons are listed as below.

PROS: Simplify VLAN provisioning and does not require allocation of an additional 10GE port-channel.

CONS: STP and vPC devices may not be able to communicate each other in certain failure scenarios (i.e. when STP Root and vPC primary device do not overlap).  All VLANs carried over the peer-link may suspend until the two adjacency forms and vPC is fully synchronized".
There is also a diagram showing the scenario (shown at the bottom of this paragraph) in which the vpc peer link has gone down. So operational secondary N7K (N7K-2 , the one on the right hand side in the toplogy) will shut its vPC member ports until the peer link is restored. During this time, N7K-2 will not forward any packets that come from the edge switch (the one at the bottom right), through any of its vPC member ports since they are shutdown.
With peer-switch feature, it says that both vPC peers send BPDUs with local bridge ID as the BPDU' s senderbridge ID and with the vPC bridge ID as the root bridge. So in such a scenario, the edge switch will not block any of its ports. Cause there is no loop ? Isnt that so ? This way the edge switch will be able to reach any clients on the bottom left switch directly through the link which is connected to the N7K-1 (the one on the left) ?

vpcstp.jpg

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Christopher Russell
Level 1
Level 1

‎11-30-2010 11:19 AM

Greets,

That is a really well thought out question, took me a couple of reads to realise what you were asking.

Both switches generate BPDUs with the same Priority/MAC for vPC interfaces, however the behaviour is not the same on non-vPC interfaces.  The reason is pretty simple, the edge switch WILL block one of the two links, if it has to come down to Port ID as the descriminator it will happily do so.  So if both switches send identical BPDUs, the one with the lowest port ID will always end up being the root, while the second port is blocking.  If this behaviour is replicated for all VLANs, you have one link taking all traffic from the edge switch.

To avoid this we have a concept of "psuedo information" that means on vPC interfaces we advertise the same priority, however on non-vPC interfaces we can advertise two different priorities (on a per instance/VLAN basis).  So you can have the link to SW1 being the root for VLAN X, while SW2 the root for VLAN Y.  So while peer-switch provides additional flexibility to load balance per STP instance over the two links, it will not really help you in this failure scenario.

The problem with having your host dual homed but using standalone links, is from a logical perspective it is still an orphan port (as we will always block on one of the two ports).  Although I can't see any situation where you would have a dual homed host, but it not be in a vPC, so it is kind of a corner case.

HTH

Chris

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Christopher Russell
Level 1
Level 1

‎11-30-2010 11:19 AM

Greets,

That is a really well thought out question, took me a couple of reads to realise what you were asking.

Both switches generate BPDUs with the same Priority/MAC for vPC interfaces, however the behaviour is not the same on non-vPC interfaces.  The reason is pretty simple, the edge switch WILL block one of the two links, if it has to come down to Port ID as the descriminator it will happily do so.  So if both switches send identical BPDUs, the one with the lowest port ID will always end up being the root, while the second port is blocking.  If this behaviour is replicated for all VLANs, you have one link taking all traffic from the edge switch.

To avoid this we have a concept of "psuedo information" that means on vPC interfaces we advertise the same priority, however on non-vPC interfaces we can advertise two different priorities (on a per instance/VLAN basis).  So you can have the link to SW1 being the root for VLAN X, while SW2 the root for VLAN Y.  So while peer-switch provides additional flexibility to load balance per STP instance over the two links, it will not really help you in this failure scenario.

The problem with having your host dual homed but using standalone links, is from a logical perspective it is still an orphan port (as we will always block on one of the two ports).  Although I can't see any situation where you would have a dual homed host, but it not be in a vPC, so it is kind of a corner case.

HTH

Chris

0 Helpful

Go to solution
dumlutimuralp
Level 1
Level 1
In response to Christopher Russell

‎11-30-2010 10:22 PM

Hi Cris,

First of all, appreciate your response. Well, when I had that question I hadnt read all the docs about the failure situation. Then I realized that, when peer link goes down, vPC operational secondary switch will shuts is vPC member ports (not the regular STP ports) and also the SVIs for those vPC VLANs.

thanks a lot .

Cheers.

0 Helpful
Customers Also Viewed These Support Documents