NK5 vPC Software Upgrade = Unknown Connectivity Loss
I have been attempting upgrade on a pair of Nexus 5010s in a vPC configuration. I want to go from n5000-uk188.8.131.52.N1.1c to n5000-uk184.108.40.206.N1.4 as that is the minimum recommended version. I have 4 FEXs that are dual homed to the N5ks and 4 old CatOS switches that are port channeled / vPC as well. Since I have switches running spanning tree downstream I can’t do ISSU, so I did a disruptive upgrade.
I reloaded the FEXs and waited until they came online running the new version of code on the Primary N5K. My continuous pings were all responding.
I reloaded the secondary switch to complete the upgrade. When I did this I immediately began losing continuous pings I had going to nodes connected to the FEXs and my management interfaces on the CatOS switches behind the N5Ks. Some of them dropped completely, some of them were intermittent, no response for 5 pings, respond for 3 ping etc. After the secondary N5k came back up, the issue remained.
I verified both N5Ks were running the same new code, I did a config comparison and it looked fine, I did observere that the new code added a “vlan configuration [vlans]” that is not in the old software and it reorded some of the port channel config. FEXs were all online on both switches, running new code, the vPC was up, peer link up, peer keep alive up, vPC roles were correct, all the port channels were up, all the interfaces were up, logs didn’t give any indication of problems, spanning tree (MST) looked ok, I rebooted both switches again one at a time, I cleared the mac address tables, ... nothing seemed wrong, nothing fixed the problem.
It doesn't appear to be a problem with the FEXs, as my CatOS switches are directly conencted to the N5ks and they are experiencing the same problem.
I continued to have the same intermittent/complete connectivity loss. I have attempted this upgrade twice with the same result, and both times I had to revert back to the original code to get everything working normally. When I reverted back to the old code everything started working!
Any ideas for locating and resolving this problem?
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...