Creating VPC+ between two Nexus 5K.
Southbound Port-channel PO from N5K to FEX as per diagram:
topo:
in DC2
You are allowed to configure L2 port channel trunk between N5K-1 & N5K-2
as stated in the diagram, you are not allowed to add any L3.
Use port-channel number 200. Make sure N5K-1 is both operational & role primary.
You are free to assign a switch identifier of your choice between N5K-1 & N5K-2.
You are free to assign a domain number of your choice between N5K-1 & N5K-2.
5672-A(config)# feature lacp
5672-A(config)# vpc domain 200
5672-A(config-vpc-domain)# exit
5672-A(config)# install feature-set fa
fabric fabricpath
5672-A(config)# install feature-set fabricpath
5672-A(config)# fea
feature feature-set
5672-A(config)# feature-set fabricpath
5672-A(config)# fea
feature feature-set
5672-A(config)# feature fex
5672-A(config)# vpc domain 200
5672-A(config-vpc-domain)# fabricpath switch-id 200
Configuring fabricpath switch id will flap vPCs. Continue (yes/no)? [no] yes
5672-A(config-vpc-domain)# role priority 1
Warning:
!!:: vPCs will be flapped on current primary vPC switch while attempting role change ::!!
Note:
--------:: Change will take effect after user has re-initd the vPC peer-link ::--------
5672-A(config-vpc-domain)# pe
peer-config-check-bypass peer-keepalive
peer-gateway peer-switch
5672-A(config-vpc-domain)# peer-keepalive destination 10.31.113.39
Note:
--------:: Management VRF will be used as the default VRF ::--------
5672-A(config-vpc-domain)# int e2/1-2
5672-A(config-if-range)# no sh
5672-A(config-if-range)# channel-group 200 mode active
5672-A(config-if-range)# int p200
5672-A(config-if)# switchport mode fabricpath
5672-A(config-if)# vpc peer-link
no sh
5672-B(config)# feature lacp
5672-B(config)# install feature-set fa
fabric fabricpath
5672-B(config)# install feature-set fabricp
5672-B(config)# fe
feature feature-set
5672-B(config)# feature-set fabricpath
fea fex
5672-B(config)# fea
feature feature-set
5672-B(config)# featurefex
^
% Invalid command at '^' marker.
5672-B(config)# fe
feature feature-set
5672-B(config)# feature fex
5672-B(config)# fe
feature feature-set fex
5672-B(config)# fea
feature feature-set
5672-B(config)# feature lacp
5672-B(config)# vpc domain 200
5672-B(config-vpc-domain)# fabricpath switch-id 200
Configuring fabricpath switch id will flap vPCs. Continue (yes/no)? [no] yes
5672-B(config-vpc-domain)# pe
peer-config-check-bypass peer-keepalive
peer-gateway peer-switch
5672-B(config-vpc-domain)# peer-keepalive destination 10.31.113.38
Note:
--------:: Management VRF will be used as the default VRF ::--------
5672-B(config-vpc-domain)# interface e2/1-2
5672-B(config-if-range)# channel-group 200 mode active
5672-B(config-if-range)# no sh
5672-B(config-if-range)# int p200
5672-B(config-if)# switchport mode fabricpath
5672-B(config-if)# no sh
5672-B(config-if)# vpc peer-link
5672-B(config-if)#
5672-A# sh vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 200
vPC+ switch id : 200
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
vPC fabricpath status : peer is not reachable through fabricpath
Configuration consistency status : failed
Per-vlan consistency status : success
Configuration inconsistency reason: vPC type-1 configuration incompatible - STP
Mode inconsistent
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 0
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po200 up -
5672-A# sh vpc role
vPC Role status
----------------------------------------------------
vPC+ role : primary
Dual Active Detection Status : 0
vPC system-mac : 00:23:04:ee:be:c8
vPC system-priority : 32667
vPC local system-mac : 8c:60:4f:93:5f:fc
vPC local role-priority : 1
5672-A#
Practice Set 2:
Topology:
Solution:
Configuring vPC+ between 5K and Downstream Switches:
!
Configure vPC domain 20 between DC2-N5K1 & 2 .
perform the following task:
1. Make sure N5K1 is always the vPC Primary switch.
2. Use Port-channel 200 for the Peer link
3. Do not add any L3 interface
4. Use Fabric path switch ID value 70.
5. use port channel ID 10 towards FI A
6. Use Port channel ID 20 towards FI B
7. Port channel to Down-Switch should be configured as IEEE 802.1Q trunk
interfaces that allow only VLANs 30,40,70,71.
8. Make sure that port channels 10 & 20 come up without wating for the
standard forward delay time.
9. in few months our server team will connect a singel-leg on VLAN 300 that's
connect to N5K-2 . Make sure that the interface does not go down in dual-active scenario.
10. Make sure the vPC peer devices are the primary deciecs as LACP & use
priority value 2500.
Solution:
5672-A# sh run vpc
!Command: show running-config vpc
!Time: Tue Aug 28 13:31:42 2001
version 7.0(1)N1(1)
feature vpc
vpc domain 20
role priority 1
system-priority 2500
peer-keepalive destination 1.1.1.2 source 1.1.1.1
delay restore 150
auto-recovery
fabricpath switch-id 70
interface port-channel10
vpc 10
interface port-channel20
vpc 20
interface port-channel200
vpc peer-link
5672-A# sh run int e1/1,p10,p20
^
Invalid interface format at '^' marker.
5672-A# sh run int e1/1,port-channel10
^
Invalid interface format at '^' marker.
5672-A# sh run int e1/1
!Command: show running-config interface Ethernet1/1
!Time: Tue Aug 28 13:32:37 2001
version 7.0(1)N1(1)
interface Ethernet1/1
switchport mode fabricpath
channel-group 200 mode active
5672-A# sh run int e1/18-19
!Command: show running-config interface Ethernet1/18-19
!Time: Tue Aug 28 13:32:46 2001
version 7.0(1)N1(1)
interface Ethernet1/18
description To 9396-A Eth1/12
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
channel-group 10
interface Ethernet1/19
description To 9396-B Eth1/12
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
channel-group 20
5672-A# sh run int p10
!Command: show running-config interface port-channel10
!Time: Tue Aug 28 13:32:55 2001
version 7.0(1)N1(1)
interface port-channel10
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 10
5672-A# sh run int p20
!Command: show running-config interface port-channel20
!Time: Tue Aug 28 13:33:00 2001
version 7.0(1)N1(1)
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 20
!
5672-B(config-if)# sh run vpc
!Command: show running-config vpc
!Time: Tue Aug 28 13:31:00 2001
version 7.0(1)N1(1)
feature vpc
vpc domain 20
peer-keepalive destination 1.1.1.1 source 1.1.1.2
delay restore 150
dual-active exclude interface-vlan 300
auto-recovery
fabricpath switch-id 70
interface port-channel10
vpc 10
interface port-channel20
vpc 20
interface port-channel200
vpc peer-link
5672-B(config-if)# sh run int e1/1,e1/12-13
!Command: show running-config interface Ethernet1/1, Ethernet1/12-13
!Time: Tue Aug 28 13:31:19 2001
version 7.0(1)N1(1)
interface Ethernet1/1
switchport mode fabricpath
channel-group 200 mode active
interface Ethernet1/12
interface Ethernet1/13
5672-B(config-if)# sh run int p10,p20
!Command: show running-config interface port-channel10, port-channel20
!Time: Tue Aug 28 13:31:43 2001
version 7.0(1)N1(1)
interface port-channel10
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 10
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 20
5672-A# sh vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 20
vPC+ switch id : 70
Peer status : peer link is up
vPC keep-alive status : peer is alive
vPC fabricpath status : peer is reachable through fabricpath
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po200 up -
vPC status
---------------------------------------------------------------------------
id Port Status Consistency Reason Active vlans vPC+ Attrib
-- ---------- ------ ----------- ------ ------------ -----------
10 Po10 down success success - DF: No, FP
MAC: 70.0.0
20 Po20 down success success - DF: No, FP
MAC: 70.0.0
5672-A# sh vpc role
vPC Role status
----------------------------------------------------
vPC+ role : primary
Dual Active Detection Status : 0
vPC system-mac : 00:23:04:ee:be:14
vPC system-priority : 2500
vPC local system-mac : 8c:60:4f:93:5f:fc
vPC local role-priority : 1
Southbound Port-channel PO from N5K to FEX as per diagram:
topo:
in DC2
You are allowed to configure L2 port channel trunk between N5K-1 & N5K-2
as stated in the diagram, you are not allowed to add any L3.
Use port-channel number 200. Make sure N5K-1 is both operational & role primary.
You are free to assign a switch identifier of your choice between N5K-1 & N5K-2.
You are free to assign a domain number of your choice between N5K-1 & N5K-2.
5672-A(config)# feature lacp
5672-A(config)# vpc domain 200
5672-A(config-vpc-domain)# exit
5672-A(config)# install feature-set fa
fabric fabricpath
5672-A(config)# install feature-set fabricpath
5672-A(config)# fea
feature feature-set
5672-A(config)# feature-set fabricpath
5672-A(config)# fea
feature feature-set
5672-A(config)# feature fex
5672-A(config)# vpc domain 200
5672-A(config-vpc-domain)# fabricpath switch-id 200
Configuring fabricpath switch id will flap vPCs. Continue (yes/no)? [no] yes
5672-A(config-vpc-domain)# role priority 1
Warning:
!!:: vPCs will be flapped on current primary vPC switch while attempting role change ::!!
Note:
--------:: Change will take effect after user has re-initd the vPC peer-link ::--------
5672-A(config-vpc-domain)# pe
peer-config-check-bypass peer-keepalive
peer-gateway peer-switch
5672-A(config-vpc-domain)# peer-keepalive destination 10.31.113.39
Note:
--------:: Management VRF will be used as the default VRF ::--------
5672-A(config-vpc-domain)# int e2/1-2
5672-A(config-if-range)# no sh
5672-A(config-if-range)# channel-group 200 mode active
5672-A(config-if-range)# int p200
5672-A(config-if)# switchport mode fabricpath
5672-A(config-if)# vpc peer-link
no sh
5672-B(config)# feature lacp
5672-B(config)# install feature-set fa
fabric fabricpath
5672-B(config)# install feature-set fabricp
5672-B(config)# fe
feature feature-set
5672-B(config)# feature-set fabricpath
fea fex
5672-B(config)# fea
feature feature-set
5672-B(config)# featurefex
^
% Invalid command at '^' marker.
5672-B(config)# fe
feature feature-set
5672-B(config)# feature fex
5672-B(config)# fe
feature feature-set fex
5672-B(config)# fea
feature feature-set
5672-B(config)# feature lacp
5672-B(config)# vpc domain 200
5672-B(config-vpc-domain)# fabricpath switch-id 200
Configuring fabricpath switch id will flap vPCs. Continue (yes/no)? [no] yes
5672-B(config-vpc-domain)# pe
peer-config-check-bypass peer-keepalive
peer-gateway peer-switch
5672-B(config-vpc-domain)# peer-keepalive destination 10.31.113.38
Note:
--------:: Management VRF will be used as the default VRF ::--------
5672-B(config-vpc-domain)# interface e2/1-2
5672-B(config-if-range)# channel-group 200 mode active
5672-B(config-if-range)# no sh
5672-B(config-if-range)# int p200
5672-B(config-if)# switchport mode fabricpath
5672-B(config-if)# no sh
5672-B(config-if)# vpc peer-link
5672-B(config-if)#
5672-A# sh vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 200
vPC+ switch id : 200
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
vPC fabricpath status : peer is not reachable through fabricpath
Configuration consistency status : failed
Per-vlan consistency status : success
Configuration inconsistency reason: vPC type-1 configuration incompatible - STP
Mode inconsistent
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 0
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po200 up -
5672-A# sh vpc role
vPC Role status
----------------------------------------------------
vPC+ role : primary
Dual Active Detection Status : 0
vPC system-mac : 00:23:04:ee:be:c8
vPC system-priority : 32667
vPC local system-mac : 8c:60:4f:93:5f:fc
vPC local role-priority : 1
5672-A#
Practice Set 2:
Topology:
Configuring vPC+ between 5K and Downstream Switches:
!
Configure vPC domain 20 between DC2-N5K1 & 2 .
perform the following task:
1. Make sure N5K1 is always the vPC Primary switch.
2. Use Port-channel 200 for the Peer link
3. Do not add any L3 interface
4. Use Fabric path switch ID value 70.
5. use port channel ID 10 towards FI A
6. Use Port channel ID 20 towards FI B
7. Port channel to Down-Switch should be configured as IEEE 802.1Q trunk
interfaces that allow only VLANs 30,40,70,71.
8. Make sure that port channels 10 & 20 come up without wating for the
standard forward delay time.
9. in few months our server team will connect a singel-leg on VLAN 300 that's
connect to N5K-2 . Make sure that the interface does not go down in dual-active scenario.
10. Make sure the vPC peer devices are the primary deciecs as LACP & use
priority value 2500.
Solution:
5672-A# sh run vpc
!Command: show running-config vpc
!Time: Tue Aug 28 13:31:42 2001
version 7.0(1)N1(1)
feature vpc
vpc domain 20
role priority 1
system-priority 2500
peer-keepalive destination 1.1.1.2 source 1.1.1.1
delay restore 150
auto-recovery
fabricpath switch-id 70
interface port-channel10
vpc 10
interface port-channel20
vpc 20
interface port-channel200
vpc peer-link
5672-A# sh run int e1/1,p10,p20
^
Invalid interface format at '^' marker.
5672-A# sh run int e1/1,port-channel10
^
Invalid interface format at '^' marker.
5672-A# sh run int e1/1
!Command: show running-config interface Ethernet1/1
!Time: Tue Aug 28 13:32:37 2001
version 7.0(1)N1(1)
interface Ethernet1/1
switchport mode fabricpath
channel-group 200 mode active
5672-A# sh run int e1/18-19
!Command: show running-config interface Ethernet1/18-19
!Time: Tue Aug 28 13:32:46 2001
version 7.0(1)N1(1)
interface Ethernet1/18
description To 9396-A Eth1/12
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
channel-group 10
interface Ethernet1/19
description To 9396-B Eth1/12
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
channel-group 20
5672-A# sh run int p10
!Command: show running-config interface port-channel10
!Time: Tue Aug 28 13:32:55 2001
version 7.0(1)N1(1)
interface port-channel10
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 10
5672-A# sh run int p20
!Command: show running-config interface port-channel20
!Time: Tue Aug 28 13:33:00 2001
version 7.0(1)N1(1)
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 20
!
5672-B(config-if)# sh run vpc
!Command: show running-config vpc
!Time: Tue Aug 28 13:31:00 2001
version 7.0(1)N1(1)
feature vpc
vpc domain 20
peer-keepalive destination 1.1.1.1 source 1.1.1.2
delay restore 150
dual-active exclude interface-vlan 300
auto-recovery
fabricpath switch-id 70
interface port-channel10
vpc 10
interface port-channel20
vpc 20
interface port-channel200
vpc peer-link
5672-B(config-if)# sh run int e1/1,e1/12-13
!Command: show running-config interface Ethernet1/1, Ethernet1/12-13
!Time: Tue Aug 28 13:31:19 2001
version 7.0(1)N1(1)
interface Ethernet1/1
switchport mode fabricpath
channel-group 200 mode active
interface Ethernet1/12
interface Ethernet1/13
5672-B(config-if)# sh run int p10,p20
!Command: show running-config interface port-channel10, port-channel20
!Time: Tue Aug 28 13:31:43 2001
version 7.0(1)N1(1)
interface port-channel10
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 10
interface port-channel20
switchport mode trunk
switchport trunk allowed vlan 30,40,70-71
spanning-tree port type edge trunk
speed 10000
vpc 20
5672-A# sh vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 20
vPC+ switch id : 70
Peer status : peer link is up
vPC keep-alive status : peer is alive
vPC fabricpath status : peer is reachable through fabricpath
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po200 up -
vPC status
---------------------------------------------------------------------------
id Port Status Consistency Reason Active vlans vPC+ Attrib
-- ---------- ------ ----------- ------ ------------ -----------
10 Po10 down success success - DF: No, FP
MAC: 70.0.0
20 Po20 down success success - DF: No, FP
MAC: 70.0.0
5672-A# sh vpc role
vPC Role status
----------------------------------------------------
vPC+ role : primary
Dual Active Detection Status : 0
vPC system-mac : 00:23:04:ee:be:14
vPC system-priority : 2500
vPC local system-mac : 8c:60:4f:93:5f:fc
vPC local role-priority : 1
No comments:
Post a Comment