Let's say you are coming into an environment fresh, and you want to learn the vPC topology - or just troubleshoot . . . let's scope this out with some handy NX-OS commands.
N7K# show vpc
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po1 up
We see that the vPC peer link is Port-Channel 1. What members are in that port channel?
N7K# show run int Po1 membership
!Command: show running-config interface port-channel1 membership
!Time: Mon Apr 25 10:26:00 2011
version 5.0
interface port-channel1
description vPC PEERLINK
switchport
switchport mode trunk
vpc peer-link
spanning-tree port type network
mtu 9216
interface Ethernet1/1
description N7K-2 Eth1/1
switchport
switchport mode trunk
rate-mode dedicated force
mtu 9216
channel-group 1 mode active
no shutdown
interface Ethernet3/1
description N7K-2 Eth3/1
switchport
switchport mode trunk
rate-mode dedicated force
mtu 9216
channel-group 1 mode active
no shutdown
Cool. No what vlans are riding over the Peer link?
Nice. Okay. What is this 7K's vPC role?
N7K# show interface po1 switchport
Name: port-channel1
Switchport: Enabled
Switchport Monitor: Not enabled
Operational Mode: trunk
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: 1-3967,4048-4093
Administrative private-vlan primary host-association: none
Administrative private-vlan secondary host-association: none
Administrative private-vlan primary mapping: none
Administrative private-vlan secondary mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
N7K# show vpc role vPC Role status
----------------------------------------------------
vPC role : primary
Dual Active Detection Status : 0
vPC system-mac : 00:23:04:ee:be:0a
vPC system-priority : 32667
vPC local system-mac : a8:b1:d4:55:4e:42
vPC local role-priority : 16332
DENVWSW0001-INTERNAL#
Right then. What about the keep alive link? what are the IPs and the interfaces?
N7K# show run vpc
!Command: show running-config vpc
!Time: Mon Apr 25 10:37:16 2011
version 5.0
feature vpc
vpc domain 10
peer-switch
role priority 16332
peer-keepalive destination 10.1.1.2 source 10.1.1.1 vrf keepalive
peer-gateway
reload restore
N7K# show ip int br vrf keepalive
IP Interface Status for VRF "VPC-KEEPALIVE"(5)
Interface IP Address Interface Status
port-channel5 10.1.1.1 protocol-up/link-up/admin-up
N7K# show run int po5 memebership
!Command: show running-config interface port-channel3 membership
!Time: Mon Apr 25 10:42:36 2011
version 5.0(3E4)
interface port-channel5
description keepalive link
vrf member keepalive
ip address 10.1.1.1/30
interface Ethernet2/1
description to N7K-2
channel-group 5 mode active
no shutdown
With this handful of handy commands, you can see what is going on with vPC and port-channels in a Jiffy. I do notice in NX-OS that the port-channel interfaces are missing when you want to view your 'logical' nieghbors with cdp.
N7K# show cdp neigh interface ?
ethernet Ethernet IEEE 802.3z
mgmt Management interface
So you have to use the membership command (referenced above) to find out the physical interfaces that are bound to the port-channel and issue the show cdp neigh on those interfaces.
Oh and almost forgot, the whole reason for vPC . .the vPC member ports. A 'show vpc' will list the member ports for you.
ReplyDelete