Monday, April 25, 2011

VPC Design / Routing and non-vPC vlans

This post is simply to discuss Cisco Best Practice regarding vPC design on 7K, differentiating your vPC vlans, (to downstream peers 5Ks), from your non vPC vlans ( routed layer 3 OSPF between 7K ).

Cisco recommends an addtional layer 2 link between 7K to carry non-vPC between vPC members, such as those vlans which OSPF uses. In a RAPID PVST+ environment, you can trunk non-vPC vlans on a separate port-channel connecting the vPC peers.

In the production environment in which I work, this additional link between 7Ks for OSPF was done as a Layer 3 link, (ip ospf point-to point)  no vlans:

7K# show run int po 6
!Command: show running-config interface port-channel2
!Time: Mon Apr 25 13:51:48 2011
version 5.0
interface port-channel6
  description ospf link
  mtu 9216
  ip address 10.1.1.1/30
  ip ospf network point-to-point
  ip router ospf 100 area 0.0.0.0
7K# show run int po 6 membership
!Command: show running-config interface port-channel2 membership
!Time: Mon Apr 25 13:59:21 2011
version 5.0(
interface port-channel6
  description ospf link
  mtu 9216
  ip address 10.1.1.1/30
  ip ospf network point-to-point
  ip router ospf 100 area 0.0.0.0
interface Ethernet2/5
  description to N7K-2
  mtu 9216
  channel-group 6 mode active
  no shutdown
interface Ethernet1/5
  description to N7K-2
  mtu 9216
  channel-group 6 mode active
  no shutdown
In this configuration, OSPF stays up regardless of a vPC peer link fail. Cisco points out that if you must run non-vPC vlans over a vPC peer link, that you use the following command:

dual-active exclude interface-vlan <non-vPC vlans>

which will disconnect the SVI vlans from a vPC link failure.

On your CORE 7K's, for normal RSTP, Cisco recommends the pathcost method long as enabled. When I saw that, I was like, what the hell is pathcost method long? Then I found Scott Hogg's blog on Network World, and he does a fine job of explaining it:

http://www.networkworld.com/community/node/57598

but for the short of it, to quote Scott, " This command changes the path cost to increase it from a 16-bit value to a 32-bit value. More bits in the path cost value increases the range of possible link speeds. You can confirm the path cost method being used on your Cisco switch with "show spanning-tree summary" command."

Per Cisco, "After configuring the vPCs, the two Cisco Nexus 7000 Series Switches appear as a single switching device from a spanning-tree perspective (remember that the vPC primary is the Cisco Nexus 7000 Series Switch that processes BPDUs). The following output illustrates the Spanning-Tree topology after the vPC configuration. "
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)