Interfaces Configuration Guide, Cisco DCNM for LAN, Release 5.x
Configuring vPCs
Downloads: This chapterpdf (PDF - 783.0KB) The complete bookPDF (PDF - 6.72MB) | Feedback

Configuring vPCs

Table Of Contents

Configuring vPCs

Information About vPCs

vPC Overview

vPC Terminology

vPC Peer Links

vPC Peer Link Overview

Features That You Must Manually Configure on the Primary and Secondary Devices

Configuring Layer 3 Backup Routes on a vPC Peer Link

Peer-Keepalive Link and Messages

vPC Peer-Gateway

vPC Domain

Compatibility Parameters for vPC Interfaces

Configuration Parameters That Must Be Identical

Configuration Parameters That Should Be Identical

Consequences of Parameter Mismatch

vPC Number

Moving Other Port Channels into a vPC

Configuring vPC Peer Links and Links to the Core on a Single Module

vPC Interactions with Other Features

vPC and LACP

vPC Peer Links and STP

vPC Multicast—PIM, IGMP, and IGMP Snooping

vPC Peer Links and Routing

CFSoE

vPC and Orphan Ports

High Availability

Licensing Requirements for vPCs

Prerequisites for vPCs

Default Settings

Platform Support

Configuring vPCs

Enabling vPCs

Disabling vPCs

Creating and Modifying vPCs

Synchronizing the vPCs and vPC Peer Links

Manually Configuring the Peer-Keepalive Link and Message

Manually Configuring the vPC Priority Settings

Deleting a vPC

Using the Panes in the Details Tabs to Modify vPC Settings

vPC Global Settings

vPC Port-Channel Summary View

Monitoring vPCs

Field Descriptions for vPCs

vPC: vPC Details: Basic Settings Section

vPC: vPC Details: Layer 2 Settings Section

vPC: vPC Details: Link Settings Section

vPC: Peer-Link Details: vPC Global Settings Section

vPC: Peer-Link Details: STP Global Settings Section

vPC: Peer-Link Status: Peer Link Status Section

vPC: Peer-Link Status: Peer Link Error VLANs Status Section

vPC: Peer-Link Status: vPC Error VLANs Status Section

Resolve Configuration Inconsistency: vPC

Resolve Configuration Inconsistency: Peer Link

Additional References

Related Documents

Standards

MIBs

Feature History for Configuring vPCs


Configuring vPCs


This chapter describes how to configure virtual port channels (vPCs) using Cisco Data Center Network Manager (DCNM).


Note The Cisco NX-OS release that is running on a managed device may not support all the features or settings described in this chapter. For the latest feature information and caveats, see the documentation and release notes for your platform and software release.

Note System-message logging levels for the vPC feature must meet or exceed Cisco DCNM requirements. During device discovery, Cisco DCNM detects inadequate logging levels and raises them the minimum requirements. Cisco Nexus 7000 Series Switches that run Cisco NX-OS Release 4.0 are an exception. For Cisco NX-OS Release 4.0, prior to device discovery, use the command-line interface to configure logging levels to meet or exceed Cisco DCNM requirements. For more information, see the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x.

Beginning with Cisco NX-OS Release 5.1(1), you can use any of the 10-Gbps Ethernet (10GE) interfaces on the F series modules or the 10GE interfaces on the M series modules for the vPC peer link on an individual switch, but you cannot combine member ports on an F module with ports on an M module into a single port channel on a single switch. The port channel compatibility parameters must be the same for all the port channel members on the physical switch.

You cannot configure shared interfaces to be part of a vPC. See the Cisco NX-OS FCoE Configuration Guide for Cisco Nexus 7000 and Cisco MDS 9500 for more information on shared interfaces.


Note The port channel compatibility parameters must also be the same for all vPC member ports on both peers and therefore you must use the same type of module in each chassis.

This chapter includes the following sections:

Information About vPCs

Licensing Requirements for vPCs

Prerequisites for vPCs

Default Settings

Platform Support

Configuring vPCs

Monitoring vPCs

Field Descriptions for vPCs

Additional References

Feature History for Configuring vPCs


Note For information about configuring port channels and the Link Aggregation Control Protocol (LACP), see Chapter 5 "Configuring Port Channels."

Note For more information about the Data Center Network Manager features, see the Fundamentals Configuration Guide, Cisco DCNM for LAN, Release 5.x .

Information About vPCs

This section includes the following topics:

vPC Overview

vPC Terminology

vPC Peer Links

Peer-Keepalive Link and Messages

vPC Peer-Gateway

vPC Domain

Compatibility Parameters for vPC Interfaces

vPC Number

Moving Other Port Channels into a vPC

Configuring vPC Peer Links and Links to the Core on a Single Module

vPC Interactions with Other Features

High Availability

vPC Overview

A virtual port channel (vPC) allows links that are physically connected to two different Cisco Nexus 7000 Series devices to appear as a single port channel by a third device (see Figure 6-1). The third device can be a switch, server, or any other networking device that supports port channels. Beginning with Cisco NX-OS Release 4.1(4), you can configure up to 256 vPCs per device. A vPC can provide Layer 2 multipathing, which allows you to create redundancy and increase bisectional bandwidth by enabling multiple parallel paths between nodes and allowing load balancing traffic.

Figure 6-1 vPC Architecture

You can use only Layer 2 port channels in the vPC. A vPC domain is associated to a single VDC, so all vPC interfaces belonging to a given vPC domain must be defined in the same VDC. You must have a separate vPC peer link and peer-keepalive link infrastructure for each VDC deployed. Consolidating a vPC pair (two vPC peer devices of the same domain) in two VDCs of the same physical device is not supported. The vPC peer link must use 10-Gigabit Ethernet ports for both ends of the link or the link will not form.

You configure the port channels by using one of the following:

No protocol

Link Aggregation Control Protocol (LACP)

When you configure the port channels in a vPC—including the vPC peer link channel—without using LACP, each device can have up to 8 active links in a single port channel. When you configure the port channels in a vPC—including the vPC peer link channels—using LACP, each device can have 8 active links and 8 standby links in a single port channel. (See the "vPC Interactions with Other Features" section for more information on using LACP and vPCs.)


Note You must enable the vPC feature before you can configure or run the vPC functionality.

Beginning with Cisco NX-OS Release 4.2, the system automatically takes a checkpoint prior to disabling the feature, and you can roll back to this checkpoint. See the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x, for information on roll backs and checkpoints.

After you enable the vPC functionality, you create the peer-keepalive link, which sends heartbeat messages between the two vPC peer devices.

You can create a vPC peer link by configuring a port channel on one Cisco Nexus 7000 Series chassis by using two or more 10-Gigabit Ethernet ports in dedicated mode.

We recommend that you configure the vPC peer link Layer 2 port channels as trunks. Then, on another Cisco Nexus 7000 Series chassis, you configure another port channel again using two or more 10-Gigabit Ethernet ports in dedicated mode. Connecting these two port channels creates a vPC peer link in which the two linked Cisco Nexus devices appear as one device to a third device. The third device, or downstream device, can be a switch, server, or any other networking device that uses a regular port channel to connect to the vPC. If you are not using the correct module, the system displays an error message.


Note We recommend that you configure the vPC peer links on dedicated ports of different modules to reduce the possibility of a failure. For the best resiliency scenario, use at least two modules.

Beginning with Cisco NX-OS Release 4.2, if you must configure all the vPC peer links and core-facing interfaces on a single module, you should configure a track object that is associated with the Layer 3 link to the core and on all the links on the vPC peer link on both vPC peer devices. Once you configure this feature and if the primary vPC peer device fails, the system automatically suspends all the vPC links on the primary vPC peer device. This action forces all the vPC traffic to the secondary vPC peer device until the system stabilizes.

See the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x, for information on the track interface command, and see the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x, for information on configuring this tracking feature.

The vPC domain includes both vPC peer devices, the vPC peer-keepalive link, the vPC peer link, and all of the port channels in the vPC domain connected to the downstream device. You can have only one vPC domain ID on each device.

In this version, you can connect each downstream device to a single vPC domain ID using a single port channel.


Note Always attach all vPC devices using port channels to both vPC peer devices.

A vPC (see Figure 6-2) provides the following benefits:

Allows a single device to use a port channel across two upstream devices

Eliminates Spanning Tree Protocol (STP) blocked ports

Provides a loop-free topology

Uses all available uplink bandwidth

Provides fast convergence if either the link or a device fails

Provides link-level resiliency

Assures high availability

Figure 6-2 vPC Interfaces in One VDC

For more information on VDCs, see the Virtual Device Context Configuration Guide, Cisco DCNM for LAN, Release 5.x.

vPC Terminology

The terminology used in vPCs is as follows:

vPC—The combined port channel between the vPC peer devices and the downstream device.

vPC peer device—One of a pair of devices that are connected with the special port channel known as the vPC peer link.

vPC peer link—The link used to synchronize states between the vPC peer devices. Both ends must be on 10-Gigabit Ethernet interfaces.

vPC member port—An interface that belongs to a vPC.

Host vPC port—A Fabric Extender host interfacesthat belongs to a vPC.

vPC domain—This domain includes both vPC peer devices, the vPC peer-keepalive link, and all of the port channels in the vPC connected to the downstream devices. It is also associated to the configuration mode that you must use to assign vPC global parameters.

vPC peer-keepalive link—The peer-keepalive link monitors the vitality of a vPC peer Cisco Nexus 7000 Series device. The peer-keepalive link sends configurable, periodic keepalive messages between vPC peer devices.

We recommend that you associate a peer-keepalive link to a separate VRF mapped to a Layer 3 interface in each vPC peer device. If you do not configure a separate VRF, the system uses the management VRF by default. However, if you use the management interfaces for the peer-keepalive link, you must put a management switch connected to both the active and standby management ports on each vPC peer device (see Figure 6-3).

Figure 6-3 Separate Switch Required to Connect Management Ports for vPC Peer-Keepalive Link

No data or synchronization traffic moves over the vPC peer-keepalive link; the only traffic on this link is a message that indicates that the originating switch is operating and running vPC.

vPC member port—Interfaces that belong to the vPCs.

vPC Peer Links

A vPC peer link is the link that is used to synchronize the states between the vPC peer devices. Both ends of the link much be on 10-Gigabit Ethernet interfaces.

This section describes the vPC peer link and includes the following topics:

vPC Peer Link Overview

Features That You Must Manually Configure on the Primary and Secondary Devices

Configuring Layer 3 Backup Routes on a vPC Peer Link


Note You must configure the peer-keepalive link before you configure the vPC peer link or the peer link will not come up. (See the "Peer-Keepalive Link and Messages" section for information on the vPC peer-keepalive link and messages.)

You can configure a vPC peer link to configure two devices as vPCs peers. You must use the module in order to configure a vPC peer link.


Note We recommend that you use the dedicated port mode when you configure a vPC peer link. For information about the dedicated port mode, see Chapter 2 "Configuring Basic Interface Parameters."

vPC Peer Link Overview

You can have only two devices as vPC peers; each device can serve as a vPC peer to only one other vPC peer. The vPC peer devices can also have non-vPC links to other devices.

See Figure 6-4 for invalid vPC peer configurations.

Figure 6-4 vPC Peer Configurations That Are Not Allowed

To make a valid configuration, you first configure a port channel on each device and then configure the vPC domain. You assign the port channel on each device as a peer link, using the same vPC domain ID. For redundancy, we recommend that you should configure at least two of the dedicated ports into the port channel because if one of the interfaces in the vPC peer link fails, the device automatically falls back to use another interface in the peer link.


Note We recommend that you configure the Layer 2 port channels in trunk mode.

Many operational parameters and configuration parameters must be the same in each device connected by a vPC peer link (see the "Compatibility Parameters for vPC Interfaces" section). Because each device is completely independent on the management plane, you must ensure that the devices are compatible on the critical parameters. vPC peer devices have separate control planes. After configuring the vPC peer link, you should display the configuration on each vPC peer device to ensure that the configurations are compatible.


Note You must ensure that the two devices connected by the vPC peer link have certain identical operational and configuration parameters. For more information on required configuration consistency, see the "Compatibility Parameters for vPC Interfaces" section.

When you configure the vPC, you choose which of the connected devices is the primary device and which is the secondary device (see the "Configuring vPCs" section). When you configure the parameters on the peer link, you configure them on the primary side of the vPC peer link and they are automatically applied to the interfaces on the secondary side of the vPC peer link. If the primary device fails, the secondary device becomes the new primary when the system recovers and the previously primary device is now the secondary device.


Note We recommend that you use two different modules for redundant on each vPC peer device vPC peer links.

The software keeps all traffic that forwards across the vPC peer devices as local traffic. A packet that ingresses the port channel uses one of the local links rather than moving across the vPC peer link. Unknown unicast, multicast, and broadcast traffic (including STP BPDUs) are flooded across the vPC peer link. The software keeps the multicast forwarding state synchronized on both of the vPC peer devices.

You can configure any of the standard load-balancing schemes on both the vPC peer link devices and the downstream device (see Chapter 5 "Configuring Port Channels" for information on load balancing).

Configuration information flows across the vPC peer links using the Cisco Fabric Service over Ethernet (CFSoE) protocol. (See the "CFSoE" section for more information about CFSoE.)

All MAC addresses for those VLANs configured on both devices are synchronized between vPC peer devices. The software uses CFSoE for this synchronization. (See the "CFSoE" section for information about CFSoE.)

Beginning with Cisco NX-OS Release 4.2(1), you can configure vPC peer devices to act as the gateway even for packets that are destined to the vPC peer device's MAC address.

See the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x, for information about configuring this feature.

If the vPC peer link fails, the software checks the status of the remote vPC peer device using the peer-keepalive link, which is a link between vPC peer devices that ensures that both devices are up. If the vPC peer device is up, the secondary vPC device disables all vPC ports on its device, to prevent loops and disappearing or flooding traffic. The data then forwards down the remaining active links of the port channel.


Note We recommend that you create and configure a separate VRF and configure a Layer 3 port on each vPC peer device in that VRF for the vPC peer-keepalive link. The default ports and VRF for the peer-keepalive are the management ports and VRF.

The software learns of a vPC peer device failure when the keepalive messages are not returned over the peer-keepalive link.

Use a separate link (vPC peer-keepalive link) to send configurable keepalive messages between the vPC peer devices. The keepalive messages on the vPC peer-keepalive link determines whether a failure is on the vPC peer link only or on the vPC peer device. The keepalive messages are used only when all the links in the peer link fail. See the "Peer-Keepalive Link and Messages" section for information about the keepalive message.

Features That You Must Manually Configure on the Primary and Secondary Devices

You must manually configure the following features to conform to the primary/secondary mapping of each of the vPC peer devices:

STP root—Configure the primary vPC peer device as the STP primary root device and configure the vPC secondary device to be the STP secondary root device. See the "vPC Peer Links and STP" section for more information on vPC and STP.

We recommend that you configure the vPC peer link interfaces as STP network ports so that Bridge Assurance is enabled on all vPC peer links

We recommend that you configure Rapid PVST+ so that the primary device is the root for all VLANs and configure MST so that the primary device is the root for all instances.

Layer 3 VLAN network interface—Configure Layer 3 connectivity from each vPC peer device by configuring a VLAN network interface for the same VLAN from both devices.

HSRP active—If you want to use HSRP and VLAN interfaces on the vPC peer devices, configure the primary vPC peer device with the HSRP active highest priority. Configure the secondary device to be the HSRP standby. And ensure that you have VLAN interfaces on each vPC device that are in the same administrative and operational mode. (See the "vPC Peer Links and Routing" section for more information on vPC and HSRP.)

We recommend that you configure Unidirectional Link Detection (UDLD) on both sides of the vPC peer link. See the "Configuring the UDLD Mode" section for information on configuring UDLD.

Configuring Layer 3 Backup Routes on a vPC Peer Link

You can use VLAN network interfaces on the vPC peer devices to link to Layer 3 of the network for such applications as HSRP and PIM. However, we recommend that you configure a separate Layer 3 link for routing from the vPC peer devices, rather than using a VLAN network interface for this purpose.


Note Ensure that you have a VLAN network interface configured on each peer device and that the interface is connected to the same VLAN on each device. Also, each VLAN interface must be in the same administrative and operational mode. For more information on configuring VLAN network interfaces, see Chapter 4 "Configuring Layer 3 Interfaces."

If a failover occurs on the vPC peer link, the VLAN interfaces on the vPC peer devices are also affected. If a vPC peer link fails, the system brings down associated VLAN interfaces on the secondary vPC peer device.

Beginning with Cisco NX-OS Release 4.2(1), you can ensure that specified VLAN interfaces do not go down on the vPC secondary device when the vPC peer link fails.


Note When you attach a Layer 3 device to a vPC domain, the peering of routing protocols using a VLAN also carried on the vPC peer link is not supported. If routing protocol adjacencies are needed between vPC peer devices and a generic Layer 3 device, you must use physical routed interfaces for the interconnection. Use of the vPC peer-gateway feature does not change this requirement.

See the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x, for information about configuring this feature.

Peer-Keepalive Link and Messages

The Cisco NX-OS software uses the peer-keepalive link between the vPC peers to transmit periodic, configurable keepalive messages. You must have Layer 3 connectivity between the peer devices to transmit these messages; the system cannot bring up the vPC peer link unless the peer-keepalive link is already up and running.


Note We recommend that you associate the vPC peer-keepalive link to a separate VRF mapped to a Layer 3 interface in each vPC peer device. If you do not configure a separate VRF, the system uses the management VRF and management ports by default. Do not use the peer link itself to send and receive vPC peer-keepalive messages. For more information on configuring VRFs, see the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x.

If one of the vPC peer devices fails, the vPC peer device on the other side of the vPC peer link senses the failure by not receiving any peer-keepalive messages. The default interval time for the vPC peer-keepalive message is 1 second, and you can configure the interval between 400 milliseconds and 10 seconds.

You can configure a hold-timeout value with a range of 3 to 10 seconds; the default hold-timeout value is 3 seconds. This timer starts when the vPC peer link goes down. During this hold-timeout period, the secondary vPC peer device ignores vPC peer-keepalive messages, which ensures that network convergence occurs before vPC action takes place. The purpose of the hold-timeout period is to prevent false-positive cases.

You can also configure a timeout value with a range of 3 to 20 seconds; the default timeout value is 5 seconds. This timer starts at the end of the hold-timeout interval. During the timeout period, the secondary vPC peer device checks for vPC peer-keepalive hello messages from the primary vPC peer device. If the secondary vPC peer device receives a single hello message, that device disables all vPC interfaces on the secondary vPC peer device.

The difference between the hold-timeout and the timeout parameters is as follows:

During the hold-timeout, the vPC secondary device does not take any action based on any keepalive messages received, which prevents the system taking action when the keepalive might be received just temporarily, such as if a supervisor fails a few seconds after the peer link goes down.

During the timeout, the vPC secondary device takes action to become the vPC primary device if no keepalive message is received by the end of the configured interval.

See the "Configuring vPCs" section for information on configuring the peer-keepalive message parameters.


Note Ensure that both the source and destination IP addresses used for the peer-keepalive messages are unique in your network and these IP addresses are reachable from the VRF associated with the vPC peer-keepalive link.

vPC Peer-Gateway

Beginning with Cisco NX-OS Release 4.2(1), you can configure vPC peer devices to act as the gateway even for packets that are destined to the vPC peer device's MAC address.

Some network-attached storage (NAS) devices or load-balancers may have features aimed to optimize the performances of particular applications. Essentially these features avoid performing a routing-table lookup when responding to a request that originated from a host not locally attached to the same subnet. Such devices may reply to traffic using the MAC address of the sender Cisco Nexus 7000 Series device rather than the common HSRP gateway. Such behavior is non-complaint with some basic Ethernet RFC standards. Packets reaching a vPC device for the non-local router MAC address are sent across the peer link and could be dropped by the built in vPC loop avoidance mechanism if the final destination is behind another vPC.

The vPC peer-gateway capability allows a vPC switch to act as the active gateway for packets that are addressed to the router MAC address of the vPC peer. This feature enables local forwarding of such packets without the need to cross the vPC peer link. In this scenario, the feature optimizes use of the peer link and avoids potential traffic loss.

Configuring the peer-gateway feature must be done on both primary and secondary vPC peers and is nondisruptive to the operations of the device or to the vPC traffic. The vPC peer-gateway feature can be configured globally under the vPC domain submode.

When enabling this feature, you are also required to disable IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched through the peer gateway router. When the feature is enabled in the vPC domain, you are notified of such a requirement through an appropriate message.

Packets arriving at the peer-gateway vPC device will have their TTL decremented, so packets carrying TTL = 1 may be dropped in transit due to TTL expire. This needs to be taken into account when the peer-gateway feature is enabled and particular network protocols sourcing packets with TTL = 1 operate on a vPC VLAN.

vPC Domain

You can use the vPC domain ID to identify the vPC peer links and the ports that are connected to the vPC downstream devices.

To create a vPC domain, you must first create a vPC domain ID using a number from 1 to 100. You can have only one vPC domain per device.You create a vPC number, using a number from 1 to 4096 to identify the port channels that link to the downstream devices.

You must explicitly configure the port channel that you want to act as the peer link on each device. You associate the port channel that you made a peer link on each device with the same vPC domain ID to form a single vPC domain. Within this domain, the system provides a loop-free topology and Layer 2 multipathing.

You can only configure these port channels and vPC peer links statically. All ports in the vPC on each of the vPC peer devices must be in the same VDC. You can configure the port channels and vPC peer links either using LACP or no protocol. We recommend that you use LACP with the interfaces in active mode to configure port channels in each vPC, which ensures an optimized, graceful recovery in a port-channel failover scenario and provides configuration checks against configuration mismatches among the port channels themselves.

The vPC peer devices use the vPC domain ID that you configure to automatically assign a unique vPC system MAC address. Each vPC domain has a unique MAC address that is used as a unique identifier for the specific vPC-related operations, although the devices use the vPC system MAC addresses only for link-scope operations, such as LACP. We recommend that you create each vPC domain within the contiguous Layer 2 network with a unique domain ID. You can also configure a specific MAC address for the vPC domain, rather than having the Cisco NX-OS software assign the address.

After you create a vPC domain, the Cisco NX-OS software creates a system priority for the vPC domain. You can also configure a specific system priority for the vPC domain.


Note When manually configuring the system priority, you must ensure that you assign the same priority value on both vPC peer devices. If the vPC peer devices have different system priority values, vPC will not come up.

Compatibility Parameters for vPC Interfaces

Many configuration and operational parameters must be identical on all interfaces in the vPC. We recommend that you configure the Layer 2 port channels that you use for the vPC peer link in trunk mode.

After you enable the vPC feature and configure the peer link on both vPC peer devices, CFS messages provide a copy of the configuration on the local vPC peer device configuration to the remote vPC peer device. The system then determines whether any of the crucial configuration parameters differ on the two devices. (See the "CFSoE" section for more information on CFS.)

The compatibility check process for vPCs differs from the compatibility check for regular port channels. See Chapter 5 "Configuring Port Channels" for information on regular port channels.

This section includes the following sections:

Configuration Parameters That Must Be Identical

Configuration Parameters That Should Be Identical

Consequences of Parameter Mismatch

Configuration Parameters That Must Be Identical

The configuration parameters in this section must be configured identically on both devices of the vPC peer link; otherwise, the vPC moves fully or partially into a suspended mode.


Note You must ensure that all interfaces in the vPC have the identical operational and configuration parameters listed below.

The devices automatically check for compatibility for some of these parameters on the vPC interfaces. The per-interface parameters must be consistent per interface, and the global parameters must be consistent globally:

Port-channel mode: on, off, or active

Link speed per channel

Duplex mode per channel

Trunk mode per channel:

Native VLAN

VLANs allowed on trunk

Tagging of native VLAN traffic

Spanning Tree Protocol (STP) mode

STP region configuration for Multiple Spanning Tree

Enable/disable state per VLAN

STP global settings:

Bridge Assurance setting

Port type setting

Loop Guard settings

STP interface settings:

Port type setting

Loop Guard

Root Guard

Maximum Transmission Unit (MTU)

If any of these parameters are not enabled or defined on either device, the vPC consistency check ignores those parameters.

The DCNM interface displays an error message if you attempt to create a peer link with a mismatch in any of these configurations. When you configure the vPC using the DCNM, you configure the primary vPC peer device and that configuration is automatically transferred to the secondary vPC peer device. If a mismatch occurs, the system does not bring up the peer link and displays "Failed" in the Consistency field for the vPC and the vPC peer link in the vPC Summary table.

You right-click on the Failed in the Consistency column and choose Synchronize from the pop-up menu in order to view and automatically resolve any blocking inconsistencies on the two vPC devices. See the "Synchronizing the vPCs and vPC Peer Links" section for information on synchronizing the vPC devices using the DCNM.

Configuration Parameters That Should Be Identical

When any of the following parameters are not configured identically on both vPC peer devices, a misconfiguration may cause undesirable behavior in the traffic flow:

MAC aging timers

Static MAC entries

VLAN interface—Each device on the end of the vPC peer link must have a VLAN interface configured for the same VLAN on both ends and they must be in the same administrative and operational mode. Those VLANs configured on only one device of the peer link do not pass traffic using the vPC or peer link. You must create all VLANs on both the primary and secondary vPC devices, or the VLAN will be suspended.

All ACL configurations and parameters

Quality of Service (QoS) configuration and parameters

STP interface settings:

BPDU Filter

BPDU Guard

Cost

Link type

Priority

VLANs (Rapid PVST+)

Port security

Cisco Trusted Security (CTS)

Dynamic Host Configuration Protocol (DHCP) snooping

Network Access Control (NAC)

Dynamic ARP Inspection (DAI)

IP source guard (IPSG)

Internet Group Management Protocol (IGMP) snooping

Hot Standby Routing Protocol (HSRP)

Protocol Independent Multicast (PIM)

Gateway Load-Balancing Protocol (GLBP)

All routing protocol configurations

To ensure that all the configuration parameters are compatible, we recommend that you display the configurations for each vPC peer device once you configure the vPC.

Consequences of Parameter Mismatch

In releases earlier than Cisco NX-OS Release 5.2(1), when a consistency check detects a mismatch in a parameter from the list of parameters that must be identical, the vPC peer link and vPC are prevented from coming up. If a parameter mismatch is configured after the vPC is already established, the vPC moves into suspend mode and no traffic flows on the vPC.

Beginning with Cisco NX-OS Release 5.2(1), you can configure the graceful consistency check feature, which suspends only the links on the secondary peer device when a mismatch is introduced in a working vPC. This feature is configurable only in the CLI and is enabled by default.

As part of the consistency check of all parameters from the list of parameters that must be identical, the system checks the consistency of all VLANs. In releases earlier than Cisco NX-OS Release 5.2(1), if the configuration of any enabled VLAN is inconsistent across the peer devices, the vPC is prevented from establishing or moves into a suspended mode.

Beginning with Cisco NX-OS Release 5.2(1), the vPC will remain operational, and only the inconsistent VLANs will be brought down. This per-VLAN consistency check feature cannot be disabled and does not apply to Multiple Spanning Tree (MST) VLANs.

vPC Number

Once you have created the vPC domain ID and the vPC peer link, you create port channels to attach the downstream device to each vPC peer device. That is, you create one port channel to the downstream device from the primary vPC peer device and you create another port channel to the downstream device from the secondary peer device.


Note We recommend that you configure the ports on the downstream devices that connect to a host or a network device that is not functioning as a switch or a bridge as STP edge ports. See the Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.x, for more information on STP port types.

Finally, working on each vPC peer device, you assign a vPC number to the port channel that connects to the downstream device. You will experience minimal traffic disruption when you are creating vPCs. To simplify the configuration, you can assign the vPC ID number to every port channel to be the same as the port channel itself (that is, vPC ID 10 for port channel 10).


Note The vPC number that you assign to the port channel connecting to the downstream device from the vPC peer device must be identical on both vPC peer devices.

Moving Other Port Channels into a vPC


Note You must attach a downstream device using a port channel to both vPC peer devices.

To connect to the downstream device, you create a port channel to the downstream device from the primary vPC peer device and you create another port channel to the downstream device from the secondary peer device. Finally, working on each vPC peer device, you assign a vPC number to the port channel that connects to the downstream device. You will experience minimal traffic disruption when you are creating vPCs.

Configuring vPC Peer Links and Links to the Core on a Single Module


Note We recommend that you configure the vPC peer links on dedicated ports of different modules to reduce the possibility of a failure. For the best resiliency scenario, use at least two modules.

Beginning with Cisco NX-OS Release 4.2, if you must configure all the vPC peer links and core-facing interfaces on a single module, you should configure, using the command line interface, a track object and a track list that is associated with the Layer 3 link to the core and on all vPC peer links on both vPC peer devices. You use this configuration to avoid dropping traffic if that particular module goes down because when all the tracked objects on the track list go down, the system does the following:

Stops the vPC primary peer device sending peer-keepalive messages which forces the vPC secondary peer device to take over.

Brings down all the downstream vPCs on that vPC peer device, which forces all the traffic to be rerouted in the access switch toward the other vPC peer device.

Once you configure this feature and if the module fails, the system automatically suspends all the vPC links on the primary vPC peer device and stops the peer-keepalive messages. This action forces the vPC secondary device to take over the primary role and all the vPC traffic to go to this new vPC primary device until the system stabilizes.

See the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x, for information about configuring this feature.

vPC Interactions with Other Features

This section includes the following topics:

vPC and LACP

vPC Peer Links and STP

vPC Multicast—PIM, IGMP, and IGMP Snooping

vPC Peer Links and Routing

CFSoE

vPC and Orphan Ports

vPC and LACP

LACP uses the system MAC address of the vPC domain to form the LACP Aggregation Group (LAG) ID for the vPC. (See Chapter 5 "Configuring Port Channels" for information on LAG-ID and LACP.)

You can use LACP on all the vPC port channels, including those channels from the downstream device. We recommend that you configure LACP with active mode on the interfaces on each port channel on the vPC peer devices. This configuration allows you to more easily detect compatibility between devices, unidirectional links, and multihop connection, and provides dynamic reaction to run-time changes and link failures.

The vPC peer link supports 16 LACP interfaces: 8 active links and 8 hot standby links. You can configure 16 LACP links on the downstream vPC channel: 8 active links and 8 hot standby links. If you configure the port channels without using LACP, you can have only 8 links in each channel

We recommend that you manually configure the system priority on the vPC peer link devices to ensure that the vPC peer link devices have a higher LACP priority than the downstream connected devices. A lower numerical value system priority means a higher LACP priority.


Note When manually configuring the system priority, you must ensure that you assign the same priority value on both vPC peer devices. If the vPC peer devices have different system priority values, vPC will not come up.

vPC Peer Links and STP

Although vPCs provides a loop-free Layer 2 topology, Spanning Tree Protocol (STP) is still required to provide a "fail-safe" mechanism to protect against any incorrect or defective cabling or possible misconfiguration. When you first bring up vPC, STP reconverges. STP treats the vPC peer link as a special link and always includes the vPC peer link in the STP active topology.

We recommend that you set all the vPC peer link interfaces to the STP network port type so that Bridge Assurance is automatically enabled on all vPC peer links. We also recommend that you do not enable any of the STP enhancement features on vPC peer links. It will not cause any problems if the STP enhancements are already configured, but you need not configure these.

When you are running both MST and Rapid PVST+, ensure that the PVST simulation feature is correctly configured.

See the Layer 2 Switching Configuration Guide, Cisco DCNM for LAN, Release 5.x, for information on STP enhancement features and PVST simulation.


Note You must configure a list of parameters to be identical on the vPC peer devices on both sides of the vPC peer link. See the "Compatibility Parameters for vPC Interfaces" section for information about these required matched settings.

STP is distributed; that is, the protocol continues running on both vPC peer devices. However, the configuration on the vPC peer device elected as the primary device controls the STP process for the vPC interfaces on the secondary vPC peer device.

The primary vPC device synchronizes the STP state on the vPC secondary peer device using Cisco Fabric Services over Ethernet (CFSoE). See the "CFSoE" section for information on CFSoE.

The STP process for vPC also relies on the periodic keepalive messages to determine when one of the connected devices on the peer link fails. See the "Peer-Keepalive Link and Messages" section for information on these messages.

The vPC manager performs a proposal/handshake agreement between the vPC peer devices that set the primary and secondary devices and coordinates the two devices for STP. The primary vPC peer device then controls the STP protocol on both the primary and secondary devices. We recommend that you configure the primary vPC peer device as the STP primary root device and configure the secondary VPC device to be the STP secondary root device.

If the primary vPC peer device fails over to the secondary vPC peer device, there is no change in the STP topology.

The BPDUs uses the MAC address set for the vPC for the STP bridge ID in the designated bridge ID field. The vPC primary device sends these BPDUs on the vPC interfaces.

You must configure both ends of vPC peer link with the identical STP configuration for the following parameters:

STP global settings:

STP mode

STP region configuration for MST

Enable/disable state per VLAN

Bridge Assurance setting

Port type setting

Loop Guard settings

STP interface settings:

Port type setting

Loop Guard

Root Guard

Ensure that the following STP interface configurations are identical on both sides of the vPC peer links or you may see unpredictable behavior in the traffic flow:

BPDU Filter

BPDU Guard

Cost

Link type

Priority

VLANs (PVRST+)


Note Display the configuration on both sides of the vPC peer link to ensure that the settings are identical.

Note We recommend that you configure the ports on the downstream devices as STP edge ports. You should configure all host ports connected to a switch as STP edge ports. (See the Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.x, for more information on STP port types.)

vPC Multicast—PIM, IGMP, and IGMP Snooping


Note The Cisco NX-OS software for the Nexus 7000 Series devices does not support PIM SSM or BIDR on vPC. The Cisco NX-OS software fully supports PIM ASM on vPC.

The software keeps the multicast forwarding state synchronized on both of the vPC peer devices. The IGMP snooping process on a vPC peer device shares the learned Group information with the other vPC peer device through the vPC peer link; the multicast states are always synchronized on both vPC peer devices. The PIM process in vPC mode ensures that only one of the vPC peer devices forwards the multicast traffic to the receivers.

Each vPC peer is a Layer 2 or Layer 3 device. Multicast traffic flows from only one of the vPC peer devices. You may see duplicate packets in the following scenarios:

Orphan hosts

When the Source and Receivers are in the Layer 2 vPC cloud in different VLANs with multicast routing enabled and a vPC member link goes down.

You may see negligible traffic loss in the following scenarios:

When you reload the vPC peer device that is forwarding the traffic.

When you restart PIM on the vPC peer device that is forwarding the traffic.

Ensure that you dual-attach all Layer 3 devices to both vPC peer devices. If one vPC peer device goes down, the other vPC peer device continues to forward all multicast traffic normally.

See the Cisco Nexus 7000 Series NX-OS Interfaces Command Reference, for information on commands that display information on vPC and multicast.

The following discusses vPC PIM and vPC IGMP/IGMP snooping:

vPC PIM—The PIM process in vPC mode ensures that only one of the vPC peer devices forwards multicast traffic. The PIM process in vPC mode synchronizes the source state with both vPC peer devices and elects with vPC peer device forwards the traffic.

vPC IGMP/IGMP snooping—The IGMP process in vPC mode synchronizes the DR information on both vPC peer devices. There is a dual-DR concept for IGMP when you are in vPC mode, which is not available when not in vPC mode, that has both vPC peer devices maintain the multicast group information between the peers.

You should enable or disable IGMP snooping identically on both vPC peer devices, and all the feature configurations should be identical. IGMP snooping is on by default.

See the Cisco Nexus 7000 Series NX-OS Multicast Routing Configuration Guide, Release 5.x, for more information on multicasting.

vPC Peer Links and Routing

The First Hop Routing Protocols (FHRP) interoperate with vPCs. The Hot Standby Routing Protocol (HSRP), Gateway Load Balancing Protocol (GLBP), and Virtual Router Redundancy Protocol (VRRP) all interoperate with vPCs. We recommend that you dual-attach all Layer 3 devices to both vPC peer devices.


Note You must enable the Layer 3 connectivity from each vPC peer device by configuring a VLAN network interface for the same VLAN from both devices. (See Chapter 4 "Configuring Layer 3 Interfaces," for information about creating VLAN network interfaces.)

The primary FHRP device responds to ARP requests, even though the secondary vPC device forwards the data traffic.

To simplify initial configuration verification and vPC/HSRP troubleshooting, you can configure the primary vPC peer device with the FHRP active router highest priority.

VRRP acts similarly to HSRP when running on vPC peer devices. You should configure VRRP the same way that you configure HSRP. For GLBP, the forwarders on both vPC peer devices forward traffic.

When the primary vPC peer device fails over to the secondary vPC peer device, the FHRP traffic continues to flow seamlessly.

Configure a separate Layer 3 link for routing from the vPC peer devices, rather than using a VLAN network interface for this purpose.

We do not recommend configuring the burnt-in MAC address option (use-bia) for HSRP or manually configuring virtual MAC addresses for any FHRP protocol in a vPC environment because these configurations can adversely affect the vPC load balancing. The hsrp use-bia is not supported on vPCs. When you are configuring custom MAC addresses, you must configure the same MAC address on both vPC peer devices.

Beginning with Cisco NX-OS Release 4.2(1), you can configure a restore timer that will delay the vPC coming back up until after the peer adjacency forms and the VLAN interfaces are back up. This feature avoids packet drops when the routing tables may not be converged before the vPC is once again passing traffic.

See the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x, for information about configuring this feature.

See the Unicast Configuration Guide, Cisco DCNM for LAN, Release 5.x, for more information on FHRPs and routing.

CFSoE

The Cisco Fabric Services over Ethernet (CFSoE) is a reliable state transport mechanism that is used to synchronize the actions of the vPC peer devices. CFSoE carries messages and packets for many features linked with vPC, such as STP and IGMP. Information is carried in CFS/CFSoE protocol data units (PDUs).

When you enable the vPC feature, the device automatically enables CFSoE, and you do not have to configure anything. CFSoE distributions for vPCs do not need the capabilities to distribute over IP or the CFS regions. You need not configure anything for the CFSoE feature to work correctly on vPCs.

Cisco Fabric Services also transports data over TCP/IP. See the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x, for more information on CFS over IP.


Note The software does not support CFS regions.

vPC and Orphan Ports

When a device that is not vPC-capable connects to each peer, the connected ports are known as orphan ports because they are not members of a vPC. The device's link to one peer will be active (forwarding) and the other link will be standby (blocking) due to STP.

In case of a peer link failure or restoration, an orphan port's connectivity may be bound to the vPC failure or restoration process. For example, if a device's active orphan port connects to the secondary vPC peer, the device will lose any connections through the primary peer upon a peer link failure and the resulting suspending of vPC ports by the secondary peer. If the secondary peer were to also suspend the active orphan port, the device's standby port would become active and would provide a connection to the primary peer, restoring connectivity. Beginning with Cisco NX-OS Release 5.2(1), you can configure in the CLI that specific orphan ports are suspended by the secondary peer when it suspends its vPC ports, and are restored when the vPC is restored.

High Availability

During an In-Service Software Upgrade (ISSU), the software reload process on the first vPC device locks its vPC peer device using CFS messaging over the vPC communications channel. Only one device at a time is upgraded. When the first device has completed its upgrade, it unlocks its peer device. The second device then performs the upgrade process, locking the first device as it does so. During the upgrade, the two vPC devices will temporarily be running different releases of Cisco NX-OS, however the system functions correctly because of its backward compatibility support.


Note See the Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide, Release 5.x, for complete information on high-availability features.

Licensing Requirements for vPCs

The following table shows the licensing requirements for this feature:

Product
License Requirement

Cisco DCNM

vPC requires a LAN Enterprise license. For a complete explanation of how to obtain and apply licenses, see the Fundamentals Configuration Guide, Cisco DCNM for LAN, Release 5.x .

Cisco NX-OS

vPC requires no license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.


Prerequisites for vPCs

vPC has the following prerequisites:

Ensure that the LAN Enterprise license is installed.

Default Settings

Table 6-1 lists the default settings for vPC parameters.

Table 6-1 Default vPC Parameters 

Parameters
Default

vPC system priority

32667

vPC peer-keepalive message

Disabled

vPC peer-keepalive interval

1 second

vPC peer-keepalive timeout

5 seconds

vPC peer-keepalive UDP port

3200


Platform Support

The following platforms support this feature but may implement it differently. For platform-specific information, including guidelines and limitations, system defaults, and configuration limits, see the corresponding documentation.

Platform
Documentation

Cisco Nexus 2000 Series Fabric Extenders

Cisco Nexus 2000 Series Fabric Extenders Documentation

Cisco Nexus 5000 Series Switches

Cisco Nexus 5000 Series Switches Documentation

Cisco Nexus 7000 Series Switches

Cisco Nexus 7000 Series Switches Documentation



Note Beginning with Cisco DCNM for LAN, Release 5.2, the vPC on Cisco 2000 Series Fabric Extenders functionality enables the user to have a vPC from the host connected to two independent Fabric Extenders with the Nexus 7000 as a parent switch. The two Nexus 7000 switches acting as parent switches form the vPC peers. In such a configuration, the connectivity between Fabric Extenders and the Nexus 7000 can be a link or a port channel but not a vPC.

Configuring vPCs


Note The Cisco DCNM interface allows you to configure the parameters for the primary vPC peer device and automatically propagates those parameters to the secondary vPC device.

This section describes how to configure vPCs using the DCNM and includes the following topics:

Enabling vPCs

Disabling vPCs

Creating and Modifying vPCs

Synchronizing the vPCs and vPC Peer Links

Manually Configuring the Peer-Keepalive Link and Message

Manually Configuring the vPC Priority Settings

Deleting a vPC

Using the Panes in the Details Tabs to Modify vPC Settings

vPC Global Settings

vPC Port-Channel Summary View

On the Port Channel pane, the vPC port channels have an additional icon in the Summary table. Only Layer 2 port channels can be configured into vPCs.


Note The Topology feature under the Feature Selector is very useful when configuring vPCs.

For more information on the Topology Feature, see the Fundamentals Configuration Guide, Cisco DCNM for LAN, Release 5.x .

Enabling vPCs

You must enable the vPC feature before you can configure vPCs. To enable the vPCs, use the Port Channel pane (see Figure 6-5).

Figure 6-5 Enabling vPCs

BEFORE YOU BEGIN

Ensure that you have installed the LAN Enterprise License.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Port Channel to open the Port Channel pane.

Step 2 From the Contents pane, in the Summary pane, click the device in which you want to enable the vPC feature.

The system highlights the device in the Summary pane, and tabs appear in the Details pane.

Step 3 In the Details pane, click the VPC Configuration tab.

Step 4 Click Enable vPC.

Step 5 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


Disabling vPCs


Note When you disable vPC, the device clears all the vPC configurations.

To disable the vPCs, use the Port Channel pane (see Figure 6-5).

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Port Channel to open the Port Channel pane.

Step 2 From the Contents pane, in the Summary pane, click the device in which you want to disable the vPC feature.

The system highlights the device in the Summary pane, and tabs appear in the Details pane.

Step 3 To disable vPCs, from the menu bar, choose Actions > Disable vPC.

Step 4 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


Creating and Modifying vPCs

You launch the vPC Wizard from the vPC pane (see Figure 6-6 and Figure 6-7). You can create the port channels using the Port Channel pane (see Chapter 5 "Configuring Port Channels" for information on creating port channels), or you can create the port channels directly through the vPC Wizard. You can also configure the delay, peer-gateway, peer-switch, and exclude VLAN attributes through the vPC wizard (see the "vPC Global Settings" section) for more information on the vPC Global Settings.

Figure 6-6 vPC Pane

Figure 6-7 vPC Wizard

BEFORE YOU BEGIN

Ensure that you have installed the LAN Enterprise license.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > vPC.

Step 2 To launch the vPC Wizard, do one of the following:

a. To create a new vPC, from the menu bar, choose Actions > New.

The system launches the vPC Creation Wizard and lists the steps required to create a vPC.

or

b. To modify an existing vPC, highlight the vPC that you want to edit and from the menu bar, choose Actions Edit.

The system launches the vPC Modification Wizard and lists the steps required to modify the vPC.

Step 3 Click Next.

The Select devices pane appears.

Step 4 In the vPC ID field, enter the value for this vPC.

Step 5 In the Select Multi-chassis vPC Switch field, check the checkbox.

a. From the Select Multi-chassis vPC Switch drop-down list, choose the device that you want to be the multichassis vPC device.

Step 6 Move to the Select Single Chassis vPC Pair area and do the following:

a. From the vPC Switch (Primary) drop-down list, choose the device that you want to be the primary device on the vPC peer link.

b. From the vPC Switch (Secondary) drop-down list, choose the device that you want to be the secondary device on the vPC peer link.

c. In the Domain ID field, enter the vPC domain ID.

Step 7 (Optional) If you want to create port channels using no protocol, click Enable LACP-based Port Channels for setting up vPC to disable LACP.

LACP is enabled by default on all port channels in the vPC. We recommend that you use LACP for all these port channels. If you do not want to use LACP, deselect the option.

Step 8 Click Next.

The Domain Settings pane appears. This pane is available beginning with DCNM Release 4.2. You configure the settings for the primary vPC peer device only; the configuration is then applied to the secondary vPC peer device.

Step 9 If you want to change the configuration for either the System MAC address, the Role Priority, and/or the System Priority, enter the information.

Step 10 (Optional) In the Source IP fields, enter the IP address for the ports that you want to use to send the peer-keepalive message from each device.


Note You must configure the peer-keepalive link before the system will form the vPC peer link.
Ensure that both the source and destination IP addresses used for the peer-keepalive messages are unique in your network. Do not use the peer link itself to send the peer-keepalive messages.
We recommend that you configure a separate VRF and use a Layer 3 port from each vPC peer device in that VRF for the vPC peer-keepalive link.

The default value is the IP address of the management interface. However, we strongly recommend that you configure a separate VRF for this link.

Step 11 In the Destination IP fields, enter the IP address for the ports that you want to use to receive the peer-keepalive message from each device.

Step 12 (Optional) In the UDP Port fields, enter the UDP port number that you want to use to exchange the peer-keepalive message from each device.

Step 13 In the VRF fields, enter the name of the VRF that you want to use for the peer-keepalive message.

Step 14 (Optional) In the Interval fields, enter the number of milliseconds between sending each peer-keepalive message.

Step 15 (Optional) In the Hold Timeout field, enter the number of seconds that you want the vPC secondary peer device to wait after the peer-keepalive link goes down.

Step 16 (Optional) In the Timeout field, enter the number of seconds that you want the vPC primary peer device to wait after the peer-keepalive link goes down.

Step 17 (Optional) In the Packet Setting field, enter either the precedence value, the Type of Service value, or the ToS byte value that you want for the peer-keepalive message packets.

You can enter one of these values.

Step 18 Click Next.

The Configure Peer-Link pane appears. You can either use existing port channels for the vPC peer link or create new port channels for the vPC peer link.


Note We recommend that you configure the Layer 2 port channels that you are designating as the vPC peer link in trunk mode and that you use two ports on separate modules on each vPC peer device for redundancy.

Step 19 In the Po ID fields, enter the port channel number for each device that you want to use as the vPC peer link.

You can use different numbers for the two port channels on the two vPC devices that you are designating as the vPC peer link.

Step 20 In the Available Interfaces section, choose either the Interfaces tab or the Links tab to assign the interface on each device.

Step 21 Choose the interfaces or links that you want to use for the vPC peer link.

Step 22 Click Add.

The chosen interfaces appear in the Selected Interfaces area.

Step 23 Click Next.

Step 24 Enter the setting that you want in the respective configuration field for the Peer-Link Primary only.

The value that you enter in the Peer-Link Primary field is automatically configured in the Peer-Link Secondary device as follows:

a. When you are creating a vPC, this step is optional and appears only if you chose to create new port channels. The window displays a column for the Peer-Link Primary and a column for the Peer-Link Secondary.

b. When you are modifying a vPC, this step always appears. The window displays a column for the Peer-Link Primary and a column for the Peer-Link Secondary.

Step 25 Click Next.

The Configure link with vPC Primary and Secondary window appears. Use this window to connect a multichassis vPC device to the vPC peer devices.

Step 26 In the Po ID fields, enter the port channel number for each device that you want to put into the vPC.

The port channel numbers do not have to be identical.

Step 27 In the Available Interfaces section, choose either the Interfaces tab or the Links tab to assign the interface on each device.

Step 28 Choose the interfaces or links that you want to use for the port channels to the vPC multichassis device.

Step 29 Click Add.

The chosen interfaces appear in the Selected Interfaces area as links from the multichassis vPC device to each of the vPC peer devices.

Step 30 Click Next.

The Configure vPC Port Channel Settings pane appears with configurations for the multichassis vPC device, the vPC primary peer device, and the vPC secondary peer device.

Step 31 Enter the setting that you want in the respective configuration field for the multichassis vPC device and the vPC Peer-Link Primary device only.

Step 32 Click Next.

The Summary page displays the vPC settings that you have configured.

Step 33 (Optional) If you want to change any of the settings, click Back and return to the page where you want to make your corrections.

The vPC Wizard continues on through the remaining pages.

Step 34 Click Finish.

The vPC Deployment Status window displays the progress of the vPC configuration with a status bar and a checklist that appears as checked once the system completes each of the five configuration tasks.

If the system cannot configure a step of the task, a cross appears next to that task, and the system displays an error message. In this case, the vPC shows the partial configuration that was successfully deployed.

Step 35 Click Done.

Step 36 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


Synchronizing the vPCs and vPC Peer Links

If the configurations are incompatible between the vPC peer devices, the Consistency column on the Summary table of the vPC pane displays Failed for that vPC. You must resolve the configuration conflicts in the vPC.

You can change the configuration for the primary vPC peer device, and the system automatically configures the secondary vPC peer device identically. When you choose the Auto Resolve Conflicts option, the system automatically copies all the configuration values from the primary vPC peer device to the secondary vPC device.

To resolve incompatible vPC peer link configurations, use the Resolve Configuration Inconsistency pane (see Figure 6-8).

Figure 6-8 Resolving Configuration Inconsistencies

BEFORE YOU BEGIN

Ensure that you have installed the LAN Enterprise license.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > vPC to open the vPC pane.

Step 2 From the Contents pane, in the Summary pane, click the vPC channel that displays Failed in the Consistency column.

Step 3 In the Consistency column, right-click on Failed.

Step 4 From the drop-down list that appears, choose Synchronize.

You can synchronize either the vPC or the Peer Link.

Step 5 To synchronize the vPC, click vPC.

The system launches the Resolve Configuration Inconsistency pane. The configuration inconsistency is highlighted in red.

Step 6 Click Auto Resolve Conflicts.

Step 7 To synchronize the vPC peer link devices, click Peer-Link.

The system launches the Resolve Configuration Inconsistency pane. The configuration inconsistency is highlighted in red.

Step 8 Click Auto Resolve Conflicts.


Manually Configuring the Peer-Keepalive Link and Message

You must configure the peer-keepalive link before the system will form the vPC peer link. Beginning with DCNM Release 4.2, you can configure all the peer-keepalive parameters using the Wizard.


Note Ensure that both the source and destination IP addresses used for the peer-keepalive messages are unique in your network.
Do not use the peer link itself to send the peer-keepalive messages.
We recommend that you configure a separate VRF and use a Layer 3 port from each vPC peer device in that VRF for the vPC peer-keepalive link. For more information on creating and configuring VRFs, see the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x.

To configure the peer-keepalive message, use the Port Channel pane (see Figure 6-5).

BEFORE YOU BEGIN

Ensure that you have installed the LAN Enterprise license.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Port Channel to open the Port Channel pane.

Step 2 From the Contents pane, in the Summary pane, click the device in which you want to configure the vPC peer-keepalive link and message.

The system highlights the device in the Summary pane, and tabs appear in the Details pane.

Step 3 In the Details pane, click the VPC Configuration tab.

Step 4 In the Domain Id field, enter the value for the vPC domain for which you want to configure the peer-keepalive link and messages.

Step 5 In the Source IP field, enter the IP address of the single chassis vPC device on which you are configuring the peer-keepalive link.

Step 6 In the Destination IP field, enter the IP address of the other single chassis vPC device.

Step 7 Use the VRF drop-down list to select the VRF that you want to use to send the peer-keepalive messages.

The default is the management VRF.


Note We recommend that you configure a separate VRF and use a Layer 3 port from each vPC peer device in that VRF for the vPC peer-keepalive link. For more information on creating and configuring VRFs, see the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x. Do not use the peer link itself to send the vPC peer-keepalive messages.

Step 8 In the UDP Port field, enter the number of the UDP port that you want to use.

The default UDP port is 3200.

Step 9 In the Interval field, enter the number of milliseconds that you want to use between sending peer-keepalive messages.

The default is 1000 milliseconds.

Step 10 In the Timeout field, enter the number of milliseconds that you want the single chassis primary vPC peer device to wait to receive a keepalive message from the single chassis secondary vPC peer device.

During the timeout, the vPC secondary device takes action to become the vPC primary device if no keepalive message is received by the end of the configured interval.

The default is 5 seconds.

Step 11 (Optional) In the Hold Timeout field, enter the amount of time that you want the secondary vPC peer device to wait when the peer-keepalive link goes down. This optional step is available beginning with Cisco DCNM Release 4.2.

During the hold-timeout, the vPC secondary device does not take any action based on any keepalive messages received. This is to prevent the system taking action when the keepalive might be received just temporarily, such as if a supervisor fails a few seconds after the peer link goes down.

The default is 3 seconds.

Step 12 (Optional) In the Precedence field, enter precedence value that you want to assign for the peer-keepalive packets. This optional step is available beginning with Cisco DCNM Release 4.2.

The default is network.

Step 13 (Optional) In the Type of Service field, enter the ToS value that you want to assign for the peer-keepalive packets. This optional step is available beginning with Cisco DCNM Release 4.2.

Step 14 In the ToS Byte field, enter the ToS precedence value that you want to assign to the peer-keepalive packets. This optional step is available beginning with Cisco DCNM Release 4.2.

Step 15 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


Manually Configuring the vPC Priority Settings

When you create a vPC domain, the system automatically creates a vPC system priority. However, you can also manually configure a system priority for the vPC domain. You can also change the default values for the vPC system MAC address and role priority. You can also configure these parameters using the Wizard, beginning with Cisco DCNM Release 4.2.


Note We recommend that you manually configure the vPC system priority when you are running LACP to ensure that the vPC peer devices are the primary device on LACP.

To configure the vPC priority settings, use the Port Channel pane (see Figure 6-5).

BEFORE YOU BEGIN

Ensure that you have installed the LAN Enterprise license.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Port Channel to open the Port Channel pane.

Step 2 From the Contents pane, in the Summary pane, click the device in which you want to configure the vPC system priority.

The system highlights the device in the Summary pane, and tabs appear in the Details pane.

Step 3 In the Details pane, click the VPC Configuration tab.

Step 4 In the Role Priority field, enter the value that you want to assign for the role priority.

The default value is 32667.

Step 5 In the System Priority field, enter the value that you want to assign the vPC peer devices for LACP.

The default value is 32667.

Step 6 In the System MAC Address field, enter the MAC address that you want to assign to the vPC.

The default system MAC address is assigned by the system when you create a vPC.

Step 7 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


Deleting a vPC

To delete a vPC, use the vPC pane.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > vPC to open the vPC pane.

Step 2 From the Contents pane, in the Summary pane, click the vPC that you want to delete.

Step 3 From the menu bar, choose Actions > Delete.

Step 4 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


Using the Panes in the Details Tabs to Modify vPC Settings

We recommend that you use the vPC Wizard to create or modify vPCs.

BEFORE YOU BEGIN

Ensure that you have installed the LAN Enterprise license.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Port Channels > vPC Configuration.

Step 2 From the Details pane, click the vPC Configuration tab.

a. Click Enable vPC.

Step 3 To assign the vPC domain ID, configure the peer-keepalive settings, and configure the vPC system priorities, from the Feature Selector, choose Interfaces > Logical > Port Channels > vPC Configuration and do the following:

a. To assign a vPC domain ID, in the vPC Domain ID field, enter a number.

b. To modify the source IP address for the peer-keepalive message, in the Source IP field, enter the IP address for the single chassis primary vPC device.

c. To modify the destination IP address for the peer-keepalive message, in the Destination IP field, enter the IP address for the single chassis secondary vPC device.

d. To modify the VRF for the peer-keepalive message, in the VRF field, use the drop-down list to choose the VRF to use for the peer-keepalive messages.


Note We recommend that you configure a separate VRF and use a Layer 3 port from each vPC peer device in that VRF for the vPC peer-keepalive link. For more information on creating and configuring VRFs, see the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x.

e. To modify the UDP port for the peer-keepalive message, in the UDP Port field, enter the number of the UDP port that you want to use.

f. To modify the interval between sending peer-keepalive messages, in the Interval field, enter the number of milliseconds that you want between sending these messages.

g. To modify the timeout value for the peer-keepalive messages, in the Timeout field, enter the number of seconds that you want.

h. To modify the hold timeout value for the peer-keepalive messages, in the Hold Timeout field, enter the number of seconds that you want. This setting is available beginning with Cisco DCNM Release 4.2.

i. To modify the precedence value for the peer-keepalive packets, in the Precedence field, enter the precedence value that you want. This setting is available beginning with Cisco DCNM Release 4.2.

j. To modify the ToS value for the peer-keepalive packets, in the Type of Service field, enter the ToS value that you want. This setting is available beginning with Cisco DCNM Release 4.2.

k. To modify the ToS precedence value for the peer-keepalive packets, in the ToS Byte field, enter the ToS precedence that value you want. This setting is available beginning with Cisco DCNM Release 4.2.

l. To modify the role priority, in the Role Priority field, enter the number that you want.

m. To modify the system priority, in the System Priority field, enter the number that you want to use for the system priority for LACP.

n. To modify the system MAC address, in the System MAC Address field, enter the number that you want to use for the system priority for LACP.

Step 4 To modify the basic settings, the Layer 2 settings, or the link settings for the vPC peer link, from the Feature Selector pane, choose Interfaces > Logical > vPC and do the following:

a. Highlight the channel with the settings that you want to modify.

b. In the Details pane, click vPC Details.

You can only modify the settings for the single chassis primary vPC peer link. The system automatically configures the single chassis secondary vPC peer link with the modified values.

c. To modify the basic settings, click the Basic Setting section.

d. To modify the Layer 2 setting, click the Layer 2 section.

e. To modify the link settings, click the Link Settings section.

Step 5 To modify the vPC domain ID, configure the peer-keepalive settings, and configure the vPC system priorities, from the Feature Selector pane, choose Interfaces > Logical > vPC and do the following:

a. In the Details pane, click Peer-Link Details.

b. Click the vPC Global Settings section.

c. Choose the setting that you want to modify and enter the value under the Single Chassis vPC End Point-Primary column.

The system automatically configures the single chassis secondary vPC end point with the same value.

Step 6 To modify the STP settings, from the Feature Selector pane, choose Interfaces > Logical > vPC.

a. In the Details pane, click Peer-Link Details and do the following:

b. Click the STP Global Settings section.

c. Choose the setting that you want to modify and enter the value under the Single Chassis vPC End Point-Primary column.

The system automatically configures the single chassis secondary vPC end point with the same value.

Step 7 (Optional) From the menu bar, choose File > Deploy to apply your changes to the device.


vPC Global Settings

In addition to the existing configuration parameters available in the vPC global settings on the vPC summary screen, you can configure the vPC wizard and port-channel summary screen peer gateway, delay, dual-active exclude interface VLAN, and peer switch.

The vPC global settings tab allows you to configure the following views:

vPC Global Setting Pane in the vPC Summary

vPC Wizard

vPC Configuration tab in the Port-channel Summary

From the vPC global setting pane, you can configure the following in the vPC summary screen (see Figure 6-9).

Delay—Configuring a delay with a value from the range 1 to 3600 will cause a delay in bringing up the vPC configuration.

Peer-gateway—Choose Enabled or Disabled to enable or disable the feature to act as a peer gateway in a switch.

Exclude VLAN interfaces—You can associate VLAN network interfaces to a vPC domain by selecting the options from the popup window or by manually entering the interface VLAN range (see Figure 6-10).

Peer-switchChoose Enabled or Disabled to enable or disable the peer-switch feature in the vPC peer switches.

Figure 6-9 vPC Global Settings

Figure 6-10 VLAN Network Interface Popup Window

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > vPC.

Step 2 From the Contents pane, in the Summary pane, click the device in which you want to enable the vPC feature.

The system highlights the device in the Summary pane, and tabs appear in the Details pane.

Step 3 In the Details pane, click Peer-Link Details.

Step 4 Click the vPC Global Settings section.

Step 5 From the Contents pane, in the Summary pane, choose the configurations.


vPC Port-Channel Summary View

In addition to the existing configuration parameters available in the vPC global settings on the vPC summary screen, you can configure the vPC wizard and port-channel summary screen peer gateway, delay, dual-active exclude interface VLAN, and peer switch (see Figure 6-11).

Figure 6-11 vPC Configuration Tab in Port-Channel Summary

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Port Channel to open the Port Channel pane.

Step 2 From the Contents pane, in the Summary pane, click the device in which you want to enable the vPC feature.

The system highlights the device in the Summary pane, and tabs appear in the Details pane.

Step 3 In the Details pane, click the VPC Configuration tab.

The vPC configuration information is displayed.


Monitoring vPCs

The following vPC peer-keepalive parameters are in the Statistics tab:

Number of keepalive messages sent to the vPC peer device

Number of keepalive messages received from the vPC peer device

Average time to receive the response from the vPC peer device

Number of failed attempts to reach remote the vPC peer device.

Field Descriptions for vPCs

These field descriptions are used for configuring vPCs. This section includes the following topics:

vPC: vPC Details: Basic Settings Section

vPC: vPC Details: Layer 2 Settings Section

vPC: vPC Details: Link Settings Section

vPC: Peer-Link Details: vPC Global Settings Section

vPC: Peer-Link Details: STP Global Settings Section

vPC: Peer-Link Status: Peer Link Status Section

vPC: Peer-Link Status: Peer Link Error VLANs Status Section

vPC: Peer-Link Status: vPC Error VLANs Status Section

Resolve Configuration Inconsistency: vPC

Resolve Configuration Inconsistency: Peer Link

vPC: vPC Details: Basic Settings Section

Table 6-2 vPC: vPC Details: Basic Settings Section 

Field
Description

Channel ID

Display only. Port-channel number assigned to port-channel interfaces.

Description

Description of port-channel interface.

Port Mode

Port-channel interface port mode configuration. Valid values are as follows:

Access

Trunk

Bandwidth (kb)

Bandwidth of port-channel interface. This default is set by the interface type.

Delay (tens of usec)

Delay time for port-channel interface. The range is from 1 to 16777215.

Speed (Gb/s)

Transmission speed of the port-channel interface. Valid values are as follows:

10

100

1000

10000

Auto

Nonnegotiate

Duplex

Duplex operation of the port-channel interface. Valid values are as follows:

Half

Full

Auto

MTU

Maximum transmission unit (MTU) of the port-channel interface.

Flow Control Receive

Status of port-channel interface that is receiving pause frames. Valid values are as follows:

On

Off

Desired

Flow Control Send

Status of port-channel interface that is sending pause frames. Valid values are as follows:

On

Off

Desired


vPC: vPC Details: Layer 2 Settings Section

Table 6-3 vPC: vPC Details: Layer 2 Settings Section 

Field
Description

Access VLAN

Access VLAN for the port-channel interface.

Allowed VLAN

Allowed VLANs for the port-channel interface.

Native VLAN

Native VLAN for the port-channel trunk interface.

STP port type

STP edge or network port type. Valid values are as follows:

Default

Edge Access

Edge Trunk

Network

Disable

STP guard

STP guard condition set. Valid values are as follows:

Null string

Loop

Root


vPC: vPC Details: Link Settings Section

Table 6-4 vPC: vPC Details: Link Settings Section 

Field
Description
First four columns display links on the local device

Name

Display only. Name of the port in the non-vPC device. This port is part of the port-channel interface.

Mode

Display only. Port-channel mode on the link. Valid values are as follows:

Active

Passive

On

Priority

Display only. Port-priority value set for LACP. The range is from 1 to 65535.

Status

Display only. Status of the link. Valid values are as follows:

Up

Down

Bundled

Standalone

Suspended

Hot Standby

Last five columns display links on vPC primary and secondary devices

Device

Display only. Name of the primary or secondary vPC device.

Name

Display only. Name of the port in the neighbor device that is part of the port-channel interface.

Mode

Display only. Port-channel mode on the link. Valid values are as follows:

Active

Passive

On

Priority

Display only. Port-priority value set for LACP. The range is from 1 to 65535.

Status

Display only. Status of the link. Valid values are as follows:

Up

Down

Bundled

Standalone

Suspended

Hot Standby


vPC: Peer-Link Details: vPC Global Settings Section

Table 6-5 vPC: Peer-Link Details: vPC Global Settings Section 

Field
Description
Global Setting

Domain Id

Display only. vPC domain ID.

System MAC Address

Display only. vPC system MAC address.

Role Priority

Display only. Role priority to form a peer link. The range is from 1 to 65536, and the default is 32667.

System Priority

Display only. vPC system priority. The range is from 1 to 65536, and the default is 32667.

Peer Keepalive Settings

Source IP

Display only. Out-of-bound IP address used to send the peer-keepalive messages on the local vPC peer device.

Destination IP

Display only. Out-of-bound IP address used to send the peer-keepalive messages on the remote vPC peer device.

UDP Port

Display only. UDP port used to exchange peer-keepalive messages. The default value is 3200.

VRF

Display only. VRF for the out-of-bound port sending the peer-keepalive messages. The default value is management.

Interval

Display only. Time between sending peer-keepalive messages. The range is from 400 to 10000 milliseconds, and the default value is 1000 milliseconds.

Timeout

Display only. Timeout value for the peer-keepalive messages. The range is from 3 to 20 seconds, and the default value is 5 seconds.

Delay

Display only. Delay in bringing up the vPC configuration. The range is from 1 to 3600.

Peer-gateway

Display only. Enable or disable the feature in switch to act as peer-gateway.

Exclude VLAN interfaces

Display only. Associate VLAN network interfaces to a vPC domain by selecting the interface VLAN range.

Peer-switch

Display only. Enable or disable the peer-switch feature in the vPC peer switches.


vPC: Peer-Link Details: STP Global Settings Section

Table 6-6 vPC: Peer-Link Details: STP Global Settings Section 

Field
Description

Protocol

Display only. Configured STP. Valid values are as follows:

Rapid PVST+

MST

Port Type

Display only. STP port type. Valid values are as follows:

Edge

Network

Normal STP

Path Cost

Display only. Path-cost calculation method. Valid values are as follows:

Long

Short

Bridge Assurance

Display only. Bridge Assurance configuration. Valid values are as follows:

Enabled

Disabled

Loop Guard

Display only. Loop Guard configuration. Valid values are as follows:

Enabled

Disabled

STP Enabled VLANs

Display only. List of VLANs for which STP is enabled.

MST VLANs

Display only. List of MST instances and corresponding VLANs.


vPC: Peer-Link Status: Peer Link Status Section

Table 6-7 vPC: Peer-Link Status: Peer Link Status Section 

Field
Description

Domain ID

Display only. vPC domain ID.

vPC Consistency

Display only. Status of the vPC in local vPC peer device. Valid values are as follows:

Ok

Failed

Reason

Display only. Cause for the consistency failure on the vPC peer link.

Note This field does not appear if the status is Ok.

Peer-link Consistency

Display only. Status of the vPC in the remote vPC peer device. Valid values are as follows:

Ok

Failed

Reason

Display only. Cause for the consistency failure on vPC peer link.

Note This field does not appear if the status is Ok.

Role Status

Role

Display only. Operational role. Valid values are as follows:

Primary

Secondary

System Priority

Display only. Operational system priority for the vPC. The range is from 1 to 65536, and the default value is 32667.

System MAC Address

Display only. Operational system MAC address.

vPC Peer keepalive status

Destination IP

Display only. Out-of-bound IP address on the remote vPC peer device used to exchange peer-keepalive messages.

Send Status

Display only. Status of the successful sending of peer-keepalive messages. Valid values are as follows:

true

false

Receive Status

Display only. Status of the successful reception of peer-keepalive messages. Valid values are as follows:

true

false


vPC: Peer-Link Status: Peer Link Error VLANs Status Section

Table 6-8 vPC: Peer-Link Status: Peer Link Error VLANs Status Section 

Field
Description

VLAN ID

Display only. VLAN error-disabled on the vPC peer link.

Reason

Display only. Reason that VLAN is error-disabled on the vPC peer link.


vPC: Peer-Link Status: vPC Error VLANs Status Section

Table 6-9 vPC: Peer-Link Status: vPC Error VLANs Status Section 

Field
Description

VLAN ID

Display only. VLAN error-disabled on the vPC peer link.

Reason

Display only. Reason that VLAN is error-disabled on the vPC peer link.


Resolve Configuration Inconsistency: vPC

Table 6-10 Resolve Configuration Inconsistency: vPC 

Field
Description
vPC Port Channel Settings
Basic Settings

Channel ID

Port-channel number assigned to port-channel interfaces.

Description

Description of port-channel interface.

Port Mode

Port-channel interface port mode configuration. Valid values are as follows:

Access

Trunk

Bandwidth (kb)

Bandwidth of port-channel interface. The default is set by the interface type.

Delay (tens of usec)

Delay time for the port-channel interface. The range is from 1 to 16777215.

Speed (Gb/s)

Transmission speed of the port-channel interface. Valid values are as follows:

10

100

1000

10000

Auto

Nonnegotiate

Duplex

Duplex operation of the port-channel interface. Valid values are as follows:

Half

Full

Auto

MTU

Maximum transmission unit (MTU) of the port-channel interface.

Flow Control Receive

Status of the port-channel interface that is receiving pause frames. Valid values are as follows:

On

Off

Desired

Flow Control Send

Status of the port-channel interface that is sending pause frames. Valid values are as follows:

On

Off

Desired

Layer 2 Settings

Access VLAN

Access VLAN for the port-channel interface.

Allowed VLAN

Allowed VLANs for the port-channel interface.

Native VLAN

Native VLAN for the port-channel trunk interface.

STP port type

STP edge or network port type. Valid values are as follows:

Default

Edge Access

Edge Trunk

Network

Disable

STP guard

STP guard condition set. Valid values are as follows:

Null string

Loop

Root

vPC Peer Keepalive
Global Setting

Domain Id

vPC domain ID.

System MAC Address

vPC system MAC address.

Role Priority

Role priority to form a peer link. The range is from 1 to 65536, and the default is 32667.

System Priority

vPC system priority. The range is from 1 to 65536, and the default is 32667.

Peer Keepalive Settings

UDP Port

UDP port used to exchange peer-keepalive messages. The default value is 3200.

Interval

Time between sending peer-keepalive messages. The range is from 400 to 10000 milliseconds, and the default value is 1000 milliseconds.

STP Global Settings

Protocol

Configured STP. Valid values are as follows:

Rapid PVST+

MST

Port Type

STP port type. Valid values are as follows:

Edge

Network

Normal STP

Path Cost

Path-cost calculation method. Valid values are as follows:

Long

Short

Bridge Assurance

Bridge Assurance configuration. Valid values are as follows:

Enabled

Disabled

Loop Guard

Loop Guard configuration. Valid values are as follows:

Enabled

Disabled

STP Enabled VLANs

List of VLANs for which STP is enabled.

MST VLANs

List of MST instances and corresponding VLANs.


Resolve Configuration Inconsistency: Peer Link

Table 6-11 Resolve Configuration Inconsistency: Peer Link 

Field
Description
vPC Peer Keepalive
Global Setting

Domain Id

vPC domain ID.

System MAC Address

vPC system MAC address.

Role Priority

Role priority to form a peer link. The range is from 1 to 65536, and the default is 32667.

System Priority

vPC system priority. The range is from 1 to 65536, and the default is 32667.

Peer Keepalive Settings

UDP Port

UDP port used to exchange peer-keepalive messages. The default value is 3200.

Interval

Time between sending peer-keepalive messages. The range is from 400 to 10000 milliseconds, and the default value is 1000 milliseconds.

Global STP Settings

Protocol

Configured STP. Valid values are as follows:

Rapid PVST+

MST

Port Type

STP port type. Valid values are as follows:

Edge

Network

Normal STP

Path Cost

Path-cost calculation method. Valid values are as follows:

Long

Short

Bridge Assurance

Bridge Assurance configuration. Valid values are as follows:

Enabled

Disabled

Loop Guard

Loop Guard configuration. Valid values are as follows:

Enabled

Disabled

STP Enabled VLANs

List of VLANs for which STP is enabled.

MST VLANs

List of MST instances and corresponding VLANs.


Additional References

For additional information related to implementing vPC, see the following sections:

Related Documents

Standards

MIBs

Related Documents

Related Topic
Document Title

Configuring Port Channels

Chapter 5 "Configuring Port Channels"

Configuring Layer 2 interface

Chapter 3 "Configuring Layer 2 Interfaces"

Configuring Layer 3 interfaces

Chapter 4 "Configuring Layer 3 Interfaces"

Shared and dedicated ports

Chapter 2 "Configuring Basic Interface Parameters"

Interfaces

Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x

System management

Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x

High availability

Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide, Release 5.x

Release Notes

Cisco DCNM Release Notes, Release 5.x


Standards

Standards
Title

IEEE 802.3ad


MIBs

MIBs
MIBs Link

IEEE8023-LAG-CAPABILITY

CISCO-LAG-MIB

To locate and download MIBs, go to the following URL:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml


Feature History for Configuring vPCs

Table 6-12 lists the release history for this feature.

Table 6-12 Feature History for Configuring vPCs 

Feature Name
Releases
Feature Information

vPCs

4.1(2)

These features were introduced.

vPCs

4.1(4)

Support increased to 192 vPCs.

vPCs

4.2(1)

Support increased to 256 vPCs.

vPCs

4.2(1)

Added to Wizard ability to configure peer-keepalive messages and role and system priorities.

vPCs

4.2(1)

Added configuration for peer-keepalive message hold times and precedence values.

vPCs

5.2(1)

Added information about system display of MST to VLAN consistency failures.

vPC

5.2(1)

Added to Wizard, ability to configure auto-recovery configuration support.

vPCs

5.2(1)

Added information about vPC consistency status display change from Failed to Not Performed.

vPCs

5.2(1)

Added information about FabricPath configuration support in vPC.

vPCs

5.2(1)

Added information about vPC connection to Cisco 2000 Series Fabric Extenders.