The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes the steps required to perform a Cisco Nexus 5500 and 5600 chassis replacement in a Virtual Port Channel (vPC) environment.
Cisco recommends that you have knowledge of these topics:
The information in this document is based on these software and hardware versions:
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
When you replace a Cisco Nexus 5500 and 5600 Series switch in an environment, it is recommended you adhere to this procedure in order to ensure there is minimal or no outage.
In certain cases, a replacement is needed due to partial and not complete failure of a chassis. In these scenarios, additional steps can be taken in order to ensure the removal of the chassis does not cause a major impact.
show vpc orphan-ports
. Connectivity loss is experienced on these devices once the chassis is disconnected, consider moving those connections to the VPC peer if critical services are running on those.show version
show module
show inventory
show running-config
show running switch-profile
show int status
show cdp neighbors
show port-channel summary
show vlan sum
show span sum
show vpc
show vpc role
show ip int brief vrf all
show trunk
show ip route vrf all
show ip arp vrf all
show mac address-table
Complete these steps on the switch to be replaced:
show port-channel summary
and show vpc
in order to ensure they are down.show port-channel summary
and show interface status
in order to ensure they are down.show port-channel summary
and show vpc
in order to ensure they are down.show vpc peer-keepalive
and show vpc
in order to ensure it is down.N5K-5672UP-1# show vpc peer-keepalive
vPC keep-alive status : peer is not reachable through peer-keepalive
--Send status : Success
--Last send at : 2023.10.04 01:31:09 824 ms
--Sent on interface :
--Receive status : Failed
--Last update from peer : (16) seconds, (360) msec
vPC Keep-alive parameters
--Destination : 10.82.138.244
--Keepalive interval : 1000 msec
--Keepalive timeout : 5 seconds
--Keepalive hold timeout : 3 seconds
--Keepalive vrf : management
--Keepalive udp port : 3200
--Keepalive tos : 192
N5K-5672UP-1# sh vPC
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is not reachable through peer-keepalive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : secondary
Number of vPCs configured : 49
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Operational Layer3 Peer-router : Disabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po100 up 1
Then, from the vPC peer (switch not being replaced), shut down the vPC peer link. Check show vpc
in order to ensure it went down, and also ensure this switch has either the vPC role of primary or secondary, operational primary.
N5K-5672UP-1# sh vPC
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100
Peer status : peer link is down
vPC keep-alive status : peer is not reachable through peer-keepalive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : secondary, operational primary
Number of vPCs configured : 49
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Operational Layer3 Peer-router : Disabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po100 down -
Once the switch to be replaced is completely isolated, confirm there is no connectivity issue in the environment.
After this is completed, power down the switch, unplug the cables and unrack it.
Note: When RMA is processed for a 5548P or 5548UP chassis running Layer 3 services, the Layer 3 I/O module with product ID N55-D160L3 or N55-D160L3-V2 is not included. This Layer 3 (L3) module must be taken from the chassis in order to be replaced and put into the replacement switch. The process of removing and installing the L3 module can be found in the Cisco Nexus 5000 Series Hardware Installation Guide, section Replacing an I/O Module for a Cisco Nexus 5548 Switch.
Warning: If using dual-homed FEXs, you must ensure that the FEXs modules are provisioned on the replacement chassis before bringing their links up. After this, ensure to configure all FEX server ports the same as the VPC peer. Failing to accomplish this can cause the FEX server ports to move to the inactive state.
show run switch-profile
obtained from Step 4. in Preparation tasks if the switch to be replaced is still connected to the network in order to restore the switch-profile configuration. If switch-profile backup is not available, you can retrieve it from the VPC peer by executing the show run switch-profile
on that one. Swich-profile configuration must be identical on both VPC peers, except for the sync-peers destination [ip address]
command.config sync
in the terminal, and then switch-profile [name]
.verify
and commit
for the changes to be applied.show run switch-profile
on both vPC peers.copy bootflash:[backup config] running-config:
.show running-config
is consistent with the backup.copy running-config startup-config
.show interface status
, show vpc peer-keepalive
, and show vpc
in order to ensure it is up and operational.show sys internal vpcm info all | i i stick
command in order to check whether the sticky bit is set to false. If the sticky bit is set to true, reapply the already configured vPC role priority. If the sticky bit is still true after this, reload the replacement chassis.Note: If the sticky bit is set to false on both chassis, configure a higher priority (lower numerical value) on the switch that is connected to the network already and not being replaced.
N5K-5672UP-2# sh vPC
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100
Peer status : peer link is down
vPC keep-alive status : peer is alive
Configuration consistency status : failed
Per-vlan consistency status : success
Configuration inconsistency reason: Consistency Check Not Performed
Type-2 inconsistency reason : Consistency Check Not Performed
vPC role : none established
Number of vPCs configured : 49
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Disabled (due to peer configuration)
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po100 down -
auto-recovery reload-delay 3600
under the vPC domain configuration.Warning: Do not proceed with the next step until the vPC peer-keepalive is operational and the vPC role is set to none established.
show vpc
in order to ensure it is up, and confirm that the vPC role is established to secondary.show port-channel summary
and show vpc
in order to ensure they are up.show port-channel summary
and show interface status
in order to ensure they are up.show port-channel summary
and show vpc
in order to ensure they are up.config sync
in the terminal, and then switch-profile [name]
. After this, run verify
and commit
in order to ensure the profile is in sync.Review the command output shown in this list from both Nexus switches in the VPC domain in order to validate the correct status.
show version
show module
show inventory
show running-config
show running switch-profile
show switch-profile status
show int status
show cdp neighbors
show port-channel summary
show vlan sum
show span sum
show vpc
show vpc role
show ip int brief vrf all
show trunk
show ip route vrf all
show ip arp vrf all
show mac address-table
Then, confirm the tests performed in Step 3. from Before You Begin are still working correctly.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
10-Nov-2023 |
Initial Release |