Cisco Nexus 3600 Series NX-OS Software Upgrade and Downgrade Guide, Release 9.3(x)

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents
Find Matches in This Book
Available Languages
Download Options

Book Title

Cisco Nexus 3600 Series NX-OS Software Upgrade and Downgrade Guide, Release 9.3(x)

Chapter Title

Migrating Switches in a vPC Topology

Results

Updated:
November 11, 2020

Chapter: Migrating Switches in a vPC Topology

Migrating Switches in a vPC Topology

This chapter describes how to migrate from one pair of switches to another in a vPC topology. It contains the following sections:

vPC Forklift Upgrade

In a vPC topology, you can migrate from a pair of Cisco Nexus 3600 platform switches to a different pair of Cisco Nexus 3600 platform switches. For more information, see the "vPC Forklift Upgrade Scenario" section in the Cisco Nexus 3600 Series NX-OS Interfaces Configuration Guide.

vPC Upgrade and Downgrade Procedure

In vPC topologies, the two peer switches usually must be upgraded individually. An upgrade on one peer switch does not automatically update the vPC peer switch.

However, Cisco NX-OS Releases 7.0(3)F3(3c) and 7.0(3)F3(4) are not compatible with Cisco NX-OS Release 9.2(x) for vPC peer switches. Both vPC peers must be upgraded simultaneously to Cisco NX-OS Release 9.2(x) to avoid one switch running a 7.0(3)F3(x) release and the other switch running 9.2(x). Optionally, if the switches are being upgraded from Cisco NX-OS Release 7.0(3)F3(4), you can use the following procedure to minimize the traffic impact during upgrade.

  1. Switch A and B are running a Cisco NX-OS release. Switch A is the primary switch, and switch B is the secondary switch. Use the copy r s command on both switches. 

    
primary_switch# show vpc role
vPC Role status
----------------------------------------------------
vPC role : primary 
vPC system-mac : 00:23:04:ee:be:64 
vPC system-priority : 32667
vPC local system-mac : 70:df:2f:eb:86:1f 
vPC local role-priority : 90 
vPC peer system-mac : 70:df:2f:eb:1c:ab 
vPC peer role-priority : 100 
primary_switch#

secondary_switch# show vpc role
vPC Role status
----------------------------------------------------
vPC role : secondary 
vPC system-mac : 00:23:04:ee:be:64 
vPC system-priority : 32667
vPC local system-mac : 70:df:2f:eb:1c:ab 
vPC local role-priority : 100 
vPC peer system-mac : 70:df:2f:eb:86:1f 
vPC peer role-priority : 90 
secondary_switch#


primary_switch# copy r s v
[########################################] 100%
Copy complete.
 
secondary_switch# copy r s v
[########################################] 100%
Copy complete.

  2. Bring down the peer link (PL) on the primary switch. The secondary switch brings down its vPC legs.

    
primary_switch# conf t
Enter configuration commands, one per line. End with CNTL/Z.
primary_switch(config)# int port-channel 100
primary_switch(config-if)# shutdown 
 
Reload the secondary switch with Release 9.2.1 image (change bootvar /reload)
 
secondary_switch(config)# boot nxos nxos.9.2.1.bin
Performing image verification and compatibility check, please wait....
secondary_switch(config)# 
secondary_switch(config)# copy r s v
[########################################] 100%
Copy complete.
 
 
secondary_switch# reload
This command will reboot the system. (y/n)? [n] y

 
After reload
--------------------- 
secondary_switch# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100 
Peer status : peer link is down 
vPC keep-alive status : peer is alive 
Configuration consistency status : failed 
Per-vlan consistency status : success 
Configuration inconsistency reason: Consistency Check Not Performed
Type-2 inconsistency reason : Consistency Check Not Performed
vPC role : none established 
Number of vPCs configured : 20 
Peer Gateway : Enabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Disabled (due to peer configuration)
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 90s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans 
-- ---- ------ -------------------------------------------------
1 Po100 down -
 
secondary_switch#
 
primary_switch(config-if)# show vpc 
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100 
Peer status : peer link is down 
vPC keep-alive status : peer is alive 
Configuration consistency status : success 
Per-vlan consistency status : success 
Type-2 consistency status : success 
vPC role : primary 
Number of vPCs configured : 20 
Peer Gateway : Enabled
Peer gateway excluded VLANs : -
Dual-active excluded VLANs and BDs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled, timer is off.(timeout = 240s)
Operational Layer3 Peer-router : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans 
-- ---- ------ --------------------------------------------------
1 Po100 down -

  3. Configure vPC auto-recovery under the vPC domain on the secondary switch. Enable vpc upgrade (exec command). 

    
secondary_switch(config)# vpc domain 100
secondary_switch(config-vpc-domain)# auto-recovery 
secondary_switch(config-vpc-domain)# end

secondary_switch# show running-config vpc
!Command: show running-config vpc
!Running configuration last done at: Wed May 16 06:34:10 2018
!Time: Wed May 16 06:34:14 2018
version 9.2(1) Bios:version 01.11 
feature vpc
vpc domain 100
peer-switch
role priority 100
peer-keepalive destination 10.1.31.30 source 10.1.31.29
delay restore 90
peer-gateway
auto-recovery
ipv6 nd synchronize
ip arp synchronize
interface port-channel100
vpc peer-link
interface port-channel2001
vpc 101
 

secondary_switch# show vpc upgrade
vPC upgrade : TRUE
SVI Timer : 0
Delay Restore Timer : 0
Delay Orphan Port Timer : 0
secondary_switch#

secondary_switch# show vpc upgrade   >> Hidden command 
vPC upgrade : FALSE
SVI Timer : 10
Delay Restore Timer : 90
Delay Orphan Port Timer : 0
 
 
secondary_switch# vpc upgrade   >> Hidden command

  4. After Layer 3 routes are learned on the secondary switch, reload the primary switch with the new release image. The secondary switch takes over the primary role and brings up its vPC legs in approximately 5 seconds. 

    
primary_switch(config)# show boot 
Current Boot Variables:
sup-1
NXOS variable = bootflash:/nxos.9.2.1.bin
No module boot variable set
Boot Variables on next reload:
sup-1
NXOS variable = bootflash:/nxos.9.2.1.bin

No module boot variable set
primary_switch(config)# end

primary_switch# show boot 
Current Boot Variables:
sup-1
NXOS variable = bootflash:/nxos.9.2.1.bin
No module boot variable set
Boot Variables on next reload:
sup-1
NXOS variable = bootflash:/nxos.9.2.1.bin

No module boot variable set
primary_switch# reload
This command will reboot the system. (y/n)? [n] y
 
secondary_switch# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100 
Peer status : peer link is down 
vPC keep-alive status : peer is not reachable through peer-keepalive
Configuration consistency status : failed 
Per-vlan consistency status : success 
Configuration inconsistency reason: Consistency Check Not Performed
Type-2 inconsistency reason : Consistency Check Not Performed
vPC role : primary 
Number of vPCs configured : 20 
Peer Gateway : Enabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Disabled (due to peer configuration)
Auto-recovery status : Enabled, timer is off.(timeout = 240s)
Delay-restore status : Timer is off.(timeout = 0s)
Delay-restore SVI status : Timer is off.(timeout = 0s)
Operational Layer3 Peer-router : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans 
-- ---- ------ -------------------------------------------------
1 Po100 down -
vPC status

  5. When the primary switch comes back up, the peer link on it is operationally up.

    
primary_switch# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 100 
Peer status : peer adjacency formed ok 
vPC keep-alive status : peer is alive 
Configuration consistency status : success 
Per-vlan consistency status : success 
Type-2 consistency status : success 
vPC role : primary, operational secondary
Number of vPCs configured : 20 
Peer Gateway : Enabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 90s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans 
-- ---- ------ -------------------------------------------------
1 Po100 up 1,101-400

    For downgrade, reload both switches at the same time.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco