簡介
本文檔介紹確定ACI上的虛擬埠通道(vPC)通訊問題所需的命令。
必要條件
需求
本文件沒有特定需求。
採用元件
本文件所述內容不限於特定軟體和硬體版本。
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
背景資訊
在以應用為中心的基礎設施(ACI)和對等裝置之間的vPC必須已啟動並正常運行,且沒有配置問題。
設定
拓撲說明
ACI枝葉1:介面乙太網1/1、埠通道5和vPC 343。
ACI枝葉2:介面乙太網1/2、埠通道5和vPC 343。
NX-OS 1:介面Ethernet 1/1和Ethernet 1/2、埠通道14和vPC 45。
連線:
枝葉1 Eth1/1 <-> NX-OS 1 Eth1/1
枝葉2 Eth1/2 <-> NX-OS 1 Eth1/2
網路圖表
驗證
使用本節內容,確認您的組態是否正常運作。
Cisco CLI Analyzer(僅供已註冊客戶使用)支援某些 show 指令。使用Cisco CLI Analyzer檢視show指令輸出的分析。
使用命令show vpc brief vpc x
您可以看到vPC的狀態(開啟/關閉)。
LEAF1#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
-- ---- ------ ----------- ------ ------------
343 Po5 up success success 100
LEAF2#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
-- ---- ------ ----------- ------ ------------
343 Po5 up success success 100
使用命令 show port-channel summary interface port-channel x
您可以看到連線埠通道的狀態(開啟/關閉)、目前旗標和設定它的實體介面。
LEAF1#show port-channel summary interface port-channel 5
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
F - Configuration failed
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
-------------------------------------------------------------------------------
5 Po5(SU) Eth LACP Eth1/1(P)
LEAF2#show port-channel summary interface port-channel 5
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
F - Configuration failed
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
-------------------------------------------------------------------------------
5 Po5(SU) Eth LACP Eth1/2(P)
疑難排解
本節提供的資訊用於對組態進行疑難排解。
纜線錯誤問題
在APIC GUI上,您必須看到以下故障:
Fault F0518: A configuration is not consistent with peer node. Misconfigured due to vPC link in the 2 switches connected to different partners.
ACI枝葉1:介面乙太網1/1、埠通道5和vPC 343。
ACI枝葉2:介面乙太網1/2、埠通道5和vPC 343。
NXOS 1:介面Ethernet 1/1和Ethernet 1/2、埠通道14和vPC 45。
連線:
枝葉1 Eth1/1 <-> NXOS 1 Eth1/1
枝葉2 Eth1/2 <-> NXOS 1 Eth1/2
如果遇到此問題,則輸出與範例類似:
LEAF1#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
-- ---- ------ ----------- ------ ------------
343 Po5 up failed vpc port 100
channel
mis-config
due to vpc
links in the
2 switches
connected to
different
partners
LEAF2#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
-- ---- ------ ----------- ------ ------------
343 Po5 up failed vpc port 100
channel
mis-config
due to vpc
links in the
2 switches
connected to
different
partners
LEAF1#show port-channel summary interface port-channel 5
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
F - Configuration failed
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
-------------------------------------------------------------------------------
5 Po5(SD) Eth LACP Eth1/1(D)
LEAF2#show port-channel summary interface port-channel 5
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
F - Configuration failed
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
-------------------------------------------------------------------------------
5 Po5(SD) Eth LACP Eth1/2(D)
LEAF1# show lacp interface ethernet 1/1 | grep Lag
Lag Id: [ [(7f9b, 0-11-1-aa-aa-aa, 8157, 8000, 10d), (8000, 0-22-2-bb-bb-bb, 65, 8000, 125)] ]
LEAF2# show lacp interface ethernet 1/2 | grep Lag
Lag Id: [ [(7f9b, 0-11-1-aa-aa-aa, 8157, 8000, 10d), (8000, 0-33-3-cc-cc-cc, 65, 8000, 125)] ]
連線的裝置延遲資訊(輸出命令中的第二個向量)在兩個輸出中必須相同。同樣,向量1在兩者上必須相同。
下一步:
如果發生此行為,則必須檢查物理連線,以確保連線未交換在埠上。
偵測到個別連線埠(按回圈)
在APIC GUI上,您必須看到以下故障:
Fault F2705: A vPC interface goes down while peer interface is up.
Fault F2533: A loop was detected by the MCP protocol on ACI.
此問題影響在對等裝置上運行STP協定的vPC拓撲。
ACI枝葉1:介面乙太網1/1和乙太網1/2,埠通道5和vPC 343
NXOS 1:介面Ethernet 1/1、埠通道14和vPC 45
NXOS 2:介面Ethernet 1/2、埠通道14和vPC 45
連線:
枝葉1 Eth1/1 <-> NXOS 1 Eth1/1
枝葉1 Eth1/2 <-> NXOS 2 Eth1/2
在此故障排除步驟中,瞭解MisCabling Protocol(MCP)的概念非常重要。
MCP檢測來自外部源的環路(伺服器、使用STP的外部網路裝置等的不當行為),並錯誤禁用ACI接收其自身資料包的介面。
要瞭解有關MCP的更多資訊,請參閱:為ACI使用MCP。
如果存在此問題,輸出如下所示:
LEAF2#show mcp internal info interface eth 1/2
------------------------------------------
Interface: Ethernet1/2
Native PI VLAN: 100
Native Encap VLAN: 1
BPDU Guard: disabled
BPDU Filter: disabled
Port State: down
Layer3 Port: false
Switching State: enabled
Mac Address: AA:AA:AA:AA:AA:01
Interface MCP enabled: true
------------------- STP STATS --------------------
MSTP Count: 0
RSTP Count: 4
MSTP TC Count: 0
RSTP TC Count: 4
PVRSTP TC Count: 4
TCN Count: 0
PVID Error BPDU Count: 5
Error Packet Count: 0
BPDU Guard Event Count: 0
--------------- LOOP-DETECTION STATS ---------------
MCP packets sent(Per-vlan): 1278
MCP packets received: 23
MCP invalid packets received: 19
MCP packets received with invalid digest: 0
MCP packets received when switching state is disabled: 0
Interface is a member of port-channel
Number of active VLANs: 1
Number of VLANS in MCP packets are sent: 1
MCP enabled vlans:
628
MCP loop detected at: Tue Jul 19 09:34:46 2022
MCP loop detected in VLAN: 100
-------------- MCP Remote Peer Info --------------
No remote peers exist
註:必須解決環路問題,以避免禁用介面,才能繼續使用vPC。
一旦解決了環路問題,並且物理介面已啟動,但vPC介面會繼續,其中一個介面處於關閉狀態,另一個介面處於單獨狀態:
LEAF1#show port-channel summary interface port-channel 5
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
F - Configuration failed
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
-------------------------------------------------------------------------------
5 Po5(SD) Eth LACP Eth1/1(I)
LEAF2#show port-channel summary interface port-channel 5
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
F - Configuration failed
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
-------------------------------------------------------------------------------
5 Po5(SD) Eth LACP Eth1/2(D)
下一步:
確保埠通道配置在兩端正確,且通道捆綁正確。
如果兩端的組態都正確,且循環進行之前運作良好,請嘗試以下操作:
導覽至:
Fabric -> Inventory -> Pod -> Leaf x -> Interfaces -> VPC interfaces -> vpc -> Port-channel interface where is included the physical port 1/x -> right-click and select Disable
.
然後等待10秒,按一下右鍵並選擇Enable.
必須在受影響的介面上執行這些步驟,以強制埠通道與對等裝置同步,而且此過程之後必須正常運行。
介面更改為操作關閉
在APIC GUI上,您必須看到以下故障:
Fault F1296: A vPC interface goes down while peer interface is also down.
此範例說明介面必須如何顯示資訊:
Leaf1# show interface port-channel 5
port-channel5 is down (port-channel-members-down)
admin state is up
Hardware: Port-Channel, address: xxxx.xxxx.xx01 (bia xxxx.xxxx.xx01)
MTU 9000 bytes, BW 100000000 Kbit, DLY 1 usec
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, medium is broadcast
Port mode is trunk
full-duplex, 100 Gb/s
Input flow-control is off, output flow-control is off
Auto-mdix is turned on
EtherType is 0x8100
Members in this channel: eth1/1
必須審閱和放棄以下主題:
- 物理問題(收發器和電纜)必須是進行檢查的第一步。
- 兩端配置更改。
- 在枝葉介面上接收到鏈路聚合控制協定(LACP)資訊。
LACP日誌
您可以使用命令show lacp internal event-history interface ethernet 1/x
要獲取與LACP狀態相關的事件,如以下示例:
Leaf1#show lacp internal event-history interface ethernet 1/1
Output omitted
...
9) FSM:<Ethernet1/1> Transition at 2022-07-15T08:43:06.121732000+00:00
Previous state: [LACP_ST_DETACHED_LAG_NOT_DETERMINED]
Triggered event: [LACP_EV_RECEIVE_PARTNER_PDU_TIMED_OUT_II_INDIVIDUAL]
Next state: [LACP_ST_INDIVIDUAL_OR_DEFAULT]
Output omitted
...
18) FSM:<Ethernet1/1> Transition at 2022-07-15T08:46:24.298022000+00:00
Previous state: [LACP_ST_DETACHED_LAG_NOT_DETERMINED]
Triggered event: [LACP_EV_RECEIVE_PARTNER_PDU_TIMED_OUT]
Next state: [FSM_ST_NO_CHANGE]
Output omitted
...
23) FSM:<Ethernet1/1> Transition at 2022-07-15T08:46:27.299819000+00:00
Previous state: [LACP_ST_DETACHED_LAG_NOT_DETERMINED]
Triggered event: [LACP_EV_RECEIVE_PARTNER_PDU_TIMED_OUT_II_INDIVIDUAL]
Next state: [LACP_ST_INDIVIDUAL_OR_DEFAULT]
Output omitted
...
24) FSM:<Ethernet1/1> Transition at 2022-07-15T08:52:25.204611000+00:00
Previous state: [LACP_ST_INDIVIDUAL_OR_DEFAULT]
Triggered event: [LACP_EV_LACP_DOWN_OR_PORT_DOWN]
Next state: [LACP_ST_PORT_IS_DOWN_OR_LACP_IS_DISABLED]
示例日誌顯示,ACI沒有收到來自對等裝置的正確應答,在某些情況下,對等裝置在保持連線計時器過期之前不會傳送PDU/LACP。
下一步:
現在,您需要驗證對等裝置的配置和狀態。
Cisco CLI Analyzer(僅供已註冊客戶使用)支援某些 show 指令。使用Cisco CLI Analyzer檢視show指令輸出的分析。
附註:使用 debug 指令之前,請先參閱有關 Debug 指令的重要資訊。
相關資訊