Page 1 of 2
Configure vPC in Eve with Nexus 9000v
Posted: Mon Jul 31, 2017 2:28 pm
by kluuter
Hi all,
According to this Cisco page:
http://www.cisco.com/c/en/us/td/docs/sw ... 43DAFA1ACD
vPC (Virtual Portchannel) should be working in Release 7.0(3)I5(2) and 7.0(3)I6(1), I'm using the last one and can't get it working...
I keep getting messages on console like; "%L2FM-2-L2FM_INVALID_PORT_NUM: Invalid port num 2, max_ports 0"
Has someone tried to configure a vPC within Eve-NG already?
See also my setup:
Images used:
NXOS: 7.0(3)I6(1)
IOU L2: i86bi-linux-l2-adventerprisek9-15.2d.bin
IOU L3: i86bi-linux-l3-adventerprisek9-15.4.2T.bin
Re: Configure vPC in Eve with Nexus 9000v
Posted: Tue Aug 08, 2017 4:35 pm
by kluuter
Hi all, VPC is working!!
Seems there is a problem with creating a portchannel between Nexus 9000v and IOU.
So i changed the topology, replaced IOU with 2 Nexus 9000v appliances and it works:
Code: Select all
N7K-1# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 30
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po1 up 100
vPC status
----------------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
10 Po10 up success success 100
20 Po20 up success success 100
Please check "show vpc consistency-parameters vpc <vpc-num>" for the
consistency reason of down vpc and for type-2 consistency reasons for
any vpc.
Code: Select all
N7K-2# show vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 30
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : secondary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po1 up 100
vPC status
----------------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
10 Po10 up success success 100
20 Po20 up success success 100
Please check "show vpc consistency-parameters vpc <vpc-num>" for the
consistency reason of down vpc and for type-2 consistency reasons for
any vpc.
Code: Select all
N5K-1# show port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
b - BFD Session Wait
S - Switched R - Routed
U - Up (port-channel)
p - Up in delay-lacp mode (member)
M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
10 Po10(SU) Eth LACP Eth1/3(P) Eth1/4(P)
Code: Select all
N5K-2# show port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
b - BFD Session Wait
S - Switched R - Routed
U - Up (port-channel)
p - Up in delay-lacp mode (member)
M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
20 Po20(SU) Eth LACP Eth1/3(P) Eth1/4(P)
Configuration:
N7K-1:
Code: Select all
feature lacp
feature vpc
vlan 100
name LAN
vpc domain 30
role priority 10
peer-keepalive destination 10.0.20.2 source 10.0.10.2
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan 100
spanning-tree port type network
vpc peer-link
interface port-channel10
switchport mode trunk
vpc 10
interface port-channel20
switchport mode trunk
vpc 20
interface Ethernet1/1
switchport mode trunk
switchport trunk allowed vlan 100
channel-group 1 mode active
interface Ethernet1/2
switchport mode trunk
switchport trunk allowed vlan 100
channel-group 1 mode active
interface Ethernet1/3
switchport mode trunk
channel-group 10 mode active
interface Ethernet1/4
switchport mode trunk
channel-group 20 mode active
N7K-2:
Code: Select all
feature lacp
feature vpc
vlan 100
name LAN
vpc domain 30
role priority 20
peer-keepalive destination 10.0.10.2 source 10.0.20.2
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan 100
spanning-tree port type network
vpc peer-link
interface port-channel10
switchport mode trunk
vpc 10
interface port-channel20
switchport mode trunk
vpc 20
interface Ethernet1/1
switchport mode trunk
switchport trunk allowed vlan 100
channel-group 1 mode active
interface Ethernet1/2
switchport mode trunk
switchport trunk allowed vlan 100
channel-group 1 mode active
interface Ethernet1/3
switchport mode trunk
channel-group 10 mode active
interface Ethernet1/4
switchport mode trunk
channel-group 20 mode active
Re: Configure vPC in Eve with Nexus 9000v
Posted: Wed Aug 09, 2017 12:17 am
by ecze
Screen Shot 2017-08-09 at 02.14.52.png
Seems LACP not very compatible between nxos and other node type
So I did channel between IOL and Nexus in mode forced ( mode on )
This way works nicely....
E.
Re: Configure vPC in Eve with Nexus 9000v
Posted: Wed Aug 09, 2017 9:37 am
by kluuter
ecze wrote: ↑Wed Aug 09, 2017 12:17 am
So I did channel between IOL and Nexus in mode forced ( mode on )
Tried without using LACP but no succes, now I'm thinking about it that was IOSvL2 not IOU.
I'll give it a try with IOU, thanks for your reply!
Re: Configure vPC in Eve with Nexus 9000v
Posted: Wed Aug 09, 2017 3:55 pm
by stevenjwilliams83
Does this work with titanium 7.3 image of NX-OS or just the 9K image?
Re: Configure vPC in Eve with Nexus 9000v
Posted: Wed Aug 09, 2017 4:57 pm
by ecze
POC
LACP is not compliant -> using static port-channel + UDLD
VPCPOC.zip
Screen Shot 2017-08-09 at 18.57.05.png
Re: Configure vPC in Eve with Nexus 9000v
Posted: Thu Aug 10, 2017 12:45 pm
by stevenjwilliams83
I dont understand why vPC works with the 9k NXOS image but not the titanium image? Anyone have an idea?
Re: Configure vPC in Eve with Nexus 9000v
Posted: Thu Aug 10, 2017 4:41 pm
by vkukshal03
Please let me know which IOU image has been used ???
Thanks in advance.
Re: Configure vPC in Eve with Nexus 9000v
Posted: Thu Aug 10, 2017 5:49 pm
by vkukshal03
stevenjwilliams83 wrote: ↑Thu Aug 10, 2017 12:45 pm
I dont understand why vPC works with the 9k NXOS image but not the titanium image? Anyone have an idea?
It will not work as VPC require LACP feature to be enabled,,, you can enable vpc in Titanium image, but you cannot enable LACP there , hence NO VPC , hope it will answer you question.
Re: Configure vPC in Eve with Nexus 9000v
Posted: Thu Aug 10, 2017 7:09 pm
by ecze
vkukshal03 wrote: ↑Thu Aug 10, 2017 5:49 pm
stevenjwilliams83 wrote: ↑Thu Aug 10, 2017 12:45 pm
I dont understand why vPC works with the 9k NXOS image but not the titanium image? Anyone have an idea?
It will not work as VPC require LACP feature to be enabled,,, you can enable vpc in Titanium image, but you cannot enable LACP there , hence NO VPC , hope it will answer you question.
Well,
Using NXOS9K and IOL L2...
TITANIUM doesn't support Port-channel at all !!!
There is theory and there is the field......
VPC require port-channel and a symmetry of channel config between Nexus nodes....
LACP help because failure detection is provided by sort of keepalive packet sent by LACP members but it is not mandatory at all !!!
Yes Cisco guide use LACP in every example...
But here we have to be smart and build ourselves a way to detect link failure....
So VPC works with Static Port-Channels and for failure detection, using UDLD aggressive mode permit to shut ports on both ends.
That's the way I used to build a working VPC with NXOS9K and IOL L2
E.