This lab will expand on the previous vPC configuration lab. I have made a few configuration changes since that lab. HSRP, vPC priority and the STP root is Nexus1.
vPC Priority
This isn’t like HSRP where it can be set to a higher priority than the default 100 and then that device will always be the HSRP active gateway.
The priority on the vPC only applies to when you use the preempt command. The preempt command should only be used during maintenance windows.
The preempt command will warn you of using “peer-switch” configuration before you run the command.
|
0 1 2 3 4 5 |
vpc domain 1 role priority 100 peer-keepalive destination 172.16.10.2 source 172.16.10.1 vrf keepalive peer-gateway |
HSRP
The HSRP configuration has been applied to both mcast_Nexus1 and 2 switches.
Failover has been tested and working. HSRP is using Nexus1 as the active with a priority of 110 and Nexus2 a default priority value of 100. Preemption is also configured for 10 seconds.
|
0 1 2 3 4 5 6 7 8 9 10 11 |
interface Vlan20 no shutdown no ip redirects ip address 172.16.2.2/24 no ipv6 redirects hsrp version 2 hsrp 2 preempt delay minimum 10 priority 110 ip 172.16.2.1 |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
mcast_nexus1# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 110 (Cfged 110), may preempt Forwarding threshold(for vPC), lower: 0 upper: 110 Preemption Delay (Seconds) Minimum:10 Hellotime 3 sec, holdtime 10 sec Next hello sent in 1.900000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is 172.16.2.3 , priority 100 expires in 7.660000 sec(s) Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 27 state changes, last state change 00:01:09 IP redundancy name is hsrp-Vlan20-2 (default) mcast_nexus2# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Standby, priority 100 (Cfged 100) Forwarding threshold(for vPC), lower: 0 upper: 100 Hellotime 3 sec, holdtime 10 sec Next hello sent in 2.655000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is 172.16.2.2, priority 110 expires in 9.421000 sec(s) Standby router is local Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 3 state changes, last state change 00:01:41 IP redundancy name is hsrp-Vlan20-2 (default) |
STP
mcast_Nexus1 is the root primary for all VLANs and mcast_Nexus2 is the root secondary for all VLANs.
|
0 1 2 3 4 |
mcast_nexus1(config)# spanning-tree vlan 1-3967 root primary !!! mcast_nexus2(config)# spanning-tree vlan 1-3967 root secondary |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
mcast_nexus1# show spanning-tree summary Switch is in rapid-pvst mode Root bridge for: VLAN0001, VLAN0010, VLAN0020 L2 Gateway STP is disabled Port Type Default is disable Edge Port [PortFast] BPDU Guard Default is disabled Edge Port [PortFast] BPDU Filter Default is disabled Bridge Assurance is enabled Loopguard Default is disabled Pathcost method used is short STP-Lite is disabled Name Blocking Listening Learning Forwarding STP Active ---------------------- -------- --------- -------- ---------- ---------- VLAN0001 0 0 0 5 5 VLAN0010 0 0 0 1 1 VLAN0020 0 0 0 2 2 ---------------------- -------- --------- -------- ---------- ---------- 3 vlans 0 0 0 8 8 |
When Nexus1 is down, Nexus2 becomes the root, as show below.
|
0 1 2 3 4 5 6 7 8 |
mcast_nexus2# show spanning-tree root brief Root Hello Max Fwd Vlan Root ID Cost Time Age Dly Root Port ---------------- -------------------- ------- ----- --- --- ---------------- VLAN0001 28673 0cec.3131.ae07 0 2 20 15 This bridge is root VLAN0010 28682 0cec.3131.ae07 0 2 20 15 This bridge is root |
vPC Troubleshooting
The troubleshooting will specifically be for vPC failure scenarios.
- vPC Peer-Link Failure
- vPC Peer Keepalive Link Failure
- vPC Peer Switch Failure
- Dual Active or Split Brain
Pre Change Show Commands
- Nexus1 is HSRP active
- Nexus1 is vPC primary
- All links are up between all Nexus switches
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
mcast_nexus1# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 up 20 vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus1# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 110 (Cfged 110), may preempt Forwarding threshold(for vPC), lower: 0 upper: 110 Preemption Delay (Seconds) Minimum:10 Hellotime 3 sec, holdtime 10 sec Next hello sent in 1.900000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is 172.16.2.3 , priority 100 expires in 7.660000 sec(s) Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 27 state changes, last state change 00:01:09 IP redundancy name is hsrp-Vlan20-2 (default) mcast_nexus1# show spanning-tree root Root Hello Max Fwd Vlan Root ID Cost Time Age Dly Root Port ---------------- -------------------- ------- ----- --- --- ---------------- VLAN0001 24577 0cec.3100.cd07 0 2 20 15 This bridge is root VLAN0010 24586 0cec.3100.cd07 0 2 20 15 This bridge is root VLAN0020 24596 0cec.3100.cd07 0 2 20 15 This bridge is root |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
mcast_nexus2# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 up 20 vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus2# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Standby, priority 100 (Cfged 100) Forwarding threshold(for vPC), lower: 0 upper: 100 Hellotime 3 sec, holdtime 10 sec Next hello sent in 1.324000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is 172.16.2.2, priority 110 expires in 7.788000 sec(s) Standby router is local Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 3 state changes, last state change 00:03:15 IP redundancy name is hsrp-Vlan20-2 (default) mcast_nexus2# show spanning-tree root Root Hello Max Fwd Vlan Root ID Cost Time Age Dly Root Port ---------------- -------------------- ------- ----- --- --- ---------------- VLAN0001 24577 0cec.3100.cd07 8 2 20 15 Ethernet1/2 VLAN0010 24586 0cec.3100.cd07 4 2 20 15 Ethernet1/1 VLAN0020 24596 0cec.3100.cd07 3 2 20 15 port-channel20 |
vPC Peer-Link Failure
The peer-link failure will be performed with Nexus2 having the peer-link ports shutdown. Nexus1 will remain as the primary vPC switch, with all traffic being directed to Nexus1.
I have mcast_server to test the reachability of the gateway.
Nexus2 Eth1/5 and 1/6 ports are shutdown. These are the physical peer link ports.
|
0 1 2 3 4 |
mcast_nexus2(config-if)# int Eth1/5 - 6 mcast_nexus2(config-if-range)# shut mcast_nexus2(config-if-range)# |
Nexus1 is aware the links are down and as this has the active vPC role it stays as the; vPC active switch, HSRP active gateway and STP root. All the the active vPC switch keeps its ports up.
Nexus2 has a different story. As this switch was the secondary and as the keepalive link is still up Nexus2 knows that Nexus1 is still alive. Nexus2 disables all of its vPC member ports to stop loops or unwanted behaviour.
|
0 1 2 |
2022 Nov 14 23:58:01 mcast_nexus2 %$ VDC-1 %$ %VPC-2-VPC_SUSP_ALL_VPC: Peer-link going down, suspending all vPCs on secondary. If vfc is bound to vPC, then only ethernet vlans of that VPC shall be down. |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
mcast_nexus1# show vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer link is down vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 down - vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus1# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 110 (Cfged 110), may preempt Forwarding threshold(for vPC), lower: 0 upper: 110 Preemption Delay (Seconds) Minimum:10 Hellotime 3 sec, holdtime 10 sec Next hello sent in 1.812000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is unknown Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 32 state changes, last state change 00:04:44 IP redundancy name is hsrp-Vlan20-2 (default) mcast_nexus1# show spanning-tree root Root Hello Max Fwd Vlan Root ID Cost Time Age Dly Root Port ---------------- -------------------- ------- ----- --- --- ---------------- VLAN0001 24577 0cec.3100.cd07 0 2 20 15 This bridge is root VLAN0010 24586 0cec.3100.cd07 0 2 20 15 This bridge is root VLAN0020 24596 0cec.3100.cd07 0 2 20 15 This bridge is root |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
mcast_nexus2# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer link is down vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 down - vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 down failed Peer-link is down - mcast_nexus2# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Initial(Interface Down), priority 100 (Cfged 100) Forwarding threshold(for vPC), lower: 0 upper: 100 Hellotime 3 sec, holdtime 10 sec Virtual IP address is 172.16.2.1 (Cfged) Active router is unknown Standby router is unknown Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 15 state changes, last state change 00:03:17 IP redundancy name is hsrp-Vlan20-2 (default) mcast_nexus2# show spanning-tree root Root Hello Max Fwd Vlan Root ID Cost Time Age Dly Root Port ---------------- -------------------- ------- ----- --- --- ---------------- VLAN0001 24577 0cec.3100.cd07 8 2 20 15 Ethernet1/2 VLAN0010 24586 0cec.3100.cd07 4 2 20 15 Ethernet1/1 |
When the Ethernet ports are recovered the vPC roles of Nexus1 and Nexus2 have swapped.
Nexus1 is the secondary, and Nexus2 is the primary.
There are three ways to fix this, reload the secondary switch, shut/no shut the peer-links from the secondary switch or use the preempt command. This requires the use of the “peer-switch” command that makes both switches appear as a single switch for spanning tree.
The advantage of using peer-switch is that convergence increases for a vPC failure/recovery.
Peer-switch must be enabled on both peer switches and both switches must have the same spanning tree priority.
vPC Peer Keepalive Link Failure
If there is a failure with the keepalive link then the switches will continue to function as normal. The keepalive link is a secondary method of detecting failures with the health of the other switch in the vPC pair.
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
mcast_nexus1(config-if)# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is not reachable through peer-keepalive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 up 20 vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus1(config-if)# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 110 (Cfged 110), may preempt Forwarding threshold(for vPC), lower: 0 upper: 110 Preemption Delay (Seconds) Minimum:10 Hellotime 3 sec, holdtime 10 sec Next hello sent in 0.690000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is 172.16.2.3 , priority 100 expires in 9.680000 sec(s) Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 10 state changes, last state change 00:03:17 IP redundancy name is hsrp-Vlan20-2 (default) |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
mcast_nexus2(config-if)# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is not reachable through peer-keepalive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 up 20 vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus2(config-if)# sh hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Standby, priority 100 (Cfged 100) Forwarding threshold(for vPC), lower: 0 upper: 100 Hellotime 3 sec, holdtime 10 sec Next hello sent in 2.129000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is 172.16.2.2, priority 110 expires in 9.760000 sec(s) Standby router is local Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 15 state changes, last state change 00:04:07 IP redundancy name is hsrp-Vlan20-2 (default) |
vPC Peer Switch Failure
As the switch has failed, all of the traffic should be sent to the only switch that remains. In this scenario I have shutdown all the ports on Nexus1 which is the primary. All traffic is then directed via Nexus2 which becomes the new primary.
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
mcast_nexus2# 2022 Nov 15 01:31:48 mcast_nexus2 %$ VDC-1 %$ %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 1, VPC peer keep-alive receive has failed mcast_nexus2# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer link is down vPC keep-alive status : Suspended (Destination IP not reachable) Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary, operational primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 down - vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus2# sh hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 100 (Cfged 100) Forwarding threshold(for vPC), lower: 0 upper: 100 Hellotime 3 sec, holdtime 10 sec Next hello sent in 1.529000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is unknown Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 16 state changes, last state change 00:00:51 IP redundancy name is hsrp-Vlan20-2 (default) |
When bringing all the ports on Nexus1 back up, Nexus2 remains as the vPC primary. This is where either reload Nexus2 or run the preempt role command on Nexus1.
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
mcast_nexus1(config-if-range)# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : primary, operational secondary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 up 20 vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 |
Dual Active or Split Brain
This mode is unusual as it’s a failure of the keepalive link, followed by a failure of the peer-link.
I have managed to replicate this by having Nexus2 as the operational primary. Then shutting down the ports for keepalive, and peer-link. But waiting a few second between the two port types. I now have both Nexus switches in Dual Active mode.
|
0 1 2 3 4 5 |
mcast_nexus2(config)# int Eth1/1 mcast_nexus2(config-if)# shut mcast_nexus2(config-if)# int Eth1/5 - 6 mcast_nexus2(config-if)# shut |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
mcast_nexus1# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer link is down vPC keep-alive status : Suspended (Destination IP not reachable) Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 down - vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 mcast_nexus2(config-if-range)# sh vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer link is down vPC keep-alive status : Suspended (Destination IP not reachable) Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary, operational primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 30s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po20 down - vPC status ---------------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 10 Po10 up success success 20 |
Both routers are also the HSRP active router.
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
mcast_nexus1# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 110 (Cfged 110), may preempt Forwarding threshold(for vPC), lower: 0 upper: 110 Preemption Delay (Seconds) Minimum:10 Hellotime 3 sec, holdtime 10 sec Next hello sent in 0.173000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is unknown Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 12 state changes, last state change 00:08:03 IP redundancy name is hsrp-Vlan20-2 (default) mcast_nexus2(config-if-range)# show hsrp Vlan20 - Group 2 (HSRP-V2) (IPv4) Local state is Active, priority 100 (Cfged 100) Forwarding threshold(for vPC), lower: 0 upper: 100 Hellotime 3 sec, holdtime 10 sec Next hello sent in 0.685000 sec(s) Virtual IP address is 172.16.2.1 (Cfged) Active router is local Standby router is unknown Authentication text "cisco" Virtual mac address is 0000.0c9f.f002 (Default MAC) 19 state changes, last state change 00:04:22 IP redundancy name is hsrp-Vlan20-2 (default) |
There is no loss of ICMP traffic from my mcast_server PC. From the packet captures I see ICMP request/replies going up both links to Nexus1 and to Nexus2.
There is no problem with this simple gateway test, but this would cause other issues leaving the network.
Once the ports were brought back up between the switches the switches learnt who was taking on which role and the Dual Active scenario was resolved.