Cisco Cisco 1700 2600 3600 3700 Series VPN Module Livre blanc
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 42 of 55
Upon the detection of VSL going down on Switch 2, the switch will immediately transmit a PAgP message on all
port channels enabled for Enhanced PAgP dual-active detection, with a Type-Length-Value (TLV) containing its
own Active ID = 2. When the access switch receives this PAgP message on any member of the port channel, it
detects that it has received a new active ID value, and considers such a change as an indication that it should
consider Switch 2 to be the new active virtual switch. In turn, the access switch modifies its local active ID value to
Active ID = 2, and immediately sends a message to both virtual switches on all members of the port channel with
the new Active ID = 2 to indicate that it now considers Switch 2 to be the active virtual switch.
Form this point onward, the access switch sends TLVs containing Active ID = 2 to the virtual switches in all its
regularly scheduled PAgP messages.
Use the following commands to configure the Cisco Virtual Switching System to take advantage of dual-active
detection using Enhanced PAgP:
vss#conf t
Enter configuration commands, one per line. End with CNTL/Z.
vss(config)#switch virtual domain 10
vss(config-vs-domain)#dual-active detection pagp
vss(config-vs-domain)#dual-active trust channel-group 20
vss(config-vs-domain)#
To verify the configuration and help ensure that Enhanced PAgP is compatible with its neighbors, issue the
following command:
vss#sh switch virtual dual-active pagp
PAgP dual-active detection enabled: Yes
PAgP dual-active version: 1.1
Channel group 10 dual-active detect capability w/nbrs
Dual-Active trusted group: No
Dual-Active Partner Partner Partner
Port Detect Capable Name Port Version
Gi1/8/1 No SAL0802SHG 5/2 N/A
Gi2/8/1 No SAL0802SHG 5/1 N/A
Channel group 20 dual-active detect capability w/nbrs
Dual-Active trusted group: Yes
Dual-Active Partner Partner Partner
Port Detect Capable Name Port Version
Te1/1/1 Yes vs-access-2 Te5/1 1.1
Te2/1/1 Yes vs-access-2 Te5/2 1.1
Layer 3 BFD
If no Enhanced PAgP neighbors are available to assist in dual-active detection, another method is required to
perform this function. Use of a dedicated Layer 3 direct link heartbeat mechanism between the virtual switches is
an inexpensive way to determine whether or not a dual-active scenario has occurred (Figure 27).