Руководство По Проектированию для Cisco Cisco Nexus 5010 Switch
Design Guide
© 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 21 of 28
You can also script this as follows:
7k-1(config)# cli alias name vpcpreempt conf t ; vpc domain <domain-id> ;
role priority 32767 ; int <peer-link> ; shut ; no sh *
vPC Peer Link
A PortChannel connects agg1 with agg2 and carries all access VLANs (defined by the user). This link also carries
additional traffic that the user does not need to define, more specifically BPDUs and HSRP hellos, and MAC address
synchronization between the vPC peers. This link is called peer link.
additional traffic that the user does not need to define, more specifically BPDUs and HSRP hellos, and MAC address
synchronization between the vPC peers. This link is called peer link.
On the Cisco Nexus 7000 Series, this PortChannel should be configured on dedicated-mode 10 Gigabit Ethernet
interfaces across two different 10 Gigabit Ethernet line cards.
interfaces across two different 10 Gigabit Ethernet line cards.
This is by far the most important component in the vPC system, in that its failure, while not disruptive to existing vPC
flows, may impair the establishment of new flows and isolate orphan ports. Configuring the peer link in a redundant
fashion ensures virtually uninterrupted connectivity between the vPC peers. The following configuration illustrates
how to configure the peer-link, which in this case is PortChannel 10.
flows, may impair the establishment of new flows and isolate orphan ports. Configuring the peer link in a redundant
fashion ensures virtually uninterrupted connectivity between the vPC peers. The following configuration illustrates
how to configure the peer-link, which in this case is PortChannel 10.
agg(config)# interface port-channel10
agg(config-if)# vpc peer-link
agg(config-if)# switchport trunk allowed vLAN <all access vLANs>
vPC VLANs and non-vPC VLANs
The PortChannel connecting the vPC peers should carry all the VLANs used by the vPC member ports.
It’s also possible to carry the VLAN used by orphaned ports on this same link with the same caveat as a regular non-
vPC topology, which is, that upon losing the peer-link, communication between orphaned ports is interrupted (split
subnet). If you want to avoid this problem you should make sure that servers are dual connected with a PortChannel
to vPC ports.
vPC topology, which is, that upon losing the peer-link, communication between orphaned ports is interrupted (split
subnet). If you want to avoid this problem you should make sure that servers are dual connected with a PortChannel
to vPC ports.
Alternatively, if you want to decouple vPC and non-vPC failure scenarios, you can use different VLANs for vPC-
connected devices and single-port attached devices (orphaned ports), and put the non-vPC VLANs and the peer link
on different trunks.
connected devices and single-port attached devices (orphaned ports), and put the non-vPC VLANs and the peer link
on different trunks.
vPC Peer Keepalive
Finally, a dual-active detection configuration needs to be put in place. The keepalive that resolves dual-active
scenarios should never be carried as a VLAN on the peer link. Instead, it can be carried over a routed infrastructure,
and it doesn’t need to be a direct point-to-point link.
scenarios should never be carried as a VLAN on the peer link. Instead, it can be carried over a routed infrastructure,
and it doesn’t need to be a direct point-to-point link.
The following configuration illustrates the use of a dedicated Gigabit Ethernet interface for this purpose:
vrf context vpc-keepalive
interface Ethernet8/16
description tc-nexus7k02-vdc2 - vPC Heartbeat Link
vrf member vpc-keepalive
ip address 192.168.1.1/24
no shutdown
vpc domain 1
peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf vpc-keepalive