Configure vPC Connection

Within the datacenter environment, there is a useful technology concerning device uplinks. The goal is around redundancy. Normally, with a port-channel connection, you would be protected if a single cable or interface would stop working. When you configure vPC connections, you are protected if the uplinking switch stops functioning. The way this works is pretty simple to understand. The port-channel is standard on the host device, nothing special. The difference is that instead of the links being bundled to a single remote device, they are split between two devices without the host knowing the difference:

VPC diagram from the Nexus best practice design guide: https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

The advantage here is that you can span the remote end of a port-channel connection across multiple Cisco Nexus switches. Therefore, if one of these switches went offline, the host device would continue to function as expected with little to no impact, minus the lost bandwidth simply due to cabling. With this configuration, the Nexus platform creates a single logical switch for the host device to connect to as seen in the diagram above.

Configuration

So how do we configure this? There are a few steps before actually creating the port-channels. We need to configure both switches to begin talking as peer switches. This includes configuring the following:

  • Configure vPC Domain
  • Configure keepalive and associated VRF
  • Configure vPC Peer-link

First we need to configure the vPC domain. In this case, you specify the domain number and the keepalive configuration.

ip vrf VPC_KEEPALIVE
!
vpc domain 1
  peer-keepalive destination 1.1.1.1 source 1.1.1.2 vrf VPC_KEEPALIVE

You can see that I specified the IP addresses 1.1.1.1 and 1.1.1.2 here for the vPC keepalive. You need to create an interface on each switch and connected them together. This will simply be used for the heartbeat for each peer to detect each other.

interface Ethernet2/1
  description cPC Keepalive
  vrf member VPC_KEEPALIVE
  ip address 1.1.1.1/30
  no shutdown

So now we need to create our vPC peer-link. This will be used to pass traffic between peer switches in the event one of the port-channel links goes down. This is usually a simple trunk link with an additional command. Cisco’s recommended best practice is to use multiple links of at least 10Gb. Configuration would look like this:

interface port-channel1
  description Peer-Link
  switchport
  switchport mode trunk
  spanning-tree port type network
  vpc peer-link
!
interface Ethernet1/1
  description Peer-Link
  switchport
  switchport mode trunk
  channel-group 1 mode active
  no shutdown
!
interface Ethernet3/1
  description Peer-Link
  switchport
  switchport mode trunk
  channel-group 1 mode active
  no shutdown

So now our peer-link is configured as well, using multiple 10Gb interfaces on my Nexus devices. The only thing we would need to do now is configure the actual vPC connection. First you need to determine if you are using LACP, PAGP, etc. On the main, host device, create the port-channel as you normally would. Then you split the connections between the Nexus devices. You need to create the port-channel on each Nexus devices and add the vpc command to configure:

interface port-channel 2
switchport
switchport mode trunk
vpc 2
!
interface ethernet2/48
switchport
switchport mode trunk
channel-group 2 mode active

You want to create the same interface and port-channel configuration on both Nexus devices. The port-channel can change numbers, but the thing that needs to match is the vpc number. As long as that is the same, you are alright.

To make sure everything is functioning correctly, I can do a “show vpc” command to see the current status. It should look mostly like this, showing the peer connection is established:

Nexus-Lab# show vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link
 
vPC domain id                     : 1
Peer status                       : peer adjacency formed ok
vPC keep-alive status             : peer is alive
Configuration consistency status  : success
Per-vlan consistency status       : success
Type-2 consistency status         : success
vPC role                          : primary
Number of vPCs configured         : 2
Peer Gateway                      : Enabled
Peer gateway excluded VLANs       : -
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              : Enabled (timeout = 240 seconds)
 
vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po1    up     1-5
...

This is the absolute basic way to configure vPC connections. There are definitely things you can configure to optimize and customize your vPC environment, but that will be discussed in another post.

As always, post any questions below!

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail
Kevin

Kevin

Cisco CCNP, Senior Network Engineer in the Healthcare Industry. Currently working on my CCIE R&S which is the focus of most of my latest blog posts. #NFD15 Delegate.

Leave a Reply

Your email address will not be published. Required fields are marked *