By default, when we create a vPC domain, it will automatically primary and secondary vPC device. Since I am one of those "don't leave anything automatically" engineers, it's usually a good idea to manually assign the priority value (lower is better). Default value is 32667.
Configuration:
NX-DC1# configure terminal
NX-DC1(config)# vpc domain 10
NX-DC1(config-vpc-domain)# role priority 3000
Also, bear in mind there is no role preemption in vPC. If the primary fails, secondary vPC takes over as primary even after primary vPC comes back up.
vPC peer-switch allows a pair of NX-OS device to be viewed as a single STP point.
This avoids STP problem if there's convergence between vPC devices. Remember to set the same spanning tree priority (for vPC VLANs only) in both NX-OS devices.
Configuration:
NX-DC1# configure terminal
NX-DC1(config)# vpc domain 10
NX-DC1(config-vpc-domain)# peer-switch
NX-DC1(config-vpc-domain)# spanning-tree vlan 1-200 priority value 4096
Spanning-tree pseudo-information is only required when we mix usual STP with vPC, I believe the cool term is hybrid peer switch topology.
Two sub commands inside: root priority and designated priority.
NX-DC1(config)#spanning-tree pseudo-information
NX-DC1(config-pseudo)#vlan 1-100 root priority 4096
Root priority is for the benefit of vPC-enabled devices. Cisco recommends this value to be lower than the 'normal' STP root priority value to avoid topology changes during failures of vPC.
The logic is, if peer-link becomes inactive due to whatever reason (eg: rebooted), other vPC peer would use it's own local MAC Address (default of STP behaviour) and participates in STP. If it's local MAC Address is better than the normal STP root bridge, STP will recalculate and all hell breaks loose.
The root priority (set with same value on both vPC peers) address this issue. It ensures vPC peers are using this value instead of using it's own local MAC Address.
NX-DC1(config)#spanning-tree pseudo-information
NX-DC1(config-pseudo)#vlan 99 designated priority 8192
NX-DC1(config-pseudo)#vlan 100 designated priority 12288
NX-DC2(config)#spanning-tree pseudo-information
NX-DC2(config-pseudo)#vlan 99 designated priority 12288
NX-DC2(config-pseudo)#vlan 100 designated priority 8192
Designated priority is for the benefit of non-vPC-enabled device, it's purpose is to do manual load balancing.
A very good explanatory documentation here:
Title: Nexus 7000 Peer-Switch Configuration (Hybrid Setup)
Title: Nexus 7000 Peer-Switch Configuration (Hybrid Setup)
http://www.cisco.com/c/en/us/support/docs/routers/7000-series-routers/116140-config-nexus-peer-00.html
No comments:
Post a Comment