What are the Advance Concepts of vPC (Virtual Port Channel) in Nexus Switches
As we learned in the previous blog about the basic concept of vPC (Virtual Port Channel) and their terminology like the use of vPC, vPC peer-link, vPC peer-keepalive, and Deployments methods architecture wise.
In this blog, we learn advance concepts of background working of vPC and what are some best practices to configure the Role priority, Delay store, Peer-gateway, Peer-switch, etc.
- vPC Domain id
- vPC Role Priority/Role Selection
- vPC Delay Restore
- vPC Auto Recovery
- vPC Peer-Switch
- vPC Peer-Gateway
- vPC Orphan Ports
vPC Domain id
vPC (Virtual Port Channel) domain is used to make two different switches logically single switch. Both switches must be the same vPC domain id. This same domain number is responsible to make two switches logically single. A maximum number of only two nexus switches in a vPC and can configure between < 1-1000>.
N9K(conf-t)# vpc domain <1-1000>
vPC Role Priority/Role Selection
vPC Role Priority or Role selection depends on the configured Role priority or if Role priority is the default it uses some other criteria. vPC Role Priority is not preemptive, for example- if one Switch role is Primary and the other switch is in Secondary, suddenly Primary switch goes down automatically vPC secondary role will switchover as Primary operational. But what happened when again vPC primary switch again came back up. At that time vPC role will be the same and will not change, we need to manually change the role priority with taken downtime approvals, because of might be fluctuation happening at the time of role switch-over.
Range of Role Priority value between 1 to 65636 and by default value is 32667.
N9K(config-vpc-domain)# role priority <1-65636>
vPC Delay Restore
vPC Delay restores command is used to recover/prevent black-hole the routing traffic. Just imagine what will happen when the device reloads and came up, on that time all routing traffic will take a few times to re-converge and be ready to forward. This delay will allow to ready routing protocol before sending the traffic to vPC. It will gracefully restore the traffic, so will prevent packet loss.
By default vPC Delay restore time is 30 sec and can be configured between 1 to 3600 seconds.
N9K(config-vpc-domain)# delay restore <1-3600>
vPC Auto Recovery
vPC auto-recovery is mostly designed for failure recovery scenarios. Like if the peer-link will down and then if any peer device will also down, so this mechanism provides the failure recovery.
If both device peers are rebooted and only one device will come up with how to transfer the traffic, at that time traffic will be forwarded by the primary operational device.
N9K(config-vpc-domain)# auto-recovery
vPC Peer-Switch
So vPC Peer-switch command is used to make both peer switches mac (virtual) address the same. If the mac address is the same at that time both can send and handle the BPDU, meanwhile, priority should be the same on both switches.
If we did not use the peer switch feature, at that time BPDU was only controlled by the primary device.
N9K(config-vpc-domain)# peer-switch
vPC Peer-Gateway
vPC peer-gateway feature is used for peer device listen the SVI MAC (Media Access Control) of the other peer device. It is used to avoid the local traffic send on peer-link. This feature we can activate at any time without any impact. NAS (Network-Attached Storage) or Load-balancer are not performed on the default gateway for the ARP (Address Resolution Protocol) request. vPC peer-gateway allows to make vPC device active gateway and logically it uses the gateway combination* of virtual MAC + Local vpc switch MAC address + Peer switch MAC address.
N9K(config-vpc-domain)# peer-gateway
vPC Orphan Ports
vPC orphan port is the which ports are not the part of vPC, those port known as orphan ports. For example, if any servers have single connectivity with only Nexus-1 switch so we cannot configure the vPC on single end-host connectivity this port will be an orphan port. If any issue will occur on orphan ports connected nexus switch, it will fully impact that port connected end device and it can be isolated from the network.
From the configuration perspective, it is quite easy to configure but it is dependent on customer requirements, for more configuration details kindly refer to the link.
Now we know about vPC basic things and some advanced features too. vPC is the most required feature which is currently used by more than 90 % of the customers. Especially it is a DCN Nexus devices propriety feature. For more configuration and DC network implementation you can call us on +91 9773973971 or drop us an email.
Author
Brijesh Yadav
Network Consultant Engineer
Configuring vPC in nexus switch | Zindagi Technologies
May 18, 2023[…] vPC (Virtual Port Channel) is a Layer 2 technology used in Cisco Nexus Switch that enables the device to appear as a single logical device for the end host. It is an advanced version of VSS technology. […]