vPC (Virtual Port Channel) is a Layer 2 technology used in Cisco Nexus Switch that enables the device to appear as a single logical device for the end host. It is an advanced version of VSS technology.
The Benefits of vPC are as follows
- Each peer device in the vPC domain runs its control plane unlike in the stacking and VSS technology where only the active/master device manages the control plane.
- If there is any problem in the control plane of one peer, it will not impact another peer.
vPC technology is supported since NX-OS 4.1.3. This feature is included in the base NX-OS software license.
Criteria for vPC
- Peers must be of the same model.
- Peers must have the same module/line cards.
- vPC – It is a port-channel between the vPC peers and downstream devices.
- vPC peer device – The device which is involved in vPC is called the vPC peer device.
- vPC member port – The ports which are members of the port-channel towards the downstream.
- vPC peer-link – It is used to synchronize the state between vPC peer devices such arp, mac-address-table, etc through CFS (Cisco Fabric Services). Peer-link must be of 10-gigabit links. vPC peer-link is a trunk port carrying vPC VLAN.
- vPC keep-alive – Link between vPC peer device which is used as a heartbeat. If the link is reachable vPC will work fine.
- vPC Vlan – Vlan which is available on the peer devices and allowed on the peer-link.
- Orphan port – When an end device is connected to one of the peer devices on a port that belongs to a VLAN which exists on both the peer and allowed on the peer-link is called orphan port.
What is CFS (Cisco Fabric Services)?
It is a protocol that is running in the background between the peer device over the peer link. It performs the following functions.
- Configuration validation and comparison (consistency check). It checks the configuration between both peer devices must be identical. For example, if one peer device is running RSTP and other MST. CFS will get to know and vPC will not work.
- It is responsible for the synchronization of mac addresses for vPC member ports.
vPC configuration steps
- Enable vPC feature.
- Configure the domain-id.
- Establish the peer keep-alive link.
- Establish the vPC peer-link.
- Configure the vPC member ports.
Enable vPC feature
Establish peer keep-alive link
Verify vPC peer-keepalive
Establish vPC peer-link
We need to enable the lacp feature before configuring port-channel
Now create vPC towards the downstream device
Nexus_9K-1# show vPC
Nexus_9K-1# show vPC role
Election criteria for Primary vPC role
- Lower system priority will be preferred first which is 32667 by default.
- If system priority is the same, then lower system mac will become primary.
In the next blog, we will discuss vPC loop avoidance, consistency check, and HSRP behavior in vPC. For more information on vPC, you can visit this link.
Zindagi Technologies is an IT consulting company having engineers with decades of experience in planning, designing, and implementing Data Centers along with Managed IT Services, cybersecurity, cloud services. If you want to secure your network, we are just a call away, drop us a WhatsApp on +919773973971. We can transform your business and can save your organization from all types of cyber attacks as we are the top managed IT services company in Delhi. Get in touch with us or drop us a mail and we can discuss how we can save your data from getting hacked.