Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
1
Helpful
8
Replies

Keep Up Interface to a device even when peer-link goes down on Nexus

rumak18
Level 1
Level 1

‎04-22-2024 06:45 AM

Hello,

i have a pc connected to VPC Peer Switch (vPC2) which has the secondary role. vPC2 builts a vPC with vPC1. 

How can i configure the port to always keep up the connection for this device, even when peer-link goes down (dragging out the cables).

In my test i coudl neither keep the connection with  "vpc orphan-port suspend" configured on the interface nor  without this interface configuration. 

It's about two Nexus 92348-GC. 

Labels:
0 Helpful
8 Replies 8

MHM Cisco World
VIP
VIP

‎04-22-2024 06:52 AM

I need to see the topolgy 

MHM

0 Helpful

rumak18
Level 1
Level 1

‎04-22-2024 11:48 PM

Attached you'll find my lab topology. It's just as simple as that. 

The aim is to not shut down the Server attached to the access port, even when the VPC -Peer-Link goes down.

And that did not work out for me, no matter how i configured this Access Port.

Preview file
40 KB

MHM Cisco World
VIP
VIP
In response to rumak18

‎04-23-2024 02:31 AM

First test with peer-link down only, the keepalive must be up

And use 

NO vpc orphan-port suspend

In secondary NSK

MHM

0 Helpful

rumak18
Level 1
Level 1

‎04-23-2024 05:08 AM - edited ‎04-23-2024 06:27 AM

By the way, this is the Interface configuration:
interface Ethernet1/14
description Test-Port
switchport access vlan 10
spanning-tree port type edge
spanning-tree bpduguard enable
service-policy type qos input POLICY-QOS-IN no-stats
no shutdown

 

Ok, here are my results for the interface on Secondary where i want to keep up the connection of a Server/Computer even when Peer-Link goes down (And Keep-Alive keeps up).

A) I've manually entered confiuration mode for the interface and added the line you mentioned.
SW-Secondary#conf t
SW-Secondary(config)# interf eth1/14
SW-Secondary(config-if)#no vpc orphan-port suspend
ERROR: Trying to delete configuration which is not present, for some interfaces

B) Now i've removed the cables from Peer-Link to simulate a disruption in Peer-Link connection
-> Result is that i've lost all connections and the connection did not come up after 10 minutes waiting.

So i'm still sitting here and thinking about how to onfigure an interface for a secondary switch interface that should no go down, when Peer-Link goes down.
Furthermore i've thought that "vpc orphan-port suspend" does exactly that to shutdown an interface when Peer-Link goes down. But obviously it's the default behaviour for interfaces.


C) The following are results on the "SW-Secondary" when Peer-Link is down:

SW-Secondary# sh vpc
Legend:
(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id : 1
Peer status : peer link is down
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : secondary
Number of vPCs configured : 1
Peer Gateway : Enabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled, timer is off.(timeout = 240s)
Delay-restore status : Timer is off.(timeout = 150s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Delay-restore Orphan-port status : Timer is off.(timeout = 0s)
Operational Layer3 Peer-router : Disabled
Virtual-peerlink mode : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ -------------------------------------------------
1 Po4096 down -


vPC status
----------------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
10 Po10 down failed Peer-link is down -

 


Please check "show vpc consistency-parameters vpc <vpc-num>" for the
consistency reason of down vpc and for type-2 consistency reasons for
any vpc.

 

Eth1/14 Admin-Port-Access connected 10 full 1000 10/100/1g

 

SW-Secondary# show ip interf br

IP Interface Status for VRF "default"(1)
Interface IP Address Interface Status
Vlan10 10.10.10.249 protocol-down/link-down/admin-up
Vlan115 192.168.115.249 protocol-down/link-down/admin-up

Interface eth 1/14 itself is declared as "connected".

0 Helpful

MHM Cisco World
VIP
VIP
In response to rumak18

‎04-23-2024 08:14 AM

the issue is two 
first the L2 port is down, this is as I mention before you can solve it with no vpc orphan-port suspend 
the other issue is you connect the orphan as I guess to secondary NSK, this vPC NSK by default show down the VLAN SVI of any vpc-vlan if the peer-link is down, 

that the issue you face, so it recommend always to connect orphan to primary not secondary NSK

MHM

Screenshot (342).pngScreenshot (343).pngScreenshot (344).pngScreenshot (345).png

0 Helpful

rumak18
Level 1
Level 1
In response to MHM Cisco World

‎04-23-2024 10:47 PM

Hey MHM,
thanks for your support. I appreciate.
But...
1. The L2 port ist not down. It is "connected" showing with "sh interface eth1/15 status" , even when Peer-Link goes down.
Furthermore when you look at my commands i've the "vpc orphan-port suspend" command right on the interface. And it did not solve it. Or do you mean that i have to use this command "globally"? If that's possible at all.
2. Yes, that was my suggestion too, that the L3 SVI is probably the reason why the port on Secondary vPC Member loses connection. I guess it is because of this. But i'm not sure.
3. Yes, i know that best practise is to connect orphan devices to primary. Nethertheless the question is, if it is possible to configure a port on a vpc secondary member to not go down, if peer-link goes down.
My answer so far is "No".

0 Helpful

MHM Cisco World
VIP
VIP
In response to rumak18

‎04-23-2024 11:13 PM

1. The L2 port ist not down. It is "connected" showing with "sh interface eth1/15 status" , even when Peer-Link goes down.
Furthermore when you look at my commands i've the "vpc orphan-port suspend" command right on the interface. And it did not solve it. Or do you mean that i have to use this command "globally"? If that's possible at all.

Answer:- this command per interface not globally' and In my lab I use no vpc orphan-port suspend' the port keep up but the vlan SVI is down that why I lost connect to server.
2. Yes, that was my suggestion too, that the L3 SVI is probably the reason why the port on Secondary vPC Member loses connection. I guess it is because of this. But i'm not sure.

Answer' mostly this is case here' you can check 

Show vpc role

Check if the NSK server connect to is secondary' 

And do show ip interface before and after peer-link down' you will see the vlan svi is down.

So friend answer for your third Q' I am with you the answer is NO' and I prefer connect it to primary or not use vpc vlan at all for this server (if you dont need that).

Furthermore I will check my note again for you maybe there is other solution or new features solve this issue.

Thanks for waiting 

MHM

0 Helpful

rumak18
Level 1
Level 1
In response to MHM Cisco World

‎04-23-2024 11:44 PM

Glad we agree. And glad that i'm not that dumb.

But...then the question arises in my head... what is the command "vpc orphan-port suspend" is for, if EVERY interface on the secondary is shut down by default, when Peer-Link gets disrupted. It does not matter on interfaces like this if the command is set or not. 

0 Helpful
Customers Also Viewed These Support Documents