08-25-2015 05:51 AM - edited 03-08-2019 01:30 AM
Hello network specialists!
I am having troubles with my n5k setup.
I have two N5K's, in VPC config.
HSRP Hello packets are not being forwarded on the VPC-peer link. So both devices are in HSRP active state.
I see (debug) that packets are being sent out the L3 vlan interfaces of both devices.
They are however not received by the neighboring device.
VLANs are active and in FWD state on peer-link.
NOTE: I have no L3 card! (Is this a problem?)
TEST1# sh module
Mod Ports Module-Type Model Status
--- ----- --------------------------------- ---------------------- ------------
1 32 O2 32X10GE/Modular Universal Plat N5K-C5548UP-SUP active *
3 0 O2 Non L3 Daughter Card N55-DL2 ok
Any ideas why this wouldn't work? VRRP same problem.
Version SW = 5.2(1)N1(7)
No licenses.
##################
Nexus A:
##################
no feature telnet
feature vrrp
feature tacacs+
cfs ipv4 distribute
cfs eth distribute
feature udld
feature interface-vlan
feature hsrp
feature lacp
feature dhcp
feature vpc
feature lldp
feature vtp
!
vpc domain 1
peer-keepalive destination 10.10.10.2 source 10.10.10.1
peer-config-check-bypass
peer-gateway
!
interface Vlan2001
no shutdown
description TEST
no ip redirects
ip address 10.10.20.2/22
hsrp version 2
hsrp 2001
preempt
priority 90
ip 10.10.20.1
!
interface port-channel4096
description to_neighbor_5548
switchport mode trunk
switchport trunk native vlan 2
spanning-tree port type network
speed 10000
vpc peer-link
!
## show cmds ##
TEST1# show vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 1
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Enabled
Peer gateway excluded VLANs : -
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po4096 up 1,75,2000-2012,2200-2202
vPC status
----------------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
------ ----------- ------ ----------- -------------------------- -----------
1 Po1 up success success 75,2000-200
3,2006-2007
,2010-2012,
2200,2202
2 Po2 up success success 75,2004-200
5,2008-2009
,2201
TEST1# show hsrp summary
HSRP Summary:
Extended-hold (NSF) disabled
Global HSRP-BFD disabled
Total Groups: 15
Version:: V1-IPV4: 0 V2-IPV4: 15 V2-IPV6: 0
State:: Active: 15 Standby: 0 Listen: 0
State:: V6-Active: 0 V6-Standby: 0 V6-Listen: 0
Total HSRP Enabled interfaces: 15
Total Packets:
Tx - Pass: 5730 Fail: 0
Rx - Good: 0
Packet for unknown groups: 0
Total MTS: Rx: 9
!
TEST1# show hsrp group 2001 brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active addr Standby addr Group addr
Vlan2001 2001 90 P Active local unknown 10.10.20.1
(conf)
##################
Nexus B:
##################
no feature telnet
feature vrrp
feature tacacs+
cfs ipv4 distribute
cfs eth distribute
feature udld
feature interface-vlan
feature hsrp
feature lacp
feature dhcp
feature vpc
feature lldp
feature vtp
!
vpc domain 1
peer-keepalive destination 10.10.10.1 source 10.10.10.2
peer-config-check-bypass
peer-gateway
!
interface Vlan2001
no shutdown
description TEST
no ip redirects
ip address 10.10.20.3/22
hsrp version 2
hsrp 2001
preempt
priority 80
ip 10.10.20.1
!
interface port-channel4096
description to_neighbor_5548
switchport mode trunk
switchport trunk native vlan 2
spanning-tree port type network
speed 10000
vpc peer-link
!
## show cmds ##
TEST2# show vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 1
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : secondary
Number of vPCs configured : 2
Peer Gateway : Enabled
Peer gateway excluded VLANs : -
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po4096 up 1,75,2000-2012,2200-2202
vPC status
----------------------------------------------------------------------------
id Port Status Consistency Reason Active vlans
------ ----------- ------ ----------- -------------------------- -----------
1 Po1 up success success 75,2000-200
3,2006-2007
,2010-2012,
2200,2202
2 Po2 up success success 75,2004-200
5,2008-2009
,2201
!
TEST2# show hsrp summary
HSRP Summary:
Extended-hold (NSF) disabled
Global HSRP-BFD disabled
Total Groups: 15
Version:: V1-IPV4: 0 V2-IPV4: 15 V2-IPV6: 0
State:: Active: 15 Standby: 0 Listen: 0
State:: V6-Active: 0 V6-Standby: 0 V6-Listen: 0
Total HSRP Enabled interfaces: 15
Total Packets:
Tx - Pass: 19125 Fail: 0
Rx - Good: 0
Packet for unknown groups: 0
Total MTS: Rx: 174
!
TEST2# show hsrp group 2001 brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active addr Standby addr Group addr
Vlan2001 2001 80 P Active local unknown 10.10.20.1
(conf)
Solved! Go to Solution.
08-25-2015 08:23 AM
Hi,
To do layer-3 with HSRP, you need the daughter card with proper license (N55-BAS1K9).
http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/data_sheet_c78-618603.html
HTH
08-25-2015 08:23 AM
Hi,
To do layer-3 with HSRP, you need the daughter card with proper license (N55-BAS1K9).
http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/data_sheet_c78-618603.html
HTH
08-26-2015 07:14 AM
Hi Reza,
Thank you very much for your support!
I'm gonna look for a daughter card and a license.
Your answer is confirmed with the link below:
By the way, I think it's strange that HSRP can be configured, and even a debug output shows hello packets being sent, without a single warning of the Nexus about a license.
Thanks for your help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide