Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7789
Views
21
Helpful
3
Replies

Nexus - vPC Consistency Issue

Go to solution
Stv_666
Level 1
Level 1

‎12-19-2017 03:18 AM - edited ‎03-08-2019 01:09 PM

Hi,

I have a strange issue that I'm not able to figure out by myself. I have 4 N3k, all the same models, all running the same software code 7.0(3)I4(7). First two I setup into vpc cluster in a blink of an eye without any issues. The other two, following the same steps, I'm not able to pair.

I have 2x10G ports connected back to back (as port-channel 2) inside vrf vpc as peer-keepalive and that works fine. Port-channel connected as Po1(RU).

 

interface port-channel2
  no switchport
  speed 10000
  vrf member vpc
  ip address 100.64.0.1/30

Then I have vpc domain coniguration as follow:

s-core-sdc-1# sh run vpc 

version 7.0(3)I4(7)
feature vpc

vpc domain 1
  peer-switch
  system-priority 100
  peer-keepalive destination 100.64.0.2 source 100.64.0.1 vrf vpc
  peer-gateway
  auto-recovery
  ip arp synchronize

s-core-sdc-2# sh run vpc 

version 7.0(3)I4(7)
feature vpc

vpc domain 1
  peer-switch
  system-priority 200
  peer-keepalive destination 100.64.0.1 source 100.64.0.2 vrf vpc
  peer-gateway
  auto-recovery
  ip arp synchronize

Next thing I have 2x40G ports connected back to back as L2 trunk (Port-channel 1) for vpc peer-link and this connection works perfectly fine ... untill I put vpc-peerlink command on it. Then I have error massage:

 

2017 Dec 19 10:34:44 s-core-sdc-2 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 1,10,42-44,50-51,997,999 on Interface port-channel1 are being suspended. (Reason: vPC peer is not reachable over cfs)
2017 Dec 19 10:34:45 s-core-sdc-2 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 1,10,42-44,50-51,997,999 on Interface port-channel1 are being suspended. (Reason: vPC domain/system id mismatch)

After that vpc is down and I can't do much about it ....

s-core-sdc-1# sh vpc consistency-parameters global 

    Legend:
        Type 1 : vPC will be suspended in case of mismatch

Name                        Type  Local Value            Peer Value             
-------------               ----  ---------------------- -----------------------
Vlan to Vn-segment Map      1     No Relevant Maps       No Relevant Maps      
STP Mode                    1     Rapid-PVST             Rapid-PVST            
STP Disabled                1     None                   None                  
STP MST Region Name         1     ""                     ""                    
STP MST Region Revision     1     0                      0                     
STP MST Region Instance to  1                                                  
 VLAN Mapping                                                                  
STP Loopguard               1     Disabled               Disabled              
STP Bridge Assurance        1     Enabled                Enabled               
STP Port Type, Edge         1     Normal, Disabled,      Normal, Disabled,     
BPDUFilter, Edge BPDUGuard        Disabled               Disabled              
STP MST Simulate PVST       1     Enabled                Enabled               
Nve Admin State, Src Admin  1     None                   None                  
 State, Secondary IP, Host                                                     
 Reach Mode                                                                    
Nve Vni Configuration       1     None                   None                  
VTP domain                  2     xxx.sdc                xxx.sdc         
VTP version                 2     2                      2                     
VTP mode                    2     Transparent            Transparent           
VTP password                2                                                  
VTP pruning status          2     Disabled               Disabled              
Allowed VLANs               -     1,10,42-44,50-51,997,9 -                     
                                  99                                           
Local suspended VLANs       -     1,10,42-44,50-51,997,9 -                     
                                  99                                           
s-core-sdc-1# sh vpc consistency-parameters vlans 

Name                        Type  Reason Code             Pass Vlans             
-------------               ----  ---------------------- -----------------------
Vlan to Vn-segment Map      1     success                0-4095                
STP Mode                    1     success                0-4095                
STP Disabled                1     success                0-4095                
STP MST Region Name         1     success                0-4095                
STP MST Region Revision     1     success                0-4095                
STP MST Region Instance to  1     success                0-4095                
 VLAN Mapping                                                                  
STP Loopguard               1     success                0-4095                
STP Bridge Assurance        1     success                0-4095                
STP Port Type, Edge         1     success                0-4095                
BPDUFilter, Edge BPDUGuard                                                     
STP MST Simulate PVST       1     success                0-4095                
Nve Admin State, Src Admin  1     success                0-4095                
 State, Secondary IP, Host                                                     
 Reach Mode                                                                    
Nve Vni Configuration       1     success                0-4095                
Pass Vlans                  -                            0-4095

 

 

Any ideas ???

 

2 people had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎12-19-2017 03:26 AM

Hello,

Going through your config, you appear to have confused system-priority with role-priority. The system-priority command is used to define the LACP priority advertised from vPC ports, and naturally has to be identical on both vPC peers to make them appear from outside as a single box.

You need to set the system-priority to an identical value on both switches (or remove it entirely from both). If you want to define which switch is going to be the vPC primary, use role-priority command on both switches; this command can be set to different value on each switch. Lower value wins.

Best regards,
Peter

View solution in original post

3 Replies 3

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎12-19-2017 03:26 AM

Hello,

Going through your config, you appear to have confused system-priority with role-priority. The system-priority command is used to define the LACP priority advertised from vPC ports, and naturally has to be identical on both vPC peers to make them appear from outside as a single box.

You need to set the system-priority to an identical value on both switches (or remove it entirely from both). If you want to define which switch is going to be the vPC primary, use role-priority command on both switches; this command can be set to different value on each switch. Lower value wins.

Best regards,
Peter

Go to solution
Stv_666
Level 1
Level 1
In response to Peter Paluch

‎12-19-2017 03:33 AM

That was it ... Thanks man !
0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Stv_666

‎12-19-2017 04:09 AM

Hey,

Very much welcome! :)

Best regards,
Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card