Zum Inhalt wechseln


Foto

nexus 5010 vpc


  • Bitte melde dich an um zu Antworten
3 Antworten in diesem Thema

#1 jussi

jussi

    Junior Member

  • 121 Beiträge

 

Geschrieben 18. März 2015 - 13:55

hallo,

 

ich habe grosse fragezeichen beim virtual port channel über zwei  nx 5010 chassis hinweg zu einer core komponente (cisco 6509).

 

 

cisco 6509 ---- NX5010 

|                       |

|                       |

NX5010---------|

 

 

die nexus geräte dienen als access switche für verschiedene server racks. in meiner zielsezung sollten sich die beiden 

chassis durch den vpc in verbindung mit dem crosslink wie ein switch verhalten, machen sie aber nicht, es ist als ob vpc gar nicht wirkt und der core schlicht immer einen der beiden nx peers down hält. wofür habe ich dann vpc, das hätte spaning tree doch auch erledigt, oder?

 

konfig und debug auszüge unten

 

 

c6509,  Version 12.2(17r)SX5

---------------------------------------------------------------------------

---------------------------------------------------------------------------

---------------------------------------------------------------------------

 

[...]

 

 

interface Port-channel1
 description UPLINK to nexus 10G A+B
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 22
 switchport trunk allowed vlan 11,22
 switchport mode trunk
 switchport nonegotiate
 
[...]

 

interface TenGigabitEthernet7/1
 description UPLINK nexus 10G-A
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 22
 switchport trunk allowed vlan 11,22
 switchport mode trunk
 switchport nonegotiate
 channel-group 1 mode active
 

[....]

 

interface TenGigabitEthernet8/1
 description UPLINK nexus 10G-B
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 22
 switchport trunk allowed vlan 11,22
 switchport mode trunk
 switchport nonegotiate
 channel-group 1 mode active
 

-----------------------------------------

sieht dann so aus:

 

 

show etherchannel summary :
 
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      N - not in use, no aggregation
        f - failed to allocate aggregator
 
        M - not in use, no aggregation due to minimum links not met
        m - not in use, port not aggregated due to minimum links not met
        u - unsuitable for bundling
        d - default port
 
        w - waiting to be aggregated
Number of channel-groups in use: 4
Number of aggregators:           4
 
Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         LACP      Te7/1(P)       Te8/1(P)       
[...]

 

 

------

show etherchannel port-channel:

 

sh etherchannel port-channel 
Channel-group listing: 
-----------------------
 
Group: 1 
----------
Port-channels in the group: 
----------------------
 
Port-channel: Po1    (Primary Aggregator)
 
------------
 
Age of the Port-channel   = 295d:01h:01m:29s
Logical slot/port   = 14/1          Number of ports = 2
HotStandBy port = null 
Port state          = Port-channel Ag-Inuse 
Protocol            =   LACP
Fast-switchover     = disabled
Load share deferral = disabled   
 
Ports in the Port-channel: 
 
Index   Load      Port          EC state       No of bits
------+------+------------+------------------+-----------
 1      55          Te7/1             Active   4
 0      AA          Te8/1             Active   4
 
 
------------
 
 

 

2x  nexus 5010, Version 4.2(1)N1(1)

---------------------------------------

 

nexus A: 

--------------------------------------------------------------------------

-------------------------------------------------------------------------

-------------------------------------------------------------------------

 

[...]

 

vrf context management
  ip route 0.0.0.0/0 <gw IP>
vlan 1,11
vlan 22
  name server-vlan
vpc domain 1
  peer-keepalive destination <IP Nexus B> source <management ip Nexus A>
 

 

interface port-channel100
  description uplink to core
  switchport mode trunk
  vpc 100
  switchport trunk native vlan 22
  switchport trunk allowed vlan 1,11,22
  spanning-tree port type edge trunk
 
interface port-channel4096
  description port channel crosslink
  switchport mode trunk
  vpc peer-link
  spanning-tree port type network
 
[...]
 
interface Ethernet1/19
  description crosslink to nexus 10G-B
  switchport mode trunk
  spanning-tree port type network
  channel-group 4096 mode active
 
interface Ethernet1/20
  description uplink core
  switchport mode trunk
  switchport trunk native vlan 22
  switchport trunk allowed vlan 1,11,22
  channel-group 100 mode active
 
[...]
 
interface mgmt0
  ip address <ip nx A>
 
 
--------

show port-channel summary:

 

 

Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
--------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
--------------------------------------------------------------------------------

 

 100   Po100(SU)   Eth      LACP      Eth1/20(P)   
4096  Po4096(SU)  Eth     LACP      Eth1/19(P)   
 

---

show vpc brief:

 

[...]

 

vPC domain id                   : 1   
Peer status                     : peer adjacency formed ok      
vPC keep-alive status           : peer is alive                 
Configuration consistency status: success 
vPC role                        : secondary                     
Number of vPCs configured       : 2   
Peer Gateway                    : Disabled
Dual-active excluded VLANs      : -
 

 

vPC Peer-link status

---------------------------------------------------------------------
id   Port   Status Active vlans    
--   ----   ------ --------------------------------------------------
1    Po4096 up     1,22                                                     
 
vPC status
----------------------------------------------------------------------------
id     Port        Status Consistency Reason                     Active vlans
------ ----------- ------ ----------- -------------------------- -----------      
100    Po100       up     success     success                    1,22      

 

 

nexus B:

-------------------------------------------------

-------------------------------------------------

-------------------------------------------------

 

config genau wie A ausser natürlich umgekehrte ips

 

[...]

vpc domain 1
  peer-keepalive destination <IP Nexus A> source <management ip Nexus B>
 
[...]
 
interface mgmt0
  ip address <ip nx A>
 
[...]
 
 
ergibt dann:
 
show port-channel summary
 
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
--------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
--------------------------------------------------------------------------------
100   Po100(SU)   Eth      LACP      Eth1/20(P)   
4096  Po4096(SU)  Eth      LACP      Eth1/19(P)   
 
 
--------
show vpc brief:
 
vPC domain id                   : 1   
Peer status                     : peer adjacency formed ok      
vPC keep-alive status           : peer is alive                 
Configuration consistency status: success 
vPC role                        : primary                       
Number of vPCs configured       : 2   
Peer Gateway                    : Disabled
Dual-active excluded VLANs      : -
 
vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans    
--   ----   ------ --------------------------------------------------
1    Po4096 up     1,22                                                     
 
vPC status
----------------------------------------------------------------------------
id     Port        Status Consistency Reason                     Active vlans
------ ----------- ------ ----------- -------------------------- -----------
100    Po100       up     success     success                    1,22   
 


#2 Otaku19

Otaku19

    Expert Member

  • 1.948 Beiträge

 

Geschrieben 20. März 2015 - 11:20

passt doch eh,sehe keinen Fehler


Done: 640-801; 640-553; 642-524; 642-515; 642-892; 642-832; 642-504; 640-863; 642-627; 642-874; 642-785; ITIL v3 Foundation
Enterasys Systems Engineer; CompTIA Sec+; CompTIA Mobility+; CISSP; CISSP-ISSAP; Barracuda NGSE/NGSX; CISM


#3 jussi

jussi

    Junior Member

  • 121 Beiträge

 

Geschrieben 23. März 2015 - 16:25

Hallo Otaku,

 

danke für deine enschätzung. ich sehe auch keinen fehler, aber die beiden nexus switche verhalten sich imho jetzt wie zwei einzelne switche, von denen jeweils einer nicht zum core verbunden ist. ist das der "best practise" zustand?

 

aufgefallen ist es weil in den angeschlossenen esxen die eths fälschlicherweise auf "status prüfung" standen. dann können dort hin migrierte gäste nur zufällig mit dem netz kommunizieren oder eben nicht kommunizieren. je nachdem über welche eth die pakete rausgeschickt werden, da der esx beide karten benutzt. erst wenn auf "signalprüfung" umgestellt wird und der esx auf layer 3 am gw testet, verhalten sich alle gäste konsistent, da dann sämtliche pakete über den jeweils aktiven weg zum core fließen.



#4 blackbox

blackbox

    Board Veteran

  • 1.078 Beiträge

 

Geschrieben 24. März 2015 - 19:14

Hi,

 

wie hast du die Wege vom ESX zum Nexus konfiguriert?


Done: CCNP ; CCDP ; CCNA Video - Voice - Security - Wireless ; HP Master ASE Network 2011 ; ASE Blade V8 ; ASE Proliant V8;