NETWORK ENGINEER BLOG

Tips and Reviews for Engineers

Cisco Nexus 5000 virtual PortChannel(vPC)設定例

Virtual Port Channels(vPC)機能概要
  • 1つのデバイスが2つの上位スイッチに渡って1つのポートチャネルを使用。
  • STP でブロックされるポートを排除。
  • 全てのアップリンクの帯域を使用可能。
  • デュアルホームサーバーはアクティブ-アクティブモードで動作可能。
  • リンク/デバイスの障害時には速い収束を提供。

出典:Cisco Systems, Inc

f:id:FriendsNow:20121004191137p:plain:w380

基本設定

使用する機能は、feature コマンドで有効にする必要があります。

N5K-1# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
switch(config)# hostname N5K-1
N5K-1(config)# clock timezone JST 9 0
N5K-1(config)# interface mgmt 0
N5K-1(config-if)# ip add 1.1.1.1 255.255.255.0
N5K-1(config-if)# no shutdown
N5K-1(config-if)# exit

N5K-1(config)# feature lacp
N5K-1(config)# feature vpc
N5K-1(config)# end

N5K-2# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
switch(config)# hostname N5K-2
N5K-2(config)# clock timezone JST 9 0
N5K-2(config)# interface mgmt 0
N5K-2(config-if)# ip address 1.1.1.2 255.255.255.0
N5K-2(config-if)# no shutdown
N5K-2(config-if)# exit

N5K-2(config)# feature lacp
N5K-2(config)# feature vpc
N5K-2(config)# end
vPC Peer-Link & Peer-Keepalive Link 設定
  • domain 番号は、vpc pair で一致させます。
  • role priority は小さい方が優先されます。(Preempt は未サポート)
  • peer-link の設定は、PortChannel Interface で設定します。
N5K-1# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
N5K-1(config)# vpc domain 1
N5K-1(config-vpc-domain)# role priority 100
N5K-1(config-vpc-domain)# peer-keepalive destination 1.1.1.2 source 1.1.1.1 vrf management
N5K-1(config-vpc-domain)# peer-gateway
N5K-1(config-vpc-domain)# exit

N5K-1(config)# interface port-channel 1
N5K-1(config-if)# switchport mode trunk
N5K-1(config-if)# vpc peer-link
N5K-1(config-if)# spanning-tree port type network
N5K-1(config-if)# exit

N5K-1(config)# interface ethernet 1/31
N5K-1(config-if)# switchport mode trunk
N5K-1(config-if)# channel-group 1 mode active
N5K-1(config-if)# exit

N5K-1(config)# interface ethernet 1/32
N5K-1(config-if)# switchport mode trunk
N5K-1(config-if)# channel-group 1 mode active
N5K-1(config-if)# end
N5K-2# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
N5K-2(config)# vpc domain 1
N5K-2(config-vpc-domain)# role priority 110
N5K-2(config-vpc-domain)# peer-keepalive destination 1.1.1.1 source 1.1.1.2 vrf management
N5K-2(config-vpc-domain)# peer-gateway
N5K-2(config-vpc-domain)# exit

N5K-2(config)# interface port-channel 1
N5K-2(config-if)# switchport mode trunk
N5K-2(config-if)# vpc peer-link
N5K-2(config-if)# spanning-tree port type network
N5K-2(config-if)# exit

N5K-2(config)# interface ethernet 1/31
N5K-2(config-if)# switchport mode trunk
N5K-2(config-if)# channel-group 1 mode active
N5K-2(config-if)# exit

N5K-2(config)# interface ethernet 1/32
N5K-2(config-if)# switchport mode trunk
N5K-2(config-if)# channel-group 1 mode active
N5K-2(config-if)# end
vPC Memberport 設定
  • Portchannel Interface で vpc 番号を指定します。
  • vPC 番号と Portchannel Interface 番号は、vPC pair と一致させます。
N5K-1# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
N5K-1(config)# vlan 10
N5K-1(config-vlan)# exit

N5K-1(config)# interface port-channel 10
N5K-1(config-if)# switchport mode trunk
N5K-1(config-if)# switchport trunk allowed vlan 10
N5K-1(config-if)# speed 1000
N5K-1(config-if)# vpc 10
N5K-1(config-if)# exit

N5K-1(config)# interface ethernet 1/1
N5K-1(config-if)# switchport mode trunk
N5K-1(config-if)# switchport trunk allowed vlan 10
N5K-1(config-if)# channel-group 10 mode active
N5K-2(config-if)# end

N5K-2# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
N5K-2(config)# vlan 10
N5K-2(config-vlan)# exit

N5K-2(config)# interface port-channel 10
N5K-2(config-if)# switchport mode trunk
N5K-2(config-if)# switchport trunk allowed vlan 10
N5K-1(config-if)# speed 1000
N5K-2(config-if)# vpc 10
N5K-2(config-if)# exit

N5K-2(config)# interface ethernet 1/1
N5K-2(config-if)# switchport mode trunk
N5K-2(config-if)# switchport trunk allowed vlan 10
N5K-2(config-if)# channel-group 10 mode active
N5K-2(config-if)# end
Feature 状態確認

"show feature"コマンドで、全ての機能の状態を表示します。

N5K-1# show feature
Feature Name          Instance  State
--------------------  --------  --------
Flexlink              1         disabled
amt                   1         disabled
bgp                   1         disabled
cts                   1         disabled
<...snip...>
vPC 状態確認

"show vpc"コマンドで、vPC の詳細情報を確認します。

N5K-1# show vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                   : 1
Peer status                     : peer adjacency formed ok
vPC keep-alive status           : peer is alive
Configuration consistency status: success
Per-vlan consistency status     : success
Type-2 consistency status       : success
vPC role                        : primary
Number of vPCs configured       : 1
Peer Gateway                    : Enabled
Peer gateway excluded VLANs     : -
Dual-active excluded VLANs      : -
Graceful Consistency Check      : Enabled

vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po1    up     10

vPC status
----------------------------------------------------------------------------
id     Port        Status Consistency Reason                     Active vlans
------ ----------- ------ ----------- -------------------------- -----------
10     Po10        up     success     success                    10

N5K-2# show vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                   : 1
Peer status                     : peer adjacency formed ok
vPC keep-alive status           : peer is alive
Configuration consistency status: success
Per-vlan consistency status     : success
Type-2 consistency status       : success
vPC role                        : secondary
Number of vPCs configured       : 1
Peer Gateway                    : Enabled
Peer gateway excluded VLANs     : -
Dual-active excluded VLANs      : -
Graceful Consistency Check      : Enabled

vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po1    up     10

vPC status
----------------------------------------------------------------------------
id     Port        Status Consistency Reason                     Active vlans
------ ----------- ------ ----------- -------------------------- -----------
10     Po10        up     success     success                    10
vPC Peer-Keepalive 状態確認

"show vpc peer-keepalive"コマンドで、メッセージのステータスを確認します。

N5K-1# show vpc peer-keepalive

vPC keep-alive status           : peer is alive
--Peer is alive for             : (159) seconds, (628) msec
--Send status                   : Success
--Last send at                  : 2009.07.28 11:15:09 13 ms
--Sent on interface             : mgmt0
--Receive status                : Success
--Last receive at               : 2009.07.28 11:15:09 29 ms
--Received on interface         : mgmt0
--Last update from peer         : (0) seconds, (438) msec

vPC Keep-alive parameters
--Destination                   : 1.1.1.2
--Keepalive interval            : 1000 msec
--Keepalive timeout             : 5 seconds
--Keepalive hold timeout        : 3 seconds
--Keepalive vrf                 : management
--Keepalive udp port            : 3200
--Keepalive tos                 : 192

N5K-2# show vpc peer-keepalive

vPC keep-alive status           : peer is alive
--Peer is alive for             : (285) seconds, (381) msec
--Send status                   : Success
--Last send at                  : 2009.07.28 11:17:22 43 ms
--Sent on interface             : mgmt0
--Receive status                : Success
--Last receive at               : 2009.07.28 11:17:22 51 ms
--Received on interface         : mgmt0
--Last update from peer         : (0) seconds, (205) msec

vPC Keep-alive parameters
--Destination                   : 1.1.1.1
--Keepalive interval            : 1000 msec
--Keepalive timeout             : 5 seconds
--Keepalive hold timeout        : 3 seconds
--Keepalive vrf                 : management
--Keepalive udp port            : 3200
--Keepalive tos                 : 192
vPC 互換性確認

"show vpc consistency-parameters"コマンドで、互換性が必要なパラメータを確認します。

N5K-1# show vpc consistency-parameters vpc 10

    Legend:
        Type 1 : vPC will be suspended in case of mismatch

Name                        Type  Local Value            Peer Value
-------------               ----  ---------------------- -----------------------
Shut Lan                    1     No                     No
STP Port Type               1     Default                Default
STP Port Guard              1     None                   None
STP MST Simulate PVST       1     Default                Default
lag-id                      1     [(7f9b,                [(7f9b,
                                  0-23-4-ee-be-1, 800a,  0-23-4-ee-be-1, 800a,
                                  0, 0), (8000,          0, 0), (8000,
                                  0-1e-79-81-c8-80, a,   0-1e-79-81-c8-80, a,
                                  0, 0)]                 0, 0)]
mode                        1     active                 active
Speed                       1     1000 Mb/s              1000 Mb/s
Duplex                      1     full                   full
Port Mode                   1     trunk                  trunk
Native Vlan                 1     1                      1
MTU                         1     1500                   1500
Admin port mode             1
Allowed VLANs               -     10                     10
Local suspended VLANs       -     -                      -

N5K-2# show vpc consistency-parameters vpc 10

    Legend:
        Type 1 : vPC will be suspended in case of mismatch

Name                        Type  Local Value            Peer Value
-------------               ----  ---------------------- -----------------------
Shut Lan                    1     No                     No
STP Port Type               1     Default                Default
STP Port Guard              1     None                   None
STP MST Simulate PVST       1     Default                Default
lag-id                      1     [(7f9b,                [(7f9b,
                                  0-23-4-ee-be-1, 800a,  0-23-4-ee-be-1, 800a,
                                  0, 0), (8000,          0, 0), (8000,
                                  0-1e-79-81-c8-80, a,   0-1e-79-81-c8-80, a,
                                  0, 0)]                 0, 0)]
mode                        1     active                 active
Speed                       1     1000 Mb/s              1000 Mb/s
Duplex                      1     full                   full
Port Mode                   1     trunk                  trunk
Native Vlan                 1     1                      1
MTU                         1     1500                   1500
Admin port mode             1
Allowed VLANs               -     10                     10
Local suspended VLANs       -     -                      -