Tag Archives: cisco systems

CCIE DC Written – 1.1.a Link Aggregation – vPC Data Plane

CCIE Data Center, ,

vPC

Here is an important question about the data plane with your vPC. Is the vPC peer link (typically an EtherChannel) between your vPC peer switches used for forwarding data traffic? In a “normal” network condition, the answer is no. The vPC peer link is not used for the data traffic of the vPC and is considered to be an extension of the control plane between the vPC peer switches. The vPC peer link carries the following type of traffic:

  • vPC control traffic, such as Cisco FSoE, BPDUs, and LACP messages
  • Flooding traffic, such as broadcast, multicast, and unknown unicast traffic
  • Traffic from orphan ports

So we note that the peer link is used specifically for switch management traffic and occasionally for the data packets from failed network ports. This behavior of our vPCs enables the solution to scale because the bandwidth requirement for the vPC peer link is not directly related to the total bandwidth of all vPC ports.

What about loop prevention? One of the most important forwarding rules for a vPC is exactly about that as I have shown in the illustration above. Note this sample traffic flow:

  1. A packet enters the vPC peer switch via a vPC member port.
  2. The packet then goes to the other peer switch via the peer link
  3. The packet is then not allowed to exit the switch on the vPC member port.
  4. This packet can exit on any other type of port, such as an L3 port or an orphan port.

This rule prevents the packets that are received on a vPC from being flooded back onto the same vPC by the other peer switch.

What about this traffic from orphan ports? Understand there are two types of orphan ports for this discussion:

  • The first type of orphan port is the one that is connected to an orphan device and is not part of any vPC configuration. For this type of orphan port, normal switch forwarding rules are applied. The traffic for this type of orphan port can use a vPC peer link as a transit link to reach the devices on the other vPC peer switch.
  • The second type of orphan port is the one that is a member of a vPC configuration, but the other peer switch has lost all the associated vPC member ports. For this type of orphan port, the vPC loop avoidance rule is disabled. In this special case, the vPC peer switch will be allowed to forward the traffic that is received on the peer link to one of the remaining active vPC member ports.

CFSoE is used to synchronize the Layer 2 forwarding tables between the vPC peer switches. Therefore, there is no dependency on the regular MAC address learning between the vPC peer switches. CFSoE-based MAC address learning is applicable only to the vPC ports. This method of learning is not used for the ports that are not part of the vPC configuration.

CCIE DC Written – 1.1.a Link Aggregation – LACP

CCIE Data Center, ,

NX-OS

Here are some Nexus facts to keep in mind:

  • With LACP, you can bundle up to 16 interfaces in a channel group. If the channel group has more than 8 interfaces, the remaining interfaces are in hot standby for the port channel associated with this channel group on the M-series modules.
  • From Cisco NX-OS Release 5.1, you can bundle up to 16 active links into a port channel on the F-series module.
  • When you delete the port channel, the software automatically deletes the associated channel group. All member interfaces revert to their original configuration.
  • You cannot disable LACP while any LACP configurations are present.
  • When you run static port channels with no aggregation protocol, the channel mode is always set to on.

Of course, you must globally enable LACP before you can use it on the Nexus device. There are two modes:

  • Passive – responds to negotiations, but does not initiate them – sounds like me at the High School dance
  • Active – initiates negotiations

Starting at 4.2(3) – Cisco introduced some LACP compatibility enhancements as follows:

  •  When a Cisco Nexus device is connected to a non-Nexus peer, its graceful failover defaults may delay the time taken for a disabled port to be brought down or cause traffic from the peer to be lost. To address these conditions, the lacp graceful-convergence command was added.
  • By default, LACP sets a port to the suspended state if it does not receive an LACP PDU from the peer. In some cases, although this feature helps in preventing loops created due to misconfigurations, it can cause servers to fail to boot up because they require LACP to logically bring up the port. You can put a port into an individual state by using the lacp suspend-individual command.

Starting with Release 5.1 Cisco introduced the Minimum Links feature as well as MaxBundle. The Minimum Links feature allows you to:

  • Configure the min number of links that must be in the bundle
  • Prevent low bandwidth LACP bundles from becoming available
  • Causes the port channel to go inactive if the required min bandwidth is not available

MaxBundle allows:

  • Upper limit on ports that are bundled
  • Allows the designation of ports as hot standby

Basic Configuration

  • Use feature lacp to enable the feature
  • Create the port channel interface with interface port-channel 10, use the switchport command in the interface
  • Add a Layer 2 interface to the port channel with switchport followed by channel-group 10 mode passive