Cisco vPC aka Virtual Port-Channel, which was launched in 2009 is a feature on the Cisco Nexus series switches that allows end device to configure a Port-Channel across multiple switches. If you want to know details, then check fundamental concepts of vPC by Cisco. In this lesson, we will learn how to configure Cisco Nexus vPC. We will do this in following steps-

Topology:

Configure Cisco Nexus vPC

Configuration:

Enabling Features:
First of all, let’s enable necessary features for vPC on both switches.

Nexus-1:
Nexus-1(config)# feature vpc
Nexus-1(config)# feature lacp

Nexus-2:
Nexus-2(config)# feature vpc
Nexus-2(config)# feature lacp

Keep Alive Link:
For keep alive link, we will use our management interfaces. However, for a larger enterprise network, management interfaces are used for out-of-band management. In that case, you will need to use other ports.

Nexus-1:
Nexus-1(config)# interface mgmt 0
Nexus-1(config-if)# ip address 10.1.1.1/30
Nexus-1(config-if)# no shutdown

Nexus-2:
Nexus-2(config)# interface mgmt 0
Nexus-2(config-if)# ip address 10.1.1.2/30
Nexus-2(config-if)# no shutdown

To verify the connectivity, we can ping from Nexus-1 to Nexus-2 management IP.

Nexus-1# ping 10.1.1.2 vrf management
PING 10.1.1.2 (10.1.1.2): 56 data bytes
36 bytes from 1.1.1.1: Destination Host Unreachable Request 0 timed out
64 bytes from 10.1.1.2: icmp_seq=1 ttl=254 time=1.098 ms
64 bytes from 10.1.1.2: icmp_seq=2 ttl=254 time=0.598 ms
64 bytes from 10.1.1.2: icmp_seq=3 ttl=254 time=0.536 ms
64 bytes from 10.1.1.2: icmp_seq=4 ttl=254 time=0.503 ms

--- 10.1.1.2 ping statistics ---
5 packets transmitted, 4 packets received, 20.00% packet loss
round-trip min/avg/max = 0.503/0.683/1.098 ms

vPC Domain:
A vPC domain is a collection of vPC component. In this example, we will be using vPC domain 1. You can choose domain id between <1-1000>. And, also we will set priorities for both switches. Lower priority will become primary.

Nexus-1:
Nexus-1(config)# vpc domain 1
Nexus-1(config-vpc-domain)# role priority 20
Nexus-1(config-vpc-domain)# peer-keepalive destination 10.1.1.2 source 10.1.1.1 vrf management
Nexus-1(config-vpc-domain)#

Nexus-2:
Nexus-2(config)# vpc domain 1
Nexus-1(config-vpc-domain)# role priority 30
Nexus-2(config-vpc-domain)# peer-keepalive destination 10.1.1.1 source 10.1.1.2 vrf management
Nexus-2(config-vpc-domain)#

Peer Link:
The peer link exchanges state information and carries control traffic between peer nexus switches.

Nexus-1:
Nexus-1(config)# interface ethernet 1/1-2
Nexus-1(config-if-range)# channel-group 20 mode active
Nexus-1(config-if-range)# no shutdown

Nexus-1(config)# interface port-channel 20
Nexus-1(config-if)# no shutdown
Nexus-1(config-if)# switchport
Nexus-1(config-if)# switchport mode trunk
Nexus-1(config-if)# vpc peer-link

Nexus-2:
Nexus-2(config)# interface ethernet 1/1-2
Nexus-2(config-if-range)# channel-group 20 mode active
Nexus-1(config-if-range)# no shutdown

Nexus-2(config)# interface port-channel 20
Nexus-2(config-if)# no shut
Nexus-2(config-if)# switchport
Nexus-2(config-if)# switchport mode trunk
Nexus-2(config-if)# vpc peer-link

To verify, use need to use, “show vpc brief” command.

Nexus-1# show vpc brief
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     	: 1
Peer status                       		: peer adjacency formed ok
vPC keep-alive status             	: peer is alive
Configuration consistency status  : success
Per-vlan consistency status       	: success
Type-2 consistency status         	: success
vPC role                          		: primary
Number of vPCs configured         : 0
Peer Gateway                      	: Disabled
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              	: Disabled
Delay-restore status              	: Timer is off.(timeout = 30s)
Delay-restore SVI status          	: Timer is off.(timeout = 10s)
Operational Layer3 Peer-router    : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id    Port   Status Active vlans
--    ----   ------ -------------------------------------------------
1     Po20   up     1

Member Ports:
Member ports are the ports where end device is connected. We need to configure port-channel for the end device.

Nexus-1:
Nexus-1(config)# interface eth 1/3
Nexus-1(config-if)# channel-group 30 mode active
!
Nexus-1(config-if)# interface port-channel 30
Nexus-1(config-if)# switchport
Nexus-1(config-if)# vpc 30

Nexus-2:
Nexus-2(config)# interface eth 1/3
Nexus-2(config-if)# channel-group 30 mode active
!
Nexus-2(config-if)# interface port-channel 30
Nexus-2(config-if)# switchport
Nexus-2(config-if)# vpc 30

Let’s verify VPC member.

Nexus-1# show vpc brief
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     	: 1
Peer status                       		: peer adjacency formed ok
vPC keep-alive status             	: peer is alive
Configuration consistency status  : success
Per-vlan consistency status       	: success
Type-2 consistency status         	: success
vPC role                          		: primary
Number of vPCs configured         : 1
Peer Gateway                      	: Disabled
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              	: Disabled
Delay-restore status              	: Timer is off.(timeout = 30s)
Delay-restore SVI status          	: Timer is off.(timeout = 10s)
Operational Layer3 Peer-router    : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id    Port   Status Active vlans
--    ----   ------ -------------------------------------------------
1     Po20   up     1

vPC status
----------------------------------------------------------------------------
Id    Port          Status Consistency Reason                Active vlans
--    ------------  ------ ----------- ------                ---------------
20    Po30          down*  success     success               -

Member port Po20 is added. It’s showing down, because the end device (port-channel) still not configured.

Orphan Ports:
Orphan Ports is the port, which are not under any VPC member ports. You can verify it by using “show vpc orphan-ports”.

Written by Rajib Kumer Das

I am Rajib Kumer Das, a network engineer with 7+ years of experience in multi-vendor environment. In my current company, I am responsible to take care critical projects and it's support cases. I do have several vendor certificates and have plans to go further.

Leave a Comment

Your email address will not be published. Required fields are marked *