Nexus 7000 Test Plan VPC v1

Customer Proof of Concept Lab
Data Center Business Unit

Nexus 7000 vPC Test Plan - version 1.0
Activity
Customer
Arrival/Testing
Name
Jeff Raymond
Roberto Mari
Arkadiy Shapiro
<SE_NAME>
<CUSTOMER_NAME>
<CUSTOMER_NAME>
Start Date
End Date
January 27, 2009
January 27, 2009
Company
Cisco Systems, Inc.
Cisco Systems, Inc.
Cisco Systems, Inc.
Cisco Systems, Inc.
Position
Director, Technical Marketing
Technical Marketing Engineer
Tech Project SE
System Engineer
Note: Lab operation hours are 9 a.m. to 5 p.m. Monday to Friday.
Table of Contents
INTRODUCTION........................................................................................................................................................3
EQUIPMENT - HARDWARE AND SOFTWARE...................................................................................................4
CISCO DEVICES...........................................................................................................................................................4
Hardware...............................................................................................................................................................4
Software & Licenses..............................................................................................................................................4
THIRD PARTY DEVICES...............................................................................................................................................4
Hardware...............................................................................................................................................................4
Software.................................................................................................................................................................4
DESIGN AND TOPOLOGY DIAGRAM...................................................................................................................5
TESTING.......................................................................................................................................................................6
PART I PRELIMINARY CONFIGURATION...................................................................................................................6
Test 1 Spanning Tree Configuration..................................................................................................................6
Test 2 Enable HSRP feature...............................................................................................................................7
Test 3 Enable LACP feature.............................................................................................................................10
Test 4 Enable global UDLD.............................................................................................................................12
Test 5 Verify Layer 2 Connectivity ..................................................................................................................12
PART II BRING UP VPC ON NETWORK....................................................................................................................13
Test 6 Enable vPC feature, perform consistency and connectivity checks.......................................................13
PART III - VPC FAILURE SCENARIO AND CONVERGENCE TESTS ..............................................................................23
Test 7 - shutdown the vPC peer-link port-channel on one switch ......................................................................23
Test 8 - no shutdown the vPC peer-link port-channel on the switch ..................................................................25
Test 9 Shutdown in sequence the two vPC port-channel members on one switch ..........................................26
Test 10 - shut/no shutdown the vPC peer-keepalive link ....................................................................................28
Test 11 - Fail peer-link followed by peer-keepalive link.....................................................................................30
Test 12 - Fail peer-keepalive link followed by peer-link...................................................................................31
Test 13 - SSO switchover test during traffic ......................................................................................................32
CONCLUSION............................................................................................................................................................34
EXTERNAL REFERENCES.....................................................................................................................................34
INTERNAL REFERENCES......................................................................................................................................34
ACRONYMS................................................................................................................................................................34
Introduction
The following presents a sample comprehensive test plan for Nexus 7000 testing. This
focuses on testing environments (general configs, general streams) and procedures. Testing notes
cover additional comments regarding procedure and procedure examples. For more specific
information on testing environment, configurations and results, see Nexus 7000 case studies.
Note:
This document is a work in progress. It will be updated as more test procedures are
validated in CPOC lab.
Equipment - Hardware and Software

Following is a list of hardware and software required for a typical Nexus 7000 testing setup.
Cisco Devices
Hardware
Quantity
Device
Description
AGGREGATION/CORE
2
N7K-C7010
10 Slot Chassis
N7K-C7010-FAB-1
Nexus 7000 10 Slot Chassis 46Gbps/Slot Fabric

Module
N7K-AC-6.0KW
Nexus 7000 - 6.0KW AC Power Supply Module
N7K-SUP1
Nexus 7000 - Supervisor
N7K-148GT-11
Nexus 7000 - 48 Port 10/100/1000, RJ-45, 40G Fabric
N7K-132XP-12
Nexus 7000 - 32 Port 10GbE, 80G Fabric
16
SFP-10G-SR
10GBASE-SR-SFP+ Module
Nexus 5020
Cisco Nexus5020 Chassis ("40x10GE/Supervisor")
ACCESS
1
Software & Licenses

Software
N7KS1K9-41.3
Description
NX-OS software for Sup 1
NX-OS Base License is only
required for vPC
N7KS1K9-401A1.1
Version
4.0(1) or higher
N/A
Third Party Devices

Hardware
Port Quantity
2
8
Description
Agilent N2X / Spirent Test Center 1GigE Traffic Generator
Agilent N2X / Spirent Test Center 10GigE Traffic Generator
Software
Software
-
Description
-
Version
-
Design and Topology Diagram

The diagram below shows the typical network topology that was used to validate/test vPC
feature and interoperability with the Nexus 5000.
mgmt
rhs-7k-2
rhs-7k-1
10
e1/9-10
e1/9-10
20
20
e1/1-2
e1/3-4
n5k-rhs-1
Testing
Note: this is organized by general functional areas of Nexus 7000 testing. As well the tests are ordered by priority as
seen based on some customer and account team requests.
Part I Preliminary Configuration

Test 1 Spanning Tree Configuration
Purpose
Spanning Tree is still needed with vPC. STP is acts as a failsafe and backup mechanism when vPC configuration is
removed or misconfigured. On links which are part of the vPC the Spanning Tree state machine runs but do not take
any action in changing port states. Rapid Spanning Tree implementation will be used throughout this Test Plan.
Environment and configurations
Setup layer 2 links and wire connections between the two nexus 7000 boxes and the Nexus 5000 and
configure roots in your network, to achieve a deterministic behavior in the STP topology.
Procedures
Configure Layer 2 and Spanning Tree

1.
Configure and unshut VLANs that will be transported from access to the aggregation.
rhs-7k-1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
rhs-7k-1(config)# vl 11
rhs-7k-1(config-vlan)# no sh
rhs-7k-1(config-vlan)# vl 12
rhs-7k-1(config-vlan)# exit
rhs-7k-1(config)# exit
Check if the VLANs are up and running and repeat above steps for all three switches
in the testbed setup (7k-1, 7k-2, 5k).
rhs-7k-1# sh vlan brief
VLAN Name
Status Ports
---- -------------------------------- --------- ----------------------------1 default
active
2 VLAN0002
active
3 VLAN0003
active
4 VLAN0004
active
11 VLAN0011
active
12 VLAN0012
active
13 VLAN0013
active
14 VLAN0014
active
2.
Configure interconnecting Trunks to carry the layer 2 VLANs defined at step 1, on access and distribution
switches.
rhs-7k-1# conf t
rhs-7k-1(config)# interface ethernet 1/9, e 1/10

rhs-7k-1(config-if-range)# switchport
rhs-7k-1(config-if-range)# switchport mode trunk
rhs-7k-1(config-if-range)# switchport trunk allowed vlan 11-14
rhs-7k-1(config-if-range)# no sh
rhs-7k-1(config-if-range)# exit
Check if Trunks are up and running and repeat above steps for all three switches in the
testbed setup (7k-1, 7k-2, 5k).
rhs-7k-1# show interface trunk vlan 11-14
--------------------------------------------------------------------------------Port
Vlan
Channel
---------------------------------------------------------------------------------------------------------------------------------------------------------------Port
---------------------------------------------------------------------------------------------------------------------------------------------------------------Port
Trunk
--------------------------------------------------------------------------------Eth1/1
Eth1/2
none
Eth1/9
none
Eth1/10 none
--------------------------------------------------------------------------------Port
--------------------------------------------------------------------------------Eth1/1
Eth1/2
none
Eth1/9
11-14
Eth1/10 11-14
3.
Native Status
Port
Vlans Allowed on Trunk

Vlans Err-disabled on
none
STP Forwarding
11-14
Configure Spanning Tree priorities in order to make one of the two aggregation switches the Primary Root
of this Layer 2 domain (e.g. N7k-1), the other aggregation switch the secondary root (e.g. N7k-2) and the
Nexus 5000 the third in the priority list (e.g. assigning the maximum priority). In order to achieve this use
the Spanning Tree CLIs to change the bridge priority for the interested VLANs.
Primary Root:
rhs-7k-1(config)# spanning-tree vlan 11-14 root primary
Secondary Root:
rhs-7k-2(config)# spanning-tree vlan 11-14 root secondary
Access Switch (higher STP priority numerical value)
n5k-rhs-1(config)# spanning-tree vlan 11-14 priority ?
<0-61440> bridge priority in increments of 4096
n5k-rhs-1(config)# spanning-tree vlan 11-14 priority 61440
Check for the Spanning Tree Roots through the appropriate show commands:
rhs-7k-1# show spanning-tree root
Root Hello Max Fwd
Vlan
Root ID
Cost Time Age Dly Root Port
---------------- -------------------- ------- ----- --- --- ---------------VLAN0011
24587 0022.5579.7641
0 2 20 15 This
VLAN0012
24588 0022.5579.7641
0 2 20 15 This
VLAN0013
24589 0022.5579.7641
0 2 20 15 This
VLAN0014
24590 0022.5579.7641
0 2 20 15 This
Test 2 Enable HSRP feature

Purpose
bridge
bridge
bridge
bridge
is
is
is
is
root
root
root
root
HSRP should be enabled on the SVIs to handle remote failures and establish a fault-tolerant default gateway.
Enable HSRP and configure it to have HSRP primary to follow the Spanning Tree primary Root. Use the
HSRP priority to define the active as the STP Root. Define policy preemption to ensure that the high
priority HSRP session is ready to take over every time becomes active.
Procedures
1.
Configure HSRP on both the nexus 7000 aggregation switches
rhs-7k-1# sh run int vl 11

version 4.1(3)
interface Vlan11
no shutdown
ip address 192.168.202.2/24
hsrp 1
preempt
priority 255
ip 192.168.202.1
hsrp 2
version 4.1(3)
interface Vlan12
no shutdown
ip address 192.168.203.2/24
hsrp 2
preempt
priority 255
ip 192.168.203.1
2. Repeat this configuration on the other Nexus 7000 aggregation switch.

version 4.1(3)
interface Vlan11
no shutdown
ip address 192.168.202.3/24
hsrp 1
ip 192.168.202.1
version 4.1(3)
interface Vlan12
no shutdown
ip address 192.168.203.3/24
hsrp 2
ip 192.168.203.1
Check for the HSRP configuration final configuration and make sure the HSRP session are up and
secondary HSRP can be seen.
rhs-7k-1# sh hsrp brief

P indicates configured to preempt.
|
Interface Grp Prio P State Active addr
Standby addr
Group addr
Vlan11
1 255 P Active local
192.168.202.3 192.168.202.1
Vlan12
2 255 P Active local
192.168.203.3
192.168.203.1
rhs-7k-2# show hsrp brief

P indicates configured to preempt.
|
Interface Grp Prio P State Active addr
Standby addr
Group addr
Vlan11
1 100 Standby 192.168.202.2 local
192.168.202.1
Vlan12
3.
2 100
Standby 192.168.203.2
local
192.168.203.1
Define Layer 3 SVI interface on the Nexus 7000 for a layer 3 connectivity test.
n5k-rhs-1(config)# conf t
n5k-rhs-1(config)# int vl 11
^
% invalid command detected at '^' marker.
n5k-rhs-1(config)# feature interface-vlan
n5k-rhs-1(config)# int vl 11
n5k-rhs-1(config-if)# 192.168.202.4/24
^
% invalid command detected at '^' marker.
% Invalid command
n5k-rhs-1(config-if)# ip add 192.168.202.4/24
n5k-rhs-1(config-if)# no sh
n5k-rhs-1(config-if)# int vl 12
n5k-rhs-1(config-if)# ip add 192.168.203.4/24
n5k-rhs-1(config-if)# exit
4.
Enable the ICMP debugs on both the aggregation switches and ping the virtual HSRP address from the
access switch. You should observe the active answering to the ping packets.
n5k-rhs-1# ping 192.168.202.1

PING 192.168.202.1 (192.168.202.1): 56 data bytes
Request 0 timed out
64 bytes from 192.168.202.1: icmp_seq=1 ttl=254 time=2.116
ms
ms
ms
ms
rhs-7k-1# 2009 Jan 23 18:09:35.900358 netstack: [3553] (default) Rcvd packet on

Vlan12 (prty 0): s=192.168.203.4, d=192.168.203.1, proto=1 (icmp), ip_len=84,
id=0b21, ttl=254
2009 Jan 23 18:09:35.900480 netstack: [3553] (default) Send packet (prty 0):
s=192.168.203.1, d=192.168.203.4, proto=1 (icmp), ip_len=84, id=0b21, ttl=255
2009 Jan 23 18:09:36.913280 netstack: [3553] (default) Rcvd packet on Vlan12 (prty
0):
0):
0):
0):
Notes
Active HSRP as STP Roots are defined to follow the vPC Primary placement. This is not must but allows a
better observation of the network behavior in case of different failure scenarios.
Test 3 Enable LACP feature

Purpose
LACP is used to configure port-channels between access and distribution switches and between distribution
switches.
Make sure that LACP rather than ON mode is used and use active/active mode on the port-channel peers.
The Port-Channel on the access device must have a unique ID in order to be recognized and used by the
vPC. The access device will have a single port-channel spanning across two Nexus 7000 devices.
Procedures
Enable the LACP feature on all three switches and define L2 Trunk port-channels as Port-channel 10 (ISL
channel-group) and Port-channel 20 (downstream port-channel).
rhs-7k-1# conf t
rhs-7k-1(config)# feature lacp
rhs-7k-2# conf t
rhs-7k-2(config)# feature lacp
n5k-rhs-1# conf t
n5k-rhs-1(config)# feature lacp
Define layer 2 port-channels carrying interconnecting VLANs and repeat these operations for both
aggregation switches.
rhs-7k-1# sh run | be port-channel | be 10

interface port-channel10
switchport
switchport mode trunk
switchport trunk allowed vlan 11-14
interface port-channel20
switchport
switchport mode trunk
switchport trunk allowed vlan 11-14
Bundle interfaces interconnecting the Network devices to the above predefined port-channels and repeat
this operation for both aggregation switches.
rhs-7k-1:
conf t
int e 1/1
channel-group 10 mode active
int e 1/2
exit
rhs-7k-1# show port-channel summary
Flags: D - Down
P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
----------------------------------------------------------------------------Group PortType
Protocol Member Ports
Channel
----------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SD) Eth
NONE
-rhs-7k-2:
conf t
int e 1/1
int e 1/2
exit
Flags: D - Down
-----------------------------------------------------------------------------Group PortType
Channel
-----------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SD) Eth
NONE
-n5k-rhs-1:
n5k-rhs-1(config)# interface port-channel 20
n5k-rhs-1(config-if)# switchport
n5k-rhs-1(config-if)# switchport mode trunk
n5k-rhs-1(config-if)# switchport trunk allowed vl 11-14
n5k-rhs-1# conf t
n5k-rhs-1(config)# int ethernet 1/1-4
n5k-rhs-1(config-if-range)# channel-group 20 mode active
Ethernet1/1 Ethernet1/2 Ethernet1/3 Ethernet1/4 added to port-channel20
n5k-rhs-1(config-if-range)# end
n5k-rhs-1# show port-channel summary
Flags: D - down
U - up in port-channel
I - Individual S - suspended
H - Hot-standby (LACP only)
R - Module-removed
------------------------------------------------------------------------------Group PortMember Ports
Channel
------------------------------------------------------------------------------20
Po20(D)
Eth1/1(I) Eth1/2(I) Eth1/3(I)
Eth1/4(I)
Type
Protocol
Eth
LACP
Notes
Ports in the port-channel on the access switch are not bundled as we can not build a channel spanning the
two Nexus 7000 unless we configure vPC first.
Test 4 Enable global UDLD

Purpose
Enable UDLD globally to monitor for link unidirectional failures and connectivity issues on the inter-connecting
links.
Configure the UDLD feature and leave it at its default (enabled as normal).
Procedures
Enable UDLD globally and verify neighbors, repeat the same operation on the other aggregation Nexus
7000 switch.
rhs-7k-1# conf t
rhs-7k-1(config)# feature udld
rhs-7k-1# sh udld neighbors
Port
Device Name Device ID Port ID
Neighbor State
-------------------------------------------------------------------------Ethernet1/1
TBM12326982 1
Ethernet1/1
bidirectional
Ethernet1/2
TBM12326982 1
Ethernet1/2
bidirectional
Notes
To address some particular failures, loss of bidirectional connectivity UDLD in aggressive mode can also
be used.
Test 5 Verify Layer 2 Connectivity

Purpose
Verify that basic Layer 2 connectivity can get established.
Use Ping/Traceroute/traffic generator or a generic client to generate a test stream
Procedures
Verify that devices can ping and see each other through CDP. From the Peer boxes ping an SVI on the access Nexus
5000 box.
rhs-7k-1# ping 192.168.202.4
PING 192.168.202.4 (192.168.202.4): 56 data bytes
Request 0 timed out
64 bytes from 192.168.202.4: icmp_seq=1 ttl=254 time=8.63 ms
hs-7k-1# show cdp neighbors
Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute
Device-ID
rhs-c2-1
Local Intrfce Hldtme Capability Platform

Port ID
mgmt0
150 S I
WS-C2960-24TC Fas0/20
rhs-7k-2(TBM12326982) Eth1/1
169
RSIs
N7K-C7010
Eth1/1
rhs-7k-2(TBM12326982) Eth1/2
169
RSIs
N7K-C7010
Eth1/2
FLC12310020
Eth1/9
FLC12310020
Eth1/10
171
SIs
171
rhs-7k-2(TBM12326982) Eth2/14
N5K-C5020P-BF Eth1/1
SIs
169
RSIs
N7K-C7010
rhs-7k-2# ping 192.168.202.4

PING 192.168.202.4 (192.168.202.4): 56 data bytes
Request 0 timed out
Eth2/14
ms
ms
ms
ms
--- 192.168.202.4 ping statistics --5 packets transmitted, 4 packets received, 20.00% packet loss
round-trip min/avg/max = 0.707/0.835/1.157 ms
rhs-7k-2# show cdp neighbors
Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute
Device-ID
rhs-c2-1
Local Intrfce Hldtme Capability Platform

Port ID
mgmt0
145 S I
WS-C2960-24TC Fas0/21
rhs-7k-1(TBM12336996) Eth1/1
131
RSIs
N7K-C7010
Eth1/1
rhs-7k-1(TBM12336996) Eth1/2
131
RSIs
N7K-C7010
Eth1/2
FLC12310020
Eth1/9
FLC12310020
Eth1/10
148
rhs-7k-1(TBM12336996) Eth2/14
148
SIs
SIs
131
RSIs
N7K-C7010
Eth2/14
Part II Bring up vPC on network

Test 6 Enable vPC feature, perform consistency and connectivity checks
Purpose
Enable vPC on the network testbed and perform basic connectivity verification.

o
Support for vPC is on Nexus-OS 4.1(3) or later on the Nexus 7000 platform.
vPC peer link must be on a N7K-M132XP-12, dedicated mode port is recommended
vPC peer-keepalive link is supported on any L3 reachable interface (e.g., front-panel port in a, separate
VRF, etc.). A front panel gigabit interface can be used.
Procedures
1.
Enable vPC feature on both aggregation Nexus 7000 switches.
rhs-7k-1# sh feature | in vpc
vpc
1
disabled
rhs-7k-1# sh proc | in vpc
PID State PC
Start_cnt TTY Type Process
NR
0
- VL vpc
rhs-7k-1# conf t
rhs-7k-1(config)# feature vpc
rhs-7k-1# sh proc | in vpc
26669
S b749640d
VL vpc
rhs-7k-1# sh feature | in vpc

vpc
1
enabled
2.
Create peer-keepalive-vrf, migrate at least one port into the vrf, repeat the operation on the other peer and
make sure they can ping.
vrf context peerkeepalive

vlan 1,11-14
rhs-7k-1# sh run int e 2/14
version 4.1(3)
interface Ethernet2/14
vrf member peerkeepalive
ip address 192.168.100.1/24
no shutdown
rhs-7k-1# show vrf peerkeepalive interface
Interface
VRF-Name
Ethernet2/14
peerkeepalive
VRF-ID
3
rhs-7k-1# ping 192.168.100.2 vrf peerkeepalive

PING 192.168.100.2 (192.168.100.2): 56 data bytes
ms
ms
ms
ms
ms
3.
Create vPC domain, same domain on both peer switches and verify this step
7k-1# conf t
rhs-7k-1(config)# vpc domain 10
rhs-7k-1(config-vpc-domain)# exit
rhs-7k-1# show vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id
: 10
Peer status
: peer link not configured
vPC keep-alive status
: Disabled
Configuration consistency status: failed
Configuration consistency reason: vPC peer-link does not exists
vPC role
: none established
4.
Configure peer-keepalive in vPC domain, repeat this operation on both Nexus 700 switches and verify the
configuration. Be sure to use correct source/destination IP addresses and VRF name.
rhs-7k-1# conf t
rhs-7k-1(config-vpc-domain)# peer-keepalive destination 192.168.100.2 source
192.168.100.1 vrf peerkeepalive
rhs-7k-2# conf t
rhs-7k-1(config-vpc-domain)# peer-keepalive destination 192.168.100.1 source
192.168.100.2 vrf peerkeepalive
rhs-7k-1# show vpc peer-keepalive
: peer is alive
--Destination
: 192.168.100.2
--Send status
: Success
--Receive status
: Success
--Last update from peer
: (0 ) seconds, (176 ) msec
: peer is alive
--Destination
: 192.168.100.1
--Send status
: Success
--Receive status
: Success
: (0 ) seconds, (338 ) msec
5.
Configure vPC Role to administratively determine the primary vPC Peer. A lower role priority means that
the vPC peer is going to be the primary. Until the peer link is not configured both Nexus 7000 think to be
the primary vPC Peer devices.
rhs-7k-1# conf t
rhs-7k-1(config-vpc-domain)# role priority 10
Warning:
!!:: vPCs will be flapped on current primary vPC switch while attempting role change ::!!
Note:
--------:: Change will take effect after user has re-initd the vPC peer-link ::-------rhs-7k-2(config)# vpc domain 10
rhs-7k-2(config-vpc-domain)# role priority 200
Warning:
!!:: vPCs will be flapped on current primary vPC switch while attempting role change ::!!
Note:
--------:: Change will take effect after user has re-initd the vPC peer-link ::-------rhs-7k-1# sh vpc brief
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary

Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
6.
Move ISL port-channels (between the 2 N7Ks) into peer-link mode. Now the role determination will kick in
and elect the primary vPC peer.
rhs-7k-1# conf t
rhs-7k-1(config)# interface port-channel10
rhs-7k-1(config-if)# vpc peer-link
Warning: vPC peer-link is configured as STP network port type
rhs-7k-1(config-if)# end
rhs-7k-2# conf t
rhs-7k-2(config)# interface port-channel 10
rhs-7k-2(config-if)# vpc peer-link
Warning: vPC peer-link is configured as STP network port type
Legend:
vPC domain id
: 10
Peer status
: peer adjacency formed ok
: peer is alive
Configuration consistency status: success
vPC role
: primary
vPC Peer-link status
--------------------------------------------------------------------id Port Status Active vlans
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: secondary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
7.
Configure/carry same VLANs on the peer-link, and on the vPC member ports. Perform this action on both
the vPC Peer links and verify that bundling occurs. Note first two LACP ports on one Peer vPC peer will be
bundled correctly and other two will be in suspended state as vPC membership has not been assigned yet
for downstream port-channels.

Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SD) Eth
NONE
-rhs-7k-1(config-if)# int e 1/9-10
rhs-7k-1(config-if-range)# channel-group 20 mode active
rhs-7k-1(config-if-range)# exit
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SU) Eth
LACP
Eth1/9(P) Eth1/10(P)
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: secondary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SD) Eth
NONE
-rhs-7k-2# conf t
rhs-7k-2(config)# int e 1/9-10
rhs-7k-2(config-if-range)# channel-group 20 mode active

rhs-7k-2(config-if-range)# end
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SD) Eth
LACP
Eth1/9(s) Eth1/10(s)
n5k-rhs-1# sh port-channel summary
Flags: D - down
R - Module-removed
--------------------------------------------------------------------------------Group PortMember Ports
Channel
-------------------------------------------------------------------------------20
Po20(U) Eth
LACP
Eth1/1(U) Eth1/2(U) Eth1/3(S)
Eth1/4(S)
8.
Type
Protocol
Move downstream port channels into vPC mode and verify all links comes up fine on the port-channel
spanning across the two peer switches.
rhs-7k-1# conf t
rhs-7k-1(config)# int port-channel 20
rhs-7k-1(config-if)# vpc 20
rhs-7k-2# conf t
rhs-7k-2(config)# interface port-channel 20
rhs-7k-2(config-if)# vpc 20
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SU) Eth
LACP
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SU) Eth
LACP
n5k-rhs-1# sh port-channel summary
Flags: D - down
R - Module-removed
Channel
-------------------------------------------------------------------------------20
Po20(U) Eth
LACP
Eth1/1(U) Eth1/2(U) Eth1/3(U)
Eth1/4(U)
9.
Perform vPC sanity, verify consistency and check connectivity.

Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
---------------------------------------------------------------------id Port Status Consistency Reason
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
rhs-7k-1# show vpc consistency-parameters interface port-channel 10
Legend:
Type 1 : vPC will be suspended in case of mismatch
Name
Type Local Value
Peer Value
---------------- ---------------------- ----------------------STP Mode
1
Rapid-PVST
Rapid-PVST
STP Disabled
1
None
None
STP MST Region Name
1
""
""
STP MST Region Revision
1
0
0
STP MST Region Instance to 1
VLAN Mapping
STP Loopguard
1
Disabled
Disabled
STP Bridge Assurance
1
Enabled
Enabled
STP Port Type
1
Normal
Normal
STP MST Simulate PVST
1
Enabled
Enabled
Allowed VLANs
11-14
11-14
Legend:
Type
Protocol

Name
Type Local Value
Peer Value
---------------- ---------------------- ----------------------STP Port Type
1
Default
Default
STP Port Guard
1
None
None
1
Default
Default
lag-id
1
[(7f9b,
[(7f9b,
0-23-4-ee-be-a, 8014, 0-23-4-ee-be-a, 8014,
0, 0), (8000,
0, 0), (8000,
0-d-ec-a3-9f-0, 13, 0, 0-d-ec-a3-9f-0, 13, 0,
0)]
0)]
mode
1
active
active
Speed
1
10 Gb/s
10 Gb/s
Duplex
1
full
full
Port Mode
1
trunk
trunk
Native Vlan
1
1
1
MTU
1
1500
1500
Allowed VLANs
11-14
11-14
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: secondary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
Legend:
Name
Type Local Value
Peer Value
---------------- ---------------------- ----------------------STP Mode
1
Rapid-PVST
Rapid-PVST
STP Disabled
1
None
None
STP MST Region Name
1
""
""
STP MST Region Revision
1
0
0
STP MST Region Instance to 1
VLAN Mapping
STP Loopguard
1
Disabled
Disabled
STP Bridge Assurance
1
Enabled
Enabled
STP Port Type
1
Normal
Normal
1
Enabled
Enabled
Allowed VLANs
11-14
11-14
Legend:
Name
Type Local Value
Peer Value
---------------- ---------------------- ----------------------STP Port Type
1
Default
Default
STP Port Guard
1
None
None
1
Default
Default
lag-id
1
[(7f9b,
[(7f9b,
0-23-4-ee-be-a, 8014, 0-23-4-ee-be-a, 8014,
0, 0), (8000,
0, 0), (8000,
0-d-ec-a3-9f-0, 13, 0, 0-d-ec-a3-9f-0, 13, 0,
0)]
0)]
mode
1
active
active
Speed
1
10 Gb/s
10 Gb/s
Duplex
1
full
full
Port Mode
1
trunk
trunk
Native Vlan
1
1
1
MTU
1
1500
1500
Allowed VLANs
11-14
11-14
Ping the HSRP Virtual IP Addresses on the from the Nexus 5000 switch
n5k-rhs-1# ping 192.168.202.1
PING 192.168.202.1 (192.168.202.1): 56 data bytes
n5k-rhs-1# ping 192.168.203.1
PING 192.168.203.1 (192.168.203.1): 56 data bytes
ms
ms
ms
ms
ms
10. Check if Spanning Tree gives active/active paths (no blocked downstream links)
rhs-7k-1# show spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: VLAN0011-VLAN0014
Port Type Default
is disable
Edge Port [PortFast] BPDU Guard Default is disabled
Edge Port [PortFast] BPDU Filter Default is disabled
Bridge Assurance
is enabled
Loopguard Default
is disabled
Pathcost method used
is short
Name
Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ---------VLAN0011
0
0
0
2
2
VLAN0012
0
0
0
2
2
VLAN0013
0
0
0
2
2
VLAN0014
0
0
0
2
2
---------------------- -------- --------- -------- ---------- ---------4 vlans
0
0
0
8
8
rhs-7k-1# show spanning-tree vlan 11

VLAN0011
Spanning tree enabled protocol rstp
Root ID Priority 24587
Address
0022.5579.7641
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24587 (priority 24576 sys-id-ext 11)
Address
0022.5579.7641
Interface
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------Po10
Desg FWD 1
128.4105 (vPC peer-link) Network P2p
Po20
Desg FWD 1
128.4115 (vPC) P2p
rhs-7k-2# show spanning-tree summary
Root bridge for: none
Port Type Default
is disable
Bridge Assurance
is enabled
Loopguard Default
is disabled
is short
Name
---------------------- -------- --------- -------- ---------- ---------VLAN0011
0
0
0
2
2
VLAN0012
0
0
0
2
2
VLAN0013
0
0
0
2
2
VLAN0014
0
0
0
2
2
---------------------- -------- --------- -------- ---------- ---------4 vlans
0
0
0
8
8
rhs-7k-2# show spanning-tree vlan 11
VLAN0011
Address
0022.5579.7641
Cost
1
Port
4105 (port-channel10)
Address
0022.5579.7341
Interface
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------Po10
Root FWD 1
128.4105 (vPC peer-link) Network P2p
Po20
Desg FWD 1
128.4115 (vPC) P2p
n5k-rhs-1# show spanning-tree summary
Root bridge for: VLAN0001-VLAN0004
Port Type Default
is disable
Bridge Assurance
is disabled
Loopguard Default
is disabled
is short
Name
---------------------- -------- --------- -------- ---------- ---------VLAN0001
0
0
0
4
4
VLAN0002
0
0
0
4
4
VLAN0003
0
0
0
4
4
VLAN0004
0
0
0
4
4
VLAN0011
0
0
0
1
1
VLAN0012
0
0
0
1
1
VLAN0013
0
0
0
1
1
VLAN0014
0
0
0
1
1
---------------------- -------- --------- -------- ---------- ---------8 vlans
0
0
0
20
20
n5k-rhs-1# show spanning-tree vl 11
VLAN0011
Address
0022.5579.7641
Cost
1
Port
4115 (port-channel20)
Address
000d.eca3.9f01
Interface
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------Po20
Root FWD 1
128.4115 P2p
Notes
When configuring initially downstream port-channels some LACP ports on one Peer vPC peer will be
bundled correctly and others will be in suspended state as vPC membership has not been assigned yet on
downstream port-channels. Effectively here LACP detects that the channel is split and that is because no
vPC configuration has been performed yet.
Part III - vPC Failure scenario and convergence tests

Purpose
The purpose of this section is to run failure scenario with vPC and verify that system behaves correctly and
converges within expected time limit.
Test 7 - shutdown the vPC peer-link port-channel on one switch

Purpose
Verify downstream links on the secondary vPC and toward the access will be suspended to avoid the split brain
condition.
Run continuous traffic between end hosts and start an unlimited ping from access to the aggregation/core
and vice versa to verify the impact on packet forwarding.
Procedures
1.
Shut the vPC peer-link port-channel on one Peer vPC device and check that standby vPC links gets
disabled.
Notes
No traffic disruption is observed, Procedure example follows:
rhs-7k-1# conf t
rhs-7k-1(config)# int po 10 ^C
rhs-7k-1(config)#
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
rhs-7k-1# conf t
rhs-7k-1(config)# int po 10
rhs-7k-1(config-if)# sh
rhs-7k-1(config-if)# exit
rhs-7k-1(config)# sh vpc brief
Legend:
vPC domain id
: 10
Peer status
: peer link is down
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 down vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
rhs-7k-2# 2009 Jan 24 02:20:48 rhs-7k-2 %VPC-2-VPC_SUSP_ALL_VPC: Peer-link going
down, suspending all vPCs on secondary
rhs-7k-2# show po
policy-map
port-channel port-monitor
rhs-7k-2# show port
port-channel port-monitor
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SD) Eth
LACP
Eth1/1(D) Eth1/2(D)
20 Po20(SD) Eth
LACP
Eth1/9(D) Eth1/10(D)
Legend:
vPC domain id
: 10
Peer status
: peer link is down
: peer is alive
vPC role
: secondary
Dual Active Detected
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 down failed
Peer-link is down
-
Test 8 - no shutdown the vPC peer-link port-channel on the switch

Purpose
Verify downstream links on the secondary vPC and toward the access will be re-enabled after the peer-link recovers.
Procedures
2.
Un-Shut the vPC peer-link port-channel on one Peer vPC device and check that standby vPC links gets
enabled.
Notes
No packet loss should be observed, follows procedure example:
rhs-7k-1(config)#
rhs-7k-1(config)# int po 10
rhs-7k-1(config-if)# no sh
... vPC recovers all links in few seconds

rhs-7k-1# sh vpc brief
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: secondary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
Test 9 Shutdown in sequence the two vPC port-channel members on one

switch
Purpose
Verify that connectivity toward the core is not lost and that impact on the traffic is expected
Procedures
Shutdown in two steps the two ports member of the downstream port-channel
Notes
A small packet loss may occur due to load balancing algorithm on the nexus 5000 readjusting its hashing
scheme due to a link failed in the channel. Anyway the traffic keeps flowing, here follows the procedure
example:
rhs-7k-1# sh port-channel summary

Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SU) Eth
LACP
rhs-7k-1# conf t
rhs-7k-1(config)# int e 1/9
Flags: D - Down
-------------------------------------------------------------------------------Group PortType
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SU) Eth
LACP
Eth1/9(D) Eth1/10(P)
rhs-7k-1#
1 Ping from the access device is being lost.
64 bytes from 192.168.202.1:
64 bytes from 192.168.202.1:
64 bytes from 192.168.202.1:
Request 3631 timed out
64 bytes from 192.168.202.1:
icmp_seq=3628 ttl=254 time=1.042 ms

rhs-7k-1# conf t
rhs-7k-1(config-if)# no sh
rhs-7k-1(config-if)# sh port-channel summary
Flags: D - Down
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SU) Eth
LACP
Eth1/9(D) Eth1/10(P)
rhs-7k-1(config-if)# exi
Type
Protocol
rhs-7k-1(config)# sh port-channel summary

Flags: D - Down
Channel
-------------------------------------------------------------------------------10 Po10(SU) Eth
LACP
Eth1/1(P) Eth1/2(P)
20 Po20(SD) Eth
LACP
Eth1/9(D) Eth1/10(D)
Type
Protocol
rhs-7k-1(config)# show vpc brief

Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 down* success
success
rhs-7k-1(config)#
Test 10 - shut/no shutdown the vPC peer-keepalive link

Purpose
Shutdown the peer-keepalive and demonstrate that this has no impact on traffic and vPC operational state. A syslog
should be produced to advertise the loss of the peer-keepalive link.
Procedures
1.
Shutdown the peer-keepalive link and observe vPC states and traffic
Notes
Procedure example:
rhs-7k-2# sh vrf peerkeepalive

VRF-Name
VRF-ID State Reason
peerkeepalive
3 Up
-rhs-7k-2#
rhs-7k-2#
rhs-7k-2# conf t
rhs-7k-2(config)# exi
rhs-7k-2#
rhs-7k-2#
rhs-7k-2# sh vrf peerkeepalive ?
<CR>
>
Redirect it to a file
>>
Redirect it to a file in append mode
detail
Display VRF detail information
interface Display interface VRF information
|
Pipe command output to filter
rhs-7k-2# sh vrf peerkeepalive interface
Interface
VRF-Name
Ethernet2/14
peerkeepalive
VRF-ID
3
rhs-7k-2# conf t
rhs-7k-2(config-if)#
rhs-7k-2(config-if)# shut
2009 Jan 24 03:12:59 rhs-7k-2 %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain
10, VPC peer keep-alive receive has failed
: peer is not alive
--Destination
: 192.168.100.1
--Send status
: Success
--Receive status
: Failed
: (57 ) seconds, (488 ) msec
Legend:
vPC domain id
: 10
Peer status
: peer is not alive
vPC role
: secondary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
Legend:
vPC domain id
: 10
Peer status
: peer is not alive
vPC role
: primary
---------------------------------------------------------------------
id Port Status Active vlans

-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
Test 11 - Fail peer-link followed by peer-keepalive link

Fail the peer-link and subsequently the peer-keepalive link observe that existing flows are not impacted.
Procedures
1.
2.
3.
Shut the peer-link from the primary vPC Peer.

Shut the peer-keepalive link from the primary vPC Peer.
Verify the vPC operational status and check for traffic impact on existing flows
Notes
Procedure example:
rhs-7k-1(config-if)# int po 10
rhs-7k-2(config-if)# 2009 Jan 24 03:46:18 rhs-7k-2 %VPC-2-VPC_SUSP_ALL_VPC: Peer-link
going down, suspending all vPCs on secondary
rhs-7k-1(config-if)# sh vrf peerkeepalive interface
Interface
VRF-Name
VRF-ID
Ethernet2/14
peerkeepalive
rhs-7k-1(config-if)# conf t
2009 Jan 24 03:46:59 rhs-7k-2 %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain
10, VPC peer keep-alive receive has failed
Legend:
vPC domain id
: 10
Peer status
: peer link is down
: peer is not alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 down -
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
rhs-7k-2(config-if)# sh vpc brief
Legend:
vPC domain id
: 10
Peer status
: peer link is down
: peer is not alive
vPC role
: secondary
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 down failed
Peer-link is down
-
Test 12 - Fail peer-keepalive link followed by peer-link

Fail the peer-keepalive link and subsequently the peer-link and observe that existing flows are not impacted.
Procedures
1.
2.
3.
Shut the peer-keepalive link from the primary vPC Peer.

Shut the peer-link from the primary vPC Peer.
Verify the vPC operational status and check for traffic impact on existing flows
Notes
Procedure example:
rhs-7k-1(config-if)# conf t
rhs-7k-2# debug vpc peer-link 2009 Jan 24 04:11:04 rhs-7k-2 %VPC-2PEER_KEEP_ALIVE_RECV_FAIL: In domain 10, VPC peer keep-alive receive has
failed
: peer is not alive
--Destination
: 192.168.100.1
--Send status
: Success
--Receive status
: Failed
: (17 ) seconds, (4294402) msec
Legend:

vPC domain id
: 10
Peer status
: peer is not alive
vPC role
: secondary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
rhs-7k-1(config-if)# int po10
Legend:
vPC domain id
: 10
Peer status
: peer link is down
: Suspended (Destination IP not reachable)
vPC role
: secondary, operational primary
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
Test 13 - SSO switchover test during traffic

Perform an SSO switchover with traffic running and verify this does not impact vPC operations and traffic flows.
Procedures
1.
2.
3.
Notes
Check for vPC session to be up and running

Issue a system Supervisor switchover
Verify vPC operational status and check for traffic impact on existing flows
Few packet losses are observed as we are pinging the supervisor HRSP virtual address. In this case ICMP
responses are processed by the control plane of the supervisor which is swapped in the process. A more
meaningful variant of this test could be to ping a remote hosts. These packets will be hardware switched
and for these no loss should be seen. Procedure example:

Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up
success
success
11-14
rhs-7k-1# system switchover
rhs-7k-1# Read from remote host rhs-7k-1: Connection reset by peer
Connection to rhs-7k-1 closed.
[demo@virtualab ~]$
[demo@virtualab ~]$
[demo@virtualab ~]$ ssh admin@rhs-7k-1
User Access Verification
Password:
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2009, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
Legend:
vPC domain id
: 10
Peer status
: peer is alive
vPC role
: primary
-- ---- ------ -------------------------------------------------1 Po10 up
11-14
vPC status
Active vlans
-- ---- ------ ----------- -------------------------- -----------20 Po20 up

success
success
11-14
n5k-rhs-1# ping 192.168.202.1 interval 1 count unlimited
PING 192.168.202.1 (192.168.202.1): 56 data bytes
Request 10 timed out <<< Control plane switchover !!
Request 11 timed out
Conclusion
This test plan provides an overview of Nexus 7000 / NX-OS testing and should server as a
guideline in developing a custom test plan for a particular customer testing / demonstration. For
more information, consult NX-OS configuration guides, TME documents or CPOC case studies.
External References
http://www.cisco.com/en/US/products/ps9402/tsd_products_support_series_home.html
http://www.cisco.com/en/US/products/ps9402/prod_literature.html
http://wwwin-eng.cisco.com/Eng/DCBU/DC3/
http://www.cisco.com/cdc_content_elements/flash/dataCenter/ciscofeaturenavigator/inde
x.html
Internal References
http://bock-bock.cisco.com/wiki/N7K
http://wwwin.cisco.com/dss/dcbu/nexus7000/
http://bock-bock.cisco.com/wiki/N7K:tech_resources:vpc
http://bock-bock.cisco.com/wiki/N7K:FAQ:vPC
http://wwwin.cisco.com/vod/tac/np220208_dc3_nexus/
Acronyms
vPC Feature: Virtual Port Channel Feature
vPC peer: a vPC switch, one of a pair
vPC member port: one of a set of ports (port channels) that form a vPC
vPC Instance: the combined port channel between the vPC peers and the downstream device
vPC peer-link: Link used to synchronize state between vPC peer devices, must be 10GbE
vPC peer-keepalive link: the fault tolerant link between vPC peer devices, i.e., backup to the vPC peer-link
CFS: Cisco Fabric Services protocol, used for state synchronization & configuration validation between vPC peers
HSRP: Hot Standby Router Protocol
UDLD: UniDirectional Link Detection
VLAN: Virtual Local Area Network
VRRP: Virtual Router Redundancy Protocol

Nexus 7000 Test Plan VPC v1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nexus 7000 Test Plan VPC v1

Uploaded by

Copyright:

Available Formats

Customer Proof of Concept Lab

Data Center Business Unit

January 27, 2009

January 27, 2009

Note: Lab operation hours are 9 a.m. to 5 p.m. Monday to Friday.

Equipment - Hardware and Software

Nexus 7000 10 Slot Chassis 46Gbps/Slot Fabric

Nexus 7000 - 6.0KW AC Power Supply Module

Nexus 7000 - Supervisor

Nexus 7000 - 48 Port 10/100/1000, RJ-45, 40G Fabric

Nexus 7000 - 32 Port 10GbE, 80G Fabric

Cisco Nexus5020 Chassis ("40x10GE/Supervisor")

Software & Licenses

Third Party Devices

Design and Topology Diagram

Part I Preliminary Configuration

Environment and configurations

Configure Layer 2 and Spanning Tree

rhs-7k-1(config)# interface ethernet 1/9, e 1/10

Vlans Allowed on Trunk

Test 2 Enable HSRP feature

Environment and configurations

Configure HSRP on both the nexus 7000 aggregation switches

rhs-7k-1# sh run int vl 11

2. Repeat this configuration on the other Nexus 7000 aggregation switch.

rhs-7k-1# sh hsrp brief

2 255 P Active local

rhs-7k-2# show hsrp brief

n5k-rhs-1# ping 192.168.202.1

rhs-7k-1# 2009 Jan 23 18:09:35.900358 netstack: [3553] (default) Rcvd packet on

Test 3 Enable LACP feature

Environment and configurations

rhs-7k-1# sh run | be port-channel | be 10

Test 4 Enable global UDLD

Environment and configurations

Test 5 Verify Layer 2 Connectivity

Environment and configurations

Use Ping/Traceroute/traffic generator or a generic client to generate a test stream

Local Intrfce Hldtme Capability Platform

rhs-7k-2# ping 192.168.202.4

Local Intrfce Hldtme Capability Platform

Part II Bring up vPC on network

Environment and configurations

vPC peer link must be on a N7K-M132XP-12, dedicated mode port is recommended

Enable vPC feature on both aggregation Nexus 7000 switches.

rhs-7k-1# sh feature | in vpc

rhs-7k-1# sh feature | in vpc

vrf context peerkeepalive

rhs-7k-1# ping 192.168.100.2 vrf peerkeepalive

rhs-7k-2# show vpc brief

rhs-7k-1# show port-channel summary

rhs-7k-2(config-if-range)# channel-group 20 mode active

Perform vPC sanity, verify consistency and check connectivity.

rhs-7k-1# show vpc brief

Type 1 : vPC will be suspended in case of mismatch

rhs-7k-1# show spanning-tree vlan 11

Pathcost method used

Part III - vPC Failure scenario and convergence tests

Test 7 - shutdown the vPC peer-link port-channel on one switch

Environment and configurations

No traffic disruption is observed, Procedure example follows:

Test 8 - no shutdown the vPC peer-link port-channel on the switch