vPC – Virtual Port Channel

Virtual Port Channel – vPC

Nexus Platform:

The Nexus platform provides several advantages that include the fact that it was built to be more modular than the Catalyst platform.
This mean that processes such as OSPF, EIGRP, HSRP, LACP can be started and stopped and upgraded without affecting the kernel. It also provides a path to perform inline software service upgrades (ISSU) which allow upgrading a switch’s kernel without sacrificing downtime on the network.
 
The Nexus platform is considered data center switches. In this blog I want to focus on the new technology known as vPC.
 vPC stands for Virtual Port Channel and is a way to spread link aggregation across multiple switches.

Link Aggregation is a way to combine multiple ports together into a single logical port. For example if we have 2 * 10Gbps ports we can combine together to form a 20Gbps port. This gives better throughput and redundancy in case one of the ports goes down.

Cisco calls this a port-channel or ether-channel.
The main limitation is that a port-channel had to be contained on a single switch.
To get redundancy when interconnecting switches as shown in the below diagram & also to avoid switching loops we need to rely on Spanning tree protocol.

vPC & elimination of Spanning Tree

vPC allows to build a port channel that spans across two different switches.

This means that both switches know about the MAC addresses being seen on both ports and can effectively decide what to listen to and what not to listen to.

Cisco has tried to take care of this in the past with technology like VSS (Virtual Switching System) and the switch stack on a 3750. The problem with these technologies is that the switches are acting as a single unit with shared resources. In case if we need to upgrade one switch it requires an upgrade to all.

In case of vPC it provides redundancy in the fact that we have 2 switches that are independent and can be taken down and upgraded independently, but at the same time they are sharing port channel information and can eliminate the need for Spanning Tree Protocol.

vPC Configuration – Example

For this example I am using a pair of Nexus 5K for the vPC setup & configuration.

Step -1:

The Nexus switches require enabling the features we need.
In this case we will need vPC and LACP on both the switches [Switch#1 & Switch#2]

feature lacp
feature vpc

Step -2:

Setup the management interfaces on each Nexus 5K switch.
These will be the vPC keep alive link. We can also use the cross over cable to connect both the switches & it can be used as the keep alive link as shown in the above diagram.
The switches require L3 reachability between them to have the keep alive messages exchanged.

On switch#1:
interface mgmt0
ip address 192.168.100.5/30

On switch#2:
interface mgmt0
ip address 192.168.100.6/30

Make sure that both the switches are able to reach each other via PING & ensure the network reachability.

Step -3:
Next step is to setup a vPC Domain with the management addresses of each management interface.

On Switch#1:

vpc domain 10
peer-keepalive destination 192.168.100.6 source 192.168.100.5 vrf management

On Switch#2:

vpc domain 10
peer-keepalive destination 192.168.100.5 source 192.168.100.6 vrf management

Step -4:

Next step is to configure the peer links that will carry the data.
These peer links should at least have adequate bandwidth & also offer redundancy.
In this example we are using 2 * 10 Gbps SFP interfaces which offer aggregated bandwidth of 20 Gbps.
We are using interface 1/1 & 1/2 on both the switches.
The port channel no used is 57.

On Switch#1

interface port-channel57
description ## vPc to Switch#2 ##
switchport mode trunk
spanning-tree port type network

interface Ethernet1/1
description ##  To Switch#2 E1/1 ###
switchport mode trunk
channel-group 57 mode active

interface Ethernet1/2
description ##  To Switch#2 E1/2 ###
switchport mode trunk
channel-group 57 mode active

On Switch#2

interface port-channel57
description ## vPc to Switch#1 ##
switchport mode trunk
spanning-tree port type network

interface Ethernet1/1
description ##  To Switch#1 E1/1 ###
switchport mode trunk
channel-group 57 mode active

interface Ethernet1/2
description ##  To Switch#1 E1/2 ###
switchport mode trunk
channel-group 57 mode active

The Port channel 57 needs to be defined as peer link using the below command.

interface port-channel57
vpc peer-link

Perform a show vpc brief to see the status of the port channel:

Switch#1# show vpc brief
Legend:
                (*) – local vPC is down, forwarding via vPC peer-link
 
vPC domain id                   : 10
Peer status                     : peer adjacency formed ok
vPC keep-alive status           : peer is alive
Configuration consistency status: success
Per-vlan consistency status     : success
Type-2 consistency status       : success
vPC role                        : primary
Number of vPCs configured       : 0
Peer Gateway                    : Disabled
Dual-active excluded VLANs      : –
Graceful Consistency Check      : Enabled
 
vPC Peer-link status
———————————————————————
id   Port   Status Active vlans
—   —-   —— ————————————————–
1    Po57 up     1

 

vPC Port Setup

Next step is to setup a port channel in Switch#3.
The Switch#3 we are using in this example is 3750 which uses 2 10Gbps ports.
The ports used are T1/0/1 & T1/0/2.

First thing is the configuration on Switch C. For this configuration, we will be using a 3750 and connecting two Ten Gigabit interfaces in a port channel to switches A and B. Ports T1/0/1 and T1/0/2 on the 3750 are connected to port Ethernet 1/10 on both Switch#1 and Switch#2.

On Switch#3

interface Port-channel100
description ## To Switch#1 & Switch#2 ##
switchport trunk encapsulation dot1q
switchport mode trunk

interface TenGigabitEthernet1/0/1
description ## To Switch#1 Ethernet 1/10 ##
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 100 mode active
 
interface TenGigabitEthernet1/0/2
description ## To Switch#2 Ethernet 1/10 ##
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 100 mode active
 

Then on Switch#1 & Switch#2 configure a port channel in a vPC. The configuration is the same on both switches & with this configuration I have allowed only VLAN 1, 10 & 20 in the trunk port.

interface port-channel101
description ## To Switch#3 ## 
switchport mode trunk
vpc 101
switchport trunk allowed vlan 1,10,20
spanning-tree port type edge trunk
spanning-tree bpduguard enable
 
  interface Ethernet1/10
  description ## To Switch#3 ## 
  switchport mode trunk
  switchport trunk allowed vlan 1,10,20
  channel-group 101 mode active
 
Once the connectivity is setup the port channel comes up & the status of the vPc can be confirmed.
After this we have 20Gbps port channel connectivity to Switch#3.