HP Virtual Connect Flex-10 and Nexus VPC (Virtual Portchannel) Configuration
HP Virtual Connect Flex-10 and Nexus VPC (Virtual Portchannel) Configuration
HP Virtual Connect Flex-10 and Nexus VPC (Virtual Portchannel) Configuration
PortChannel) Configuration
This paper will outline the steps to configure the Virtual Connect Flex-10 modules and Cisco Nexus
5000/7000 series switches as a virtual PortChannel. HP Virtual Connect Ethernet modules will work
seamlessly with Cisco Nexus infrastructures and this new network design. A virtual PortChannel (vPC)
provides some basic benefits.
This diagram below shows the environment configuration. There are two Nexus 5010 switches, One HP
Blade Enclosure with two Virtual Connect Flex-10 modules. The uplink port (blue) in VC 1/1 is connected
to Nexus SW1, Port 1/13: and uplink VC 1/2 (blue) is connected to Nexus SW2 Port 1/13. These ports
are configured as PortChannel Po12. The uplink port (red) VC 2/1 is connected to Nexus SW1 Port, 1/14
and uplink VC 2/2 (red) ,is connected to Nexus SW2 Port 1/14. These ports are configured as
PortChannel Po13.
Enabling lacp and vpc feature, on both switch (notice: pagp is not supported on NX-OS)
Move it to vPC
Log into the nexus switch to configure Global Settings: LACP and VPC
switch# Config-t
switch (config)# feature lacp *This is now set at the global level and not at the individual port
switch (config)# show feature Verify the above features are enabled
tacacs 1 disabled
lacp 1 enabled
interface-vlan 1 disabled
private-vlan 1 disabled
udld 1 disabled
vpc 1 enabled
fcoe 1 disabled
fex 1 enabled
The Nexus OS version 4.1(3)N1(1) is installed on both N5K switches. The vpc feature was enabled on
the two N5K switches with the keepalive address pointing to the peer Vlan 1 address: A vpc peer link
was created as required, this case bonding to 2 x 10GE ports in a portchannel. Initial vpc link operation
was verified with the ‘show vpc’ command at the N5K CLI (output shown later).
Note:
1. Add interface eth 1/9 and 1/10 of both switch to port-channel Po50
switch (config-vpc-domain)# int eth 1/3-4 goes to interfaces where the port-channel 50 will be set
This will enable spanning tree Bridge Assurance on vPC peer-link provided the STP Bridge Assurance
(optional) switch (config-if)#switchport mode trunk like any ISL, the port should be turned to trunk mode
(according Cisco)
(optional) switch (config-if)#switchport trunk allowed vlan 1-2,220, 222, 250, 270 list of allowed vlan
interface port-channel50
vpc peer-link
interface Ethernet1/9
interface Ethernet1/10
Each N5K switch has a single 10GE port connected to Virtual Connect Interconnect bay 1. An LACP
portchannel was created on each switch (arbitrarily numbered 12) and a vpc identifier was associated
with that portchannel using the same number 12. Note that an identical number for the portchannel and
the vpc identifier is *not* required. What is required is that the vpc identifier be identical for the peered
portchannels on the respective switches. The Virtual Connect-connected port was then added to the
nd
channel on each switch: [A second identical vpc was created with the 2 Virtual Connect Module link;
that vpc is numbered 13]. Portchannel creation and channel member additions were configured as
follows on Nexus SW 1:
interface port-channel12
vpc 12
interface port-channel13
vpc 13
interface Ethernet1/13
interface Ethernet1/14
The last configuration command on the portchannel interface (bold) is critical. It is used to enable the
PortFast feature which removes the portchannel (and all of the channel members) from the STP topology.
It must be attached to the portchannel, not the member interfaces. Otherwise spanning-tree will block the
channel and thus all member ports and no traffic will be forwarded from the channel to the Blade System.
Operational verification from the N5K side is first seen with the ‘show vpc’ command”
Legend:
---------------------------------------------------------------------
vPC status
----------------------------------------------------------------------------
To verify forwarding state, run the ‘show spanning-tree’ command. As you can see below, Port Channels
12 and 13 are in a forwarding state with additional information indicating vPC configuration in the type
field.
VLAN0001
Address 0002.0000.bc01
Cost 3
Address 000d.0000.c53c
VLAN0002
Address 0002.0000.bc02
Cost 3
Address 000d.0000.c53c
VLAN0220
Address 0002.0000.bc02
Cost 3
Address 000d.0000.c53c
VLAN0222
Address 0002.0000.bcde
Cost 3
Address 000d.0000.c53c
VLAN0250
Address 0002.0000.bc02
Cost 3
Address 000d.0000.c53c
VLAN0270
Address 0002.0000.bc02
Cost 3
Address 000d.0000.c53c
Lastly, once the configuration is in port forwarding state, MAC addresses of physical and virtual hosts will
be resident in the L2 cache (note the HP IEEE OUI hex prefixes). This test can also be indirectly verified
from the host servers (properly configured at layer 2 and 3) successfully receiving an ICMP echo reply
from their gateways or other valid network address.
---------+-----------------+-------+---------+------------------------------
The virtual connect environment was setup with an active/active configuration so that all uplink ports from
the VC interconnect bays would be active links to the Nexus switches.
Select Shared Uplink Set – Server_VLANs_A, at the bottom input the VC Network names and VLAN id
VLAN2_A vlan ID 2
Repeat steps for SUS Server_VLANs_B, making sure to name the VC network with a suffix _B with the
same vlan ID.
The picture below shows the VC network with all physical links once the VPC is setup.
Each virtual connect link for the configured SUS was placed in an Active state after the Nexus switches
were properly configured
.
Example configuration of VCM link state if all VC uplink ports are in a single Virtual Connect
Network.
Link state changes to Active/Passive between physical VC modules. Bay 1, ports X1, X2 have been
placed in a standby state, while Bay 2 ports are active.
This behavior is by design; VCs loop prevention mechanism has placed VC Bay 1 into standby to prevent
any loops in the topology. Each VC module has by default 2 cross connect ports X7 and X8, when
present the adjacent VC modules are stacked together. Without this loop prevention behavior a network
loop would be formed.
Summary:
This paper has outlined the basic setup steps to create a virtual port channel using the new Nexus
switches and Virtual Connect Flex-10. With this design you can create a highly available network
infrastructure resulting in switch and path redundancy.
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/configuration_guide_c07-543563.html
http://docwiki.cisco.com/wiki/Cisco_NX-OS/IOS_Configuration_Fundamentals_Comparison