Gabe's geekin' tech blog
Here’s some good info about vPC options/topologies as found on Cisco’s vPC design guide.
The fundamental concepts of vPC are described at http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/white_paper_c11-516396.html.
vPCs consist of two vPC peer switches connected by a peer link. Of the vPC peers, one is primary and one is secondary. The system formed by the switches is referred to as a vPC domain.
Following is a list of some possible Cisco Nexus vPC topologies:
● vPC on the Cisco Nexus 7000 Series (topology A): This topology consists of access layer switches dualhomed to the Cisco Nexus 7000 Series with a switch PortChannel with Gigabit Ethernet or 10 Gigabit
Ethernet links. This topology can also consist of hosts connected with virtual PortChannels to each Cisco Nexus 7000 Series Switch.
● vPC on Cisco Nexus 5000 Series (topology B): This topology consists of switches dual-connected to the
Cisco Nexus 5000 Series with a switch PortChannel with 10 Gigabit Ethernet links, with one or more links to
each Cisco Nexus 5000 Series Switch. Like topology A, topology B can consist of servers connected to each Cisco Nexus 5000 Series Switch via virtual PortChannels.
● vPC on the Cisco Nexus 5000 Series with a Cisco Nexus 2000 Series Fabric Extender single-homed (also called straight-through mode) (topology C): This topology consists of a Cisco Nexus 2000 Series Fabric Extender single-homed with one to eight 10 Gigabit Ethernet links (depending on the fabric extender model) to a single Cisco Nexus 5000 Series Switch, and of Gigabit Ethernet or 10 Gigabit Ethernet-connected servers that form virtual PortChannels to the fabric extender devices. Note that each fabric extender connects to a single Cisco Nexus 5000 Series Switch and not to both, and that the virtual PortChannel can be formed only by connecting the server network interface cards (NICs) to two fabric extenders, where fabric extender 1 depends on Cisco Nexus 5000 Series Switch 1 and fabric extender 2 depends on Cisco Nexus 5000 Series Switch 2. If both fabric extender 1 and fabric extender 2 depend on switch 1 or both of them depend on
switch 2, the PortChannel cannot be formed.
● Dual-homing of the Cisco Nexus 2000 Series Fabric Extender (topology D): This topology is also called Cisco Nexus 2000 Series Fabric Extender (FEX for brief) Active/Active. In this topology each FEX is connected to each Cisco Nexus 5000 Series device with a virtual PortChannel. With this topology, the server cannot create
a PortChannel split between two fabric extenders. The servers can still be dual-homed with active-standby or
active-active transmit-load-balancing (TLB) teaming.
Note: Topologies B, C, and D are not mutually exclusive. You can have an architecture that uses these three topologies concurrently. Design Guide © 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 38
Figure 1 illustrates topologies A and B. Figure 2 illustrates topologies C and D.
Figure 3 illustrates the main vPC components. Switches 1 and 2 are the vPC peer switches. The vPC peer switches are connected through a link called a peer link, also known as a multichassis EtherChannel trunk (MCT). Figure 3 shows devices (switch 3, switch 4, and server 2) that are connected to the vPC peers (which could be Cisco Nexus 7000 or 5000 Series Switches). Switches 3 and 4 are configured with a normal PortChannel configuration, switches 1 and 2 are configured with a virtual PortChannel
vPC Peer Link
The vPC peer link is the most important connectivity element in the vPC system. This link is used to create the illusion of a single control plane by forwarding Bridge Protocol data units (BPDUs) or Link Aggregation Control Protocol (LACP) packets to the primary vPC switch from the secondary vPC switch.
The peer link is used to synchronize MAC addresses between aggregation groups 1 and 2, to synchronize IGMP entries for the purpose of IGMP snooping, it provides the necessary transport for multicast traffic and for the communication of orphaned ports. The term “orphaned ports” refers to switch ports connected to single-attached hosts, or vPC ports whose members are all connected to a single vPC peer. In the case of a vPC device that is also a Layer 3 switch, the peer link also carries Hot Standby Router Protocol (HSRP) frames.
For a vPC to forward a VLAN, that VLAN must exist on the peer link and on both vPC peers, and it must appear in the allowed list of the switch port trunk for the vPC itself. If either of these conditions is not met, the VLAN is not displayed when you enter the command show vpc brief, nor is it a vPC VLAN.
When a PortChannel is defined as a vPC peer link, Bridge Assurance is automatically configured on the peer link. vPC Peer-Keepalive or Fault-Tolerant Link. A routed “link” (it is more accurate to say “path”) is used to resolve dual-active scenarios in which the peer link connectivity is lost. This link is referred to as a vPC peer-keepalive or fault-tolerant link. The peer-keepalive traffic is often transported over the management network through the management 0 port of the Cisco Nexus 5000 Series Switch or the management 0 ports on each Cisco Nexus 7000 Series supervisor. The peer-keepalive traffic is typically routed over a dedicated Virtual Routing and Forwarding (VRF) instance (which could be the management VRF, for example).
The keepalive can be carried over a routed infrastructure; it does not need to be a direct point-to-point link, and, in fact, it is desirable to carry the peer-keepalive traffic on a different network instead of on a straight point-to-point link.
vPC Ports, and Orphaned Ports
A vPC port is a port that is assigned to a vPC channel group. The ports that form the virtual PortChannel are split between the vPC peers and are referred to as vPC member ports. A non-vPC port, also known as an orphaned port, is a port that is not part of a vPC.
Figure 4 shows different types ports connected to a vPC system. Switch1 and Host 3 connect via vPCs. The ports connecting devices in a non-vPC mode to a vPC topology are referred to as orphaned ports. Switch 2 connects to the Cisco Nexus Switch with a regular spanning-tree configuration: thus, one link is forwarding, and one link is blocking. These links connect to the Cisco Nexus Switch with orphaned ports. Server 6 connects to a Cisco Nexus Switch with an active-standby teaming configuration. The ports that server 6 connects to on the Cisco Nexus Switch are orphaned ports.
Server 6 connects to a Cisco Nexus Switch with an active-standby teaming configuration. The ports that server 6 connects to on the Cisco Nexus Switch are orphaned ports.
vPC Topology with Fabric Extenders
Figure 5 illustrates another vPC topology consisting of Cisco Nexus 5000 Series Switches and Cisco Nexus 2000 Series Fabric Extenders (in straight-through mode: that is, each fabric extender is single-attached to a Cisco Nexus 5000 Series Switch).
Figure 5 shows devices that are connected to the vPC peer (Cisco Nexus 5000 Series Switches 5k01 and 5k02) with a PortChannel (a vPC); for example, server 2, which is configured for NIC teaming with the IEEE 802.3ad option.
Servers 1 and 3 connect to orphan ports.
● Two peer devices: the vPC peers, of which one is primary and one is secondary; both are part of a vPC domain
● A Layer 3 Gigabit Ethernet link called a peer-keepalive link to resolve dual-active scenarios
● A redundant 10 Gigabit Ethernet PortChannel called a peer link which is used to carry traffic from one system to the other when needed and to synchronize forwarding tables
● vPC member ports forming the virtual PortChannel