Vpc and pvst+

Similar Messages

• Nexus 5000 vpc and fabricpath considerations

  Hello community,
  I'm currently in the process of implementing a fabricpath environment which includes Nexus 5548UP as well Nexus 7009
  NX OS on N5K is 6.0(2)N1(2)
  Regarding the FP config on the N5K I wonder what is the best practice for the peer-link. Is it necessary to configure the Portchannel like below:
  interface port-channel2
    description VPC+ Peer Link
    switchport mode fabricpath
    spanning-tree port type network
    vpc peer-link
  There are several VLANs configured as FP.
  As I understand we can remove the command:
  spanning-tree port type network
  Can anyone confirm this ?
  Also I noticed a "cosmetic" problem. On two port 1/9 and 1/10 on both N5K it isn't possible to execute the command "speed"?!
  When the command speed is executed I receive the following error:
  ERROR: Ethernet1/9: Configuration does not match the port capability
  Also please notice after the vPC and FP configuration we don't do a reload!
  Thanks
  Udo

  Hi Simon -
  Have done some testings in the lab on ISSU with FEXes either in Active/Active and Straight-through fashion, and it works.
  Disabling BA on N5K(except the vPC peer link) is one of the requirements for ISSU . 
  In a lately lab testing with the following topo, BA is configured on the vpc 101 between the N5Ks and Cat6k.  We have a repeated regular ping between the SVI interfaces of c3750 and Cat6K. 
                        c3750
                           ||
                        vPC
                           ||
      N5K =====vPC====== N5K
                            ||
                       vpc 101
                            ||
                       Cat6k
  When we changed the network type to disable BA, we observed some ping drops, which around 20-30.
  I am not sure what your network looks like, hopefully this will give you some ideas about the ISSU.  As a general recommendation, schedule a change window for some changes or even ISSU.
  regards,
  Michael

• RPVST+ at Distribution and PVST at Access Switch

  Hi. I have two Cat6506 (redundant collapsed-core config) configured w/ RPVST+ and connected to this are a series of Cat2950s configured with PVST. My question is, is this a good practice configuration of STP? (running both RPVST+ and PVST on the same topology) Will there be any problems with convergence? We recently are adding some vlans on the network and we experienced an outage for most of the vlans. The Cat6500s registered duplicate HSRP addresses. Any recommendation to fine-tune this network (considering that the Cat2950 does not support RPVST+) would be helpful. thanks.

  you can run rpvst+ and pvst+ simultaneously.
  rpvst+ has been built to interoperate with pvst+.
  an rpvst+ configured switch will revert to pvst+ in a pvst+ rootBridge scenario.
  cisco recommends a slightly different configuration in this case:
  1) run two STP instances, one for rpvst+ and one for pvst+.
  2) the rpvst+ instance must have an rpvst+ switch as the rootBridge; the pvst+ instances must have an pvst+ switch as the rootBridge.
  3) keep the pvst+ switches at the edge of the network; likewise, keep the rpvst+ switches at the core of the network.
  please see this link for more info on STP modes:
  http://www.cisco.com/en/US/products/hw/switches/ps5213/products_configuration_guide_chapter09186a0080216672.html#wp1150156
  please see the following link for much more STP info:
  http://www.cisco.com/en/US/tech/tk389/tk621/tsd_technology_support_protocol_home.html

• What security precautions need I take when installing VPC and Windows

  I am a long time Mac user who enjoys the fact that viruses have never been even a minor issue. I am concerned that installing Windows with VPC 7 will expose my machine to the wide world of Windows viruses and security issues. My windows-using friends spend more time talking about security and anti virus nonsense than they spend actually using thier machines (slight exageration). Am I just being snobby and paranoid, or are these fears grounded?
  Also, VPC and windows are way too expensive in my way of thinking. I just need to view webpages I update at work on PC browsers, and occasionally use Access (which isn't made for Mac, right?). Should I just buy a cheap-o windows box (like the 300 dollar or so Dell)? I hardly need power to do what I want.

  You should take the same precautions with VirtualPC as you would with a real PC.
  You should be running the same anti-virus, anti-spyware and firewall software you would run on your real PC.
  VPC has the "advantage" that you can delete it and recreate it anew.
  iFelix

• Cisco VPC and Huawei IRF

  Hi,
     we want to connect cisco VPC and huawei IRF together, Is there anyone has experience?
     thank you!
  Jeremy

  no one answer me, I will discuss this issue with huawei and customer.
  you know in china ,they will remove cisco products , we have a lot of problem with this, may be we need a lab to test it

• VPC and MSN

  I have no need of VPC myself but my young boy is frustrated that MSN messenger for mac has no web-cam support and he is unable to persuade all of his friends to install AOL.
  I'm willing to purchase VPC and XP home bundle to let him VC with his friends, but only if it works for him.
  He has a G5 imac with built in isight (1.9 Ghz/1Gb RAM)
  First up, will MSN messenger 7 (or the latest) recognise and work with his built in isight and if so does anyone have any idea how his mac will cope with video under virtualisation.
  Oh, he uses an airport to connect into a router on an ethernet network to connect to the internet, any issues here?

  VPC is too slow to use for video conferencing. I would suggest you look at aMSN and Mercury Messenger. Both are MSN clients for the Mac and support video chat.
  Power Mac G5 Dual 1.8 GHz   Mac OS X (10.4.3)   2 GB RAM
  I don't know if they support the internal iSight, my guess would be no. If not, just get a cheap Mac-compatible USB webcam (I know Logitech has a few Mac compatible models).

• Win7 VPC and XP Mode crash upon restart

  I have Windows 7 Virtual PC (64-bit) with Windows XP Mode in my Win7 Pro x64 host setup.  When I first installed both programs, I had no trouble shutting down or restarting XPM...
  ...But just recently, after a restart, my VPC crashed.  The sequence is as follows:  After shutting down XPM, the window disappears, to be replaced by the typical scrolling green line with the message "Shutting down the virtual machine..." 
  The message changes to "Starting the virtual machine..." as it attempts to restart XPM; and just as it is about to open the XPM window, the error pops up,
  "Windows Virtual PC has stopped working".
  At that point, I am obviously forced to shut down the process.  The only way I can start XPM is from a cold start.  I cannot perform a restart of any kind, whether it is a cold restart or a restart following the installation of a program that requires
  a restart.  I have to shut it down cold before I can start it again.
  My first suspicion is that I installed a program that caused one of my Win7 components (whatever is required for VPC and/or XPM to function properly) to malfunction or disappear from my setup.  But I have yet to notice any other program exhibit abnormal
  functionality or crash completely.  Nor have I tinkered with the registry.
  I tried removing VPC and reinstalling, but it still crashes when I attempt to restart XPM.  I have not yet tried removing and reinstalling XPM as of yet, but I suspect that might not work, either.

  Has anyone tried the 32-bit VPC in a 64-bit Win7 environment?  Or will it not install?  And why does VMWindow.exe load into the system32 folder...
  C:\Windows\System32\VMWindow.exe
  ...When the VPC version installed is the 64-bit version?
  Here is error code from a more recent attempt to restart XP Mode:
  Log Name:      Application
  Source:        Application Error
  Date:          12/4/2013 3:01:24 AM
  Event ID:      1000
  Task Category: (100)
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      BlueXmas64
  Description:
  Faulting application name: VMWindow.exe, version: 6.1.7601.17514, time stamp: 0x4ce7b2e6
  Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
  Exception code: 0xc0000374
  Fault offset: 0x00000000000c4102
  Faulting process id: 0x1804
  Faulting application start time: 0x01cef0be73fb796d
  Faulting application path: C:\Windows\System32\VMWindow.exe
  Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
  Report Id: 447afaab-5cba-11e3-8cf2-bc5ff45ce61c
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Application Error" />
      <EventID Qualifiers="0">1000</EventID>
      <Level>2</Level>
      <Task>100</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2013-12-04T08:01:24.000000000Z" />
      <EventRecordID>19272</EventRecordID>
      <Channel>Application</Channel>
      <Computer>BlueXmas64</Computer>
      <Security />
    </System>
    <EventData>
      <Data>VMWindow.exe</Data>
      <Data>6.1.7601.17514</Data>
      <Data>4ce7b2e6</Data>
      <Data>ntdll.dll</Data>
      <Data>6.1.7601.18247</Data>
      <Data>521eaf24</Data>
      <Data>c0000374</Data>
      <Data>00000000000c4102</Data>
      <Data>1804</Data>
      <Data>01cef0be73fb796d</Data>
      <Data>C:\Windows\System32\VMWindow.exe</Data>
      <Data>C:\Windows\SYSTEM32\ntdll.dll</Data>
      <Data>447afaab-5cba-11e3-8cf2-bc5ff45ce61c</Data>
    </EventData>
  </Event>

• Peer-Switch with vPC and non-vPC Vlan Port-Channels

  Hi,                 
  in a design guide i have noticed that it is best practice to split vPC and non-vPC vlans on different inter-switch port-channels. Now, if i want to use the Peer-Switch function, but the port-channel interface of the non-vPC-vlan channel moves into blocking state. The option spanning-tree pseudo-information has no influence. Is peer-switch possible in my kind of topology?
  Greeting,
  Stephan

  I believe absolutly possible. specifically coz peer-switch and spt pseudo-info are specific and local to cisco fabric services running as part of  vpc technology. Personally me has lab with vpc-domain compounded of 2 N5Ks. They are peer-switches with spt-pseudoinfo and they have MST running on non VPC links independantly from vpc.

• VPC and ALUI6.1

  Hello,
  I have a VPC and would like to set up Analytics on it, and have it point to an existing setup of a production server.
  I cannot get the VPC to be recognized by the Portal. It is a pre-existing image setup as workgroup with a computer name of TESTSERVER (running 2003 Server with SQLSERVER 2000).
  Anyone have any info on using a VPC that networks with a PC Portal setup?
  Thanks,
  V
  Computers are like Old Testament gods; lots of rules and no mercy. ~Joseph Campbell

  Hello,
  I have a VPC and would like to set up Analytics on it, and have it point to an existing setup of a production server.
  I cannot get the VPC to be recognized by the Portal. It is a pre-existing image setup as workgroup with a computer name of TESTSERVER (running 2003 Server with SQLSERVER 2000).
  Anyone have any info on using a VPC that networks with a PC Portal setup?
  Thanks,
  V
  Computers are like Old Testament gods; lots of rules and no mercy. ~Joseph Campbell

• Double sided VPC/enhanced VPC and MST

  Hello,
  I have some doubts/clarifications regarding MST with VPC--
  There are two N7K core switches and four N5K switches and eight N2K.
  there will be double sided VPC between N5K and N7K.
  there will be enhanced vpn between N5k and n2k.
  N7Ks will be connected to fifteen 4500.
  Each 4500 will be in a VPC with N7k.
  Each 4500 is single homed to 15 catalyst edge switches
  Assume MST needs be configured in this network.
  1) On MST instance  - on N7K as per cisco design guide
  2) Map all vlans (1-3967,4048-4093) in this instance N7K as per cisco design guide
  3) No need to hard code root as peer switch command will be used
  Now the concern that i have is regarding MSt configuration on all 4500.
  1) 4500 number 1 may have vlans 2,3,4,5,6,7 and 4500 number 2 may have vlans 2,11,12,13,14,15,16
  so can i just map all vlans to the single instance like instance 1 vlan 1-4094 on all catalysts 4500?
  2) catalyst edge switches all run PVST+, i believe 4500 mst will interoperate with edge switch pvst+.
  Is there any othe things that need tobe taken care of in this scenario?
  Regards

  1) If you are using MST with single region, I don't see the point. It can be done with RPVST+ without any interop worries.
  2) Same as 1.
  3) This is not true, with peer-switch feature, it is a BP to hard code the N7K as STP root with the same priority value, otherwise, the smallest switch ID will be the root. In you case, most likely the oldest switch will become the root if you don't hard code it.
  To your second set of questions:
  1) Yes, you need to match all your region(s) with the same VLANs, otherwise, you will have MST inconsistency.
  2) Yes.
  HTH,
  jerry

• VPC and tiger

  We have 2 new Powerbook G4 running OS X 10.4.3 which I have got everything to work fine on the network, which is a SBS. The problem is we have a software program that is not mac comp. So we bought office 2004 for mac with Virtual pc 7.0 w/ xp pro and I have updated it to 7.02. I have xp pro up and running fine but can not get it on our network. I tried changing VPC from a network type of "shared networking" to a "virtual networking" but all options are grayed out when I go into the networking settting under VPC so it is locked on shared networking.
  Any ideas how to get this changed and help getting VPC with xp pro on our network so the accounting software will work?
  thanks

  What worked for me was making sure that TCP/IP in the Ethernet settings in Network (System Preferences) is set to DHCP and nothing else. Of course, be sure to enter all of your ISP and gateway addresses, too. In all of the configuration I had set TCP/IP to something else and was not able to connect again until I reset it to DHCP. Be sure to stick with Shared Networking, too.
  Hope this helps.

• Nexus 7000 with VPC and HSRP Configuration

  Hi Guys,
  I would like to know how to implement HSRP with the following setup:
  There are 2 Nexus 7000 connected with VPC Peer link. Each of the Nexus 7000 has a FEX attached to it.
  The server has two connections going to the FEX on each Nexus 7k (VPC). FEX's are not dual homed as far as I now they are not supported currently.
  R(A)              R(S)
  |                     |
  7K Peer Link 7K
  |                     |
  FEX              FEX
  Server connected to both FEX
  The question is we have two routers connected to each of the Nexus 7k in HSRP (active and one is standby). How can I configure HSRP on the nexus switches and how the traffic will routed from the Standby Nexus switch to Active Nexus switch (I know HSRP works differently here as both of them can forward packets). Will the traffic go to the secondary switch and then via the peer link to the active switch and then to the active router ? (From what I read the packet from end hosts which will go via the peer link will get dropped)
  Has anyone implemented this before ?
  Thanks

  Hi Kuldeep,
  If you intend to put those routers on a non-vpc vlan, you  may create  a new inter-switch trunk between the N7K and allow that non-vpc vlan . However if those will be on a VPC vlan, best to create two links to the N7K pair and create a VPC, otherwise configure those ports as orphan ports which will leverage the VPC peer link .
  HTH
  Jay Ocampo

• VPC and HP Procurve

  Hi all,
  I need to create a vPC between two Nexus 3048 and HP Procurve 3400. I've create the link aggregation HP-side and Nexus side like HP Procurve and Cisco switches Interoperability documentation, but seems that only one link work at all. The second one is flapping up and down.
  Any advice?

  I can't help I'm afraid, but I can add to the problem! I have 3Ks goin to HP procurve 5412. I have VPCs, one to each switch. It all came up fine the first time, but after a reload of 3K-B the 3Ks spanning tree blocked all 4 uplink ports, aka both portchannels.Configs were saved, no changes, just the reload. So this obviously triggered something in the behaviour of rstp between the two vendors. But why did it work at all in the first place!?
  FYI, the 5K to HP procurve 8212 K.14.60 work fine and survived reloading a 5K.

• VPc and Firewall Gateway

  Hi.
  I have dual VPc setup betwen 7K and 5K.
  Two firewalls will be connected to each 7K that will act as Active-Standby HSRP/VRRP Gateway to hosts.
  Say I have hosts in vlan 10 in access switch and gateway is set to be the Firewall.
  Is the HSRP communication between firewalls (vlan10 sub-interface)  will be via the VPc peer-link as well?
  Or I have to create another L2 Trunk between the 7Ks?
  Appreciate comments.
  Thanks 

  Hi Allan,
  If you are using FW as GW then you will only have primary and standby add on subinterface for VLAN 10.Only you need to do allow VLAN 10 over peer link beween 7ks.Seprate link is only required if you are running dynamic routing protocol between FW then in this case you need seprate L3 link.
  Regrards.

• Nexus 5548UP VPC and/or VRRP problem

  Hi, I have two 5548UP + L3 card with LAN_ENTERPRISE_SERVICES_PKG and FC license.
  This two Nexus are the core of my network.
  Eight stacks of 2960S are connected to both NX with an etherchannel formed by two SX-1G or two SR-10G.
  I've checked the conf and maked a lot of test and everything works fine. BUT, two days after the people start working on the new building, about half of the PC don't even reach the default gateway. (Nexus VRRP)
  I've turned off VRRP and it works for minutes.
  The problem disappear if I shutdown one of the links to NX01 or NX02.
  I followed the destination MAC of one PC with the problem and the ARP table looks OK but I guest the problem is related with a corruption in the ARP table anyway.
  system image file is:   bootflash:///n5000-uk9.5.2.1.N1.1a.bin
  Thanks in advance!
  Guido./
  interface Vlanxx
    no shutdown
    ip address 10.xx.xx.1/24
    ip ospf passive-interface
    ip router ospf 1 area 0.0.0.0
    ip dhcp relay address xxxxx
    vrrp 80
      address 10.xx.xx.1
  ! Actualy is in shutdown
  interface port-channel55
    switchport mode trunk
    switchport trunk allowed vlan 1-300,303-4094
    ip dhcp snooping trust
    speed 10000
    vpc 55
  interface port-channel111
    switchport mode trunk
    switchport trunk allowed vlan 1-224
    ip dhcp snooping trust
    spanning-tree port type network
    speed 10000
    vpc peer-link

  Looks like you have configured same IP on physical and for standby. is this typo or configured on device ?
  !----------- NX01 ----------------------------------------------
  interface Vlan80
    no shutdown
    ip address 10.xx.80.1/24
    ip ospf passive-interface
    ip router ospf 1 area 0.0.0.0
    ip dhcp relay address xxxxx
    vrrp 80
      address 10.xx.80.1
  ! Actualy is in shutdown
  !----------- NX02 ----------------------------------------------
  !NX02
  interface Vlan80
    no shutdown
    ip address 10.xx.80.2/24
    ip ospf passive-interface
    ip router ospf 1 area 0.0.0.0
    ip dhcp relay address x
    vrrp 80
      address 10.x.80.1
  Also -Peer Gateway                      : Disabled
  Optional but can be turnon to make both in forwarding mode.
  Thanks
  Ajay