Collection of NotesCiscoN9K – Migration from one vPC Pair to Another Pair with HSRP
Collection of NotesCiscoN9K – Migration from one vPC Pair to Another Pair with HSRP
Cisco

N9K – Migration from one vPC Pair to Another Pair with HSRP

pan

Initial config:

  • Form vPC from a pair of SD towards SS.
  • SD001&SD002 vPC uses LACP while SD003&SD004 vPC uses manual method.
  • There are 2 L2 links between SD001 & SD004 and between SD002 a& SD003.
  • STP is running on all devices. SDs have higher STP priority (lower value).
  • Vlan gateways with HSRP are on SD001 & SD002.

1. Initial Config

hostname SD001 no feature telnet cfs ipv4 distribute cfs eth distribute feature vpc feature interface-vlan feature hsrp feature lacp int ethernet 1/3, eth1/49, eth1/8 no shut spanning-tree pathcost method long spanning-tree port type edge bpduguard default spanning-tree vlan 1-3967 priority 0 vpc domain 50 peer-switch role priority 10 peer-keepalive destination 10.122.186.227 source 10.122.186.226 vrf management delay restore 150 peer-gateway ip arp synchronize int eth1/3 description To SD002 switchport switchport mode trunk channel-group 12 mode active no shutdown interface port-channel12 description vPC Peerlink to SD002 switchport switchport mode trunk spanning-tree port type network vpc peer-link int eth1/49 description To SS001 switchport switchport mode trunk channel-group 100 mode active no shutdown interface port-channel100 switchport switchport mode trunk vpc 100 vlan 10, 20, 30 int vlan 10 no shut ip add 1.1.10.253/24 hsrp version 2 hsrp 10 preempt delay minimum 30 reload 120 priority 105 timers msec 250 msec 750 ip 1.1.10.254 int vlan 20 no shut ip add 1.1.20.253/24 hsrp version 2 hsrp 20 preempt delay minimum 30 reload 120 priority 105 timers msec 250 msec 750 ip 1.1.20.254 int vlan 30 no shut ip add 1.1.30.253/24 hsrp version 2 hsrp 30 preempt delay minimum 30 reload 120 priority 105 timers msec 250 msec 750 ip 1.1.30.254 interface Ethernet1/8 description to SD004 switchport switchport mode trunk spanning-tree port type network no shutdown
hostname SD002 no feature telnet cfs ipv4 distribute cfs eth distribute feature vpc feature interface-vlan feature hsrp feature lacp int ethernet 1/3, eth1/49, eth1/8 no shut spanning-tree pathcost method long spanning-tree port type edge bpduguard default spanning-tree vlan 1-3967 priority 0 vpc domain 50 peer-switch role priority 15 peer-keepalive destination 10.122.186.226 source 10.122.186.227 vrf management delay restore 150 peer-gateway ip arp synchronize int eth1/8 description To SD001 switchport switchport mode trunk channel-group 12 mode active no shutdown interface port-channel12 description vPC Peerlink to SD001 switchport switchport mode trunk spanning-tree port type network vpc peer-link int eth1/49 description To SS001 switchport switchport mode trunk channel-group 100 mode active no shutdown interface port-channel100 switchport switchport mode trunk vpc 100 vlan 10, 20, 30 int vlan 10 no shut ip add 1.1.10.252/24 hsrp version 2 hsrp 10 preempt delay minimum 30 reload 120 timers msec 250 msec 750 ip 1.1.10.254 int vlan 20 no shut ip add 1.1.20.252/24 hsrp version 2 hsrp 20 preempt delay minimum 30 reload 120 timers msec 250 msec 750 ip 1.1.20.254 int vlan 30 no shut ip add 1.1.30.252/24 hsrp version 2 hsrp 30 preempt delay minimum 30 reload 120 timers msec 250 msec 750 ip 1.1.30.254 interface Ethernet1/3 description to SD003/004 switchport switchport mode trunk spanning-tree port type network no shutdown
hostname SS001 feature lacp feature interface-vlan vlan 10, 20, 30 spanning-tree pathcost method long spanning-tree port type edge bpduguard default spanning-tree vlan 1-3863 priority 8192 int vlan 10 no shut ip add 1.1.10.1/24 int vlan 30 no shut ip add 1.1.30.1/24 int eth1/1 description To SD001 switchport switchport mode trunk channel-group 100 mode active no shutdown int eth1/2 description To SD002 switchport switchport mode trunk channel-group 100 mode active no shutdown interface port-channel100 switchport switchport mode trunk ip route 0.0.0.0/0 Vlan30 1.1.30.254 ip route 1.1.10.0/24 Vlan10 1.1.10.254
hostname SD003 no feature telnet cfs ipv4 distribute cfs eth distribute feature vpc feature interface-vlan feature hsrp feature lacp int eth1/3, eth1/5, eth1/8 no shut spanning-tree pathcost method long spanning-tree port type edge bpduguard default spanning-tree vlan 1-3967 priority 0 vpc domain 60 peer-switch role priority 10 peer-keepalive destination 10.122.186.229 source 10.122.186.228 vrf management delay restore 150 peer-gateway ip arp synchronize int eth1/3 description To SD004 switchport switchport mode trunk channel-group 12 mode active no shutdown interface port-channel12 description vPC Peerlink to SD004 switchport switchport mode trunk spanning-tree port type network vpc peer-link int eth1/5 description To SS002 switchport switchport mode trunk channel-group 100 mode on no shutdown interface port-channel100 switchport switchport mode trunk vpc 100 vlan 10, 20, 30 interface Ethernet1/8 description to SD001/002 switchport switchport mode trunk spanning-tree port type network no shutdown
hostname SD004 no feature telnet cfs ipv4 distribute cfs eth distribute feature vpc feature interface-vlan feature hsrp feature lacp int ethernet 1/3, eth1/5, eth1/8 no shut spanning-tree pathcost method long spanning-tree port type edge bpduguard default spanning-tree vlan 1-3967 priority 0 vpc domain 60 peer-switch role priority 15 peer-keepalive destination 10.122.186.228 source 10.122.186.229 vrf management delay restore 150 peer-gateway ip arp synchronize int eth1/8 description To SD003 switchport switchport mode trunk channel-group 12 mode active no shutdown interface port-channel12 description vPC Peerlink to SD003 switchport switchport mode trunk spanning-tree port type network vpc peer-link int eth1/5 description To SS002 switchport switchport mode trunk channel-group 100 mode on no shutdown interface port-channel100 switchport switchport mode trunk vpc 100 vlan 10, 20, 30 interface Ethernet1/3 description to SD001/002 switchport switchport mode trunk spanning-tree port type network no shutdown
hostname SS002 feature interface-vlan vlan 10, 20, 30 spanning-tree pathcost method long spanning-tree port type edge bpduguard default spanning-tree vlan 1-3863 priority 8192 int vlan 10 no shut ip add 1.1.10.2/24 int vlan 20 no shut ip add 1.1.20.2/24 int eth1/3 description To SD003 switchport switchport mode trunk channel-group 100 mode on no shutdown int eth1/4 description To SD004 switchport switchport mode trunk channel-group 100 mode on no shutdown interface port-channel100 switchport switchport mode trunk ip route 0.0.0.0/0 Vlan20 1.1.20.254 ip route 1.1.10.0/24 Vlan10 1.1.10.254

2. Initial Status

2.1 STP Status

Since there are 2 independent L2 links between 2 pairs of vPC devices, STP blocks one port on SD004. There are no blocked ports on other SDs.

SD004# show spanning-tree blockedports Name Blocked Interfaces List ——————– ———————————— VLAN0001 Eth1/3 VLAN0010 Eth1/3 VLAN0020 Eth1/3 VLAN0030 Eth1/3

2.2 vPC Status

SD001# show vpc Legend: (*) – local vPC is down, forwarding via vPC peer-link vPC domain id : 50 Peer status : peer adjacency formed ok vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : primary Number of vPCs configured : 1 Peer Gateway : Enabled Dual-active excluded VLANs : – Graceful Consistency Check : Enabled Auto-recovery status : Disabled Delay-restore status : Timer is off.(timeout = 150s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Disabled vPC Peer-link status ——————————————————————— id Port Status Active vlans — —- —— ————————————————- 1 Po12 up 1,10,20,30 vPC status —————————————————————————- Id Port Status Consistency Reason Active vlans — ———— —— ———– —— ————— 100 Po100 up success success 1,10,20,30

2.3 HSRP Status

SD001# show hsrp Vlan10 – Group 10 (HSRP-V2) (IPv4) Local state is Active, priority 105 (Cfged 105), may preempt Forwarding threshold(for vPC), lower: 0 upper: 105 Preemption Delay (Seconds) Reload:120 Minimum:30 Hellotime 250 msec, holdtime 750 msec Next hello sent in 0.147000 sec(s) Virtual IP address is 1.1.10.254 (Cfged) Active router is local Standby router is 1.1.10.252 , priority 100 expires in 0.689000 sec(s) Authentication text “cisco” Virtual mac address is 0000.0c9f.f00a (Default MAC) 2 state changes, last state change 00:01:22 IP redundancy name is hsrp-Vlan10-10 (default) Vlan20 – Group 20 (HSRP-V2) (IPv4) Local state is Active, priority 105 (Cfged 105), may preempt Forwarding threshold(for vPC), lower: 0 upper: 105 Preemption Delay (Seconds) Reload:120 Minimum:30 Hellotime 250 msec, holdtime 750 msec Next hello sent in 0.198000 sec(s) Virtual IP address is 1.1.20.254 (Cfged) Active router is local Standby router is 1.1.20.252 , priority 100 expires in 0.520000 sec(s) Authentication text “cisco” Virtual mac address is 0000.0c9f.f014 (Default MAC) 2 state changes, last state change 00:01:21 IP redundancy name is hsrp-Vlan20-20 (default) Vlan30 – Group 30 (HSRP-V2) (IPv4) Local state is Active, priority 105 (Cfged 105), may preempt Forwarding threshold(for vPC), lower: 0 upper: 105 Preemption Delay (Seconds) Reload:120 Minimum:30 Hellotime 250 msec, holdtime 750 msec Next hello sent in 0.153000 sec(s) Virtual IP address is 1.1.30.254 (Cfged) Active router is local Standby router is 1.1.30.252 , priority 100 expires in 0.689000 sec(s) Authentication text “cisco” Virtual mac address is 0000.0c9f.f01e (Default MAC) 2 state changes, last state change 00:01:20 IP redundancy name is hsrp-Vlan30-30 (default)

2.4 Port-Channel Summary

SD002# show port-channel summary …… ——————————————————————————– Group Port- Type Protocol Member Ports Channel ——————————————————————————– 12 Po12(SU) Eth LACP Eth1/8(P) 100 Po100(SU) Eth LACP Eth1/49(P) SS002# show port-channel summary …… ——————————————————————————– Group Port- Type Protocol Member Ports Channel ——————————————————————————– 100 Po100(SU) Eth NONE Eth1/3(P) Eth1/4(P)

3. Back-to-Back vPC between 2 Pairs of SDs

4. Move VLAN Gateway from a Pair of SD to another.

Currently both VLAN gateways are configured on SD001 & SD002.

Move the standby VLAN gateway from SD002 to SD004. After a quick while, SD004 becomes the HSRP standby router. Traffic is not affected as no change is done to the active HSRP router.

Increase the HSRP priority on SD004. After the preempt delay, it will become the active HSRP router within no time. I do the long ping from SS02 to SS01. There is not a single packet drop.

Then move the VLAN gateway from SD001 to SD003. It will become the standby HSRP router. Decrease the priority of SD004 HSRP priority to default. The role will swap to normal.

Leave a Reply

Your email address will not be published. Required fields are marked *