Vpc Domain - Cisco 7206 - VXR Router Configuration Manual

Chapter 7 Configuring vPCs
Information About vPCs
S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m
Some network-attached storage (NAS) devices or load-balancers may have features aimed to optimize
the performances of particular applications. Essentially these features avoid performing a routing-table
lookup when responding to a request that originated from a host not locally attached to the same subnet.
Such devices may reply to traffic using the MAC address of the sender Cisco Nexus 7000 Series device
rather than the common HSRP gateway. Such behavior is non-complaint with some basic Ethernet RFC
standards. Packets reaching a vPC device for the non-local router MAC address are sent across the peer
link and could be dropped by the built in vPC loop avoidance mechanism if the final destination is behind
another vPC.
The vPC peer-gateway capability allows a vPC switch to act as the active gateway for packets that are
addressed to the router MAC address of the vPC peer. This feature enables local forwarding of such
packets without the need to cross the vPC peer link. In this scenario, the feature optimizes use of the peer
link and avoids potential traffic loss.
Configuring the peer-gateway feature must be done on both primary and secondary vPC peers and is
nondisruptive to the operations of the device or to the vPC traffic. The vPC peer-gateway feature can be
configured globally under the vPC domain submode.
When you enable this feature, Cisco NX-OS automatically disables IP redirects on all interface VLANs
mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched through the
peer gateway router.
Note With Cisco NX-OS Release 5.1(3) and above, when a VLAN interface is used for Layer 3 backup routing
on the vPC peer devices and an F1 linecard is used as the peer link, the VLAN must be excluded from
the peer-gateway feature, if enabled, by running the peer-gateway exclude-vlan vlan-number
command. For more information about backup routes, see the "Configuring Layer 3 Backup Routes on
a vPC Peer Link" section on page 7-11.
Packets arriving at the peer-gateway vPC device will have their TTL decremented, so packets carrying
TTL = 1 may be dropped in transit due to TTL expire. This needs to be taken into account when the
peer-gateway feature is enabled and particular network protocols sourcing packets with TTL = 1 operate
on a vPC VLAN.

vPC Domain

You can use the vPC domain ID to identify the vPC peer links and the ports that are connected to the
vPC downstream devices.
The vPC domain is also a configuration mode that you use to configure the keepalive messages, and
configure other vPC peer link parameters rather than accept the default values. See the "Configuring
vPCs" section on page 7-30 for more information on configuring these parameters.
To create a vPC domain, you must first create a vPC domain ID on each vPC peer device using a number
from 1 to 1000. You can have only one vPC domain per VDC.
You must explicitly configure the port channel that you want to act as the peer link on each device. You
associate the port channel that you made a peer link on each device with the same vPC domain ID to
form a single vPC domain. Within this domain, the system provides a loop-free topology and Layer 2
multipathing.
You can only configure these port channels and vPC peer links statically. All ports in the vPC on each
of the vPC peer devices must be in the same VDC. You can configure the port channels and vPC peer
links either using LACP or no protocol. We recommend that you use LACP with the interfaces in active
Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x
7-13
OL-23435-03