Hi!
Seen discussions in multiple communities on the internet regarding this issue.
We have serious issues when a single port bounces on a classic switch with RPVST connected to ACI via a vPC through Nexus 5K's.
Basically we have standard brownfield migration with one EBG pr classic VLAN and L3 enabled on the Bridge domain and HW proxy configured on L2 in the BD.
Classic L2 network has been a mess I inherited and portfast on ports were non existent. and I haven't found all the ports with misconfiguration and no spanning-tree portfast.
Once in a while such a port bounces and the result is that the bridge domain in ACI "dies" for a period of time, 60 seconds++. and we see a "storm" of Excessive STP TCN flushes in the logs. 4-6 warning logs pr leaf switch in the fabric for 60 seconds.
And god forbid I bounce a uplink trunk between switches in classic net with no VLAN acl, then basically all BD's dies.
This started to be a problem after we expanded ACI to a second DC using stretch fabric, and due to the chip shortage we had to wait 6 months for the fiber leaf's. hence we had to "gaffa teip" a Nexus 3K vPC pair with vPC L2 into ACI on this location to get enough 10 Gig ports.
After this, any TCN from classic net killed the BD in ACI for aprox 1 minute.
only difference is now we have 2 vPC's to classic net. There are no direct links between the classic net switches on the two DC's so no loop in classic net to blame it on.
Talked to other experienced Consultants about this issue and they say that the have never had problems due to TCN flushing in any of the other ACI fabrics they have set up for customers.
What should I be looking at to fix this issue? besides find ALL ports and configure portfast, Which is impossible on switch uplinks anyway :)
I'm starting to plan for a pure L3 link from classic net to ACI and kill STP with fire in ACI. But I am at a loss when I have to explain the current outages to C-level.
No comments:
Post a Comment