First off, I apologize; this is the first time I'm getting to try and configure a nexus vPC peerlink and kpa and I'm only asking here after having spent hours reading docs and trying different things. I can't seem to ping the ip in my kpa link and I can't bring the kpa link up.
I have two Nexus 7706's in the following configuration Eth1/23-24 & Eth2/23-24 are the peer-link and Eth5/48 & Eth6/48 are the KPA link, bundled in Layer 3 port-channel. (Everything is mirrored on the other N77k)
To add an additional layer of difficulty, I can typically only run 1 N77k at a time. The room they are in has BARELY enough power to support both without tripping breakers and the temp rises to 100 degrees F as soon as I power both N77ks on. (This is just a staging area, the final location is under construction and won't have these issues) These factors are outside of my control, so I can only run both for a limited time. Right now one is powered off while I work on this over the weekend. I realize this severely restricts troubleshooting a link that's supposed to have 2 sides, but I will have to wait until I'm back in the office to power the other one up.
Here is my config:
I've created an additional vdc and named it CORE. I have allocated all interfaces to this vdc.
From within the vdc CORE I have:
feature lacp feature vpc vrf context vpc-keepalive ip route 0.0.0.0/0 198.168.100.1 vpc domain 1 role priority 1 peer-keepalive destination 192.168.100.20 source 192.168.100.10 vrf vpc-keepalive no layer3 peer-router syslog peer-gateway layer3 peer-router ip arp synchronize interface port-channel1 description VPC-PEER-LINK switchport switchport mode trunk spanning-tree port type network storm-control broadcast level 10.00 vpc peer-link ip arp inspection trust interface port-channel100 description VPC-PKA no switchport vrf member vpc-keepalive ip address 192.168.100.10/24 interface Ethernet1/23 switchport switchport mode trunk storm-control broadcast level 10.00 channel-group 1 mode active no shutdown interface Ethernet1/24 switchport switchport mode trunk storm-control broadcast level 10.00 channel-group 1 mode active no shutdown interface Ethernet2/23 switchport switchport mode trunk storm-control broadcast level 10.00 channel-group 1 mode active no shutdown interface Ethernet2/24 switchport switchport mode trunk storm-control broadcast level 10.00 channel-group 1 mode active no shutdown interface Ethernet5/48 no switchport storm-control broadcast level 10.00 channel-group 100 mode active no shutdown interface Ethernet6/48 no switchport storm-control broadcast level 10.00 channel-group 100 mode active no shutdown
When I power both switches on, the po1 comes up just fine, but not po100.
N77k-CSW-01-CORE# show vpc peer-keepalive vPC keep-alive status : Suspended (Destination IP not reachable) --Send status : Success --Last send at : 2018.04.21 03:27:23 172 ms --Sent on interface : --Receive status : Failed --Last update from peer : (106962) seconds, (834) msec vPC Keep-alive parameters --Destination : 192.168.100.20 --Keepalive interval : 1000 msec --Keepalive timeout : 5 seconds --Keepalive hold timeout : 3 seconds --Keepalive vrf : vpc-keepalive --Keepalive udp port : 3200 --Keepalive tos : 192
N77k-CSW-02-CORE# sh int po100 status -------------------------------------------------------------------------------- Port Name Status Vlan Duplex Speed Type -------------------------------------------------------------------------------- Po100 VPC-PKA noOperMem routed auto auto -- N77k-CSW-02-CORE# sh int po1 status -------------------------------------------------------------------------------- Port Name Status Vlan Duplex Speed Type -------------------------------------------------------------------------------- Po1 VPC-PEER-LINK connected trunk full a-40G --
N77k-CSW-01-CORE# sh ip route vrf vpc-keepalive IP Route Table for VRF "vpc-keepalive" '*' denotes best ucast next-hop '**' denotes best mcast next-hop '[x/y]' denotes [preference/metric] '%<string>' in via output denotes VRF <string> N77k-CSW-01-CORE# N77k-CSW-01-CORE# ping 192.168.100.10 vrf vpc-keepalive PING 192.168.100.10 (192.168.100.10): 56 data bytes ping: sendto 192.168.100.10 64 chars, No route to host Request 0 timed out ping: sendto 192.168.100.10 64 chars, No route to host Request 1 timed out ping: sendto 192.168.100.10 64 chars, No route to host Request 2 timed out ping: sendto 192.168.100.10 64 chars, No route to host Request 3 timed out ping: sendto 192.168.100.10 64 chars, No route to host Request 4 timed out --- 192.168.100.10 ping statistics --- 5 packets transmitted, 0 packets received, 100.00% packet loss
I think the issue lies somewhere with the No route to host error when the pings drop, but I don't know how to resolve that. I specified a static route of 0.0.0.0/0 192.168.100.1 under the vrf context vpc-keepalive, but I don't think this gateway actually exists anywhere.
I thought "Hey, maybe I need to create an SVI with a gateway of that 192.168.100.1, but that didn't work either.
N77k-CSW-01-CORE(config)# int vlan 100 N77k-CSW-01-CORE(config-if)# ip address 192.168.100.1/24 % IP address is configured/resolved as the next hop of a static route N77k-CSW-01-CORE(config-if)# exit N77k-CSW-01-CORE(config)# vrf context vpc-keepalive N77k-CSW-01-CORE(config-vrf)# no ip route 0.0.0.0/0 192.168.100.1 N77k-CSW-01-CORE(config-vrf)# exit N77k-CSW-01-CORE(config)# int vlan100 N77k-CSW-01-CORE(config-if)# ip address 192.168.100.1/24 % 192.168.100.1/24 overlaps with address configured on port-channel100
So that's where I'm at. I'm kinda at a standstill and still researching around. Right now the KPA port-channel is down because the 2nd N77k is powered off, but I had the same issue when it was powered on.
If anyone has any suggestions or can point out where I'm being a bonehead, I'd really appreciate it. Again, I apologize for asking, but I'm stuck and could use a little guidance.
No comments:
Post a Comment