Monday, November 12, 2012

More vPC gothas: vPC and first hop redundancy protocols (FHRP)

Hi Guys

Wow I learn more about vPC day after day, anyone would think I am trying to go for my CCIE DC or something ;)

Anyway, today i learnt the importance of making ABSOLUTELY SURE your vPC peers have near identical configurations, especially in relation to routing.

I had a situation where traffic from a particular host to particular destinations was failing, i had two nexus 5k's setup connecting to Cisco UCS Fabric interconnects, now as per all best practice documents I had vPC from my UCS A to both Nexus 5k's and vPC from my UCS B to both Nexus 5k's

So, the two 5k's where configured for VRRP, one was the master, one was the secondary, the default gateway for everyone was the VRRP Master

The host itself as i mentioned could ping its default gateway (hooray!) but could only ping certain hosts in the subnet.

The issue ended up being the routing table on nexus B, even though that switch Nexus B was NOT the VRRP master, traffic was still being routed through it, and since it had no route to particular destinations it had issues, why? Because vPC when combined with HSRP or VRRP will allow the NON VRRP master to "spoof" that it is the VRRP master to avoid traffic having to flow unnecessairly over the vPC Peer Link.