Since many of my customers have issues configuring the Cisco Nexus line, I thought to create a short configuration guideline that readers can follow to get their switches up and running quickly. Personally, I’m extremely impressed with their performance and value.
I’m going to start with explaining the difference between stacked switches and the Nexus vPC. Stackable switches create a Master switch that controls all activities of the stack and basically functions as “one unit” which will allow you to connect other switches and servers to multiple units in the stack for redundancy in case of a single switch failure. In case of the Master switch going down, another switch takes over that functionality and both Layer 2 and 3 functionality of the stack is completely restored.
Nexus vPC on the other hand utilizes a virtual Port Channel (vPC), allowing links that are physically connected to two different Cisco Nexus™ Series devices to appear as a single Port Channel to a third device. In a nutshell, vPC will allow you to create a core switch using two Nexus devices, and now you can redundantly link your servers and switches to them as if they are one device. In the old days, we used to use spanning tree for controlling the links, however vPC is far superior because it acts in an active-active state. Please note that unlike stacking switches, the Nexus does not relinquish control to one or the other and both switches continue to make all the necessary decisions
To complete the setup, we will also need a Layer 3 redundancy protocol like HSRP, VRRP or GLBP so that if one of the core Nexus switches were to go down, the other one can continue on both Layer 2 and Layer 3.
Let’s start:
1. The Nexus line has most features disabled which is awesome from an Errata perspective so that you don’t have to worry about problems with the code that you are not using. For this exercise, we are going to add the following commands (enable mode):
- feature telnet (allowing telnet inbound)
- feature interface-vlan (allow VLANs to have IP addresses etc.)
- feature lacp (Load balancing across multiple ports)
- feature vpc (Layer 2 virtual port channel used to join both switches to act as one)
- feature vrrp (Layer 3 redundancy)
2. Next, we will create a port channel interface and make it a peer-link for vPC (enable, Config terminal):
- interface port-channel51
- switchport mode trunk
- vpc peer-link
3. Assign two interfaces for the port-channel above: (enable, Config terminal):
- interface Ethernet1/1
- switchport mode trunk
- channel-group 51 mode active
- interface Ethernet1/2
- switchport mode trunk
- channel-group 51 mode active
4. Assign an IP address to the management port so we can use it for the vPC keep-alive:
- interface mgmt0
- vrf member management
- ip address 10.1.1.1/24
- line console
- line vty
- Do the same for the other switch with ip address of 10.1.1.2/24 for example
5. Configure the vPC domain:
- vpc domain 1
- peer-switch
- peer-keepalive destination 10.1.1.2 source 10.1.1.1
- peer-gateway
- auto-recovery
6. Configure Layer 3 redundancy and for this example, I’m going to use VRRP:
- interface Vlanxxx (VRRP is configured per VLAN)
- no shutdown
- ip address 10.xx.100.4/24 (IP address of this VLAN)
- vrrp 100 (VRRP instance)
- address 10.XX.100.1 (VRRP IP address)
- no shutdown
- Option priority (to decide which switch should be master)
- Option pre-emptive -On/Off (when the primary switch dies, the secondary switch takes over vrrp, and when it comes back online, if pre-emptive is on, it will take over again)
This sums up all the major tasks required to configure your Nexus 3K switches for your computer rooms and or data centers. Please reach out if you have any comments or questions about this blog.
Written By:
Usama Houlila
President and Enterprise Architect
