This past week, I configured our 2 Nexus 7000 boxes to take advantage of the new Virtual Portchannel (vPC) feature.
Here’s some info on this feature ::
If you read my article about VSS technology, then the benefits with virtual portchannels are pretty much the same. One major difference is that the two Nexus boxes are still very much separate unlike using VSS. You still no longer need to worry about Spanning-tree. One thing that wont change from how you are probably doing things today is the HSRP configuration. You will still have your active and standby HSRP devices. The trick here is that when you dual home to the distribution, you use only one portchannel at the access side. Your access switch will dynamically load balance across both links using standard portchannel load balancing algorithms. The thing to remember is that packets received by the standby HSRP device are actually forwarded. So in a sense, you have a “active-active” HSRP state in the background.
I wasn’t too happy with the configuration guide provided by Cisco, so through some trial and error, I was able to figure it out and get it working.
So for the configuration side of things, first you need to make sure you’re running the new 4.1.3 code. See my previous article on the Nexus 7000 upgrade procedure.
The first thing you will need to do is enable the vPC feature on the Nexus. See below ::
Nexus1(config)# feature vpc
vPC enable status: Incompatible hardware not enabling vPC
Now if you see this, it makes you think you have an issue with not having the right line cards or something. In my case, I had the N7K-M132XP-12 line cards, so I knew I was ok. The problem I figured out is you need to update the EPLD on the N7K-M132XP-12 line cards. This is basically a fancy way of upgrading the line card firmware (I think).
See these release notes
Now while it says you have to have version 186.3 for vPC to work, I had that version and it still wouldn’t work. See below.
Nexus1# sho ver module 1 epld
EPLD Device Version
Power Manager 4.4
Forwarding Engine 1.6
FE Bridge(1) 186.3
FE Bridge(2) 186.3
Linksec Engine(1) 1.7
Linksec Engine(2) 1.7
Linksec Engine(3) 1.7
Linksec Engine(4) 1.7
Linksec Engine(5) 1.7
Linksec Engine(6) 1.7
Linksec Engine(7) 1.7
Linksec Engine(8) 1.7
So even if you have 186.3, the other versions need to be upgraded.
Refer to the table in the same release note page and you will notice other updated EPLD devices. You can use this page to figure out how to download the EPLD image.
A hint to getting the EPLD on the Nexus bootflash is to use a regular USB drive. You can download it on your laptop and save it to a USB. i think it’s easier to copy from USB than via FTP or something (depending on your location).
Here’s an output from the EPLD upgrade ::
Mar 10 02:24:32 Nexus1 %$ VDC-1 %$ %IDEHSD-2-MOUNT: USB1
Nexus1# dir usb1:
10993393 Mar 09 15:26:26 2009 n7000-s1-epld.4.1.3.img
Nexus1# copy usb1:n7000-s1-epld.4.1.3.img bootflash:n7000-s1-epld.4.1.3.img
Nexus1# install module 5 epld bootflash:n7000-s1-epld.4.1.3.img
EPLD image file , built on Tue Feb 3 07:16:46 2009
EPLD Curr Ver New Ver
Power Manager 3.6 3.7
IO 3.23 3.26
Inband 1.7 1.7
Local Bus CPLD 2.1 3.0
CMP CPLD 6.0 6.0
WARNING: The upgrade process could take up to 30 minutes.
Active Supervisor is being Upgraded.
Data traffic on the switch will be affected!!
The switch will reload after the upgrade process.
Do you want to continue (y/n) ? [n] y
There may be a delay of upto 2 minutes between each EPLD upgrade.
At this point, the switch reboots and you should be able to then enable vPC.
Nexus1(config)# feature vpc
Part 2 coming soon…
CCIE No. 21785