Saturday, April 26, 2014

NEXUS 5500 - Virtual Port-Channels ( vPC ) - Fundamentals


The vpc domain number will always be the same for the two switches in the domain, or the vPC domain will not form. If switches in one vPC domain are to be plumbed to switches in a different vPC domain, then the vPC domain number you assign each pair should differ. For example, if I assign the number "10" to two switches in a vPC domain, I would assign a different number, such as "11," to the two adjacent switches in a second vPC domain.


The system-priority command is related to LACP negotiation of active vs. standby links in LACP bundles of more than eight physical links. While it is not required that you configure this value, Cisco recommends you set it so that the Nexus vPC switches can decide which links are to be active vs. standby. Lower system-priorities take precedence. This value must match on both switches, or else the vPC domain will not form.


The role priority command sets a vPC switch priority. Lower role-priorities take precedence. This helps determine which switch will shut down its vPC ports to prevent a topology loop if vPC communications are interrupted.


The peer-link interface does not require large amounts of bandwidth, as vPC traffic management and port-channel hashing keeps dual-attached end points talking via one of the two vPC domain switches. The vPC peer link will only be used in the case of an unbalanced uplink (a device is plumbed to two switches, but one link has failed), or possibly in the case of single-attached hosts. Cisco strongly advocates that single attached hosts are connected to a vPC domain via a dual-homed switch or fabric extender.


The peer-gateway command allows a vPC peer to route a packet that, due to HSRP priorities, should have been forwarded to the vPC peer switch for routing services instead of being routed locally. This overcomes hosts that don't use the virtual MAC for an HSRP IP, but instead uses the physical MAC.


The auto-recovery reload-delay command allows a vPC switch that reloads, but finds its peer gone once it comes back up, to move to an active state after the delay time has expired. Without this command, vPC ports would remain shut down. Also, this command allows the secondary vPC switch to bring its ports back to active, if after a peer-link failure, the primary switch also fails.


Welcome to the world of Cisco Wireless.

Consider a home lab / a small office scenario, where you don't have fancy tools like DNS, DHCP etc. that make things really simple. (Either you don't want to complicate things or you simply can't afford it - well that's not the purpose of this post!!!!)

All you have is maybe a couple of L2 / L3 switches, an LWAPP AP and a Cisco WLC (4400, 5500 series).

Now, you know the basic steps that an LWAPP AP goes through, for discovering and associating with a WLC, which include a simple Broadcast / pre-configuration / DHCP Option 43, DNS, OTAP etc.

Let's assume that we have just purchased a brand new LWAPP AP, which obviously does not have any information about our WLC. Moreover, to rule out WLC discovery via broadcast, let's assume that the WLC and the AP are in different subnets.

Now, how do we associate the AP manually with WLC ??

Let's connect to the AP's console port and get the CLI access.

AP0023.0410.4aea# lwapp ap controller ip address

( obviously being the Management interface IP address of the WLC)


AP0023.0410.4aea#show lwapp client config
configMagicMark 0xF1E2D3C4
chkSumV2 46073
chkSumV1 17487
adminState ADMIN_ENABLED(1)
name AP0023.0410.4aea
location default location
group name
mwarName (these are the primary, secondary, tertiary controllers)
<skip output>
ApMode Local
Discovery Timer 10 secs
Heart Beat Timer 30 secs
Led State Enabled 1
<skip output.>
Configured Switch 1 Addr

Please Note: You can't use the above command if you already have the AP associated with some WLC. It will show an ERROR message.