vPC+
Last Updated: [last-modified] (UTC)
vPC and FabricPath
vPC connects hosts and other devices to the network. It does this in a highly available way, using many active links. vPC+ is an extension to traditional vPC. It connects Classical Ethernet devices to a Fabricpath domain.
Have a look at the diagrams below. vPC+ uses a pair of physical switches, like regular vPC does. vPC+ is different, as it creates a virtual switch. The rest of the fabricpath domain sees the host as connected to this virtual switch.
How Does it Work?
Fabricpath switches each have a unique Switch ID. When a vPC domain is also part of a fabricpath domain, it creates a virtual switch. The virtual switch also gets a unique Switch ID.
When a frame enters the fabricpath domain via vPC+, it does so through the virtual switch. The virtual switch becomes the OSA (Outer Source Address) in the fabricpath header. When a sending a return frame, the virtual switch’s ID is the ODA (Outer Destination Address).
The downstream ports (the ports that connect to the CE device) are fabricpath edge ports. These ports must be in fabricpath mode. Also, any VLANs related to the CE devices have to be fabricpath VLANs. Once a vPC domain is in fabricpath mode, only vPC+ member ports can be used. Regular vPC member ports (that is, vPC ports not configured with fabricpath) will not come up.
Peer Switch
Why is vPC+ Required?
Each fabricpath switch, including the virtual switch, gets a switch ID. In the previous example, Switch-1 has an ID of 10, and Switch-2 has an ID of 20. Within the fabricpath domain, switch ID’s function as layer-2 addresses. This is much like a MAC addresses in Classical Ethernet.
When a CE device connects to the fabricpath domain, the rest of the domain will not see it’s MAC address. It will see it’s address as the switch ID that it’s connected to. Only the edge switch that the device connects to knows the device’s real address (it’s MAC).
CE devices are dual homed when using vPC. So which switch ID represents the device in the fabricpath domain? Switch-1’s ID or Switch-2’s ID? Even though fabricpath acts like a routing protocol, it is still layer-2, so it can only have one address. Using only one of the Switch-ID’s and not the other would prevent load balancing.
The answer lies in the virtual switch. In the preceeding example, the virtual switch uses Switch-ID 30. This becomes the address for the connected device, from a fabricpath perspective. This way, either real switch can carry traffic for the device. The fabricpath domain sees the real switches as a ‘hop’ in the path to the virtual switch.
Configuration
Before beginning vPC+ configuration, first:
- Configure Fabricpath uplinks to the domain. This includes enabling the feature-set, and setting an appropriate MTU
- Configure vPC, including the keepalive, peer-link, and the domain. The peer-link ports must be fabricpath ports
- All VLANs to be used in fabricpath have been set to fabricpath mode
vPC+ configuration is quite simple. The two steps are:
- Configure a virtual Switch-ID
- Set the vPC ports to fabricpath mode
vpc domain 10 fabricpath switch-id 30
! Set the ports to fabricpath interface ethernet 1/1 channel-group 55 mode active interface port-channel 55 switchport mode fabricpath vpc 55
Verification
Use show vpc brief to verify the configuration. Notice that the output has been modified from normal vPC.
Notice that there is a vPC fabricpath status. The status should be peer is reachable through fabricpath. If there is a different status, check that the peer-link is in fabricpath mode on both switches.
Also notice that each vPC has a new vPC+ Attrib column. In this column there is a FP MAC section, which is the Switch-ID of the virtual switch.
The DF field is for multicast traffic. It can be set to:
- Yes – forwards multicast traffic
- Partial – forwards some of the multicast traffic
- No (does not forward multicast traffic
Switch# show vpc brief
Legend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 10
vPC+ switch id : 100
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
vPC fabricpath status : peer is reachable through fabricpath
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 8
Peer Gateway : Enabled
Peer gateway excluded VLANs : -
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled (timeout = 240 seconds)
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po1 up 101,103-107,110-112,123,201,301-304,400,1200
vPC status
---------------------------------------------------------------------------
id Port Status Consistency Reason Active vlans vPC+ Attrib
-- ---------- ------ ----------- ------ ------------ -----------
40 Po40 up success success 101,103,105, DF: Partial,
107 FP MAC:
30.0.0
102 Po102 up success success 77,100-110, DF: Partial,
222-333,444, FP MAC:
555,666-777, 30.0.0
References
Cisco – Configuring FabricPath Interfaces
CCIE Rants – CCIE DC: Advanced Fabric Path and vPC+
Adam Raffe – vPC and vPC+: Understanding the Differences