Cisco VPC and L3 Routing

Everybody who has done something with Routing and VPC has come across the site of Brad Hedlund.

Since version Cisco NX-OS Release 7.2(0)D1(1) (only on F2e and F3 modules) you can enable the layer3 peer-router. This should enable you to run routing neighborship over VPC ports.

Per explanation on this link Configuring vPCs it should be possible to connect 2 vpc clusters to each other. I have not yet configured it with this setup, I would like to know if anybody has some experience with this?

Spoke to Cisco and they confirmed that they are now supporting Layer3 peering over VPC, this works only for the VPC peers and only from NX-OS Release 7.2(0)D1(1). At the time of writing, they advised to use 7.2(1)D1(1).

Configuring Layer 3 over vPC for F2E and F3 Modules

Before You BeginEnsure that the peer-gateway in enabled and configured on both the peers and both the peers are running image that supports Layer 3 over vPC feature. If you enter the layer3 peer-router command without enabling the peer-gateway feature, a syslog message is displayed recommending you to enable the peer-gateway feature.

Ensure that the peer link is up.


Command or Action Purpose
Step 1 switch# configure terminal Enters global configuration mode.
Step 2 switch(config)# vpc domain domain-id Creates a vPC domain on the device, and enters vpc-domain configuration mode for configuration purposes. There is no default; the range is from 1 to 1000.
Step 3 switch(config-vpc-domain)# layer3 peer-router

Enables the Layer 3 device to form peering adjacency with both peers.

Note    Configure this command in both the peers.
Step 4 switch(config-vpc-domain)# exit Exits vpc-domain configuration mode.
Step 5 switch# show vpc brief (Optional)(Optional) Displays brief information about each vPC domain.
Step 6 switch# copy running-config startup-config (Optional)Copies the running configuration to the startup configuration.

The following example shows how to configure a Layer 3 over vPC for F2, F2E, and F3 modules:

switch# configure terminal
switch(config)# vpc domain 5
switch(config-vpc-domain)# layer3 peer-router
switch(config-vpc-domain)# exit

This example shows how to verify if the Layer 3 over vPC for F2, F2E, and F3 modules feature is configured:

switch# show vpc brief
vPC domain id : 1
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : failed
Type-2 consistency status : success
vPC role : secondary
Number of vPCs configured : 2
Peer Gateway : Enabled
Peer gateway excluded VLANs : -
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled (timeout = 240 seconds)
Operational Layer3 Peer : Enabled

Author: Maarten Kruyswijk

Maarten Kruyswijk is expert op gebied van Netwerk Infrastructuren en Security en in bezit van alle relevante certificaten (zoals Cisco CCIE, Ethical Hacker en …) Maarten Kruyswijk heeft een carrière als netwerk engineer doorlopen bij diverse gerenommeerde bedrijven, onder meer in de financiële sector en is sinds drie jaar actief als ondernemer. Maarten wordt door klanten en partners gewaardeerd om zijn inhoudelijke kennis, ondernemerschap en open stijl.

Leave a Reply

Your email address will not be published. Required fields are marked *