While working on Fabric path technology on Nexus Platform, we must have come across vPC and now lately vPC. Now, the thought comes to mind is why cisco introduced vPC+ when vPC was working fine. Now, here’s the catch – vPC and vPC+ when used in fabricapath both are delivered to achieve the same thing i.e. making the 2 nexus switches look like a 1 logical switch to another device connected to it vPC , but with has some caveats. Let’s understand how both differ.
vPC+ overcomes a problem we would have when connecting non FabricPath devices to the FabricPath cloud in a resilient way using port-channels.
Below diagram shows a basic FabricPath topology with three switches with two Switches configured as vPC pair.
A server with MAC address “A” is connected using vPC to switches S100 and S200 such that outgoing traffic from MAC A can take either link in the vPC towards S100 or S200. At the other end, we have S300 Switch which now has to decide how to reach MAC A, however only one to one mapping between Switch ID is possible in this case.One wonders which Switch ID that would be – S100 or S200 ? and the answer is – “Either of the Switches”, and even so possible that MAC A could ‘flip flop’ between the two switch IDs. So, clearly we have a condition using regular vPC to dual attach hosts or switches to a FabricPath domain.
So, whats the solution? Lets see what vPC addresses this situation – vPC+ resolves the issue above by introducing an additional element – the ‘virtual switch’. The virtual switch sits ‘behind’ the vPC+ peers and is essentially used to represent the vPC+ domain to the rest of the FabricPath domain. The virtual switch has its own FabricPath switch ID and looks like a normal FabricPath edge device to the rest of the infrastructure.
Now in above Diagram where vPC+ is configured and running between S100,S200 and S1000 (Virtual Switch).When MAC A sends traffic through the FabricPath domain, the encapsulated Fabric Path frames will have a source switch ID of the virtual switch, S1000. For S300’s (and rest of switches) MAC A is now accessible behind a single switch – S1000. This enables multi-pathing in both directions between FabricPath domains. infact when traffic is sent from Host MAC A , it is always seen as originating from S1000 so there’s no longer any MAC flapping.
- vPC+ also provides Active / Active HSRP forwarding functionality found in regular vPC – this means that (depending on where your default gateway functionality resides) either peer can be used to forward traffic into your L3 domain. If your L3 gateway functionality resides at the FabricSpine layer, vPC+ can also be used there to provide the same active / active functionality.
- vPC+ requirements include –
- vPC Peer Link runs as Switchport mode fabricpath
- Implies Peer Link must be atleast F1 module
- vPC Peers share Fabricpath Switch-ID under vPC domain
- vPC to vPC+ migration is disruptive activity.