Forum Discussion
0x0ff_info_1420
Cirrus
CirrusTrunk / VPC Port-Channel not working properly with Nexus 9K / 2K (FEX) : Spanning-tree involved
Hello DevCentral,
I'll present to you an odd behavior using 2 Nexus 9k (9.2.1) with Nexus 2k as Fex on which two Big-IP i4600 (12.1.4) are connected.
Our Setup :
- The two Big-IP are configured in a device-group,
- Each Big-IP is connected to two Nexus 2k (FEX) in the same aggregate using VPV technology on the Nexus.
- The configuration match this KB : https://support.f5.com/csp/article/K13142
- Spanning-tree is disabled on interfaces and Trunk on the Big-IP
- Flow Control is disabled on the Big-IP and the Nexus
- The Big-IP are connected to multiples VLANS using "Tagged Interfaces" option (802.1q tag on packets)
Observations with this spanning-tree setup on the VPC configured on the Nexus :
- spanning-tree port type edge
- spanning-tree bpduguard enable
Observation 1:
- When every interface is up, everything work properly
Observation 2:
- If I shut one or the other interface of Port-channel1 on the switch everything is ok,
- If I shut both interfaces of Port-channel1 the aggregate is seen "Down",
- If I "no shut" interface1 of Port-channel1 the aggregate is rebuild and works after few seconds.
Observation 3:
- If I shut one or the other interface of Port-channel1 on the switch everything is ok,
- If I shut both interfaces of Port-channel1 the aggregate is seen "Down",
- If I "no shut" interface2 of Port-channel1 the aggregate is rebuild but packets are not forwarded to/from this interface.
Observations with this spanning-tree setup on the VPC configured on Nexus (notice the word trunk added):
- spanning-tree port type edge trunk
- spanning-tree bpduguard enable
Observation 1:
- When every interface is up, everything work properly
Observation 2:
- If I shut one or the other interface of Port-channel1 on the switch everything is ok,
- If I shut both interfaces of Port-channel1 the aggregate is seen "Down",
- If I "no shut" interface1 of Port-channel1 the aggregate is rebuild and works after few seconds.
Observation 3:
- If I shut one or the other interface of Port-channel1 on the switch everything is ok,
- If I shut both interfaces of Port-channel1 the aggregate is seen "Down",
- If I "no shut" interface2 of Port-channel1 the aggregate is rebuild and works after few seconds.
General Observations:
- There is no error detected on the interfaces/Port-Channel on the Nexus
- There is no error detected on the interfaces/Port-Channel on the Big-IP
Conclusion:
- "spanning-tree port type edge", is not working for this setup
- "spanning-tree port type edge trunk", is working for this setup
Question:
- Can someone explain what's happening here ?
Regards my fellow companions.
rafaelbnCirrostratus
Hello 0x0ff.info!!
First things first. If your BIG-IP has more than one VLAN on the TRUNK interface, you must use 'spanning-tree port type edge trunk'. That is a Cisco recommendation when the connected device is not a switch but have multiple VLANs. If it was a catalyst switch, the command would be 'spanning-tree portfast trunk'.
The idea behind portfast is to make the switch converge STP quickly on the interface, going strait to the forwarding state.
What I think (wild guess here) that could be happening is that since the switch is seeing dot1q tags and it's ports are configured as edge you could be hitting a bug/odd behavior on the Cisco side.
0x0ff_info_1420Thanks rafaelbn for your reply,
I discovered this issue in a testing phase, and I corrected the switch configuration after investigation thinking it's was not relatable to the issue... But I was obviously wrong.
To me as well it's look like a bug, since I can't understand why STP configuration interfere in this case.
Regards