[c-nsp] Nexus 7018 - native Vlan 4095 on some VPC/port-channel interfaces

Matthew Melbourne matt at melbourne.org.uk
Fri Mar 4 06:20:23 EST 2011 

Hi,

We are seeing very odd L2 connectivity on some vPCs between a pair of
Nexus 7018 (NX-OS 5.0(2a)) and a ToR switches. For example on an ASR
connecting to Nexus, trying to connect to a host plugged into a
downstream switch (with a vPC to the Nexus pair), connectivity will be
lost, but a refresh of ARP traffic, e.g. 'clear ip arp <IP address>'
restores connectivity momentarily, even though the MAC address on the
ASR hasn't changed.

On the affected vPCs, we noticed that the native VLAN appears to be
set to 4095 (which isn't a valid VLAN on the switch) on one of the
Nexus in the pair (nx02), e.g.

nx02# show interface switchport | i 4095 prev 5
Name: port-channel80
  Switchport: Enabled
  Switchport Monitor: Not enabled
  Operational Mode: trunk
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 4095 (Vlan not created)
--
Name: port-channel101
  Switchport: Enabled
  Switchport Monitor: Not enabled
  Operational Mode: trunk
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 4095 (Vlan not created)
--
Name: port-channel102
  Switchport: Enabled
  Switchport Monitor: Not enabled
  Operational Mode: trunk
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 4095 (Vlan not created)

Additionally, if the ‘show interface switchport’ command is issued
against any of these vPCs the following message is generated:

2011 Feb 21 10:12:01 nx02 %VLAN_MGR-2-INFO_MSG:  pid 11274, vdcID 0,
local vdcID 1

When looking at ‘show interface switchport’ on the member interfaces
of the relevant port-channel the native VLAN is VLAN 1 as expected.

If any L2 switchport commands are entered under these port-channel
interface on the problematic Nexus (nx02), the command is rejected:

nx02(config-if)# switchport trunk native vlan 1
Warning: command rejected, Po102 not a switching port

It is possible to apply the command to the member interface, but the
member interface was correctly displaying a native VLAN of 1 anyway –
the problem only affects the port-channel interface.  After applying
the command to the member interface the port-channel interface still
shows a native Vlan of 4095.

This is only affecting one Nexus (nx02). The native VLAN on the
affected port-channels on nx01 is correct. Shutting down the member
port on nx02 fixes the strange connectivity issue for the affected
port-channels - and given that this native VLAN issue is affecting the
same vPCs, we're fairly sure these issues are related.

Has anyone seen anything similar; the code on the units is 5.0(2a),
and the issue only appears to be affects some vPCs on one of the
Nexus?

Cheers,

Matt

-- 
Matthew Melbourne

More information about the cisco-nsp mailing list