[c-nsp] [External] VPC + MLAG but more of a general question I guess

Hunter Fuller hf0002 at uah.edu
Fri Jul 8 12:00:11 EDT 2022 

> If you have two Cisco switches in a VPC domain and then you connect another pair of switches downstream (that also run MLAG/VPC) is it required that all of the port-channels [for the partner network, not the peer-link] between those two sets of switches use the same VPC id?

I'm sorry, I just reread this, the answer is yes. Set all the
mentioned ports on the C9336 to have the same vPC ID.

> Typically if a port channel configuration is invalid on the C9336 side it will put one of the ports into Stby to prevent loops but in this case the Cisco end doesn't see any problem with anything whatsoever.

It is still receiving valid LACPDUs from the remote switches so it is
bundling those ports. The problem is in the far side, it should not be
bundling the ports in this situation. The far side is correctly
identifying the misconfiguration.

>   2.  The switch actually DID add the interfaces to PO2 even if it continually says that it can't do that.

Yeah, it shouldn't have.

> Should connecting a pair of MLAG switches downstream from a VPC domain be any different than connecting any other host to a VPC domain?

Well, no, it isn't different. Imagine if you had one switch, and you
wanted its uplink to be a vPC. You would put all the 9336 ports in a
vPC with the same ID.
Since you run MLAG on your downstream switches, they act as "one big
switch" for the purpose of LACP. So you need to have the same vPC ID
on all the 9336 ports because "they are all facing the same big
switch" if that makes sense.

> My thinking is that the uplinks from each downstream switch really don't have anything to do with each other, which is why I configured them in separate VPCs on the Cisco side.

The fact that you are running MLAG on the downstream side, makes them
have a lot to do with each other. They need to be in the same LAG.

> The second vendor is telling me that po2 from each downstream switch has to be in the same VPC on the Cisco side which isn't really clicking/making sense to me.

Yeah, I think you would do well to think of vPC and MLAG  as
technologies that turn two switches into one big switch, for the
purposes of that LAG. I even think of it this way - vPCs face a single
"remote system" - this "system" can be made up of one switch, or
multiple switches running MLAG/vPC..

More information about the cisco-nsp mailing list