VPC Configuration with LANCOM Switches User Guide

VPC Configuration with LANCOM Switches

Specifications

• Product Name: LANCOM VPC Configuration with LANCOM Switches

• Feature: Virtual Port Channel (VPC)

• Benefits: Improved reliability, high availability, and
  performance of network infrastructures

• Compatible Devices: LANCOM core and aggregation/distribution switches

Product Usage Instructions:
Assign System Name:
In order to identify the switches during configuration, follow these steps:

1. Access the CLI of each switch.
2. Set the hostname using the command:  (XS-4530YUP)#hostname VPC_1_Node_1Frequently Asked Questions (FAQ):

Q: What is VPC and how does it benefit my network infrastructure?
A: VPC stands for Virtual Port Channel and provides redundancies that enhance reliability, high availability, and performance of network infrastructures.

LANCOM Techpaper
Setup guide: VPC configuration with

LANCOM switches

The virtualization feature Virtual Port Channel (VPC) provides redundancies that significantly improve the reliability, high availability, and performance of network infrastructures.
This setup guide gives you step-by-step instructions for configuring your VPC- enabled LANCOM core and aggregation/distribution switches. This document assumes the reader has a general understanding of a switch configuration.

This paper is part of the series “switching solutions“.
Click on the icons to find out more about the information available from LANCOM:

Virtual Port Channel explained in brief

Virtual Port Channel, or VPC for short, is a virtualization technology that makes two interconnected switches appear to devices on the underlying access layer to be a single logical layer-2 node. This is ensured by the “peer link”, which is a virtual group of port channels established via VPC. The connected device could be a switch, server, or other network device that supports link aggregation technology. VPC belongs to the Multi-chassis EtherChannel [MCEC] family and is also known as MC-LAG (Multi-Chassis Link Aggregation Group).

LANCOM Techpaper – Setup guide: VPC configuration with LANCOM switches

The commands below must all be executed in a coordinated manner on both switches. In this example, the configuration is carried out using two LANCOM XS-4530YUP switches.

1. Assign system name
   In order to clearly identify the switches during configuration, the host name should be set correspondingly. The host name is always displayed on the command line at the beginning of a prompt:
   Setting the hostname via CLI

2. Switch stacking ports to Ethernet ports
   Most of the LANCOM VPC-enabled switches are also capable of stacking. However, VPC and stacking are mutually exclusive. A switch that is a member of a VPC domain cannot be a member of a stack at the same time. Stacked switches can of course be redundantly connected to a VPC domain as “VPC Unaware LAG partners” via LACP. If the switch used is stacking-capable, the predefined stacking ports should be put into Ethernet mode. This eliminates accidental stacking (stacks are formed automatically as soon as stacking ports are connected to stacking ports of a compatible switch) and the highest-value stacking ports are available for the VPC interconnect.

Displaying the port mode

The switch must be restarted to change the port mode. With show stack-port you can see that the current mode is still set to Stack , but the configured mode is already Ethernet. After saving the configuration and restarting the switch, the configuration is now Ethernet in both cases.

Check the port mode, save and restart the switch, check again

Activate feature

Activate VPC: Enables the VPC feature on the switch.
Create VPC VLAN and set up VLAN interface

• VPC_1_Node_1
• (VPC_1_Node_1)#
• (VPC_1_Node_1)#config
• (VPC_1_Node_1)(Config)#feature vpc
• WARNING: VPC is supported only on standalone device; it is not
• supported on stacked devices. VPC behavior is undefined if the device is stacked with one another.
• (VPC_1_Node_1)(Config)#
• VPC_1_Node_2
• (VPC_1_Node_2)#
• (VPC_1_Node_2)#config
• (VPC_1_Node_2)(Config)#feature vpc

WARNING: VPC is supported only on standalone device; it is not supported on stacked devices. VPC behavior is undefined if the device is stacked with one another. (VPC_1_Node_2)(Config)#

 Set up the VPC Control Plane

For the VPC keepalive (split-brain detection) of the VPC domain, both switches require a dedicated L3 interface. Use an outband interface (service port / OOB) or an inband interface (VLAN) for this task.

Option 4.1 / alternative 1 (outband)
The out-of-band configuration can be used if the members of the VPC domain are installed close to one another (e.g. in the same rack) or if an out-of-band management network is set up. Without out-of-band management, the service port (OOB, rear of the device) can be connected directly with a patch cable.
In this configuration, a split-brain situation can be detected even if the VPC peer link is down.

Set up VPC Keepalive on the service port

VPC_1_Node_1

• (VPC_1_Node_1)>en
• (VPC_1_Node_1)#serviceport ip 10.10.100.1 255.255.255.0

VPC_1_Node_2

• (VPC_1_Node_2)>en
• (VPC_1_Node_2)#serviceport ip 10.10.100.2 255.255.255.0

Option 4.2 / Alternative 2 (Inband)
The inband configuration can be used for VPC domains that cover long distances where direct cabling via the service port is not possible. In this case, a device failure of the peer node can be detected. However, the failure of the VPC peer link cannot be compensated because it transports both payload data and the keepalive.
To do this, a new VLAN is first created in the VLAN database (VLAN ID 100 in the following example). The L3 VLAN interface is then created on VLAN 100 and the IP address is assigned according to the network plan.

Set up VPC Keepalive on a VLAN interface

1. VPC_1_Node_1
   • (VPC_1_Node_1)>en
   • (VPC_1_Node_1)#vlan database
   • (VPC_1_Node_1)(Vlan)#vlan 100
   • (VPC_1_Node_1)(Vlan)#vlan routing 100
   • (VPC_1_Node_1)(Vlan)#exit
   • (VPC_1_Node_1)#configure
   • (VPC_1_Node_1)(Config)#interface vlan 100
   • (VPC_1_Node_1)(Interface vlan 100)#ip address 10.10.100.1 /24
   • (VPC_1_Node_1)(Interface vlan 100)#exit
   • (VPC_1_Node_1)(Config)#
2. VPC_1_Node_2
   • (VPC_1_Node_2)>en
   • (VPC_1_Node_2)#vlan database
   • (VPC_1_Node_2)(Vlan)#vlan 100
   • (VPC_1_Node_2)(Vlan)#vlan routing 100
   • (VPC_1_Node_2)(Vlan)#exit
   • (VPC_1_Node_2)#conf
   • (VPC_1_Node_2)(Config)#interface vlan 100
   • (VPC_1_Node_2)(Interface vlan 100)#ip address 10.10.100.2 /24
   • (VPC_1_Node_2)(Interface vlan 100)#exit
   • (VPC_1_Node_2)(Config)#

In the next step, the VPC domain is set up and the peer keepalive is configured to the IP address of the other switch. The lower role priority sets the switch VPC1_Node_1 as the VPC primary node.

Create VPC VLAN and set up VLAN interface

1. VPC_1_Node_1
   • (VPC_1_Node_1)>en
   • (VPC_1_Node_1)#configure
   • (VPC_1_Node_1)(Config)#vpc domain 1
   • (VPC_1_Node_1)(Config-VPC 1)#peer-keepalive destination 10.10.100.2 source 10.10.100.1
   • This command will not take effect until the peer detection is disabled and re-enabled.
   • (VPC_1_Node_1)(Config-VPC 1)#peer detection enable
   • (VPC_1_Node_1)(Config-VPC 1)#peer-keepalive enable
   • (VPC_1_Node_1)(Config-VPC 1)#role priority 10
2. VPC_1_Node_2
   • (VPC_1_Node_2)>en
   • (VPC_1_Node_2)#configure
   • (VPC_1_Node_2)(Config)#vpc domain 1
   • (VPC_1_Node_2)(Config-VPC 1)#peer-keepalive destination 10.10.100.1 source 10.10.100.2
   • This command will not take effect until the peer detection is disabled and re-enabled.
   • (VPC_1_Node_2)(Config-VPC 1)#peer detection enable
   • (VPC_1_Node_2)(Config-VPC 1)#peer-keepalive enable
   • (VPC_1_Node_2)(Config-VPC 1)#role priority 20

 Assign system MAC address

Both devices of the VPC group in the VPC LAG role must appear as a single device to non-VPC-capable lower-layer devices, so the same virtual system MAC must be assigned (default 00:00:00:00:00). The default MAC should urgently be changed to a single unique address, even if only one VPC domain is currently in use. Otherwise, having more than one VPC domain connected to a lower-layer switch may lead to failures.
To avoid conflicts with other systems, we recommend that you use a Locally Administered MAC Address (LAA). If a MAC address generator is used, make sure that the U/L flag = 1 (LAA).

Create VPC VLAN and set up VLAN interface

1. VPC_1_Node_1
   • (VPC_1_Node_1)>en
   • (VPC_1_Node_1)#configure
   • (VPC_1_Node_1)(Config)#vpc domain 1
   • (VPC_1_Node_1)(Config-VPC 1)#system-mac 7A:E6:B0:6D:DD:EE !Eigene MAC!
   • The configured VPC MAC address becomes operational only after both the VPC devices perform primary role re-election(if primary device already exists). (VPC_1_Node_1)(Config-VPC 1)#
2. VPC_1_Node_2
   • (VPC_1_Node_2)>en
   • (VPC_1_Node_2)#configure
   • (VPC_1_Node_2)(Config)#vpc domain 1
   • (VPC_1_Node_2)(Config-VPC 1)#system-mac 7A:E6:B0:6D:DD:EE !Eigene MAC!
   • The configured VPC MAC address becomes operational only after both the VPC devices perform primary role re-election(if primary device already exists). (VPC_1_Node_2)(Config-VPC 1)#

Create VPC peer link

Next, a static LAG is created for the VPC peer link and assigned to the physical ports. The Spanning Tree Protocol must be disabled on the VPC Interconnect. The example uses LAG1 and physical ports 1/0/29 and 1/0/30 (see network diagram).

Configuring the VPC Interconnect

1. VPC_1_Node_1
   • (VPC_1_Node_1)(Config)#interface lag 1
   • (VPC_1_Node_1)(Interface lag 1)#description “VPC-Peer-Link”
   • (VPC_1_Node_1)(Interface lag 1)#no spanning-tree port mode
   • (VPC_1_Node_1)(Interface lag 1)#vpc peer-link
   • (VPC_1_Node_1)(Interface lag 1)#exit
   • (VPC_1_Node_1)(Config)#interface 1/0/29-1/0/30
   • (VPC_1_Node_1)(Interface 1/0/29-1/0/30)#addport lag 1
   • (VPC_1_Node_1)(Interface 1/0/29-1/0/30)#description “VPC-Peer-Link”
   • (VPC_1_Node_1)(Interface 1/0/29-1/0/30)#exit
2. VPC_1_Node_2
   • (VPC_1_Node_2)(Config)#interface lag 1
   • (VPC_1_Node_2)(Interface lag 1)#description “VPC-Peer-Link”
   • (VPC_1_Node_2)(Interface lag 1)#no spanning-tree port mode
   • (VPC_1_Node_2)(Interface lag 1)#vpc peer-link
   • (VPC_1_Node_2)(Interface lag 1)#exit
   • (VPC_1_Node_2)(Config)#interface 1/0/29-1/0/30
   • (VPC_1_Node_2)(Interface 1/0/29-1/0/30)#addport lag 1
   • (VPC_1_Node_2)(Interface 1/0/29-1/0/30)#description “VPC-Peer-Link”
   • (VPC_1_Node_2)(Interface 1/0/29-1/0/30)#exit

Outside of the VPC, the VPC Interconnect functions like a regular uplink. Here, too, all configured VLANs must be able to be transmitted. The VLAN-Range command as shown configures all known VLANs on the LAG. If additional VLANs are created, they must be added subsequently to the Interconnect.

Assign the configured VLANs to the VPC peer link

1. VPC_1_Node_1
   • (VPC_1_Node_1)#conf
   • (VPC_1_Node_1)(Config)#interface lag 1
   • (VPC_1_Node_1)(Interface lag 1)#vlan participation include 1-4093
   • (VPC_1_Node_1)(Interface lag 1)#vlan tagging 2-4093
   • (VPC_1_Node_1)(Interface lag 1)#exit
   • (VPC_1_Node_1)(Config)#exit
   • (VPC_1_Node_1)#
2. VPC_1_Node_2
   • (VPC_1_Node_2)#conf
   • (VPC_1_Node_2)(Config)#interface lag 1
   • (VPC_1_Node_2)(Interface lag 1)#vlan participation include 1-4093
   • (VPC_1_Node_2)(Interface lag 1)#vlan tagging 2-4093
   • (VPC_1_Node_2)(Interface lag 1)#exit
   • (VPC_1_Node_2)(Config)#exit
   • (VPC_1_Node_2)#

Enable UDLD (optional / if required)

If the VPC domain covers long distances via fiber-optic cables, it can occur that one of the fiber pairs fails at one end (e.g. mechanical damage). In this case, from the perspective of a switch, the transmit direction is disturbed, while the receive direction still works. The switch with a functional receive direction has no way of detecting a failure in the send direction, so it continues to send on this interface, which leads to packet loss. The UDLD (Unidirectional Link Detection) function provides a solution here. This takes the port affected by the fault completely out of service. For short connections (short fiber-optic patch cables within a rack, or DAC cables) this step is usually unnecessary.

Assign the configured VLANs to the VPC peer link

1. VPC_1_Node_1
   • (VPC_1_Node_1)>en
   • (VPC_1_Node_1)#conf
   • (VPC_1_Node_1)(Config)#int 1/0/29-1/0/30
   • (VPC_1_Node_1)(Interface 1/0/29-1/0/30)#udld enable
   • (VPC_1_Node_1)(Interface 1/0/29-1/0/30)#udld port aggressive
   • (VPC_1_Node_1)(Interface 1/0/29-1/0/30)#exit
   • (VPC_1_Node_1)(Config)#exit
   • (VPC_1_Node_1)#
2. VPC_1_Node_2
   • (VPC_1_Node_2)>en
   • (VPC_1_Node_2)#conf
   • (VPC_1_Node_2)(Config)#int 1/0/29-1/0/30
   • (VPC_1_Node_2)(Interface 1/0/29-1/0/30)#udld enable
   • (VPC_1_Node_2)(Interface 1/0/29-1/0/30)#udld port aggressive
   • (VPC_1_Node_2)(Interface 1/0/29-1/0/30)#exit
   • (VPC_1_Node_2)(Config)#exit
   • (VPC_1_Node_2)#

 Connecting a lower-layer switch via LACP (Link-Aggregation Control

Protocol)

The redundant connection of a lower-layer switch is shown using the example of a LANCOM GS-3652X. For this example, additional VLANs were created in the VLAN database (10-170) and assigned to the VPC peer link as described above. On the

VPC domain side, interfaces 1/0/1 are used on both nodes and interfaces 1/0/1-1/0/2 are used on the GS-3652X on the lower layer.
In the LAG 2 configuration, vpc2 specifies the shared port-channel ID within the VPC domain. For the sake of clarity, it is advisable to use the local port-channel IDs (light blue) on both nodes and also the VPC port-channel ID (electric blue) to match. The local LAG IDs of the VPC nodes do not have to match one another or the VPC LAG ID. It is important that the connection of a logical VPC LAG to a third-party device always has the same VPC port channel ID.

Create the VPC port channel on the nodes of the VPC domain 1

1. VPC_1_Node_1
   • (VPC_1_Node_1)>en
   • (VPC_1_Node_1)#conf
   • (VPC_1_Node_1)(Config)#interface 1/0/1
   • (VPC_1_Node_1)(Interface 1/0/1)#description LAG2-Downlink-GS-3652X (VPC_1_Node_1)(Interface 1/0/1)#addport lag 2
   • (VPC_1_Node_1)(Interface 1/0/1)#exit
   • (VPC_1_Node_1)(Config)#interface lag 2
   • (VPC_1_Node_1)(Interface lag 2)#description Downlink-GS-3652X
   • (VPC_1_Node_1)(Interface lag 2)#no port-channel static
   • (VPC_1_Node_1)(Interface lag 2)#vlan participation include 1,10-170 (VPC_1_Node_1)(Interface lag 2)#vlan tagging 10-170
   • (VPC_1_Node_1)(Interface lag 2)#vpc 2
   • (VPC_1_Node_1)(Interface lag 2)#exit
   • (VPC_1_Node_1)(Config)#exit
   • (VPC_1_Node_1)#write memory con
   • Config file ‘startup-config’ created successfully.
   • Configuration Saved!
   • (VPC_1_Node_1)#
2. VPC_1_Node_2
   • (VPC_1_Node_2)>en
   • (VPC_1_Node_2)#conf
   • (VPC_1_Node_2)(Config)#interface 1/0/1
   • (VPC_1_Node_2)(Interface 1/0/1)#description LAG2-Downlink-GS-3652X (VPC_1_Node_2)(Interface 1/0/1)#addport lag 2
   • (VPC_1_Node_2)(Interface 1/0/1)#exit
   • (VPC_1_Node_2)(Config)#interface lag 2
   • (VPC_1_Node_2)(Interface lag 2)#description Downlink-GS-3652X
   • (VPC_1_Node_2)(Interface lag 2)#no port-channel static
   • (VPC_1_Node_2)(Interface lag 2)#vlan participation include 10-170 (VPC_1_Node_2)(Interface lag 2)#vlan tagging 10-170
   • (VPC_1_Node_2)(Interface lag 2)#vpc 2
   • (VPC_1_Node_2)(Interface lag 2)#exit
   • (VPC_1_Node_2)(Config)#exit
   • (VPC_1_Node_2)#write memory confirm
   • Config file ‘startup-config’ created successfully.
   • Configuration Saved!
   • (VPC_1_Node_2)#

The switch on the lower layer can then be configured.

Create the VPC port channel on the nodes of the VPC domain 1

GS-3652X (VPC Unaware LAG Partner)

• GS-3652X#
• GS-3652X# conf
• GS-3652X(config)#
• GS-3652X(config)# int GigabitEthernet 1/1-2
• GS-3652X(config-if)# description LAG-Uplink
• GS-3652X(config-if)# aggregation group 1 mode active
• GS-3652X(config-if)# switchport mode hybrid
• GS-3652X(config-if)# switchport hybrid allowed vlan all
• GS-3652X(config-if)# exit
• GS-3652X(config)# exit
• GS-3652X# copy running-config startup-config
• Building configuration…
• % Saving 14319 bytes to flash:startup-config
• GS-3652X#
  After successful configuration and cabling, check the configuration with the following commands:

Checking the configuration on VPC_1_Node_1 (example)

Checking the configuration on VPC_1_Node_1 (example)

Functional test

Further information

For a full overview of VPC commands, see the CLI Reference Manual LCOS SX 5.20. General configuration instructions and assistance can also be found in the LANCOM Support Knowledge Base under “Articles on Switches & Switching”.

LANCOM Systems GmbH
A Rohde & Schwarz Company Adenauerstr. 20/B2
52146 Wuerselen | Germany
info@lancom.de | lancom-systems.com

LANCOM, LANCOM Systems, LCOS, LANcommunity and Hyper Integration are registered trademarks. All other names or descriptions used may be trademarks or registered trademarks of their owners. This document contains statements relating to future products and their attributes. LANCOM Systems reserves the right to change these without notice. No liability for technical errors and / or omissions. 06/2024

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>