Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
After a specific failure of the virtual peer-link the tunnel used to traverse CFS traffic may fail to recover after the virtual peer-link is brought back up. The virtual peer-link shows "UP" but no VLANS forwarding over the peer-link and CFS traffic does not make it through the tunnel. N9k-SW01# show vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary Number of vPCs configured : 10 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Enabled, timer is off.(timeout = 360s) Delay-restore status : Timer is off.(timeout = 150s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Enabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po500 up - - The switch shows ICMP connectivity and a route installed to the remote vMCT loopback IP - The switch shows vPC vlans in an error state due to "vPC peer is not reachable over cfs" N9k-SW01# show interface status err-vlans -------------------------------------------------------------------------------- Port Name Err-Vlans Status -------------------------------------------------------------------------------- Po500 "vpc-peer-link" 1,1401-1404,1406-1407,1411- vPC peer is not 1412,1421,1424,1429-1430,14 reachable over 37-1440,3201-3207 cfs
VxLAN deployment utilizing virtual peer-link within the vPC domain.
Flapping the uplinks that are used to build the virtual peer-link will force the virtual peer-link to re-initialize and should recover from this state. If flapping the uplinks does not recover the peer-link, a reload is required.
This issue can be seen after the route to the vPC peer's loopback IP used to build the virtual peer-link is removed and then re-installed into the routing table. In some cases it takes a single remove/re-install of the route and in other cases it requires multiple remove/re-installs of the route to introduce this state.