Symptom

Filing enhancement to augment 'show vpc consistency-parameter global' to explicitly call out that the VPC VTEP secondary IP is mismatched. When this occurs, currently we only see that L2 VNI VLANs are suspended. sh vpc consistency-parameters global Legend: Type 1 : vPC will be suspended in case of mismatch Name Type Local Value Peer Value ------------- ---- ---------------------- ----------------------- nve configuration 1 nve mismatched nve mismatched nve secondary IP 1 X.X.X.X Y.Y.Y.Y.Y <<< as an example. NOTE: the key symptom that points to the real cause (VPC VTEP NVE interface inconsistency due to mistmatched secondary IP) is from the following vpc trace (available in show tech vpc) `show system internal vpcm info trace` " mcecm_param_cmpt_chk_local_remote_q_sap(5706):Compat check failed for app-sap[1304]. Cmp_func returned [(null)] SAP 1304 belongs to NVE MTS SAP" otherwise, the following outputs just report the incompatibility without tying it to the fundamental cause: Type 1 compatibility check failure after deploying new EVPN VXLAN Vlan with DCNM auto-config 1. syslog messages first shows VLAN provisioned on the peer-link (expected) but then syslog report 'FWM-3-NVE_LIBINIT: NVE library not initialized by client in nve_vni_export_get_data' and the VPC compatibility check failure Nexus-56-1# show logging log 020 Jul 1 17:11:22.997 OKDC01-SL-17 %SYSLOG-1-SYSTEM_MSG : Logging logfile (messages) cleared by user 2020 Jul 1 17:12:30.491 OKDC01-SL-17 %ETHPORT-3-IF_ERROR_VLANS_ERROR: VLANs 2014 on Interface port-channel1 are in error state. (Reason: Vlan is not allowed on Peer-link) 2020 Jul 1 17:12:30.524 OKDC01-SL-17 %ETHPORT-3-IF_ERROR_VLANS_ERROR: VLANs 2014 on Interface port-channel1 are in error state. (Reason: Vlan is not allowed on Peer-link) 2020 Jul 1 17:12:30.524 OKDC01-SL-17 %ETHPORT-3-IF_ERROR_VLANS_REMOVED_ERRORLIST: VLANs 2014 on Interface port-channel1 are removed from error state. (Reason: SUCCESS) 2020 Jul 1 17:12:30.568 OKDC01-SL-17 %FWM-3-NVE_LIBINIT: NVE library not initialized by client in nve_vni_export_get_data 2020 Jul 1 17:12:30.588 OKDC01-SL-17 %ETHPORT-3-IF_ERROR_VLANS_ERROR: VLANs 2014 on Interface port-channel1 are in error state. (Reason: Global compat check failed) <<<<<<<<<<< 2020 Jul 1 17:12:30.637 OKDC01-SL-17 %ETHPORT-3-IF_ERROR_VLANS_REMOVED_ERRORLIST: VLANs 2014 on Interface port-channel1 are removed from error state. (Reason: SUCCESS) 2. confirmed VLAN 2014 correctly created with its vni (matches the template) sh run vlan 2014 version 7.3(7)N1(1b) vlan 2014 vn-segment 30004 3. VPC inconsistency reported for newly added L2 VNI VLANs which are being suspended sh vpc consistency-parameters global Legend: Type 1 : vPC will be suspended in case of mismatch Name Type Local Value Peer Value ------------- ---- ---------------------- ----------------------- nve configuration 1 nve nve Allowed VLANs - 1,2014,3965 1,2014,3965 Local suspended VLANs - 2014 <<<<<<<<<<< broken state

Conditions

VPC pair of Nexus 56xx configured for auto-config fabric deployment with DCNM 10.2.x or 10.3.x trigger: either deploy new vlan (e.g. 2014) on VPC pair peer-link (e.g. Po1) via DCNM or manually pull the new VLAN from DCNM LDAP server by issuing the following CLI on the switches Nexus-56-1# fabric database auto-pull dot1q 2014 interface port-channel1 Nexus-56-2# fabric database auto-pull dot1q 2014 interface port-channel1

Workaround

Further Problem Description