OPERATIONAL DEFECT DATABASE
...
...
After a specific failure of the virtual peer-link the tunnel used to traverse CFS traffic may fail to recover after the virtual peer-link is brought back up. The virtual peer-link shows "UP" but no VLANS forwarding over the peer-link and CFS traffic does not make it through the tunnel. N9k-SW01# show vpc brief Legend: (*) - local vPC is down, forwarding via vPC peer-link vPC domain id : 1 Peer status : peer adjacency formed ok vPC keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vPC role : secondary Number of vPCs configured : 10 Peer Gateway : Enabled Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Enabled, timer is off.(timeout = 360s) Delay-restore status : Timer is off.(timeout = 150s) Delay-restore SVI status : Timer is off.(timeout = 10s) Operational Layer3 Peer-router : Disabled Virtual-peerlink mode : Enabled vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ ------------------------------------------------- 1 Po500 up - - The switch shows ICMP connectivity and a route installed to the remote vMCT loopback IP - The switch shows vPC vlans in an error state due to "vPC peer is not reachable over cfs" N9k-SW01# show interface status err-vlans -------------------------------------------------------------------------------- Port Name Err-Vlans Status -------------------------------------------------------------------------------- Po500 "vpc-peer-link" 1,1401-1404,1406-1407,1411- vPC peer is not 1412,1421,1424,1429-1430,14 reachable over 37-1440,3201-3207 cfs
VxLAN deployment utilizing virtual peer-link within the vPC domain.
Flapping the uplinks that are used to build the virtual peer-link will force the virtual peer-link to re-initialize and should recover from this state. If flapping the uplinks does not recover the peer-link, a reload is required.
This issue can be seen after the route to the vPC peer's loopback IP used to build the virtual peer-link is removed and then re-installed into the routing table. In some cases it takes a single remove/re-install of the route and in other cases it requires multiple remove/re-installs of the route to introduce this state.
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
