Cisco Nexus VPC Sticky Master

Scene

In a production environment, we often separate one of the Nexus switches from VPC domain, such as upgrades or disaster preparedness drills. But one of the details is that Sticky Master 's state is rarely noticed, so this can lead to network outages.

In a VPC environment, both vpcs perform role elections, with priority configuration, assuming that n7k-1 is primary , N7k-2 is secondary .

Step One

When we separate the n7k-2 from the VPC environment, the n7k-2 Peer-link, KeepAlive, and all the upper and lower interfaces are broken off.
At this time two devices are in a double-active state, n7k-1 primary , n7k-2 for secondary，operational primary .
Of course, because the n7k-2 is not connected to the network, the network has no impact.

Step Two

When we finish the operation of N7k-2, will n7k-2 access back to the network, this time will generally see, N7k-1 became primary，operational secondary the VPC interface suspend.

Questions

Why in N7k-1 clearly for primary , n7k-2 for secondary,operational Primary case, the two devices connected N7k-1 became primary,operation secondary ?

Sticky Master

This is because inside a VPC, there is a parameter calledSticky Master, when a secondary becomesoperational primary, it will be its ownSticky MasterSet to True.
N7k-1 because it's always been primary,Sticky Masterhas been false,n7k-2 because of role bySecondarySwitch toSecondary, operational primary,Sticky Masterhas been set to true.
In this case, when two devices re-establish the VPC relationship,Sticky MasterDevices that are set to true will remain role-invariant,Sticky MasterA device that is set to False will choose another available role, which isprimary，operation secondary。
Therefore, the n7k-1 will converge, suspend all VPC interfaces, recheck the interface status, and restore the interface. At this point, if the VPC interface on the n7k-2 is not up, it will cause a network outage.

Device network Check

This can be avoided, mainly when the new device joins the VPC domain before the sticky master check, using show system internal vpcm info global | i Sticky the command, you can see the following two kinds of situations:

Situation One

nx-os# Show System Internal VPCM Info Global | I stickysticky master:true

This time is unable to access the network, or will seize the current primary role.

Situation Two

nx-os# Show System Internal VPCM Info Global | I stickysticky Master:false

This is the time to access the network, will automatically become secondary.

How to reset Sticky

Once you check the sticky master to true, you need to reset the status to false before accessing the network.
There are two methods of resetting:
1. Reconfigure the priority level, even if the priority is the same.

VPC Domain 32768

2. If the configuration priority cannot be reset, then only restart the device.

Reference:
"1" http://www.cisco.com/c/en/us/support/docs/interfaces-modules/nexus-7000-series-supervisor-1-module/119033- technote-nexus-00.html?dtid=osscdc000283

This article is from the "pineapple Flavored Coffee Territory" blog, reproduced please contact the author!

Cisco Nexus VPC Sticky Master