排除ACI vPC故障

下载选项

  • PDF     (797.0 KB)
    在各种设备上使用 Adobe Reader 查看
  • ePub     (547.7 KB)
    在 iPhone、iPad、Android、Sony Reader 或 Windows Phone 上使用各种应用查看
  • Mobi (Kindle)     (229.2 KB)
    在 Kindle 设备上查看或在多个设备上使用 Kindle 应用查看
已更新: 2022 年 10 月 17 日
文档 ID:218194

非歧视性语言

此产品的文档集力求使用非歧视性语言。在本文档集中,非歧视性语言是指不隐含针对年龄、残障、性别、种族身份、族群身份、性取向、社会经济地位和交叉性的歧视的语言。由于产品软件的用户界面中使用的硬编码语言、基于 RFP 文档使用的语言或引用的第三方产品使用的语言,文档中可能无法确保完全使用非歧视性语言。 深入了解思科如何使用包容性语言。

关于此翻译

思科采用人工翻译与机器翻译相结合的方式将此文档翻译成不同语言,希望全球的用户都能通过各自的语言得到支持性的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 Cisco Systems, Inc. 对于翻译的准确性不承担任何责任,并建议您总是参考英文原始文档(已提供链接)。

    简介

    本文档介绍确定ACI上的虚拟端口通道(vPC)通信问题所需的命令。

    先决条件

    要求

    本文档没有任何特定的要求。

    使用的组件

    本文档不限于特定的软件和硬件版本。

    本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您的网络处于活动状态,请确保您了解所有命令的潜在影响。

    背景信息

    以应用为中心的基础设施(ACI)和对等设备之间的vPC必须已启动且运行正常,且没有配置问题。

    配置

    拓扑说明

    ACI枝叶1:接口Ethernet 1/1、端口通道5和vPC 343。

    ACI枝叶2:接口Ethernet 1/2、端口通道5和vPC 343。

    NX-OS 1:接口Ethernet 1/1和Ethernet 1/2、端口通道14和vPC 45。

    连接:

                        枝叶1 Eth1/1 <-> NX-OS 1 Eth1/1

                        枝叶2 Eth1/2 <-> NX-OS 1 Eth1/2

    网络图

    Network Diagram

    验证

    使用本部分可确认配置能否正常运行。

    思科 CLI 分析器(仅适用于注册客户)支持某些 show 命令。使用Cisco CLI分析器查看show命令输出的分析。

     使用命令show vpc brief vpc x您可以看到vPC的状态(打开/关闭)。

    LEAF1#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id   Port   Status Consistency Reason                 Active vlans
--   ----   ------ ----------- ------                 ------------
343  Po5    up     success     success                100   
    LEAF2#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id   Port   Status Consistency Reason                 Active vlans
--   ----   ------ ----------- ------                 ------------
343  Po5    up     success     success                100       

    使用命令 show port-channel summary interface port-channel x 您可以看到端口通道的状态(Up/Down)、当前标志和配置它的物理接口。

    LEAF1#show port-channel summary interface port-channel 5
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
        F - Configuration failed
-------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
-------------------------------------------------------------------------------
5     Po5(SU)     Eth      LACP      Eth1/1(P)    
    LEAF2#show port-channel summary interface port-channel 5
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
        F - Configuration failed
-------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
-------------------------------------------------------------------------------
5     Po5(SU)     Eth      LACP      Eth1/2(P)    

    故障排除

    本节提供可用于对配置进行故障排除的信息。

    电缆错误问题

    在APIC GUI上,您必须看到以下故障:

    Fault F0518: A configuration is not consistent with peer node. Misconfigured due to vPC link in the 2 switches connected to different partners.

    Network Diagram - LEAF connections

    ACI枝叶1:接口Ethernet 1/1、端口通道5和vPC 343。

    ACI枝叶2:接口Ethernet 1/2、端口通道5和vPC 343。

    NXOS 1:接口Ethernet 1/1和Ethernet 1/2,端口通道14和vPC 45。

    连接:

                        枝叶1 Eth1/1 <-> NXOS 1 Eth1/1

                        枝叶2 Eth1/2 <-> NXOS 1 Eth1/2

    如果遇到此问题,输出将如下所示:

    LEAF1#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id   Port   Status Consistency Reason                 Active vlans
--   ----   ------ ----------- ------                 ------------
343  Po5    up     failed      vpc port               100
                                   channel                     
                                   mis-config                                      
                                   due to vpc                                      
                                   links in the                                    
                                   2 switches                                     
                                   connected to                                    
                                   different                                      
                                   partners      
    LEAF2#show vpc brief vpc 343
vPC status
----------------------------------------------------------------------
id   Port   Status Consistency Reason                 Active vlans
--   ----   ------ ----------- ------                 ------------
343  Po5    up     failed      vpc port               100
                                   channel                     
                                   mis-config                                      
                                   due to vpc                                      
                                   links in the                                    
                                   2 switches                                     
                                   connected to                                    
                                   different                                      
                                   partners  
    LEAF1#show port-channel summary interface port-channel 5
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
        F - Configuration failed
-------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
-------------------------------------------------------------------------------
5     Po5(SD)     Eth      LACP      Eth1/1(D)   
    LEAF2#show port-channel summary interface port-channel 5
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
        F - Configuration failed
-------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
-------------------------------------------------------------------------------
5     Po5(SD)     Eth      LACP      Eth1/2(D)    
    LEAF1# show lacp interface ethernet 1/1 | grep Lag
Lag Id: [ [(7f9b, 0-11-1-aa-aa-aa, 8157, 8000, 10d), (8000, 0-22-2-bb-bb-bb, 65, 8000, 125)] ]
    LEAF2# show lacp interface ethernet 1/2 | grep Lag
Lag Id: [ [(7f9b, 0-11-1-aa-aa-aa, 8157, 8000, 10d), (8000, 0-33-3-cc-cc-cc, 65, 8000, 125)] ]

    连接的设备延迟信息(输出命令中的第二个矢量)在两个输出上必须相同。同样,矢量1在两者上必须相同。

    下一步:

    如果您有此行为,则必须检查物理连接,以确保端口上的连接尚未交换。

    检测到单个端口(按环路)

    在APIC GUI上,您必须看到以下故障:

    Fault F2705: A vPC interface goes down while peer interface is up.

    Fault F2533: A loop was detected by the MCP protocol on ACI.

    此问题影响在对等设备上运行STP协议的vPC拓扑。

    Network Diagram - LEAF 1 connection

    ACI枝叶1:接口Ethernet 1/1和Ethernet 1/2,端口通道5和vPC 343

    NXOS 1:接口Ethernet 1/1、Port-Channel 14和vPC 45

    NXOS 2:接口Ethernet 1/2、端口通道14和vPC 45

    连接:

                        枝叶1 Eth1/1 <-> NXOS 1 Eth1/1

                        枝叶1 Eth1/2 <-> NXOS 2 Eth1/2

    对于此故障排除步骤,了解MisCabling Protocol(MCP)的概念非常重要。

    MCP检测来自外部源的环路(服务器、使用STP的外部网络设备的错误行为等),并错误禁用ACI接收其自身数据包的接口。

    要了解有关MCP的详细信息,请参阅:对ACI使用MCP

    如果存在此问题,输出如下所示:

    LEAF2#show mcp internal info interface eth 1/2
    ------------------------------------------
    Interface: Ethernet1/2
    Native PI VLAN: 100
    Native Encap VLAN: 1
    BPDU Guard: disabled
    BPDU Filter: disabled
    Port State: down
    Layer3 Port: false
    Switching State: enabled
    Mac Address: AA:AA:AA:AA:AA:01
    Interface MCP enabled: true
    ------------------- STP STATS --------------------
    MSTP Count: 0
    RSTP Count: 4
    MSTP TC Count: 0
    RSTP TC Count: 4
    PVRSTP TC Count: 4
    TCN Count: 0
    PVID Error BPDU Count: 5
    Error Packet Count: 0
    BPDU Guard Event Count: 0
    --------------- LOOP-DETECTION STATS ---------------
    MCP packets sent(Per-vlan): 1278
    MCP packets received: 23
    MCP invalid packets received: 19
    MCP packets received with invalid digest: 0
    MCP packets received when switching state is disabled: 0
    Interface is a member of port-channel 
    Number of active VLANs: 1
    Number of VLANS in MCP packets are sent: 1
    MCP enabled vlans: 
    628
    MCP loop detected at: Tue Jul 19 09:34:46 2022
    MCP loop detected in VLAN: 100
    -------------- MCP Remote Peer Info --------------
    No remote peers exist

    :必须解决环路问题,以避免禁用接口才能继续使用vPC。

    一旦解决了环路问题,并且物理接口处于工作状态,但vPC接口继续运行,其中有一个接口处于关闭状态,另一个接口处于单独状态:

    LEAF1#show port-channel summary interface port-channel 5
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
        F - Configuration failed
-------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
-------------------------------------------------------------------------------
5     Po5(SD)     Eth      LACP      Eth1/1(I)    
    LEAF2#show port-channel summary interface port-channel 5
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
        F - Configuration failed
-------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
-------------------------------------------------------------------------------
5     Po5(SD)     Eth      LACP      Eth1/2(D)    

    下一步:

    确保端口通道配置在两端正确,且通道捆绑正确。

    如果两端配置正确并且在环路之前运行良好,请尝试以下操作:

    导航至:

    Fabric -> Inventory -> Pod -> Leaf x -> Interfaces -> VPC interfaces -> vpc -> Port-channel interface where is included the physical port 1/x -> right-click and select Disable.

    然后等待10秒,右键单击并选择Enable.

    Enable VPC Interface

    这些步骤必须在受影响的接口上执行,以强制端口通道与对等设备同步,而且此过程之后必须正常运行。

    接口更改为运行关闭

    在APIC GUI上,您必须看到以下故障:

    Fault F1296: A vPC interface goes down while peer interface is also down.

    a vPC Interface goes down

    此示例说明接口必须如何显示信息:

    Leaf1# show interface port-channel 5
    port-channel5 is down (port-channel-members-down)
    admin state is up
    Hardware: Port-Channel, address: xxxx.xxxx.xx01 (bia xxxx.xxxx.xx01)
    MTU 9000 bytes, BW 100000000 Kbit, DLY 1 usec
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, medium is broadcast
    Port mode is trunk
    full-duplex, 100 Gb/s
    Input flow-control is off, output flow-control is off
    Auto-mdix is turned on
    EtherType is 0x8100
    Members in this channel: eth1/1

    您必须查看并放弃以下主题:

    • 物理问题(收发器和电缆)必须是进行检查的第一步。
    • 两端配置更改。
    • 在枝叶接口上收到了链路汇聚控制协议(LACP)信息。

    LACP日志

    您可以使用命令show lacp internal event-history interface ethernet 1/x要获取与LACP状态相关的事件,如以下示例:

    Leaf1#show lacp internal event-history interface ethernet 1/1

    Output omitted
    ...

    9) FSM:<Ethernet1/1> Transition at 2022-07-15T08:43:06.121732000+00:00
    Previous state: [LACP_ST_DETACHED_LAG_NOT_DETERMINED]
    Triggered event: [LACP_EV_RECEIVE_PARTNER_PDU_TIMED_OUT_II_INDIVIDUAL]
    Next state: [LACP_ST_INDIVIDUAL_OR_DEFAULT]

    Output omitted
    ...

    18) FSM:<Ethernet1/1> Transition at 2022-07-15T08:46:24.298022000+00:00
    Previous state: [LACP_ST_DETACHED_LAG_NOT_DETERMINED]
    Triggered event: [LACP_EV_RECEIVE_PARTNER_PDU_TIMED_OUT]
    Next state: [FSM_ST_NO_CHANGE]

    Output omitted
    ...

    23) FSM:<Ethernet1/1> Transition at 2022-07-15T08:46:27.299819000+00:00
    Previous state: [LACP_ST_DETACHED_LAG_NOT_DETERMINED]
    Triggered event: [LACP_EV_RECEIVE_PARTNER_PDU_TIMED_OUT_II_INDIVIDUAL]
    Next state: [LACP_ST_INDIVIDUAL_OR_DEFAULT]

    Output omitted
    ...

    24) FSM:<Ethernet1/1> Transition at 2022-07-15T08:52:25.204611000+00:00
    Previous state: [LACP_ST_INDIVIDUAL_OR_DEFAULT]
    Triggered event: [LACP_EV_LACP_DOWN_OR_PORT_DOWN]
    Next state: [LACP_ST_PORT_IS_DOWN_OR_LACP_IS_DISABLED]

    示例日志显示ACI未收到来自对等设备的正确应答,在某些情况下,在保活计时器到期之前,对等设备不会发送PDU/LACP。

    下一步:

    现在,您需要检验对等设备的配置和状态。

    思科 CLI 分析器(仅适用于注册客户)支持某些 show 命令。使用Cisco CLI分析器查看show命令输出的分析。

    注意:使用debug命令前,请参阅有关Debug命令的重要信息。

    相关信息

    修订历史记录

    版本 发布日期 备注
    1.0
    17-Oct-2022
    初始版本
    TAC Authored

    由思科工程师提供

    • Yosef Garcia
      技术咨询工程师
    • TAC Engineers

    此文档是否有帮助?

    Feedback反馈

    联系我们

    本文档适用于以下产品