Can adding VLANs to a VPC be done hot?

A L
8 years ago
In this scenario, we have a VPC '17', consisting of two single port port-channels 'po17'. There are 2 x N5K's (5548s) - so po17 from both sides combine to create the VPC.
The downstream devices are blade switches (Cisco 3020s). We want to add a new VLAN to one side, then the other without loss of connectivity for the VMs behind the 3020s. Downstream can handle this because if one side fails, the other side picks back up.
I know if one of the Port-Channels in the VPC goes down we still stay up, but since we're adding a new VLAN to one of the VPC member Port-Channel, the VPC will loose consistency and I didn't know if that would cause a problem.
11 Points 0 Comments Share
Mierdin Turn off AdBlock to see the correct answer
8 years ago
While it is certainly a good idea that a VPC has the same allowed VLAN list on all sides, it is not a requirement ..

This site survives thanks to advertising. Disable AdBlock to see the whole correct answer at no cost!
We promise you will not find boring advertisements. Find out how to disable Adblock by clicking on this link.
Remember to update the page once you have disabled it.
Or consider yourself a bad and cruel person 😢 and look at the answer anyway..
11 Points 2 Comments
A L 8 years ago
Hey Mierdin, thanks a ton - especially the reminder about the peer link, I hadn't even thought about that! I feel confident moving ahead with your explanation.
David Rothera 8 years ago
As a side note you will get a log message to say that forwarding has been suspended on VLANX as its not added on the peer link. Asaide from that there is absolutely no issue with adding VLAN's while 'hot', we do it all day long.

Mierdin Correct answer

While it is certainly a good idea that a VPC has the same allowed VLAN list on all sides, it is not a requirement. Take a look at the output of "show vpc consistency-parameters global".

switch# show vpc consistency-parameters global 
Legend:
        Type 1 : vPC will be suspended in case of mismatch
Name                        Type  Local Value            Peer Value             
-------------               ----  ---------------------- -----------------------
QoS                         2     ([], [3], [], [], [],  ([], [3], [], [], [], 
                                  [])                    [])                   
Network QoS (MTU)           2     (1538, 2240, 0, 0, 0,  (1538, 2240, 0, 0, 0, 
                                  0)                     0)                    
Network Qos (Pause)         2     (T, F, F, F, F, F)     (T, F, F, F, F, F)    
Input Queuing (Bandwidth)   2     (50, 50, 0, 0, 0, 0)   (50, 50, 0, 0, 0, 0)  
Input Queuing (Absolute     2     (F, F, F, F, F, F)     (F, F, F, F, F, F)    
Priority)                                                                      
Output Queuing (Bandwidth)  2     (50, 50, 0, 0, 0, 0)   (50, 50, 0, 0, 0, 0)  
Output Queuing (Absolute    2     (F, F, F, F, F, F)     (F, F, F, F, F, F)    
Priority)                                                                      
STP Mode                    1     MST                    MST                   
STP Disabled                1     None                   None                  
STP MST Region Name         1     ""                     ""                    
STP MST Region Revision     1     0                      0                     
STP MST Region Instance to  1                                                  
 VLAN Mapping                                                                  
STP Loopguard               1     Disabled               Disabled              
STP Bridge Assurance        1     Enabled                Enabled               
STP Port Type, Edge         1     Normal, Enabled,       Normal, Enabled,      
BPDUFilter, Edge BPDUGuard        Disabled               Disabled              
STP MST Simulate PVST       1     Enabled                Enabled               
Allowed VLANs               -     1,10,100-101,200-201   1,10,100-101,200-201,2
                                                         000                   
Local suspended VLANs       -     -                      -

Type 1 parameters absolutely MUST match, else the vPC will be suspended. "Allowed VLANs" is neither a Type 1 or Type 2 parameter.

You should be able to modify the allowed VLAN list without problems, but obviously try to keep things consistent regardless, otherwise you'll still have issues, even though the vPC doesn't get suspended.

EDIT: You probably already know this but just to be sure - include the peer-link in your VLAN changes, as the VLAN (not the entire vPC) will show up as "suspended" on all vPCs until you do.

11 Points 2 Comments Share Donate

A L 8 years ago

Hey Mierdin, thanks a ton - especially the reminder about the peer link, I hadn't even thought about that! I feel confident moving ahead with your explanation.

David Rothera 8 years ago

As a side note you will get a log message to say that forwarding has been suspended on VLANX as its not added on the peer link. Asaide from that there is absolutely no issue with adding VLAN's while 'hot', we do it all day long.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM

Tags used

cisco vpc ieee-802.1ax cisco-nexus-5k