Cisco on ittechnetworkk

vPC on Cisco Nexus 9000

Wed, 08 Apr 2026 10:00:00 +0200

What is vPC?

Virtual Port Channel (vPC) lets two Nexus switches appear as a single logical switch to downstream devices. Connected hosts or switches see one port-channel spanning both peers — if one peer fails, traffic continues through the other with no STP reconvergence.

Key components:

vPC Peer Link — carries BPDUs, HSRP, control traffic, and orphan port traffic between the two peers. Always a port-channel with at least two 10G/40G/100G members
vPC Peer Keepalive — a lightweight heartbeat (UDP 3200) used only to detect a dual-active (split-brain) scenario. Runs over a dedicated port-channel in a separate VRF — keeping it off the management plane for security and redundancy
vPC Member Ports — port-channels on each peer that share a common vpc ID, forming a single logical channel to the downstream device
vPC Domain — the logical grouping that binds the two peers together

Topology

            ┌──────────┐       ┌──────────┐
            │  NEXUS-1 │       │  NEXUS-2 │
            │ (vPC Pri)│       │ (vPC Sec)│
            └──┬──┬──┬─┘       └─┬──┬──┬──┘
               │  │  │           │  │  │
    Keepalive──│──│──│───────────│──│──│──Keepalive
   (Po20/VRF)  │  │  │           │  │  │ (Po20/VRF)
               │  │  └───────────┘  │  │
               │  │   Peer Link     │  │
               │  │  (Po10: 2x40G)  │  │
               │  │                 │  │
               │  └────────┬────────┘  │
               │      vPC Member       │
               │     (Po100: 2x10G)    │
               │           │           │
               │      ┌────┴────┐      │
               │      │ SERVER  │      │
               └──────┤ / ToR   ├──────┘
                      └─────────┘

Addressing Reference

Device	Interface	IP Address	Purpose
NEXUS-1	Po20 (VRF VPC-KA)	10.10.10.1/30	Peer Keepalive
NEXUS-2	Po20 (VRF VPC-KA)	10.10.10.2/30	Peer Keepalive
NEXUS-1	Vlan100	172.16.100.2/24	HSRP VIP gateway
NEXUS-2	Vlan100	172.16.100.3/24	HSRP VIP gateway
HSRP VIP	—	172.16.100.1/24	Default gateway

Configuration

We’ll build this in order — each step depends on the previous one.

MPLS L3VPN Lab

Wed, 01 Apr 2026 12:48:42 +0200

Overview

This lab builds a full MPLS L3VPN service across an ISP core (AS 35500) with OSPF Area 0 as the IGP, LDP for label distribution, and MP-BGP (VPNv4) for customer route exchange. Two VPNs — RED (AS 25942) and BLUE (AS 48273) — carry overlapping address space through the same physical infrastructure, demonstrating VRF isolation.

Key design choices:

P1 and P4 act as BGP Route Reflectors — PEs only peer with these two, no full-mesh iBGP required
as-override on all PE-CE peerings since both RED CEs share an AS and both BLUE CEs share an AS
OSPF point-to-point network type on all /30 core links (skips DR/BDR election)
All BGP loopback peerings use update-source Loopback0

Here is the topology:

DMVPN Phase 3 Dual Hub with IPSec Lab

Wed, 01 Apr 2026 08:00:00 +0000

Hi everyone, in this lab I’ll walk you through how to configure a Dual Hub DMVPN Phase3 - IPSec topology.

OSPF Route Filtering

Mon, 16 Feb 2026 11:22:31 +0100

Hi everyone, in this article I will walk you through how to configure OSPF Route Filtering through a lab in the exhibit.

Cisco Device Syslog Integration with Wazuh SIEM

Sat, 19 Jul 2025 14:50:44 +0200

Hi everyone, in this article I will guide you through how to integrate Cisco devices (switches and routers) with the Wazuh SIEM tool for centralized logging and monitoring.

Network Time Protocol (NTP)

Tue, 13 May 2025 21:23:07 +0200

In modern networks, accurate time synchronization is crucial for tasks such as logging, authentication, and system coordination. Network Time Protocol (NTP) is a widely used protocol that allows devices on a network to synchronize their clocks with a reliable time source. This guide will walk you through the configuration of NTP on Cisco devices, including manual time setup, using a device as an NTP server, authentication, and debugging.

Dynamic Trunking Protocol (DTP)

Wed, 02 Apr 2025 22:02:02 +0200

Hi everyone, in this article, I will explain what DTP is and how it works.

GRE Over IPSEC LAB

Fri, 21 Feb 2025 22:19:46 +0100

Hello everyone, in this LAB I will configure GRE over IPSec Tunnels with following topology.

GRE LAB

Fri, 21 Feb 2025 22:18:30 +0100

Hello everyone, in this LAB I will configure GRE Tunnels.

VRF-Lite Configuration

Fri, 21 Feb 2025 02:36:28 +0100

Hello everyone, in this LAB I will configure GRE Tunnels with following topology.