During the Cisco Live 2016 in Las Vegas, Cisco presented the new feature named “StackWise virtual” supported by the IOS XE Denali in the 3850 switch series and later, in the new Cisco Catalyst 9500 family.
Similarly to the old Virtual Switching System (VSS), the stackwise virtual allows the clustering of two chassis together into a single, logical entity, to allow high availability, scalability, management and maintenance.
This capability enables a loop-free Layer 2 network topology, since the StackWise Virtual switches are treated as one logical switch for both access and core switches.
The StackWise Virtual switch also simplifies the Layer 3 network topology by presenting itself as one logical switch, thus reducing the number of routing peers in the network.
Components used in a StackWise virtual configuration:
StackWise Virtual link (red links)
It carries data traffic and in-band control traffic between two switches. All the frames that are forwarded over the StackWise Virtual link are encapsulated with a special StackWise Virtual Header (SVH). The data is sent over a StackWise Virtual link under the following circumstances:
- Layer 2 traffic flooded over a VLAN.
- Packets processed by software and not by hardware!
- System data, such as NetFlow export data and SNMP data.
- Layer 3 protocol packets.
- Spanning Tree Protocol: the standby switch redirects the STP BPDUs across the Virtual link to active switch.
Remember: The active and standby switches support hardware forwarding that will individually perform the desired lookups and forward the traffic on local links to uplink neighbors. Hardware forwarding is distributed across both members on Cisco StackWise Virtual thanks to the CPU of the active switch that sends Forwarding Information Base (FIB) updates to the standby switch.
Dual-Active-Detection link (blue link)
If the standby switch detects a complete loss of the StackWise Virtual link, it assumes the active switch has failed and will take over as the active switch. However, if the original StackWise Virtual active switch is still operational, both the switches will now be Cisco StackWise Virtual active switches. This situation is called a dual-active scenario. To avoid this destructive scenario you need to implement the dual-active-detection link; there are two methods to detect dual active scenario: fast-hello or enhanced PAgP.
Note: in case of dual-active condition (stackwise virtual link down) the active switch shuts down all of its non-SVL interfaces to remove itself from the network and the standby switch takes over Active Supervisor role. To recover from Dual Active condition (assuming stackwise virtual link is operational again), you have to reboot switch that is in a recovery mode (ex-Active Supervisor).
Implementing StackWise Virtual
Before configure it, three requirements must be met before:
- Same software version
- Same license type
- Same StackWise Virtual domain
Define the domain:
9500-A#conf t 9500-A(config)#stackwise-virtual 9500-A(config-stackwise-virtual)#domain 1 9500-A(config-stackwise-virtual)#exit
Define the virtual-link:
9500-A(config)#inter ran ten 1/0/1, ten 1/0/2 9500-A(config-if-range)#stackwise-virtual link 1
A system message appears:
WARNING: All the extraneous configurations will be removed for TenGigabitEthernet1/0/1 on reboot INFO: Upon reboot, the config will be part of running config but not part of start up config. WARNING: All the extraneous configurations will be removed for TenGigabitEthernet1/0/2 on reboot INFO: Upon reboot, the config will be part of running config but not part of start up config.
Define the dual-detection link (my favorite is the fast-hello):
A system message appears:
WARNING: All the extraneous configurations will be removed for TenGigabitEthernet1/0/3 on reboot. INFO: Upon reboot, the config will be part of running config but not part of start up config.
Note: All the commands should be executed on each switch (9500-A and 9500-B); then save the configuration and reload the switches.
After the reload, you can check the status of the stack with several commands:
Ciscozine#sh switch Switch/Stack Mac Address : 5486.bc5c.9f00 - Local Mac Address Mac persistency wait time: Indefinite H/W Current Switch# Role Mac Address Priority Version State *1 Active 5486.bc5c.9f00 1 V01 Ready 2 Member 5486.bc5c.9f80 1 V01 Ready
Ciscozine#show stackwise-virtual dual-active-detection Dual-Active-Detection Configuration: Switch Dad port Status ------ ------------ --------- 1 TenGigabitEthernet1/0/3 up 2 TenGigabitEthernet2/0/3 up Ciscozine#
Ciscozine#show stackwise-virtual link Stackwise Virtual Link(SVL) Information: Flags: Link Status U-Up D-Down Protocol Status S-Suspended P-Pending E-Error T-Timeout R-Ready Switch SVL Ports Link-Status Protocol-Status ------ --- ----- ----------- --------------- 1 1 TenGigabitEthernet1/0/1 U R TenGigabitEthernet1/0/2 U R 2 1 TenGigabitEthernet2/0/1 U R TenGigabitEthernet2/0/2 U R Ciscozine#
Note: During a dual active condition the active switch generates these messages:
Jun 10 17:18:52.772 UTC: %NIF_MGR-6-DAD_RECOVERY_MODE: Switch 1 R0/0: nif_mgr: Dual Active detected: Switch going into recovery mode. since peer requested. Peer must have transitioned from Standy to Active . Jun 10 17:18:53.765 UTC: %IOSXE_REDUNDANCY-6-PEER_LOST: Active detected switch 2 is no longer standby
Remember: By default, switch priority is 1. I recommend to increase priority for specific stack member if prefer to boot up in ACTIVE role. To do it use the command “switch 1 priority 15”. After that, the “show switch” shows:
Ciscozine#sh switch Switch/Stack Mac Address : 5486.bc5c.9f00 - Local Mac Address Mac persistency wait time: Indefinite H/W Current Switch# Role Mac Address Priority Version State *1 Active 5486.bc5c.9f00 15 V01 Ready 2 Member 5486.bc5c.9f80 1 V01 Ready
Note:Like the VSS, it is possible reload the entire shelf, the active/standby switch or force a switchover. To do it check this command:
Ciscozine#redundancy ? Redundancy exec commands: config-sync Redundancy config sync commands force-switchover Force a switchover reload Redundancy Facility (RF) reload