vpcEXEC

show vpc

Displays the status and configuration of Virtual Port Channel (vPC) on Cisco NX-OS switches.

Overview

The 'show vpc' command is a fundamental troubleshooting and verification tool for Virtual Port Channel (vPC) technology on Cisco Nexus switches. vPC allows two switches to appear as a single logical device to a downstream device (e.g., server, switch) by bundling ports across both switches into a single port channel. This provides redundancy and increased bandwidth without relying on Spanning Tree Protocol (STP) to block redundant links. The command displays the operational state of the vPC domain, peer adjacency, keepalive status, consistency checks, and individual vPC interfaces.

On Cisco NX-OS, vPC requires a dedicated peer-link (typically a port channel) for control traffic and data forwarding, and a separate peer-keepalive link (usually a management or routed interface) for heartbeat detection. The 'show vpc' command is the first step in verifying that both switches have formed a peer adjacency, that the keepalive is functioning, and that configuration consistency is maintained. Consistency is critical: if Type-1 parameters (e.g., STP mode, VLANs, MTU) differ between peers, the vPC member ports will be suspended to prevent loops.

When troubleshooting, engineers use 'show vpc' to quickly assess the health of the vPC domain. A healthy output shows 'peer adjacency formed ok', 'peer is alive', 'success' for consistency, and all vPCs 'up'. Problems manifest as 'peer adjacency failed', 'peer is dead', 'consistency failed', or vPCs 'suspended'. The command also provides insight into role negotiation (primary/secondary), which determines which switch handles certain control-plane functions. Understanding this output is essential for CCNP Data Center certification and real-world Nexus deployments.

Syntax·EXEC
show vpc [brief | consistency-parameters | peer-keepalive | role | statistics | <vpc-id>]

When to Use This Command

  • Verify vPC peer status and domain configuration after initial setup.
  • Troubleshoot vPC consistency issues causing member ports to suspend.
  • Monitor vPC peer-keepalive link health and role negotiation.
  • Check vPC statistics for packet drops or errors on the peer-link.

Parameters

ParameterSyntaxDescription
briefshow vpc briefDisplays a condensed version of the vPC status, omitting the legend and some details. Useful for quick health checks.
consistency-parametersshow vpc consistency-parametersShows Type-1 and Type-2 consistency parameters that must match between vPC peers. Type-1 mismatches cause vPC suspension.
peer-keepaliveshow vpc peer-keepaliveDisplays detailed peer-keepalive status, including source/destination IP, VRF, and timers. Used to troubleshoot keepalive failures.
roleshow vpc roleShows the vPC role (primary/secondary) and the priority values. Helps understand role election and preemption.
statisticsshow vpc statisticsDisplays packet counters for vPC control and data traffic, including peer-link and keepalive statistics. Useful for detecting drops.
<vpc-id>show vpc <1-4096>Displays detailed information for a specific vPC ID, including member ports, consistency status, and VLANs.

Command Examples

Basic vPC Status

show vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id        : 10
Peer status          : peer adjacency formed ok
vPC keep-alive status: peer is alive
Configuration consistency status: success
Per-vlan consistency status: success
Type-2 consistency status: success
vPC role             : primary
Number of vPCs configured : 2
Peer Gateway          : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status: Timer is off.(timeout = 10s)
Operational Layer3 Peer-router: Disabled
Virtual-peerlink mode: Disabled

vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po100  up     1,10,20,30,100

vPC status
---------------------------------------------------------------------
Id    Port          Status Consistency Reason                Active vlans
--    ------------   ------ ----------- ------                ---------------
20    Eth1/1        up     success     success               1,10,20,30,100
30    Eth1/2        up     success     success               1,10,20,30,100

The output shows vPC domain 10, peer adjacency formed, keepalive alive, consistency success, role primary. Two vPCs configured (20 and 30) are up with active VLANs listed. Peer-link is Po100 up.

vPC Brief Summary

show vpc brief
vPC domain id        : 10
Peer status          : peer adjacency formed ok
vPC keep-alive status: peer is alive
Configuration consistency status: success
vPC role             : primary
Number of vPCs configured : 2
Peer Gateway          : Disabled
Dual-active excluded VLANs : -
vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans
--   ----   ------ --------------------------------------------------
1    Po100  up     1,10,20,30,100

vPC status
---------------------------------------------------------------------
Id    Port          Status Consistency Reason                Active vlans
--    ------------   ------ ----------- ------                ---------------
20    Eth1/1        up     success     success               1,10,20,30,100
30    Eth1/2        up     success     success               1,10,20,30,100

Brief output omits legend and some details but shows key status fields: domain, peer, keepalive, consistency, role, and vPC list.

vPC Consistency Parameters

show vpc consistency-parameters
vPC consistency parameters for domain 10

Type 1 parameters:
  STP Mode: Rapid-PVST
  STP Disabled: None
  STP Port Type: Normal
  STP Port Guard: None
  STP BPDU Filter: None
  STP BPDU Guard: None
  STP Loop Guard: None
  STP Root Guard: None
  Allowed VLANs: 1,10,20,30,100
  Native VLAN: 1
  MTU: 1500
  Admin Duplex: Auto
  Admin Speed: Auto
  Flow Control: Receive Off, Send Off
  LACP Mode: Active
  LACP Rate: Normal
  LACP Port Priority: 32768
  LACP System Priority: 32768
  LACP Suspended Individual: Disabled
  Port Mode: Trunk
  Spanning Tree Port Type: Normal
  Spanning Tree Port Guard: None
  Spanning Tree BPDU Filter: None
  Spanning Tree BPDU Guard: None
  Spanning Tree Loop Guard: None
  Spanning Tree Root Guard: None
  Storm Control Broadcast: Disabled
  Storm Control Multicast: Disabled
  Storm Control Unicast: Disabled
  VLAN Trunking: Enabled

Type 2 parameters:
  Allowed VLANs: 1,10,20,30,100
  Native VLAN: 1
  MTU: 1500
  Admin Duplex: Auto
  Admin Speed: Auto
  Flow Control: Receive Off, Send Off
  Port Mode: Trunk
  Storm Control Broadcast: Disabled
  Storm Control Multicast: Disabled
  Storm Control Unicast: Disabled
  VLAN Trunking: Enabled

Lists Type-1 and Type-2 consistency parameters. Type-1 must match exactly; Type-2 can differ but may cause issues. Shows STP, VLAN, MTU, LACP settings.

Understanding the Output

The 'show vpc' command output is divided into several sections. The first section shows global vPC domain parameters: domain ID, peer status (should be 'peer adjacency formed ok'), keepalive status ('peer is alive'), consistency status ('success'), and role ('primary' or 'secondary'). The 'Number of vPCs configured' indicates how many vPC port channels are defined. 'Peer Gateway' and 'Dual-active excluded VLANs' are configuration options. The second section lists the peer-link status: ID, port channel interface, status (up/down), and active VLANs. The peer-link must be up for vPC to function. The third section lists each configured vPC: ID, member port, status (up/down), consistency status (success/failed), reason if failed, and active VLANs. A healthy vPC shows 'up' and 'success'. Common problems include 'suspended' due to consistency failures or peer-link down. Additional fields like 'Delay-restore status' and 'Auto-recovery' help with convergence tuning. The legend indicates that a local vPC down but forwarding via peer-link is marked with an asterisk.

Configuration Scenarios

Basic vPC Setup with Two Member Ports

Two Nexus switches (Nexus-A and Nexus-B) form a vPC domain to connect to a downstream server with dual-homed NICs.

Topology

+----------+ +----------+ | Nexus-A |----------| Nexus-B | | (primary)| peer-link |(secondary)| +----+-----+ +----+-----+ | | | Eth1/1 | Eth1/1 +---------------------+ | [Server] (vPC member ports)

Steps

  1. 1.Configure vPC domain on both switches with same domain ID.
  2. 2.Create peer-link port channel (e.g., Po100) using two physical links.
  3. 3.Configure peer-keepalive link (e.g., management interface) with source/destination IP.
  4. 4.Create vPC port channel (e.g., Po10) with member interfaces Eth1/1 on both switches.
  5. 5.Verify with 'show vpc'.
Configuration
! Nexus-A
vpc domain 10
  role priority 100
  peer-keepalive destination 10.0.0.2 source 10.0.0.1 vrf management
  delay-restore 30
  peer-gateway
interface port-channel100
  switchport mode trunk
  spanning-tree port type network
  vpc peer-link
interface Ethernet1/1-2
  channel-group 100 mode active
interface port-channel10
  switchport mode trunk
  vpc 10
interface Ethernet1/1
  channel-group 10 mode active

! Nexus-B
vpc domain 10
  role priority 200
  peer-keepalive destination 10.0.0.1 source 10.0.0.2 vrf management
interface port-channel100
  switchport mode trunk
  spanning-tree port type network
  vpc peer-link
interface Ethernet1/1-2
  channel-group 100 mode active
interface port-channel10
  switchport mode trunk
  vpc 10
interface Ethernet1/1
  channel-group 10 mode active

Verify: Run 'show vpc' on both switches. Verify peer status 'ok', keepalive 'alive', consistency 'success', vPC 10 'up'.

Watch out: Ensure peer-keepalive uses a separate VRF (e.g., management) and not the same as peer-link to avoid routing loops.

Troubleshooting with This Command

When troubleshooting vPC issues on Cisco NX-OS, start with 'show vpc' to assess the overall health. If peer status is not 'peer adjacency formed ok', check the peer-link: ensure the port channel is up, both sides have the same vPC domain ID, and the peer-link is configured with 'vpc peer-link'. Use 'show port-channel summary' to verify the peer-link port channel is up. If keepalive shows 'peer is dead', verify IP connectivity between the keepalive source and destination, check VRF configuration, and ensure UDP port 3200 is not blocked. If consistency status shows 'failed', use 'show vpc consistency-parameters' to identify mismatched Type-1 parameters. Common mismatches include STP mode, allowed VLANs, native VLAN, MTU, and LACP settings. Correct the mismatch on one switch to match the other. If individual vPCs are 'suspended', check the consistency reason; it may be due to Type-1 mismatch or peer-link down. Also verify that the member interfaces are in the correct port channel and that the downstream device is configured for LACP or static LAG. Use 'show vpc statistics' to check for packet drops on the peer-link or keepalive. If the role is not as expected, use 'show vpc role' to see priority values; the switch with lower priority becomes primary. Role preemption can be disabled if needed. For dual-active scenarios, ensure the peer-keepalive is working and that the 'dual-active excluded VLANs' are correctly set. Finally, check 'show logging last 50' for vPC-related syslog messages.

CCNA Exam Tips

1.

Memorize the three consistency checks: Type-1 (must match), Type-2 (should match), and per-VLAN.

2.

Know that 'show vpc consistency-parameters' is key for troubleshooting suspended vPCs.

3.

Understand that vPC role is determined by priority (lower wins) or system MAC; 'show vpc role' shows details.

Common Mistakes

Forgetting to configure peer-keepalive link (separate from peer-link), causing dual-active detection failure.

Mismatching Type-1 parameters (e.g., STP mode, allowed VLANs) leading to vPC suspension.

Using the same vPC domain ID on both switches but not forming adjacency due to incorrect peer-link configuration.

Platform Notes

On Cisco NX-OS, vPC is a mature feature with specific implementation differences from Cisco IOS's Virtual Switching System (VSS) or StackWise. Unlike VSS, vPC does not merge the control planes; each switch runs independently. The 'show vpc' command is unique to NX-OS; on IOS, equivalent commands are 'show etherchannel summary' and 'show switch virtual link'. On Nexus, the peer-keepalive is mandatory and uses a separate VRF; on some older versions, it could use the management VRF by default. The 'show vpc consistency-parameters' command is critical for troubleshooting and is not present on IOS. In NX-OS, vPC supports up to 256 vPCs per domain, and the peer-link can carry up to 16 member links. Version differences: NX-OS 7.x and later introduced 'virtual peerlink' for enhanced forwarding. Always check the specific NX-OS version documentation for command syntax and behavior.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions