show vpc
Displays the status and configuration of Virtual Port Channel (vPC) on Cisco NX-OS switches.
Overview
The 'show vpc' command is a fundamental troubleshooting and verification tool for Virtual Port Channel (vPC) technology on Cisco Nexus switches. vPC allows two switches to appear as a single logical device to a downstream device (e.g., server, switch) by bundling ports across both switches into a single port channel. This provides redundancy and increased bandwidth without relying on Spanning Tree Protocol (STP) to block redundant links. The command displays the operational state of the vPC domain, peer adjacency, keepalive status, consistency checks, and individual vPC interfaces.
On Cisco NX-OS, vPC requires a dedicated peer-link (typically a port channel) for control traffic and data forwarding, and a separate peer-keepalive link (usually a management or routed interface) for heartbeat detection. The 'show vpc' command is the first step in verifying that both switches have formed a peer adjacency, that the keepalive is functioning, and that configuration consistency is maintained. Consistency is critical: if Type-1 parameters (e.g., STP mode, VLANs, MTU) differ between peers, the vPC member ports will be suspended to prevent loops.
When troubleshooting, engineers use 'show vpc' to quickly assess the health of the vPC domain. A healthy output shows 'peer adjacency formed ok', 'peer is alive', 'success' for consistency, and all vPCs 'up'. Problems manifest as 'peer adjacency failed', 'peer is dead', 'consistency failed', or vPCs 'suspended'. The command also provides insight into role negotiation (primary/secondary), which determines which switch handles certain control-plane functions. Understanding this output is essential for CCNP Data Center certification and real-world Nexus deployments.
show vpc [brief | consistency-parameters | peer-keepalive | role | statistics | <vpc-id>]When to Use This Command
- Verify vPC peer status and domain configuration after initial setup.
- Troubleshoot vPC consistency issues causing member ports to suspend.
- Monitor vPC peer-keepalive link health and role negotiation.
- Check vPC statistics for packet drops or errors on the peer-link.
Parameters
| Parameter | Syntax | Description |
|---|---|---|
| brief | show vpc brief | Displays a condensed version of the vPC status, omitting the legend and some details. Useful for quick health checks. |
| consistency-parameters | show vpc consistency-parameters | Shows Type-1 and Type-2 consistency parameters that must match between vPC peers. Type-1 mismatches cause vPC suspension. |
| peer-keepalive | show vpc peer-keepalive | Displays detailed peer-keepalive status, including source/destination IP, VRF, and timers. Used to troubleshoot keepalive failures. |
| role | show vpc role | Shows the vPC role (primary/secondary) and the priority values. Helps understand role election and preemption. |
| statistics | show vpc statistics | Displays packet counters for vPC control and data traffic, including peer-link and keepalive statistics. Useful for detecting drops. |
| <vpc-id> | show vpc <1-4096> | Displays detailed information for a specific vPC ID, including member ports, consistency status, and VLANs. |
Command Examples
Basic vPC Status
show vpcLegend:
(*) - local vPC is down, forwarding via vPC peer-link
vPC domain id : 10
Peer status : peer adjacency formed ok
vPC keep-alive status: peer is alive
Configuration consistency status: success
Per-vlan consistency status: success
Type-2 consistency status: success
vPC role : primary
Number of vPCs configured : 2
Peer Gateway : Disabled
Dual-active excluded VLANs : -
Graceful Consistency Check : Enabled
Auto-recovery status : Disabled
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status: Timer is off.(timeout = 10s)
Operational Layer3 Peer-router: Disabled
Virtual-peerlink mode: Disabled
vPC Peer-link status
---------------------------------------------------------------------
id Port Status Active vlans
-- ---- ------ --------------------------------------------------
1 Po100 up 1,10,20,30,100
vPC status
---------------------------------------------------------------------
Id Port Status Consistency Reason Active vlans
-- ------------ ------ ----------- ------ ---------------
20 Eth1/1 up success success 1,10,20,30,100
30 Eth1/2 up success success 1,10,20,30,100The output shows vPC domain 10, peer adjacency formed, keepalive alive, consistency success, role primary. Two vPCs configured (20 and 30) are up with active VLANs listed. Peer-link is Po100 up.
vPC Brief Summary
show vpc briefvPC domain id : 10 Peer status : peer adjacency formed ok vPC keep-alive status: peer is alive Configuration consistency status: success vPC role : primary Number of vPCs configured : 2 Peer Gateway : Disabled Dual-active excluded VLANs : - vPC Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ -------------------------------------------------- 1 Po100 up 1,10,20,30,100 vPC status --------------------------------------------------------------------- Id Port Status Consistency Reason Active vlans -- ------------ ------ ----------- ------ --------------- 20 Eth1/1 up success success 1,10,20,30,100 30 Eth1/2 up success success 1,10,20,30,100
Brief output omits legend and some details but shows key status fields: domain, peer, keepalive, consistency, role, and vPC list.
vPC Consistency Parameters
show vpc consistency-parametersvPC consistency parameters for domain 10 Type 1 parameters: STP Mode: Rapid-PVST STP Disabled: None STP Port Type: Normal STP Port Guard: None STP BPDU Filter: None STP BPDU Guard: None STP Loop Guard: None STP Root Guard: None Allowed VLANs: 1,10,20,30,100 Native VLAN: 1 MTU: 1500 Admin Duplex: Auto Admin Speed: Auto Flow Control: Receive Off, Send Off LACP Mode: Active LACP Rate: Normal LACP Port Priority: 32768 LACP System Priority: 32768 LACP Suspended Individual: Disabled Port Mode: Trunk Spanning Tree Port Type: Normal Spanning Tree Port Guard: None Spanning Tree BPDU Filter: None Spanning Tree BPDU Guard: None Spanning Tree Loop Guard: None Spanning Tree Root Guard: None Storm Control Broadcast: Disabled Storm Control Multicast: Disabled Storm Control Unicast: Disabled VLAN Trunking: Enabled Type 2 parameters: Allowed VLANs: 1,10,20,30,100 Native VLAN: 1 MTU: 1500 Admin Duplex: Auto Admin Speed: Auto Flow Control: Receive Off, Send Off Port Mode: Trunk Storm Control Broadcast: Disabled Storm Control Multicast: Disabled Storm Control Unicast: Disabled VLAN Trunking: Enabled
Lists Type-1 and Type-2 consistency parameters. Type-1 must match exactly; Type-2 can differ but may cause issues. Shows STP, VLAN, MTU, LACP settings.
Understanding the Output
The 'show vpc' command output is divided into several sections. The first section shows global vPC domain parameters: domain ID, peer status (should be 'peer adjacency formed ok'), keepalive status ('peer is alive'), consistency status ('success'), and role ('primary' or 'secondary'). The 'Number of vPCs configured' indicates how many vPC port channels are defined. 'Peer Gateway' and 'Dual-active excluded VLANs' are configuration options. The second section lists the peer-link status: ID, port channel interface, status (up/down), and active VLANs. The peer-link must be up for vPC to function. The third section lists each configured vPC: ID, member port, status (up/down), consistency status (success/failed), reason if failed, and active VLANs. A healthy vPC shows 'up' and 'success'. Common problems include 'suspended' due to consistency failures or peer-link down. Additional fields like 'Delay-restore status' and 'Auto-recovery' help with convergence tuning. The legend indicates that a local vPC down but forwarding via peer-link is marked with an asterisk.
Configuration Scenarios
Basic vPC Setup with Two Member Ports
Two Nexus switches (Nexus-A and Nexus-B) form a vPC domain to connect to a downstream server with dual-homed NICs.
Topology
+----------+ +----------+
| Nexus-A |----------| Nexus-B |
| (primary)| peer-link |(secondary)|
+----+-----+ +----+-----+
| |
| Eth1/1 | Eth1/1
+---------------------+
|
[Server]
(vPC member ports)Steps
- 1.Configure vPC domain on both switches with same domain ID.
- 2.Create peer-link port channel (e.g., Po100) using two physical links.
- 3.Configure peer-keepalive link (e.g., management interface) with source/destination IP.
- 4.Create vPC port channel (e.g., Po10) with member interfaces Eth1/1 on both switches.
- 5.Verify with 'show vpc'.
! Nexus-A vpc domain 10 role priority 100 peer-keepalive destination 10.0.0.2 source 10.0.0.1 vrf management delay-restore 30 peer-gateway interface port-channel100 switchport mode trunk spanning-tree port type network vpc peer-link interface Ethernet1/1-2 channel-group 100 mode active interface port-channel10 switchport mode trunk vpc 10 interface Ethernet1/1 channel-group 10 mode active ! Nexus-B vpc domain 10 role priority 200 peer-keepalive destination 10.0.0.1 source 10.0.0.2 vrf management interface port-channel100 switchport mode trunk spanning-tree port type network vpc peer-link interface Ethernet1/1-2 channel-group 100 mode active interface port-channel10 switchport mode trunk vpc 10 interface Ethernet1/1 channel-group 10 mode active
Verify: Run 'show vpc' on both switches. Verify peer status 'ok', keepalive 'alive', consistency 'success', vPC 10 'up'.
Watch out: Ensure peer-keepalive uses a separate VRF (e.g., management) and not the same as peer-link to avoid routing loops.
Troubleshooting with This Command
When troubleshooting vPC issues on Cisco NX-OS, start with 'show vpc' to assess the overall health. If peer status is not 'peer adjacency formed ok', check the peer-link: ensure the port channel is up, both sides have the same vPC domain ID, and the peer-link is configured with 'vpc peer-link'. Use 'show port-channel summary' to verify the peer-link port channel is up. If keepalive shows 'peer is dead', verify IP connectivity between the keepalive source and destination, check VRF configuration, and ensure UDP port 3200 is not blocked. If consistency status shows 'failed', use 'show vpc consistency-parameters' to identify mismatched Type-1 parameters. Common mismatches include STP mode, allowed VLANs, native VLAN, MTU, and LACP settings. Correct the mismatch on one switch to match the other. If individual vPCs are 'suspended', check the consistency reason; it may be due to Type-1 mismatch or peer-link down. Also verify that the member interfaces are in the correct port channel and that the downstream device is configured for LACP or static LAG. Use 'show vpc statistics' to check for packet drops on the peer-link or keepalive. If the role is not as expected, use 'show vpc role' to see priority values; the switch with lower priority becomes primary. Role preemption can be disabled if needed. For dual-active scenarios, ensure the peer-keepalive is working and that the 'dual-active excluded VLANs' are correctly set. Finally, check 'show logging last 50' for vPC-related syslog messages.
CCNA Exam Tips
Memorize the three consistency checks: Type-1 (must match), Type-2 (should match), and per-VLAN.
Know that 'show vpc consistency-parameters' is key for troubleshooting suspended vPCs.
Understand that vPC role is determined by priority (lower wins) or system MAC; 'show vpc role' shows details.
Common Mistakes
Forgetting to configure peer-keepalive link (separate from peer-link), causing dual-active detection failure.
Mismatching Type-1 parameters (e.g., STP mode, allowed VLANs) leading to vPC suspension.
Using the same vPC domain ID on both switches but not forming adjacency due to incorrect peer-link configuration.
Platform Notes
On Cisco NX-OS, vPC is a mature feature with specific implementation differences from Cisco IOS's Virtual Switching System (VSS) or StackWise. Unlike VSS, vPC does not merge the control planes; each switch runs independently. The 'show vpc' command is unique to NX-OS; on IOS, equivalent commands are 'show etherchannel summary' and 'show switch virtual link'. On Nexus, the peer-keepalive is mandatory and uses a separate VRF; on some older versions, it could use the management VRF by default. The 'show vpc consistency-parameters' command is critical for troubleshooting and is not present on IOS. In NX-OS, vPC supports up to 256 vPCs per domain, and the peer-link can carry up to 16 member links. Version differences: NX-OS 7.x and later introduced 'virtual peerlink' for enhanced forwarding. Always check the specific NX-OS version documentation for command syntax and behavior.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions