vpc domain [id]
Enters VPC domain configuration mode and creates or modifies a Virtual Port Channel domain with a specified ID.
Overview
The 'vpc domain [id]' command is the entry point for configuring Virtual Port Channel (VPC) on Cisco Nexus switches. VPC allows link aggregation across two separate physical switches, presenting them as a single logical switch to downstream devices. This technology is critical for high-availability designs in data center networks, enabling redundant uplinks without spanning tree blocking. On NX-OS, VPC requires a dedicated peer-link (a port-channel between the two switches) and a peer-keepalive link (typically over the management network) to detect dual-active scenarios. The domain ID is a numeric identifier (1-1000) that must match on both peers. Once in VPC domain configuration mode, you can set parameters like role priority (determines primary/backup), system priority (used in LACP), and enable features like peer gateway or layer3 routing. This command is used during initial VPC setup, modifications, or troubleshooting. In troubleshooting workflows, entering the domain context allows you to issue 'show' commands specific to that domain, such as 'show vpc consistency-parameters' to verify that both peers have matching configurations. Without this command, VPC cannot be configured, making it a foundational step in any VPC deployment.
vpc domain [id]When to Use This Command
- Configuring a new VPC domain on a pair of Nexus switches to enable multi-chassis link aggregation.
- Modifying VPC parameters such as peer keepalive, role priority, or system priority within an existing domain.
- Troubleshooting VPC operational state by entering the domain context to issue show commands.
- Decommissioning a VPC domain by removing it after migrating traffic to other links.
Parameters
| Parameter | Syntax | Description |
|---|---|---|
| id | 1-1000 | The VPC domain identifier. Must be unique per pair of VPC peer switches and must match on both peers. Range is from 1 to 1000. |
Command Examples
Create VPC domain 100
switch(config)# vpc domain 100switch(config-vpc-domain)#
Enters VPC domain configuration mode for domain ID 100. The prompt changes to indicate VPC domain configuration context.
Configure VPC peer keepalive
switch(config-vpc-domain)# peer-keepalive destination 10.1.1.2 source 10.1.1.1 vrf managementswitch(config-vpc-domain)#
Configures the peer keepalive link between VPC peers using management VRF. The destination is the peer's management IP, source is local management IP.
Understanding the Output
The command itself does not produce output; it changes the CLI context. The prompt changes to 'switch(config-vpc-domain)#' indicating you are now in VPC domain configuration mode. From here, you can configure VPC parameters like role priority, system priority, peer gateway, and peer keepalive. To verify the VPC domain configuration, use 'show vpc' or 'show vpc brief'. The 'show vpc' output displays the domain ID, role (primary/secondary), system priority, peer keepalive status, and consistency parameters. Healthy values include 'peer-keepalive status: up', 'vPC status: up', and consistent type-1 and type-2 parameters. Problem values include 'peer-keepalive status: down', 'vPC status: down', or 'consistency: failed'.
Configuration Scenarios
Basic VPC Domain Setup
Two Nexus 9000 switches acting as VPC peers for a pair of access switches.
Topology
+----------+ +----------+
| N9K-1 |----------| N9K-2 |
+----------+ +----------+
| |
+-----[vPC]----------+
| |
+----------+ +----------+
| Access-1 | | Access-2 |
+----------+ +----------+Steps
- 1.Configure VPC domain on both switches with the same ID.
- 2.Configure peer keepalive link between management interfaces.
- 3.Create peer-link port-channel (e.g., port-channel 10) and configure it as VPC peer-link.
- 4.Create downstream port-channels and associate them with VPC.
! On N9K-1 vpc domain 100 role priority 10 peer-keepalive destination 10.1.1.2 source 10.1.1.1 vrf management system-priority 32676 ! On N9K-2 vpc domain 100 role priority 20 peer-keepalive destination 10.1.1.1 source 10.1.1.2 vrf management system-priority 32676
Verify: Use 'show vpc brief' to verify VPC status is 'up' and role is primary/backup. Use 'show vpc peer-keepalive' to check keepalive status.
Watch out: The peer keepalive must use a separate VRF (typically management) and must be reachable via that VRF. Do not use the same link as the peer-link.
Troubleshooting with This Command
When troubleshooting VPC issues, the first step is to verify that both switches are in the same VPC domain and that the domain is configured. Use 'show vpc' to see the domain ID, role, and status. If VPC is down, check peer keepalive with 'show vpc peer-keepalive'. Common issues include mismatched domain IDs, unreachable peer keepalive destinations, or inconsistent VPC parameters. The 'show vpc consistency-parameters' command is invaluable for identifying mismatches in type-1 (must match) and type-2 (should match) parameters. For example, if one switch has a different STP mode or MTU, VPC will not form. Also, ensure that the peer-link port-channel is configured as 'vpc peer-link' and that all member interfaces are up. If the peer-link goes down, VPC will suspend all VPC member ports to avoid loops. In NX-OS, the 'vpc domain' command also allows you to configure 'auto-recovery' to automatically bring up VPC after a peer failure. Use 'show vpc statistics' to see packet counts and errors. Always check system logs for VPC-related messages. If VPC is flapping, verify that the peer keepalive is stable and that there are no Layer 2 loops. For dual-active scenarios, the keepalive failure triggers the secondary switch to disable its VPC member ports. To recover, fix the keepalive link and issue 'vpc domain [id]' then 'no vpc dual-active' if needed.
CCNA Exam Tips
Remember that VPC domain ID must match on both peers and must be unique per pair of switches.
The 'vpc domain' command is the first step in VPC configuration; without it, no VPC can be created.
CCNP exam may ask about the maximum number of VPC domains (typically 1 per pair of Nexus switches).
Common Mistakes
Using the same VPC domain ID on multiple pairs of switches (domain ID must be unique per pair).
Forgetting to configure peer keepalive after entering VPC domain mode, causing VPC to not form.
Attempting to configure VPC without first entering 'vpc domain' mode, resulting in command rejection.
Platform Notes
On Cisco NX-OS, the 'vpc domain' command is available on Nexus 3000, 5000, 6000, 7000, and 9000 series switches. On older Nexus 1000v, VPC is not supported. The command syntax is consistent across platforms, but some parameters may vary (e.g., 'peer-gateway' is available on Nexus 7000/9000 but not on 5000). On Cisco IOS (e.g., Catalyst 6500 with VSS), the equivalent is 'switch virtual domain' for Virtual Switching System. On Arista, the equivalent is 'port-channel load-balance' and 'mlag configuration' with 'domain-id'. On Juniper, it's 'chassis cluster' for MC-LAG. NX-OS VPC supports up to 16 VPC member ports per VPC, and the domain ID range is 1-1000. Note that VPC requires a dedicated peer-link and peer-keepalive; the peer-link must be a port-channel with at least one interface. In NX-OS version 6.x and later, VPC supports Layer 3 routing over the peer-link with 'peer-gateway' and 'layer3 peer-router' features. Always ensure both peers run the same NX-OS version to avoid compatibility issues.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions