vpc peer-link
Configures an interface as a Virtual Port Channel (vPC) peer-link, which is used to synchronize state and forward traffic between vPC peer switches.
Overview
The 'vpc peer-link' command is a critical configuration step in setting up a Virtual Port Channel (vPC) on Cisco Nexus switches. A vPC allows two Nexus switches to appear as a single logical device to downstream switches or servers that are dual-homed to both switches. The peer-link is the inter-switch link that carries control plane information (such as MAC address tables, ARP tables, and IGMP snooping states) as well as data traffic for orphan ports and multicast/broadcast traffic. Without a properly configured peer-link, the vPC domain cannot function.
In Cisco NX-OS, the peer-link must be a port-channel (EtherChannel) consisting of one or more physical interfaces. It is recommended to use at least two 10 Gigabit Ethernet links for redundancy and bandwidth. The peer-link is configured in interface configuration mode under the port-channel interface. Once configured, the switch will automatically use this link to exchange vPC-related information with its peer.
The peer-link is also used for the vPC keepalive mechanism, which is a separate Layer 3 link (typically a management interface or a dedicated VLAN) that monitors peer liveness. However, the keepalive is configured under the vPC domain, not on the peer-link interface.
When troubleshooting, the peer-link status is one of the first things to check. A down peer-link will cause all vPC member ports to be suspended, leading to traffic loss. Common issues include mismatched port-channel parameters (e.g., speed, duplex, allowed VLANs) or physical link failures. The 'show vpc' command provides a summary, while 'show vpc peer-link' gives detailed interface statistics.
interface <interface-type> <interface-id>
vpc peer-link
no vpc peer-linkWhen to Use This Command
- Connecting two Nexus switches in a vPC domain to form a single logical control plane for attached devices.
- Enabling inter-switch communication for vPC member ports and orphan ports.
- Providing a path for multicast and broadcast traffic between vPC peers.
- Allowing the vPC peer-link to carry BPDUs, LACP, and other control plane traffic for vPC consistency.
Parameters
| Parameter | Syntax | Description |
|---|---|---|
| interface-type | port-channel | The type of interface; must be 'port-channel' for vPC peer-link. Physical interfaces or other logical interfaces are not allowed. |
| interface-id | <channel-number> | The port-channel number (e.g., 1, 10, 100). This must match on both vPC peers for the peer-link to form. |
Command Examples
Configure vPC peer-link on port-channel 1
interface port-channel 1
vpc peer-linkThis command configures port-channel 1 as the vPC peer-link. No output is shown if successful; use 'show vpc' to verify.
Remove vPC peer-link configuration
interface port-channel 1
no vpc peer-linkRemoves the peer-link designation from the interface. The interface will become a regular port-channel.
Understanding the Output
The 'vpc peer-link' command itself does not produce output. To verify the peer-link status, use 'show vpc' or 'show vpc peer-link'. The 'show vpc' output includes a 'vPC peer-link status' field. A healthy peer-link shows 'up' status with no errors. Problem values include 'down' (link failure), 'suspended' (incompatible configuration), or 'failed' (consistency check failure). The 'show vpc peer-link' command provides detailed information about the peer-link interface, including port-channel ID, state, and counters. Key fields: 'Peer-link status' (up/down), 'vPC keep-alive status' (up/down), and 'Configuration consistency' (success/failure). A healthy peer-link should have both statuses as 'up' and consistency as 'success'.
Configuration Scenarios
Basic vPC Peer-Link Configuration
Two Nexus 9000 switches (N9K-1 and N9K-2) are to be configured as a vPC pair. The peer-link will use port-channel 1 with two 10GE interfaces.
Topology
N9K-1 (Eth1/1, Eth1/2) <---> N9K-2 (Eth1/1, Eth1/2)
| |
(port-channel 1) (port-channel 1)Steps
- 1.Create port-channel 1 on both switches.
- 2.Add physical interfaces to port-channel 1 on both switches.
- 3.Configure the port-channel as a trunk (allow necessary VLANs).
- 4.Enter interface configuration mode for port-channel 1 and issue 'vpc peer-link'.
- 5.Configure vPC domain and keepalive link.
! On N9K-1 interface port-channel 1 switchport mode trunk switchport trunk allowed vlan 1-100,200 vpc peer-link ! interface Ethernet1/1 channel-group 1 mode active ! interface Ethernet1/2 channel-group 1 mode active ! ! On N9K-2 (similar configuration) interface port-channel 1 switchport mode trunk switchport trunk allowed vlan 1-100,200 vpc peer-link ! interface Ethernet1/1 channel-group 1 mode active ! interface Ethernet1/2 channel-group 1 mode active
Verify: Use 'show vpc' to verify peer-link status is 'up' and consistency is 'success'. Use 'show vpc peer-link' for detailed interface counters.
Watch out: Ensure the port-channel is in 'mode active' (LACP) or 'mode on' (static) on both sides. Mismatched modes will prevent the peer-link from coming up.
Troubleshooting with This Command
When troubleshooting vPC peer-link issues on Cisco NX-OS, start with 'show vpc' to check the overall vPC status. If the peer-link is down, check the physical interfaces and port-channel status with 'show interface port-channel <id>' and 'show interface ethernet <id>'. Common causes: mismatched port-channel parameters (speed, duplex, VLAN allowed list), physical link failure, or LACP negotiation issues. Use 'show port-channel summary' to see if the port-channel is up. If the peer-link is up but vPC is not operational, check 'show vpc consistency-parameters' to identify mismatches in global or interface parameters. The peer-link must have identical allowed VLANs on both sides. Also verify the vPC keepalive link is working with 'show vpc keepalive'. If the peer-link flaps, check for errors on the interfaces with 'show interface counters errors'. In some cases, a software bug may cause peer-link instability; check the Cisco bug toolkit for known issues. Always ensure both switches run the same NX-OS version for compatibility.
CCNA Exam Tips
Remember that the peer-link must be a port-channel (EtherChannel) and cannot be a single physical interface.
The peer-link is used for both control plane and data plane traffic; ensure it has sufficient bandwidth (typically at least two 10GE links).
In CCNP Data Center exams, know that the vPC peer-link must be configured on both peers with identical parameters.
Common Mistakes
Configuring vpc peer-link on a physical interface instead of a port-channel - the command will be rejected.
Forgetting to configure the peer-link on both vPC peers - the vPC domain will not form.
Using a port-channel that is also a member of a vPC - the peer-link cannot be a vPC member port.
Platform Notes
On Cisco Nexus switches, the vPC peer-link must be a port-channel; this differs from Cisco IOS where a similar concept (Virtual Switch System) uses a virtual link. In NX-OS, the peer-link is configured under the interface, while in IOS VSS, the peer-link is configured under the switch virtual interface. The 'vpc peer-link' command is specific to NX-OS and is not available on IOS. For other platforms like Arista, the equivalent is 'mlag' configuration. On Nexus 9000 and 7000 series, the peer-link supports up to 16 physical interfaces. On Nexus 3000 series, vPC is not supported. Always check the specific Nexus model for feature support.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions