vpcInterface Config

vpc peer-link

Configures an interface as a Virtual Port Channel (vPC) peer-link, which is used to synchronize state and forward traffic between vPC peer switches.

Overview

The 'vpc peer-link' command is a critical configuration step in setting up a Virtual Port Channel (vPC) on Cisco Nexus switches. A vPC allows two Nexus switches to appear as a single logical device to downstream switches or servers that are dual-homed to both switches. The peer-link is the inter-switch link that carries control plane information (such as MAC address tables, ARP tables, and IGMP snooping states) as well as data traffic for orphan ports and multicast/broadcast traffic. Without a properly configured peer-link, the vPC domain cannot function.

In Cisco NX-OS, the peer-link must be a port-channel (EtherChannel) consisting of one or more physical interfaces. It is recommended to use at least two 10 Gigabit Ethernet links for redundancy and bandwidth. The peer-link is configured in interface configuration mode under the port-channel interface. Once configured, the switch will automatically use this link to exchange vPC-related information with its peer.

The peer-link is also used for the vPC keepalive mechanism, which is a separate Layer 3 link (typically a management interface or a dedicated VLAN) that monitors peer liveness. However, the keepalive is configured under the vPC domain, not on the peer-link interface.

When troubleshooting, the peer-link status is one of the first things to check. A down peer-link will cause all vPC member ports to be suspended, leading to traffic loss. Common issues include mismatched port-channel parameters (e.g., speed, duplex, allowed VLANs) or physical link failures. The 'show vpc' command provides a summary, while 'show vpc peer-link' gives detailed interface statistics.

Syntax·Interface Config
interface <interface-type> <interface-id> vpc peer-link no vpc peer-link

When to Use This Command

  • Connecting two Nexus switches in a vPC domain to form a single logical control plane for attached devices.
  • Enabling inter-switch communication for vPC member ports and orphan ports.
  • Providing a path for multicast and broadcast traffic between vPC peers.
  • Allowing the vPC peer-link to carry BPDUs, LACP, and other control plane traffic for vPC consistency.

Parameters

ParameterSyntaxDescription
interface-typeport-channelThe type of interface; must be 'port-channel' for vPC peer-link. Physical interfaces or other logical interfaces are not allowed.
interface-id<channel-number>The port-channel number (e.g., 1, 10, 100). This must match on both vPC peers for the peer-link to form.

Command Examples

Configure vPC peer-link on port-channel 1

interface port-channel 1 vpc peer-link

This command configures port-channel 1 as the vPC peer-link. No output is shown if successful; use 'show vpc' to verify.

Remove vPC peer-link configuration

interface port-channel 1 no vpc peer-link

Removes the peer-link designation from the interface. The interface will become a regular port-channel.

Understanding the Output

The 'vpc peer-link' command itself does not produce output. To verify the peer-link status, use 'show vpc' or 'show vpc peer-link'. The 'show vpc' output includes a 'vPC peer-link status' field. A healthy peer-link shows 'up' status with no errors. Problem values include 'down' (link failure), 'suspended' (incompatible configuration), or 'failed' (consistency check failure). The 'show vpc peer-link' command provides detailed information about the peer-link interface, including port-channel ID, state, and counters. Key fields: 'Peer-link status' (up/down), 'vPC keep-alive status' (up/down), and 'Configuration consistency' (success/failure). A healthy peer-link should have both statuses as 'up' and consistency as 'success'.

Configuration Scenarios

Basic vPC Peer-Link Configuration

Two Nexus 9000 switches (N9K-1 and N9K-2) are to be configured as a vPC pair. The peer-link will use port-channel 1 with two 10GE interfaces.

Topology

N9K-1 (Eth1/1, Eth1/2) <---> N9K-2 (Eth1/1, Eth1/2) | | (port-channel 1) (port-channel 1)

Steps

  1. 1.Create port-channel 1 on both switches.
  2. 2.Add physical interfaces to port-channel 1 on both switches.
  3. 3.Configure the port-channel as a trunk (allow necessary VLANs).
  4. 4.Enter interface configuration mode for port-channel 1 and issue 'vpc peer-link'.
  5. 5.Configure vPC domain and keepalive link.
Configuration
! On N9K-1
interface port-channel 1
  switchport mode trunk
  switchport trunk allowed vlan 1-100,200
  vpc peer-link
!
interface Ethernet1/1
  channel-group 1 mode active
!
interface Ethernet1/2
  channel-group 1 mode active
!
! On N9K-2 (similar configuration)
interface port-channel 1
  switchport mode trunk
  switchport trunk allowed vlan 1-100,200
  vpc peer-link
!
interface Ethernet1/1
  channel-group 1 mode active
!
interface Ethernet1/2
  channel-group 1 mode active

Verify: Use 'show vpc' to verify peer-link status is 'up' and consistency is 'success'. Use 'show vpc peer-link' for detailed interface counters.

Watch out: Ensure the port-channel is in 'mode active' (LACP) or 'mode on' (static) on both sides. Mismatched modes will prevent the peer-link from coming up.

Troubleshooting with This Command

When troubleshooting vPC peer-link issues on Cisco NX-OS, start with 'show vpc' to check the overall vPC status. If the peer-link is down, check the physical interfaces and port-channel status with 'show interface port-channel <id>' and 'show interface ethernet <id>'. Common causes: mismatched port-channel parameters (speed, duplex, VLAN allowed list), physical link failure, or LACP negotiation issues. Use 'show port-channel summary' to see if the port-channel is up. If the peer-link is up but vPC is not operational, check 'show vpc consistency-parameters' to identify mismatches in global or interface parameters. The peer-link must have identical allowed VLANs on both sides. Also verify the vPC keepalive link is working with 'show vpc keepalive'. If the peer-link flaps, check for errors on the interfaces with 'show interface counters errors'. In some cases, a software bug may cause peer-link instability; check the Cisco bug toolkit for known issues. Always ensure both switches run the same NX-OS version for compatibility.

CCNA Exam Tips

1.

Remember that the peer-link must be a port-channel (EtherChannel) and cannot be a single physical interface.

2.

The peer-link is used for both control plane and data plane traffic; ensure it has sufficient bandwidth (typically at least two 10GE links).

3.

In CCNP Data Center exams, know that the vPC peer-link must be configured on both peers with identical parameters.

Common Mistakes

Configuring vpc peer-link on a physical interface instead of a port-channel - the command will be rejected.

Forgetting to configure the peer-link on both vPC peers - the vPC domain will not form.

Using a port-channel that is also a member of a vPC - the peer-link cannot be a vPC member port.

Platform Notes

On Cisco Nexus switches, the vPC peer-link must be a port-channel; this differs from Cisco IOS where a similar concept (Virtual Switch System) uses a virtual link. In NX-OS, the peer-link is configured under the interface, while in IOS VSS, the peer-link is configured under the switch virtual interface. The 'vpc peer-link' command is specific to NX-OS and is not available on IOS. For other platforms like Arista, the equivalent is 'mlag' configuration. On Nexus 9000 and 7000 series, the peer-link supports up to 16 physical interfaces. On Nexus 3000 series, vPC is not supported. Always check the specific Nexus model for feature support.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions