Understand VPC in different Nexus platform

VPC loop prevention:

N7K

• vPC will not allow traffic that was RECEIVED over a VPC peer-link to be sent out a vPC member port

This means any traffic from peer-link will not be sent out a VPC member port, doesn't matter it is from the same port channel or not. 

For example traffic from vpc member 1 on switch 1 with switch 2 's mac as destination mac address. The traffic will send across peer link and then switch 2 will do the routing. If the traffic needs to go out the vpc member 2 on switch, the traffic will be drop even it is different vpc member. 

Because VPC supports to use local VPC member to forwarding the traffic either L2 bridging or L3 routing. 

http://www.ccierants.com/2012/03/vpc-gotchas-you-need-to-know.html



N5K

http://www.cisco.com/c/en/us/support/docs/switches/nexus-5000-series-switches/115900-l2mp-vpc-switch-00.html

This link provides details of the packet flow between peer link using fabricpath and how loop avoidance works in the new 5500.  



Commands

peer-switch:

When peer-switch is enabled, each Nexus 7000 switch shares a virtual bridge ID, which allows both switches to act as root for the VLAN.

http://www.cisco.com/c/en/us/support/docs/routers/7000-series-routers/116140-config-nexus-peer-00.html

peer-gateway: 

you can use the peer-gateway command to allow Cisco Nexus 5500 Platform switches to perform Layer 3 forwarding if the destination MAC of the incoming packet is the MAC of its vPC peer switch. The peer-gateway command avoids forwarding such packets to the vPC peer link. 

You must configure the peer-gateway command on both vPC peer switches.

Fiber SFP Gigabit Ethernet

Most of the vendors won't allow auto-negotiation. If there is mismatch, the Interface will become down/down.

Cisco Switch (C4900)
For fiber Gigabit Ethernet interfaces, the default is no speed nonegotiate, which sets the speed to 1000 Mbps and enables link negotiation for flow-control parameters and remote fault information. The speed nonegotiatecommand disables link negotiation.

Router:

no negotiation auto

show interface

Full Duplex, 1000Mbps, link type is force-up, media type is LX  (when nonegotiate)

Full Duplex, 1000Mbps, link type is auto, media type is LX  (when auto negotiate)

EIGRP Redistribution

EIGRP redistribution

There is no default metric for EIGRP so you need to manually configure metric when you redistribute routes from other routing protocol. But there are some exceptions:

1. Static route using next hop
          EIGRP will redistribute the static route using the exiting (next hop) interface's metric

2. IGRP
          If they have the same AS number, it will automatically redistribute between each other. Otherwise you need to manually configure but not need to configure metric.

3. Static route using interface
          You can use network statement (EIGRP internal route) or redistribute static (EIGRP external route) to advertise the route.

G.729/G.729a

G.729 and G.729a are compatible. The only difference is on the encode site. In RTP stream, both G.729/G.729a use the same payload type(15).


The following is from the IEEE.

This article describes the ITU-T Recommendation G.729 Annex A
(G.729A) for encoding speech signals at 8 kb/s with low complexity. G.729A
is the standard speech coding algorithm for multimedia digital simultaneous
voice and data (DSVD). G.729A is bitstream interoperable with G.729; that
is, speech coded with G.729A can be decoded with G.729, and vice versa. OF CLIP>

DSP resource

Normally we refer one DSP as PVDM2-16 which has 16 channel. So PVDM2-64 have four DSPs onboard.

Trancode can share DSP with voice channel. Conference will use dedicated/whole DSP even you just need fewer session.

1. One DSP has 240 flex credits.
2. Low complexity voice or transcoder uses 15 credits. This is for G.711.
3. Medium complexity voice or transcoder uses 30 credits. This is for G.729a.
4. High complexity voice or transcoder uses 40 credits. This is for G.729.


Here we can calculator how many transcoders one DSP can support.
1. 6 sessions for G.729
2. 8 sessions for G.729a.
3. 2 session for conference with 8 conferees each for G.729/G.729a. Total 16 conferees.
4. 8 session for conference with 8 conferees each for G.711. Total 64 conferees.
5. 16 G.711 voice channels.
6. 8 G.729a voice channels.
7. 6 G.729 voice channels.

Another thing interesting is:
1. For remote branch, PSTN comes in and send to Unity which is G.729a and use 30 credits. Then the call will be forward to local branch, but the Cisco GW still allocated 30 instead of 15 credits.

CUCM call recording

To enable call recording in CUCM,

1) Enable Built-in-bridge on the phone setting.
2) Enable Call monitoring on the DN. There are two configuration, one is "Recording Option", the other is "Recording Profile".

When you set "Recording option" to "Automatic Call Recording Enabled", when the RTP stream is estabilished, the codec will be locked which will cause some issues.

Let's look at a sample, agent A and B are on the same location. User from remote branched call agent A and this is a G729 call. Then agent A transferred the call to agent B using consultative transfer which will create a G722 RTP. Note that right now agent B is locked to G722. But based on the region setting, it should use G729 between the user and agent B. So when agent A hit transfer again, the call will be disconnected.

Here is the solution:
1. Disable G722 option for call recording DNs.
2. Setup Transcoder per branch which will have call recording enabled.

Finally I became a CCIE.

I passed my R&S CCIE on Sept 25, 2009 at RTP. What a relief!! Now I am starting my voice CCIE.

Cat QoS

3550 support both inbound and outbound policy. 3560 only support inbound policy.

1. 3550 per-port per-vlan policy
class-map match-any dscp-class
match ip dscp af31
!
class-map match-all vlan-class
match vlan 5 10-30 40
match class-map dscp-class
!
policy-map vlan-dscp
class-map vlan-class
set dscp CS3
police 128000 8000 exceed-action drop
!
inter fa 1/13
service-policy input vlan-dscp


2. 3560 SVI by using hierarchical policy maps
!
! Any non-IP traffic
!
mac access-list extended MAC_ANY
permit any any 0x0 0xFFFF

!
! Any IP traffic
!
ip access-list extended IP_ANY
permit ip any any

!
! Class for any non-IP traffic
!
class-map MAC_ANY
match access-group name MAC_ANY

!
! Class for any IP traffic
!
class-map IP_ANY
match access-group name IP_ANY

!
! Class to match the port connected to R1
!
class-map PORT_R1
match input-interface FastEthernet 0/1

!
! Class to match the port connected to R3
!
class-map PORT_R3
match input-interface FastEthernet 0/3

!
! Inteface-level policy-maps, limit rate per-port (R1 & R3)
!
policy-map PORT_R1
class PORT_R1
police 64000 8000

!
policy-map PORT_R3
class PORT_R3
police 512000 64000

!
! VLAN policy-map; two levels
!
policy-map VLAN_POLICY
class IP_ANY
set dscp 24
service-policy PORT_R1
class MAC_ANY
set dscp ef
service-policy PORT_R3
!
! Attach a switch-wide VLAN policy
!
interface VLAN 1
service-policy input VLAN_POLICY
!
! Enabe VLAN based-QoS on some ports
!
interface range FastEthernet 0/1, FastEthernet 0/3
mls qos vlan-based

Route-map for Redistribution

1. match ip next-hop prefix-list is not supported in redistribution route-map.
So it is better to use ACL whenever is possible in route-map when doing redistribution.