Configuring Cisco StackWise Virtual
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for Cisco StackWise Virtual
- Both switches in the Cisco StackWise Virtual pair must be directly connected to each other.
- Both switches in the Cisco StackWise Virtual pair must be of the same switch model.
- Both switches in the Cisco StackWise Virtual pair must be running the same license level.
- Both switches in the Cisco StackWise Virtual pair must be running the same software version.
- Both switches in the Cisco StackWise Virtual pair must be running the same SDM template.
- All the ports used for configuring a StackWise Virtual Link (SVL) must share the same speed. For example, you cannot configure a 10G or a 40G port to form an SVL, simultaneously.
Restrictions for Cisco StackWise Virtual
Note: When you enable Cisco StackWise Virtual on the device:
- Layer 2, Layer 3, Security, Quality of Service, Multicast, Application, Monitoring and Management, Multiprotocol Label Switching, and High Availability are supported. Contact the Cisco Technical Support Centre for the specific list of features that are supported under each one of these technologies.
- Resilient Ethernet Protocol, Remote Switched Port Analyzer, and Software-Defined Access are NOT supported.
- Cisco StackWise Virtual is supported only on Cisco Catalyst 9404R and Cisco Catalyst 9407R switches.
- Cisco StackWise Virtual is supported on Cisco Catalyst 9400 Series Supervisor 1 Module (C9400-SUP-1) and Cisco Catalyst 9400 Series Supervisor 1XL Module (C9400-SUP-1XL). The feature requires a special, additional, C9400-SUP-UPG-LIC= license with Cisco Catalyst 9400 Series Supervisor 1 Module (C9400-SUP-1).
- Cisco StackWise Virtual configuration commands will be recognized only on a switch running Network Advantage license. The configuration commands will not be recognized on a Network Essentials license.
- StackWise Virtual Link (SVL) connections are established only through 10G or 40G uplink ports on the supervisor module. You cannot establish an SVL using a 10G port on one switch and a 40G port on the other switch.
- Cisco StackWise Virtual can be configured only on one supervisor module per chassis. You can install two supervisor modules in each chassis used in the Cisco StackWise Virtual solution. However, only one of the supervisor modules will be active; the other module will be powered off.
- When deploying Cisco StackWise Virtual, ensure that VLAN ID 4094 is not used anywhere on the network. All inter-chassis system control communication between stack members is carried over the reserved VLAN ID 4094 from the global range.
- Dual-active detection (DAD) and StackWise Virtual (SVL) link configuration must be performed manually and the device should be rebooted for the configuration changes to take effect.
- Fast Hello dual-active detection is supported only on supervisor module ports. Enhanced PAgP dual-active detection is supported on supervisor module ports and line cards.
- Only Cisco Transceiver Modules are supported.
- The interface VLAN MAC address that is assigned by default, can be overridden using the
mac-addresscommand. If this command is configured on a single SVI or router port that requires Layer 3 injected packets, all other SVIs or routed ports on the device also must be configured with the same first four most significant bytes (4MSB) of the MAC address. For example, if you set the MAC address of any SVI to xxxx.yyyy.zzzz, set the MAC address of all other SVIs to start with xxxx.yyyy. If Layer 3 injected packets are not used, this restriction does not apply.
Information About Cisco StackWise Virtual
Cisco StackWise Virtual on Cisco Catalyst 9400 Series Switches
Starting with Cisco IOS XE Fuji 16.9.1, Cisco StackWise Virtual is supported on Cisco Catalyst 9400 Series Switches. This section describes the Cisco StackWise Virtual features specific to Cisco Catalyst 9400 Series Switches.
- You can configure up to 8 SVLs in a Cisco StackWise Virtual solution using Cisco Catalyst 9400 Series Switches.
- Cisco StackWise Virtual links can have up to 80GE combined bandwidth per chassis, that is up to 8x10GE or 2x40GE per chassis.
- After configuring StackWise Virtual mode in a standalone chassis, the interface naming convention changes from the default 3-tuple (slot/bay/port) to 4-tuple (chassis/slot/bay/port) which includes the chassis identifier as part of the interface name. For example, Gi2/0/1 will change to Gi1/2/0/1 where the first number denotes the chassis number.
The following points explain changes to SNMP with the introduction of 4-tuple interface naming convention:
- The physical index for chassis 1 and 2 are 2 and 500 respectively.
- The physical index for the slots in chassis 1 is in the range of 1000-10000 and slots in chassis 2 is in the range of 11000-20000.
- All MIB Object Identifiers (OID) that require a slot number for query will use a physical slot index in the flat number space {1, 2, 3...20}, where slots 1-10 indicate chassis 1 and slots 11-20 indicate chassis 2.
- Use
show snmp slot-mappingcommand to display the chassis/slot mapping.
StackWise Virtual Overview
Cisco StackWise Virtual is a network system virtualization technology that pairs two switches into one virtual switch. Switches in a Cisco StackWise Virtual solution increase operational efficiency by using single control and management plane, scale system bandwidth with distributed forwarding plane, and assist in building resilient networks using the recommended network design. Cisco StackWise Virtual allows two physical switches to operate as a single logical virtual switch using a 40G or 10G Ethernet connection.
Cisco StackWise Virtual Topology
A typical network design consists of core, distribution, and access layers. The default mode of a switch is standalone. When two redundant switches are deployed in the distribution layer, the following network challenges arise:
- If VLAN IDs are reused between access layers then, it will introduce a spanning tree loop that will impact the overall performance of the network.
- Spanning tree protocols and configuration are required to protect Layer 2 network against spanning tree protocol loop, and root and bridge protocol data unit management.
- Additional protocols such as first hop redundancy protocol are required to virtualize the IP gateway function. This should align with STP root priorities for each VLAN.
- The Protocol independent multicast designated router (PIM DR) configuration should be fine-tuned to selectively build a multicast forwarding topology on a VLAN.
- The standalone distribution layer system provides protocol-driven remote failure and detection, which results in slower convergence time. Fine-tune FHRP and PIM timers for rapid fault detection and recovery process.
We recommend Cisco StackWise Virtual model for aggregation layers and collapsed aggregation and core layers. The stack can be formed over a redundant 40G or 10G fiber links to ensure that the distribution or the aggregation switches can be deployed over a large distance.
Note: STP keeps one of the ports connected to the distribution switches blocked on the access switches. As a result of this, an active link failure causes STP convergence and the network suffers from traffic loss, flooding, and a possible transient loop in the network. On the other hand, if the switches are logically merged into one switch, all the access switches might form an EtherChannel bundle with distribution switches, and a link failure within an EtherChannel would not have any impact as long as at least one member within the EtherChannel is active.
Figure 1: Typical Network Design using Cisco StackWise Virtual
[Diagram showing two domains, Domain-20 and Domain-10, each with two switches (SW1, SW2) connected by Stackwise Virtual Links (SVL). The domains are connected to Core and Distribution layers, and the Distribution layer connects to Access layer.]
Etherchannel in StackWise Virtual is capable of implementing Multi-chassis EtherChannel (MEC) across the stack members. When access layer and aggregation layer are collapsed into a single StackWise Virtual system, MEC across the different access layer domain members and across distribution and access layer switches will not be supported. MEC is designed to forward the traffic over the local link irrespective of the hash result.
Since the control plane, management plane, and data plane are integrated, the system behaves as a single switch.
The virtualization of multiple physical switches into a single logical switch is from a control and management plane perspective only. Because of the control plane being common, it may look like a single logical entity to peer switches. The data plane of the switches is distributed. Each switch is capable of forwarding over its local interfaces without involving other members. However, when a packet coming into a switch has to be forwarded over a different member's port, the forwarding context of the packet is carried over to the destination switch after ingress processing is performed in the ingress switch. Egress processing is done only in the egress switch. This provides a uniform data plane behavior to the entire switch irrespective whether of the destination port is in a local switch or in a remote switch. However, the common control plane ensures that all the switches have equivalent data plane entry for each forwarding entity.
An election mechanism elects one of the switches to be Cisco StackWise Virtual active and the other switch to be Cisco StackWise Virtual standby in terms of Control Plane functions. The active switch is responsible for all the management, bridging and routing protocols, and software data path. The standby switch is in hot standby state ready to take over the role of active, if the active switch fails over.
The following are the components of the Cisco StackWise Virtual solution:
- Stack members
- StackWise Virtual link: 10G or 40G Ethernet connections. SVL is established using the 10G or 40G interfaces on the supported switch models. However, a combination of both the interfaces is not supported.
StackWise Virtual link is the link that connects the switches over Ethernet. Typically, Cisco StackWise Virtual consists of multiple 10-G or 40-G physical links. It carries all the control and data traffic between the switching units. You can configure a StackWise Virtual link on a supported port. When a switch is powered up and the hardware is initialized, it looks for a configured StackWise Virtual link before the initialization of the control plane.
The Link Management Protocol (LMP) is activated on each link of the StackWise Virtual links as soon as the links are established. LMP ensures the integrity of SVL links and monitors and maintains the health of the links. The redundancy role of each switch is resolved by the StackWise Discovery Protocol (SDP). It ensures that the hardware and software versions are compatible to form the SVL and determines which switch becomes active or standby from a control plane perspective.
Cisco StackWise Virtual Header (SVH) is a 64-byte frame header that is prepended over all control, data, and management plane traffic that traverse over each SVL between the two stack members of the Cisco StackWise Virtual domain. The SVH-encapsulated traffic operates at OSI Layer 2 and can be recognized and processed only by Cisco StackWise Virtual-enabled switches. SVL interfaces are non-bridgeable and non-routeable, and allows non-routeable traffic over L2 or L3 network.
Cisco StackWise Virtual Redundancy
Cisco StackWise Virtual operates stateful switchover (SSO) between the active and standby switches. The following are the ways in which Cisco StackWise Virtual's redundancy model differs from that of the standalone mode:
- The Cisco StackWise Virtual active and standby switches are hosted in separate switches and use a StackWise Virtual link to exchange information.
- The active switch controls both the switches of Cisco StackWise Virtual. The active switch runs the Layer 2 and Layer 3 control protocols and manages the switching modules of both the switches.
- The Cisco StackWise Virtual active and standby switches perform data traffic forwarding.
Note: If the Cisco StackWise Virtual active switch fails, the standby switch initiates a switchover and assumes the Cisco StackWise Virtual active switch role.
SSO Redundancy
A StackWise Virtual system operates with SSO redundancy if it meets the following requirements:
- Both the switches must be running the same software version, unless they are in the process of software upgrade.
- StackWise Virtual link-related configuration in the two switches must match.
- License type must be same on both the switch models.
- Both the switch models must be in the same StackWise Virtual domain.
With SSO redundancy, the StackWise Virtual standby switch is always ready to assume control if a fault occurs on the StackWise Virtual active switch. Configuration, forwarding, and state information are synchronized from the StackWise Virtual active switch to the redundant switch at startup, and whenever changes to the StackWise Virtual active switch configuration occur. If a switchover occurs, traffic disruption is minimized.
If StackWise Virtual does not meet the requirements for SSO redundancy, it will be incapable of establishing a relationship with the peer switch. StackWise Virtual runs stateful switchover (SSO) between the StackWise Virtual active and standby switches. The StackWise Virtual determines the role of each switch during initialization.
Nonstop Forwarding
The CPU in the StackWise Virtual standby switch runs in hot standby state. StackWise Virtual uses a StackWise Virtual link to synchronize configuration data from the StackWise Virtual active switch to the StackWise Virtual standby switch. Also, protocols and features that support high availability synchronize their events and state information to the StackWise Virtual standby switch.
While implementing Nonstop Forwarding (NSF) technology in systems using SSO redundancy mode, network disruptions are minimized for campus users and applications. High availability is provided even when the control-plane processing stack-member switch is reset. During a failure of the underlying Layer 3, NSF-capable protocols perform graceful network topology resynchronization. The preset forwarding information on the redundant stack-member switch remains intact; this switch continues to forward the data in the network. This service availability significantly lowers the mean time to repair (MTTR) and increases the mean time between failure (MTBF) to achieve a high level of network availability.
Multichassis EtherChannels
Multichassis EtherChannel (MEC) is an EtherChannel bundled with physical ports having common characteristics such as speed and duplex, that are distributed across each Cisco StackWise Virtual system. A Cisco StackWise Virtual MEC can connect to any network element that supports EtherChannel (such as a host, server, router, or switch). Cisco StackWise Virtual supports up to 128 MECs deployed in Layer 2 or Layer 3 modes. EtherChannel 128 is reserved for SVL connections. Hence, the maximum available MEC count is 127.
In a Cisco StackWise Virtual system, an MEC is an EtherChannel with additional capability. A multichassis EtherChannel link reduces the amount of traffic that requires transmission across the StackWise Virtual link by populating the index port only with the ports local to the physical switch. This allows the switch to give precedence to the local ports of the multichassis EtherChannel link over those on the remote switch.
Each MEC can optionally be configured to support either Cisco PAgP, IEEE LACP, or Static ON mode. We recommend that you implement EtherChannel using Cisco PAgP or LACP with a compatible neighbor. If a remotely connected neighbor such as Cisco Wireless LAN Controller (WLC) does not support this link-bundling protocol, then a Static ON mode can be deployed. These protocols run only on the Cisco StackWise Virtual active switch.
An MEC can support up to eight physical links that can be distributed in any proportion between the Cisco StackWise Virtual active switch and the Cisco StackWise Virtual standby switch. We recommend that you distribute the MEC ports across both switches evenly.
MEC Minimum Latency Load Balancing
The StackWise Virtual environment is designed such that data forwarding always remains within the switch. The Virtual Stack always tries to forward traffic on the locally available links. This is true for both Layer 2 and Layer3 links. The primary motivation for local forwarding is to avoid unnecessarily sending data traffic over the StackWise Virtual link and thus reduce the latency (extra hop over the SVL) and congestion. The bidirectional traffic is load-shared between the two StackWise Virtual members. However, for each StackWise Virtual member, ingress and egress traffic forwarding is based on locally-attached links that are part of MEC. This local forwarding is a key concept in understanding convergence and fault conditions in a StackWise Virtual enabled campus network.
The active and standby switches support local forwarding that will individually perform the desired lookups and forward the traffic on local links to uplink neighbors. If the destination is a remote switch in the StackWise Virtual domain, ingress processing is performed on the ingress switch and then traffic is forwarded over the StackWise Virtual link to the egress switch where only egress processing is performed.
MEC Failure Scenarios
We recommend that you configure a MEC with at least one link to each switch. This configuration ensures that there is always an alternate path for data traffic in case of a switch failure.
The following sections describe issues that may arise and the resulting impact:
Single MEC Link Failure
If a link within a MEC fails (and other links in the MEC are still operational), the MEC redistributes the load among the operational links, as in a regular port.
All MEC Links to the Cisco StackWise Virtual Active Switch Fail
If all the links to the Cisco StackWise Virtual active switch fail, a MEC becomes a regular EtherChannel with operational links to the Cisco StackWise Virtual standby switch.
Data traffic that terminates on the Cisco StackWise Virtual active switch reaches the MEC by crossing a StackWise Virtual link to the Cisco StackWise Virtual standby switch. Control protocols continue to run in the Cisco StackWise Virtual active switch. Protocol messages reach the MEC by crossing a StackWise Virtual link.
All MEC Links Fail
If all the links in an MEC fail, the logical interface for the EtherChannel is set to Unavailable. Layer 2 control protocols perform the same corrective action as for a link-down event on a regular EtherChannel.
On adjacent switches, routing protocols and the Spanning Tree Protocol (STP) perform the same corrective action as for a regular EtherChannel.
Cisco StackWise Virtual Standby Switch Failure
If the Cisco StackWise Virtual standby switch fails, a MEC becomes a regular EtherChannel with operational links on the Cisco StackWise Virtual active switch. Connected peer switches detect the link failures, and adjust their load-balancing algorithms to use only the links to the StackWise Virtual active switch.
Cisco StackWise Virtual Active Switch Failure
Cisco StackWise Virtual active switch failure results in a stateful switchover (SSO). After the switchover, a MEC is operational on the new Cisco StackWise Virtual active switch. Connected peer switches detect the link failures (to the failed switch), and adjust their load-balancing algorithms to use only the links to the new Cisco StackWise Virtual active switch.
Cisco StackWise Virtual Packet Handling
In Cisco StackWise Virtual, the Cisco StackWise Virtual active switch runs the Layer 2 and Layer 3 protocols and features and manages the ports on both the switches.
Cisco StackWise Virtual uses StackWise Virtual link to communicate system and protocol information between the peer switches and to carry data traffic between the two switches.
The following sections describe packet handling in Cisco StackWise Virtual.
Traffic on a StackWise Virtual link
A StackWise Virtual link carries data traffic and in-band control traffic between two switches. All the frames that are forwarded over the StackWise Virtual link are encapsulated with a special StackWise Virtual Header (SVH). The SVH adds an overhead of 64 bytes for control and data traffic, which provides information for Cisco StackWise Virtual to forward the packet on the peer switch.
A StackWise Virtual link transports control messages between two switches. Messages include protocol messages that are processed by the Cisco StackWise Virtual active switch, but received or transmitted by interfaces on the Cisco StackWise Virtual standby switch. Control traffic also includes module programming between the Cisco StackWise Virtual active switch and the switching modules on the Cisco StackWise Virtual standby switch.
Cisco StackWise Virtual transmits data traffic over a StackWise Virtual link under the following circumstances:
- Layer 2 traffic flooded over a VLAN (even for dual-homed links).
- Packets processed by software on the Cisco StackWise Virtual active switch where the ingress interface is on the Cisco StackWise Virtual standby switch.
- The packet destination is on the peer switch, as described in the following examples:
- Traffic within a VLAN where the known destination interface is on the peer switch.
- Traffic that is replicated for a multicast group and the multicast receivers are on the peer switch.
- The known unicast destination MAC address is on the peer switch.
- The packet is a MAC notification frame destined for a port on the peer switch.
A StackWise Virtual link also transports system data, such as NetFlow export data and SNMP data, from the Cisco StackWise Virtual standby switch to the Cisco StackWise Virtual active switch.
Traffic on the StackWise Virtual link is load balanced with the same global hashing algorithms available for EtherChannels (the default algorithm is source-destination IP).
Layer 2 Protocols
The Cisco StackWise Virtual active switch runs the Layer 2 protocols (such as STP and VTP) for the switching modules on both the switches. Protocol messages that are received on the standby switch ports must traverse SVL links to reach the active switch where they are processed. Similarly, protocol messages that are transmitted from the standby switch ports originate on the active switch, and traverse the SVL links to reach the standby ports.
All the Layer 2 protocols in Cisco StackWise Virtual work similarly in standalone mode. The following sections describe the difference in behavior for some protocols in Cisco StackWise Virtual.
Spanning Tree Protocol
The Cisco StackWise Virtual active switch runs the STP. The Cisco StackWise Virtual standby switch redirects the STP BPDUs across a StackWise Virtual link to the Cisco StackWise Virtual active switch.
The STP bridge ID is commonly derived from the switch MAC address. To ensure that the bridge ID does not change after a switchover, Cisco StackWise Virtual continues to use the original switch MAC address for the STP Bridge ID.
Layer 3 Protocols
EtherChannel Control Protocols
Link Aggregation Control Protocol (LACP) and Port Aggregation Protocol (PAgP) packets contain a device identifier. Cisco StackWise Virtual defines a common device identifier for both the switches. Use either PAgP or LACP on Multi EtherChannels instead of mode ON, even if all the three modes are supported.
Note: A new PAgP enhancement has been defined for assisting with dual-active scenario detection.
Switched Port Analyzer
Switched Port Analyzer (SPAN) on StackWise Virtual link ports is not supported; SVL ports can be neither a SPAN source, nor a SPAN destination. Cisco StackWise Virtual supports all the SPAN features for non-SVL interfaces. The number of SPAN sessions that are available on Cisco StackWise Virtual matches that on a single switch running in standalone mode.
Private VLANs
Private VLANs on StackWise Virtual work the same way as in standalone mode. The only exception is that the native VLAN on isolated trunk ports must be configured explicitly.
Apart from STP, EtherChannel Control Protocols, SPAN, and private VLANs, the Dynamic Trunking Protocol (DTP), Cisco Discovery Protocol (CDP), VLAN Trunk Protocol (VTP), and Unidirectional Link Detection Protocol (UDLD) are the additional Layer 2 control-plane protocols that run over the SVL connections.
The Cisco StackWise Virtual active switch runs the Layer 3 protocols and features for the StackWise Virtual. All the Layer 3 protocol packets are sent to and processed by the Cisco StackWise Virtual active switch. Both the member switches perform hardware forwarding for ingress traffic on their interfaces. When software forwarding is required, packets are sent to the Cisco StackWise Virtual active switch for processing.
The same router MAC address assigned by the Cisco StackWise Virtual active switch is used for all the Layer 3 interfaces on both the Cisco StackWise Virtual member switches. After a switchover, the original router MAC address is still used. The router MAC address is chosen based on chassis-mac and is preserved after switchover by default. The following sections describe the Layer 3 protocols for Cisco StackWise Virtual.
IPv4 Unicast
The CPU on the Cisco StackWise Virtual active switch runs the IPv4 routing protocols and performs any required software forwarding. All the routing protocol packets received on the Cisco StackWise Virtual standby switch are redirected to the Cisco StackWise Virtual active switch across the StackWise Virtual link. The Cisco StackWise Virtual active switch generates all the routing protocol packets to be sent out over ports on either of the Cisco StackWise Virtual member switches.
Hardware forwarding is distributed across both members on Cisco StackWise Virtual. The CPU on the Cisco StackWise Virtual active switch sends Forwarding Information Base (FIB) updates to the Cisco StackWise Virtual standby switch, which in turn installs all the routes and adjacencies into hardware.
Packets intended for a local adjacency (reachable by local ports) are forwarded locally on the ingress switch. Packets intended for a remote adjacency (reachable by remote ports) must traverse the StackWise Virtual link.
IPv6
Cisco StackWise Virtual supports IPv6 unicast and multicast because it is present in the standalone system.
IPv4 Multicast
The IPv4 multicast protocols run on the Cisco StackWise Virtual active switch. Internet Group Management Protocol (IGMP) and Protocol Independent Multicast (PIM) protocol packets received on the Cisco StackWise Virtual standby switch are transmitted across a StackWise Virtual link to the Cisco StackWise Virtual active switch. The latter generates IGMP and PIM protocol packets to be sent over ports on either of the Cisco StackWise Virtual members.
The Cisco StackWise Virtual active switch synchronizes the Multicast Forwarding Information Base (MFIB) state to the Cisco StackWise Virtual standby switch. On both the member switches, all the multicast routes are loaded in the hardware, with replica expansion table (RET) entries programmed for only local, outgoing interfaces. Both the member switches are capable of performing hardware forwarding.
Note: To avoid multicast route changes as a result of a switchover, we recommend that all the links carrying multicast traffic be configured as MEC rather than Equal Cost Multipath (ECMP).
For packets traversing a StackWise Virtual link, all Layer 3 multicast replications occur on the egress switch. If there are multiple receivers on the egress switch, only one packet is replicated and forwarded over the StackWise Virtual link, and then replicated to all the local egress ports.
Software Features
Software features run only on the Cisco StackWise Virtual active switch. Incoming packets to the Cisco StackWise Virtual standby switch that require software processing are sent across a StackWise Virtual link to the Cisco StackWise Virtual active switch.
Dual-Active Detection
If the standby switch detects a complete loss of the StackWise Virtual link, it assumes the active switch has failed and will take over as the active switch. However, if the original Cisco StackWise Virtual active switch is still operational, both the switches will now be Cisco StackWise Virtual active switches. This situation is called a dual-active scenario. This scenario can have adverse effects on network stability because both the switches use the same IP addresses, SSH keys, and STP bridge IDs. Cisco StackWise Virtual detects a dual-active scenario and takes recovery action. Dual-active-detection link is the dedicated link used to mitigate this.
If a StackWise Virtual link fails, the Cisco StackWise Virtual standby switch cannot determine the state of the Cisco StackWise Virtual active switch. To ensure that switchover occurs without delay, the Cisco StackWise Virtual standby switch assumes that the Cisco StackWise Virtual active switch has failed and initiates switchover to take over the Cisco StackWise Virtual active role. The original Cisco StackWise Virtual active switch enters recovery mode and brings down all the interfaces except the StackWise Virtual link and the management interfaces.
Dual-Active-Detection Link with Fast Hello
To use the dual-active fast hello packet detection method, you must provision a direct ethernet connection between the two Cisco StackWise Virtual switches. You can dedicate up to four links for this purpose.
The two switches periodically exchange special dual-active hello messages containing information about the switch state. If all SVLs fail and a dual-active scenario occurs, each switch recognizes that there is a dual-active scenario from the peer's messages. This initiates recovery actions as described in the Recovery Actions, on page 13 section. If a switch does not receive an expected dual-active fast hello message from the peer before the timer expires, the switch assumes that the link is no longer capable of dual-active detection.
Note: Do not use the same port for SVL and DAD link.
Dual-Active Detection with enhanced PAgP
Port aggregation protocol (PAgP) is a Cisco proprietary protocol used for managing EtherChannels. If a StackWise Virtual MEC terminates on a Cisco switch, you can run PAgP protocol on the MEC. If PAgP is running on the MECs between the StackWise Virtual switch and an upstream or downstream switch, the StackWise Virtual can use PAgP to detect a dual-active scenario. The MEC must have at least one port on each switch of the StackWise Virtual setup.
Enhanced PAgP is an extension of the PAgP protocol. In virtual switch mode, ePAgP messages include a new type length value (TLV) which contains the ID of the StackWise Virtual active switch. Only switches in virtual switch mode send the new TLV.
When the StackWise Virtual standby switch detects SVL failure, it initiates SSO and becomes StackWise Virtual active. Subsequent ePAgP messages sent to the connected switch from the newly StackWise Virtual active switch contain the new StackWise Virtual active ID. The connected switch sends ePAgP messages with the new StackWise Virtual active ID to both StackWise Virtual switches.
If the formerly StackWise Virtual active switch is still operational, it detects the dual-active scenario because the StackWise Virtual active ID in the ePAgP messages changes.
Figure 2: Dual-active-detection with ePAgP
[Diagram showing two switches, SW1 (Active) and SW2 (Hot Standby), connected via SVL and a Neighbor Switch. ePAgP messages are shown flowing from Active SW1 to Neighbor Switch, and from Neighbor Switch to Hot Standby SW2 and back to Active SW1.]
Note: To avoid PAgP flaps and to ensure that dual-active detection functions as expected, the stack MAC persistent wait timer must be configured as indefinite using the command stack-mac persistent timer 0.
Recovery Actions
A Cisco StackWise Virtual active switch that detects a dual-active condition shuts down all of its non-SVL interfaces to remove itself from the network. The switch then waits in recovery mode until the SVLs have been recovered. You should physically repair the SVL failure and the recovery switch should be manually reloaded for it to be the standby switch.
Implementing Cisco StackWise Virtual
The two-node solution of Cisco StackWise Virtual is normally deployed at the aggregation layer. Two switches are connected over an SVL.
Cisco StackWise Virtual combines the two switches into a single logical switch with a large number of ports, offering a single point of management. One of the member switches is the active and works as the control and management plane, while the other one is the standby. The virtualization of multiple physical switches into a single logical switch is only from a control and management perspective. Because of the control plane being common, it may look like a single logical entity to peer switches. The data plane of the switches are converged, that is, the forwarding context of a switch might be passed to the other member switch for further processing when traffic is forwarded across the switches. However, the common control plane ensures that all the switches have equivalent data plane entry for each forwarding entity.
How to Configure Cisco StackWise Virtual
Configuring Cisco StackWise Virtual Settings
To enable StackWise Virtual, perform the following procedure:
| Procedure | Command or Action | Purpose |
|---|---|---|
| Step 1 | enableExample: Device>enable |
Enables privileged EXEC mode. • Enter your password if prompted. |
| Step 2 | configure terminalExample: Device#configure terminal |
Enters global configuration mode. |
| Step 3 | switch switch-number renumber new switch-numberExample: Device#switch 1 renumber 2 |
(Optional) Reassigns the switch number. The default switch number will be 1. The valid values for the new switch number are 1 and 2. |
| Step 4 | switch switch-number priority priority-numberExample: Device#switch 1 priority 5 |
(Optional) Assigns the priority number. The default priority number is 1. The highest priority number is 15. |
| Step 5 | configure terminalExample: Device#configure terminal |
Enters global configuration mode. |
| Step 6 | stackwise-virtualExample: Device(config)#stackwise-virtual |
Enables Cisco StackWise Virtual and enters stackwise-virtual submode. |
| Step 7 | domain idExample: Device(config-stackwise-virtual)#domain 2 |
(Optional) Specifies the Cisco StackWise Virtual domain ID. The domain ID range is from 1 to 255. The default value is one. |
| Step 8 | endExample: Device(config-stackwise-virtual)#end |
Returns to privileged EXEC mode. |
| Step 9 | show stackwise-virtualExample: Device#show stackwise-virtual |
Displays information of a particular switch in the stack. |
| Step 10 | write memoryExample: Device#write memory |
Saves the running-configuration which resides in the system RAM and updates the ROMmon variables. If you do not save the changes, the changes will no longer be part of the startup configuration when the switch reloads. Note that the configurations for stackwise-virtual and domain are saved to the running-configuration and the startup-configuration after the reload. |
| Step 11 | reloadExample: Device#reload |
Restarts the switch and forms the stack. |
Configuring Cisco StackWise Virtual Link
Note: SVL is supported on all 10G, 40G and 25G interfaces of the supported switch models. However, a combination of different interface speeds is not supported.
To configure a switch port as an SVL port, perform the following procedure:
| Procedure | Command or Action | Purpose |
|---|---|---|
| Step 1 | enableExample: Device>enable |
Enables privileged EXEC mode. • Enter your password if prompted. |
| Step 2 | configure terminalExample: Device#configure terminal |
Enters global configuration mode. |
| Step 3 | interface { TenGigabitEthernet | FortyGigabitEthernet | TwentyFiveGigE } <interface>Example: Device(config)#interface TenGigabitEthernet1/2/0/4 |
Enters ethernet interface configuration mode. |
| Step 4 | stackwise-virtual link link valueExample: Device(config-if)#stackwise-virtual link 1 |
Associates the interface with configured SVL. |
| Step 5 | endExample: Device(config-if)#end |
Returns to privileged EXEC mode. |
| Step 6 | write memoryExample: Device#write memory |
Saves the running-configuration which resides in the system RAM and updates the ROMmon variables. If you do not save the changes, the changes will no longer be part of the startup configuration when the switch reloads. Note that the configuration for stackwise-virtual link link value is saved only in the running-configuration and not the startup-configuration. |
| Step 7 | reloadExample: Device#reload |
Restarts the switch. |
Configuring StackWise Virtual Fast Hello Dual-Active-Detection Link
To configure StackWise Virtual Fast Hello DAD link, perform the following procedure. This procedure is optional.
| Procedure | Command or Action | Purpose |
|---|---|---|
| Step 1 | enableExample: Device>enable |
Enables privileged EXEC mode. • Enter your password if prompted. |
| Step 2 | configure terminalExample: Device#configure terminal |
Enters global configuration mode. |
| Step 3 | interface { TenGigabitEthernet | FortyGigabitEthernet | TwentyFiveGigE } <interface>Example: Device(config)#interface TenGigabitEthernet1/2/0/5 |
Enters ethernet interface configuration mode. |
| Step 4 | stackwise-virtual dual-active-detectionExample: Device(config-if)#stackwise-virtual dual-active-detection |
Associates the interface with StackWise Virtual dual-active-detection. Note: This command will not be visible on the device after the configuration, but will continue to function. |
| Step 5 | endExample: Device(config-if)#end |
Returns to privileged EXEC mode. |
| Step 6 | write memoryExample: Device#write memory |
Saves the running-configuration which resides in the system RAM and updates the ROMmon variables. If you do not save the changes, the changes will no longer be part of the startup configuration when the switch reloads. Note that the configuration for stackwise-virtual dual-active-detection is saved only in the running-configuration and not the startup-configuration. |
| Step 7 | reloadExample: Device#reload |
Restarts the switch and configuration takes effect. |
Enabling ePAgP Dual-Active-Detection
To enable ePAgP dual-active-detection on a switch port, perform the following procedure on. This procedure is optional.
| Procedure | Command or Action | Purpose |
|---|---|---|
| Step 1 | enableExample: Device>enable |
Enables privileged EXEC mode. • Enter your password if prompted. |
| Step 2 | configure terminalExample: Device#configure terminal |
Enters global configuration mode. |
| Step 3 | interface { TenGigabitEthernet | FortyGigabitEthernet | TwentyFiveGigE } <interface>Example: Device(config)#interface TenGigabitEthernet1/2/0/3 |
Enters ethernet interface configuration mode. |
| Step 4 | channel-group group_ID mode desirableExample: Device(config-if)#channel-group 1 mode desirable |
Enables PAgP MEC with channel-group id in the range of 1 to 128 for 10 GigabitEthernet interfaces. |
| Step 5 | exitExample: Device(config-if)#exit |
Exits interface configuration. |
| Step 6 | interface port-channel channel-group-idExample: Device(config)#interface port-channel 1 |
Selects a port channel interface to configure. |
| Step 7 | shutdownExample: Device(config-if)#shutdown |
Shuts down an interface. |
| Step 8 | exitExample: Device(config-if)#exit |
Exits interface configuration. |
| Step 9 | stackwise-virtualExample: Device(config)#stackwise-virtual |
Enters the StackWise Virtual configuration mode. |
| Step 10 | dual-active detection pagpExample: Device(config-stackwise-virtual)#dual-active detection pagp |
Enables pagp dual-active detection. This is enabled by default. |
| Step 11 | dual-active detection pagp trust channel-group channel-group idExample: Device(config-stackwise-virtual)#dual-active detection pagp trust channel-group 1 |
Enables dual-active detection trust mode on channel-group with the configured ID. |
| Step 12 | exitExample: Device(config-stackwise-virtual)#exit |
Exits the StackWise-Virtual configuration mode. |
| Step 13 | interface port-channel portchannelExample: Device(config)#interface port-channel 1 |
Configured port-channel on the switch. |
| Step 14 | no shutdownExample: Device(config-if)#no shutdown |
Enables the configured port-channel on the switch. |
| Step 15 | endExample: Device(config-if)#end |
Exits interface configuration. |
| Step 16 | write memoryExample: Device#write memory |
Saves the running-configuration which resides in the system RAM and updates the ROMmon variables. If you do not save the changes, the changes will no longer be part of the startup configuration when the switch reloads. Note that the configuration for dual-active detection pagp trust channel-group channel-group id is saved to the running-configuration and the startup-configuration after the reload. |
| Step 17 | reloadExample: Device#reload |
Restarts the switch and configuration takes effect. |
Disabling Cisco StackWise Virtual
To disable Cisco StackWise Virtual on a switch, perform the following procedure:
| Procedure | Command or Action | Purpose |
|---|---|---|
| Step 1 | enableExample: Device>enable |
Enables privileged EXEC mode. • Enter your password if prompted. |
| Step 2 | configure terminalExample: Device#configure terminal |
Enters global configuration mode. |
| Step 3 | interface { TenGigabitEthernet | FortyGigabitEthernet | TwentyFiveGigE } <interface>Example: Device(config)#interface TenGigabitEthernet1/2/0/3 |
Enters the interface configuration mode. |
| Step 4 | no stackwise-virtual dual-active-detectionExample: Device(config-if)#no stackwise-virtual dual-active-detection |
Dissociates the interface from StackWise Virtual DAD. |
| Step 5 | Repeat step Step 3, on page 20. Example: Device(config)#interface TenGigabitEthernet1/2/0/2 |
Enters the interface configuration mode. |
| Step 6 | no stackwise-virtual link linkExample: Device(config-if)#no stackwise-virtual link 1 |
Dissociates the interface from SVL. |
| Step 7 | exitExample: Device(config-if)#exit |
Exits interface configuration. |
| Step 8 | no stackwise-virtualExample: Device(config)#no stackwise-virtual |
Disables StackWise Virtual configuration. |
| Step 9 | exitExample: Device(config)#exit |
Exits the global configuration mode. |
| Step 10 | write memoryExample: Device#write memory |
Saves the running configuration. |
| Step 11 | reloadExample: Device#reload |
Restarts the switch and the configuration takes effect. |
Verifying Cisco StackWise Virtual Configuration
To verify your StackWise Virtual configuration, use the following show commands:
show stackwise-virtual switch number <1-2>show stackwise-virtual linkshow stackwise-virtual bandwidthshow stackwise-virtual neighborsshow stackwise-virtual dual-active-detectionshow stackwise-virtual dual-active-detection pagp
Additional References for StackWise Virtual
Related Documents
| Related Topic | Document Title |
|---|---|
| For complete syntax and usage information for the commands used in this chapter. | High Availability Command Reference for Catalyst 9400 Switches |
MIBS
| MIB | MIBs Link |
|---|---|
| All the supported MIBs for this release. | To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs |
Technical Assistance
| Description | Link |
|---|---|
| The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
http://www.cisco.com/support |
Feature History for Cisco StackWise Virtual
This table provides release and related information for features explained in this module. These features are available on all releases subsequent to the one they were introduced in, unless noted otherwise.
| Release | Feature | Feature Information |
|---|---|---|
| Cisco IOS XE Fuji 16.9.1 | Cisco StackWise Virtual | Cisco StackWise Virtual is a network system virtualization technology that pairs two switches into one virtual switch to simplify operational efficiency with a single control and management plane. Support for this feature was introduced only on these chassis models and supervisor modules: • Chassis Models: Catalyst 9404R Switch and Catalyst 9407R Switch. • Supervisor Modules: • Cisco Catalyst 9400 Series Supervisor 1 Module (C9400-SUP-1). The feature requires a special, additional, C9400-SUP-UPG-LIC= license with this supervisor module. • Cisco Catalyst 9400 Series Supervisor 1XL Module(C9400-SUP-1XL). |
Use Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.
Related Documents
 |
High Availability Configuration Guide for Cisco Catalyst 9400 Switches This guide provides comprehensive instructions for configuring high availability features like Nonstop Forwarding (NSF), Stateful Switchover (SSO), Graceful Insertion and Removal (GIR), and Cisco StackWise Virtual on Cisco Catalyst 9400 Series Switches running Cisco IOS XE Gibraltar 16.10.x. |
 |
Release Notes for Cisco Catalyst 9400 Series Switches, Cisco IOS XE Fuji 16.9.x This document provides release notes for Cisco Catalyst 9400 Series Switches running Cisco IOS XE Fuji 16.9.x, detailing software and hardware features, enhancements, and important notes. |
 |
High Availability Configuration Guide for Cisco Catalyst 9500 Switches This guide provides detailed instructions for configuring high availability features, including Nonstop Forwarding (NSF) with Stateful Switchover (SSO) and Cisco StackWise Virtual, on Cisco Catalyst 9500 Series Switches running Cisco IOS XE Everest 16.6.x. |
 |
Cisco FlexConnect Bonjour Deployment Guide for Cisco DNA Service A comprehensive guide detailing the deployment of Cisco DNA Service for Bonjour with Cisco FlexConnect wireless networks, enabling seamless service discovery and distribution across wired and wireless environments. |
 |
Cisco Catalyst 8000 Edge Platforms: Licenses and Throughput Configuration Guide Comprehensive guide to Cisco Catalyst 8000 Edge Platforms Family licenses, including Cisco DNA, HSECK9, UBE, CME, SRST, and detailed specifications on configuring and managing throughput, numeric and tier-based options, and licensing models. |
 |
Cisco K-12 EDU SKU Product Family: Switching and Wireless Solutions Explore the Cisco K-12 EDU SKU Product Family, featuring specialized switching and wireless solutions designed for educational institutions. This guide details product families, support matrices, SKU lists, and E-Rate eligibility. |
 |
Cisco Catalyst 9200 Series: Enterprise Network Switch Overview Explore the Cisco Catalyst 9200 Series network switches. Learn about features like high stacking bandwidth, PoE+, FRU design, and detailed configurations for enterprise and service provider networks. |
 |
Cisco Catalyst 9300 Series: Understanding and Configuring Licenses A comprehensive guide to managing licenses for Cisco Catalyst 9300 Series Switches, including Network Essentials, Network Advantage, DNA Essentials, DNA Advantage, and the HSECK9 export control key. Learn about installation, configuration, and best practices. |