VPC peer-switch & Bridge Assurance on Nexus

Hi all

I have a confusion with stp mode network and related Bridge Assurance feature on VPC

  • Loopguard is said to be impossible out of root ports.
  • Loopguard cannot detect an unidirectional port if it is from the beginning ?

This make BA interesting in legacy DC, but in VPC architecture, I have pb seeing its interest.
Bridge assurance => now BDPU will flow in both directions, this makes a kind of health check

Otherwise, once STP is in mode network on VPC peer link, my STP BPDU are now bi directionnal, what will be the exact effect ? Don't see it clearly:

=> With Bridge Assurance => BPDU are bidirectional
=> Without Bridge assurance => BPDU uni directional

From the downstream device, with peer-switch activated, it sees one switch only right
If a loop appears, STP will detect it nor it won't,

If a fiber become unidirectioanal, making some BPDU to stop flowing between pair of VPC peers, what will be exactly the consequence, peer1 will stop rx BPDU frol peer 2=> both of them are root in all situation due to peer-gateway, so no change

From downstream, it receive already BPDU from both with info saying: I am the root

So if traffic is sent from downstream switch attached to 2 VPC peers, it will be load balanced and then either switched or routed
In all situation, I don't see how Bridge Assurance will help

Another question, why do somebody say about BA activation that this means we turn STP in "fail closed" ?


Sign In or Register to comment.