Configuring StackWise Virtual on Cisco Catalyst 9000 Switches

Posted on by

Unlock Ultimate Network Resiliency: Your Deep Dive into StackWise Virtual

In today’s hyper-connected world, network downtime isn’t just an inconvenience; it’s a critical business failure. Every second of an outage can translate to lost revenue, decreased productivity, and a damaged reputation. This is why network architects are constantly seeking robust, resilient, and simplified solutions. Enter Cisco StackWise Virtual.

If you’re managing a campus core, a distribution layer, or a data center environment with Cisco Catalyst 9000 series switches, StackWise Virtual (SVL) is a technology you absolutely need to master. It moves beyond traditional stacking, offering a revolutionary way to merge two physical switches into a single, logical powerhouse.

This comprehensive guide is more than just a configuration walkthrough. It’s a deep dive into the architecture, best practices, and real-world applications of StackWise Virtual. We will cover everything from the foundational concepts to advanced troubleshooting, ensuring you have the knowledge to design, deploy, and maintain a highly available network with confidence.

What is StackWise Virtual? A Paradigm Shift from Traditional Stacking

At its core, StackWise Virtual is a network virtualization technology that allows you to pool two compatible Cisco Catalyst 9000 switches into a single logical switch. This isn’t just about sharing a management IP; it’s about creating a unified control plane and data plane. The entire system behaves as one entity, presenting a single point of management, configuration, and troubleshooting.

Imagine two separate, highly capable switches. Now, imagine them fusing their resources, their intelligence, and their forwarding capacity into one seamless unit. That’s the power of SVL. This logical switch has a single configuration file, a single IP address for management, and appears as a single bridge to neighboring devices.

Key Takeaway: StackWise Virtual transforms two switches into one logical entity, dramatically simplifying network architecture while maximizing availability and performance.

This approach fundamentally differs from traditional stacking, which relies on proprietary backplane stacking cables (like StackWise-480 or StackWise-1T) and is typically limited to switches in the same physical rack due to cable length constraints. SVL, on the other hand, uses standard 10G, 25G, 40G, or 100G Ethernet interfaces, allowing the two chassis to be physically separated across different racks, rooms, or even buildings for enhanced disaster resiliency.

The ‘Why’: Unpacking the Core Benefits of StackWise Virtual

Deploying SVL isn’t just a technical exercise; it’s a strategic decision that delivers tangible business and operational benefits.

1. Unparalleled High Availability & Redundancy

This is the primary driver for adopting SVL. The system operates with one switch designated as ‘Active’ and the other as ‘Standby’. The Active switch manages all control plane functions, while both switches actively forward data traffic. Thanks to Stateful Switchover (SSO), the Standby switch is constantly synchronized with the Active switch. If the Active switch fails, the Standby takes over in milliseconds, ensuring a seamless transition with no disruption to network services. This sub-second failover is critical for voice, video, and other mission-critical applications.

2. Simplified Network Management and Operations

Managing two redundant core switches traditionally means double the work: two configurations to maintain, two devices to monitor, and complex first-hop redundancy protocols (like HSRP, VRRP, or GLBP) to configure. SVL eliminates this complexity. You have:

  • A Single Management Plane: Connect to one IP address to manage the entire system.
  • A Single Configuration File: A change made on the Active switch is automatically synchronized to the Standby. No more configuration drift.
  • Elimination of FHRPs: Since the SVL pair acts as a single logical default gateway, complex protocols like HSRP are no longer needed, simplifying the overall network design.

3. Increased Bandwidth and Performance

By leveraging Multi-Chassis EtherChannel (MEC), you can create port channels that terminate on both physical chassis of the SVL pair. This allows downstream devices (like access switches or servers) to utilize the full aggregated bandwidth of uplinks to both switches. Since both SVL members are actively forwarding traffic, you effectively double your available uplink bandwidth. Furthermore, MEC provides a loop-free Layer 2 topology, eliminating the need for Spanning Tree Protocol (STP) to block redundant links. All links are active, forwarding traffic and providing a more efficient, high-performance network.

Core Concepts: The Building Blocks of SVL

Before we dive into configuration, it’s crucial to understand the terminology and key components that make StackWise Virtual work.

Active and Standby Switches

Within a StackWise Virtual domain, one switch is elected as the Active switch, and the other becomes the Standby. The Active switch is the brain of the operation, running the control plane protocols and managing the entire logical system. The Standby switch remains in a hot-standby state, fully synchronized and ready to take over instantly if the Active switch fails. This election is determined by switch priority (higher value wins) or, as a tie-breaker, the lowest MAC address.

StackWise Virtual Link (SVL)

The SVL is the heart of the system. It’s a special link, typically a high-bandwidth EtherChannel (using 10G/40G/100G ports), that connects the two switches. The SVL serves two critical purposes:

  1. Control Plane Communication: It carries all the necessary control and synchronization traffic between the Active and Standby switches, ensuring the Standby is always up-to-date.
  2. Data Traffic Forwarding: It acts as a high-speed data path for any traffic that needs to traverse between the two chassis. For example, if a packet arrives on a port on Switch 1 but its destination is a device connected to Switch 2, the packet will be sent over the SVL.

It is a best practice to configure the SVL with at least two physical links for redundancy, ideally on different ASICs or line cards.

Dual-Active Detection (DAD) Link

The DAD link is the ultimate failsafe. It’s a dedicated link used to prevent a catastrophic network condition known as a “split-brain” or “dual-active” scenario. This occurs if the SVL fails entirely, but both switches remain operational. Without a DAD link, both switches would mistakenly believe they are the Active switch, leading to IP address conflicts, MAC address flapping, and a complete network meltdown.

The DAD link provides a secondary communication path. If the SVL fails, the switches send messages over the DAD link. If they can still hear each other, the original Standby switch knows the Active is still alive and will enter a recovery mode, shutting down all its non-SVL interfaces to prevent instability. The original Active switch continues to forward traffic, ensuring network continuity.

Multi-Chassis EtherChannel (MEC)

MEC is the primary reason SVL can provide such high performance and simplified topologies. It’s a standard EtherChannel (Port-Channel) whose member links are physically connected to both chassis of the StackWise Virtual pair. To any downstream device, this MEC appears as a normal EtherChannel connected to a single switch. This provides:

  • Link Redundancy: If a link to one chassis fails, traffic continues to flow through the remaining link(s) to the other chassis.
  • Chassis Redundancy: If an entire chassis fails, the MEC remains up, and traffic continues to flow through the surviving chassis.
  • Active-Active Forwarding: All links in the MEC are active and load-balancing traffic, eliminating blocked ports and maximizing bandwidth utilization.

Pre-Deployment: Planning and Prerequisites

A successful SVL deployment starts with meticulous planning. Rushing this phase can lead to significant headaches later. Here’s your checklist.

Hardware and Software Compatibility

  • Supported Platforms: StackWise Virtual is supported on specific models of the Catalyst 9000 family, including the Catalyst 9300, 9400, 9500, and 9600 series. Always verify your specific model and part number in the latest Cisco documentation.
  • IOS-XE Version: Both switches in the SVL domain MUST run the exact same IOS-XE software version. There is no room for error here. Mismatched versions will prevent the SVL from forming. It’s recommended to use a recent, stable release.
  • Licensing: StackWise Virtual requires a DNA Advantage or DNA Premier license. It will not function with the DNA Essentials license. Verify your license level with `show license summary`.

Physical Connectivity and Design

  • SVL Link Planning:
    • Use high-speed interfaces (10G or higher). 40G or 100G is preferred for core deployments.
    • Create a Port-Channel with at least two physical links for the SVL.
    • For maximum resiliency, use ports from different line cards or ASICs on each switch.
    • Use high-quality, certified cabling (DAC, AOC, or Fiber with appropriate transceivers).
  • DAD Link Planning:
    • The DAD link can be a direct connection using a Gigabit or faster interface.
    • CRITICAL: The DAD link’s physical path should be as diverse from the SVL’s path as possible. If the SVL links run through one conduit, run the DAD link through another. This prevents a single physical event (like a cable cut) from taking down both the SVL and the DAD link.
  • MEC Planning:
    • Identify the downstream devices that will connect to the SVL pair via MEC.
    • Plan your port allocation, ensuring you distribute MEC member links across both physical switches.

The Ultimate Step-by-Step Configuration Guide

Here we go. We will configure a StackWise Virtual pair from two factory-default switches. We’ll call them SW1 (intended Active) and SW2 (intended Standby).

Scenario:

  • Switches: Two Catalyst 9500s.
  • SVL Links: FortyGigabitEthernet1/0/1 and FortyGigabitEthernet1/0/2 on both switches.
  • DAD Link: TenGigabitEthernet1/0/24 on both switches (using Fast Hello).
  • Domain ID: 100

Important Note: The following steps should be performed on both switches individually before they are physically connected via the SVL links. Do not connect the SVL cables until instructed.

Phase 1: Pre-Staging Each Switch

Connect to the console of SW1 first.

Step 1.1: Initial Cleanup and Hostname (on SW1)

It’s always best to start from a clean slate.


SW1# write erase
SW1# reload

Switch> en
Switch# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)# hostname SW1
SW1(config)#

Step 1.2: Set the Switch Priority (on SW1)

We want SW1 to be the Active switch. To influence the election, we give it a higher priority. The default is 1. We’ll set it to 15.


SW1(config)# switch 1 priority 15

Step 1.3: Define the StackWise Virtual Domain (on SW1)

This command groups the switches into a single SVL domain. The domain ID must be the same on both switches.


SW1(config)# stackwise-virtual
SW1(config-stackwise-virtual)# domain 100

Step 1.4: Configure the SVL Interfaces (on SW1)

Now, we’ll configure the physical interfaces that will form the StackWise Virtual Link. We bind them to a specific SVL number (e.g., svl 1).


SW1(config)# interface FortyGigabitEthernet1/0/1
SW1(config-if)# stackwise-virtual link 1
SW1(config-if)# no shutdown
SW1(config-if)# exit

SW1(config)# interface FortyGigabitEthernet1/0/2
SW1(config-if)# stackwise-virtual link 1
SW1(config-if)# no shutdown
SW1(config-if)# exit

Step 1.5: Configure the DAD Link (on SW1)

We will use the recommended Fast Hello method. This is configured on the physical interface.


SW1(config)# interface TenGigabitEthernet1/0/24
SW1(config-if)# stackwise-virtual dual-active-detection
SW1(config-if)# no shutdown
SW1(config-if)# exit

Now, repeat the exact same steps on SW2, with one minor change.

Step 1.6: Configure SW2

Connect to the console of SW2.


SW2# write erase
SW2# reload

Switch> en
Switch# configure terminal
Switch(config)# hostname SW2

! We will leave the priority at the default of 1, making it lower than SW1.
! No 'switch 1 priority' command is needed.

Switch(config)# stackwise-virtual
Switch(config-stackwise-virtual)# domain 100

Switch(config)# interface FortyGigabitEthernet1/0/1
Switch(config-if)# stackwise-virtual link 1
Switch(config-if)# no shutdown
Switch(config-if)# exit

Switch(config)# interface FortyGigabitEthernet1/0/2
Switch(config-if)# stackwise-virtual link 1
Switch(config-if)# no shutdown
Switch(config-if)# exit

Switch(config)# interface TenGigabitEthernet1/0/24
Switch(config-if)# stackwise-virtual dual-active-detection
Switch(config-if)# no shutdown
Switch(config-if)# exit

Phase 2: The Conversion

Now that both switches have the necessary base configuration, we need to save it and trigger the conversion to StackWise Virtual mode. This command will save the running config to the startup config and force a reboot.

Step 2.1: Save and Reboot (on BOTH switches)

Execute this command first on SW1, and then on SW2.


SW1(config)# end
SW1# write memory
Building configuration...
[OK]

SW1# stackwise-virtual convert-to-svl
This command will save the config and reboot the switch.
Continue? [yes/no]: yes


! Perform the same on SW2
SW2(config)# end
SW2# write memory
Building configuration...
[OK]

SW2# stackwise-virtual convert-to-svl
This command will save the config and reboot the switch.
Continue? [yes/no]: yes

Both switches will now reboot into StackWise Virtual mode.

Phase 3: Interconnection and Power-Up

Wait for both switches to fully reboot and come back online. The console prompt may look a little different. DO NOT INTERCONNECT THEM YET. Both switches will initially think they are active in a split-brain state, which is expected at this stage.

Step 3.1: Physically Connect the Links

  1. Connect the SVL Cables: Connect FortyGigabitEthernet1/0/1 on SW1 to FortyGigabitEthernet1/0/1 on SW2. Then connect FortyGigabitEthernet1/0/2 on SW1 to FortyGigabitEthernet1/0/2 on SW2.
  2. Connect the DAD Cable: Connect TenGigabitEthernet1/0/24 on SW1 to TenGigabitEthernet1/0/24 on SW2.

Step 3.2: The Election and Reload

Once the SVL links are connected, the two switches will discover each other. They will hold an election. Since SW1 has the higher priority (15 vs 1), it will win the election and become the Active switch. SW2 will lose the election and, recognizing it needs to be the Standby, will automatically reload to join the StackWise Virtual system correctly.

You will see console messages indicating this process. Be patient; this reload can take several minutes.

Phase 4: Verification (The Moment of Truth)

After SW2 has reloaded and joined the stack, you can connect to the console of SW1 (the Active switch) to verify the status of the entire system.

Command 1: `show switch`

This is your first go-to command. It should show both switches, their roles, and their status.


SW1# show switch
Switch/Stack Mac Address : 7079.b369.3580 - Local Mac Address
Mac persistency wait time: Indefinite
                                             H/W   Current
Switch#   Role          Mac Address     Priority   State
------------------------------------------------------------
*1       Active         7079.b369.3580     15       Ready
 2       Standby        7079.b368.4e00     1        Ready

What to look for: You must see one ‘Active’ and one ‘Standby’, and the state for both should be ‘Ready’.

Command 2: `show stackwise-virtual`

This is the master command for SVL status.


SW1# show stackwise-virtual
Stackwise Virtual Configuration:
--------------------------------
Enabled              : Yes
Domain Number        : 100

Switch  Stackwise Virtual Link  Ports
------  ----------------------  ------
1       1                       FortyGigabitEthernet1/0/1
                              FortyGigabitEthernet1/0/2
2       1                       FortyGigabitEthernet2/0/1
                              FortyGigabitEthernet2/0/2

What to look for: Confirm ‘Enabled’ is Yes, the Domain Number is correct (100), and you see the correct ports listed for both Switch 1 and Switch 2.

Command 3: `show stackwise-virtual link`

This command verifies the health of the SVL itself.


SW1# show stackwise-virtual link
Stackwise Virtual Link (SVL) Information:
----------------------------------------
Flags: 
------
U-Up, D-Down, C-Created, I-Invalid

SVL         Ports                         Status
---         --------------------------    ------
1           FortyGigabitEthernet1/0/1     U
            FortyGigabitEthernet1/0/2     U

What to look for: The status of all member ports should be ‘U’ for Up.

Command 4: `show stackwise-virtual dual-active-detection`

Finally, let’s check our failsafe mechanism.


SW1# show stackwise-virtual dual-active-detection
Dual-Active-Detection Configuration:
-------------------------------------
Switch  Dad port                        Status
------  ----------                      ------
1       TenGigabitEthernet1/0/24        up
2       TenGigabitEthernet2/0/24        up

What to look for: The status for the DAD port on both switches should be ‘up’.

Congratulations! You have successfully configured a Cisco StackWise Virtual system.

Putting it to Work: Configuring Multi-Chassis EtherChannel (MEC)

Now that the foundation is built, it’s time to leverage its power by connecting downstream devices. We will configure an MEC to a downstream access layer switch.

Step 1: Configure the MEC on the SVL Pair

We’ll use ports TenGigabitEthernet1/0/5 and TenGigabitEthernet2/0/5. Notice how the switch number is part of the interface name now. This is how you configure a port on a specific chassis.

From the Active switch (SW1), configure the following:


SW1# configure terminal
SW1(config)# interface Port-channel10
SW1(config-if)# description MEC to Access-Switch-01
SW1(config-if)# switchport mode trunk
SW1(config-if)# exit

SW1(config)# interface TenGigabitEthernet1/0/5
SW1(config-if)# description Link to Access-Switch-01 Port 1
SW1(config-if)# channel-group 10 mode active
SW1(config-if)# no shutdown
SW1(config-if)# exit

SW1(config)# interface TenGigabitEthernet2/0/5
SW1(config-if)# description Link to Access-Switch-01 Port 2
SW1(config-if)# channel-group 10 mode active
SW1(config-if)# no shutdown
SW1(config-if)# exit

We use LACP (`mode active`) which is a best practice. The configuration is automatically synced to the Standby switch.

Step 2: Configure the EtherChannel on the Downstream Switch

On the access switch, you configure a standard LACP EtherChannel.


Access-Switch-01# configure terminal
Access-Switch-01(config)# interface Port-channel10
Access-Switch-01(config-if)# description Uplink to Core SVL
Access-Switch-01(config-if)# switchport mode trunk
Access-Switch-01(config-if)# exit

Access-Switch-01(config)# interface TenGigabitEthernet1/0/1
Access-Switch-01(config-if)# description Link to Core SW1
Access-Switch-01(config-if)# channel-group 10 mode active
Access-Switch-01(config-if)# no shutdown
Access-Switch-01(config-if)# exit

Access-Switch-01(config)# interface TenGigabitEthernet1/0/2
Access-Switch-01(config-if)# description Link to Core SW2
Access-Switch-01(config-if)# channel-group 10 mode active
Access-Switch-01(config-if)# no shutdown
Access-Switch-01(config-if)# exit

Step 3: Verify the MEC

On the SVL pair, use the `show etherchannel summary` command.


SW1# show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        ...

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
10     Po10(SU)      LACP        Te1/0/5(P)   Te2/0/5(P)

What to look for: The Port-channel status should be (SU) for ‘Layer 2, in use’, and you should see both member ports from Switch 1 (Te1/0/5) and Switch 2 (Te2/0/5) listed with a (P) for ‘bundled in port-channel’.

Troubleshooting Common Scenarios

The Split-Brain Nightmare

If the SVL fails but the DAD link is up, the standby switch will transition to ‘Recovery’ mode to prevent dual-active. You’ll see this in `show switch`. To recover, simply fix the SVL link issue (e.g., re-seat a cable, replace a transceiver). The switch in recovery mode will automatically reload and rejoin the stack as the standby once it detects the SVL is restored.

Configuration Mismatches

If the stack won’t form after the initial reboots, the most common culprit is a mismatch. Double-check the following on both switches:

  • Exact same IOS-XE version.
  • Identical StackWise Virtual domain ID.
  • SVL and DAD link configurations point to the correct interfaces.

Conclusion: A New Standard for Network Resiliency

Cisco StackWise Virtual on the Catalyst 9000 platform is a game-changer for building modern, resilient, and high-performance networks. By unifying two physical switches into a single logical entity, it provides sub-second failover, simplifies management, and maximizes bandwidth utilization through Multi-Chassis EtherChannels.

While the initial setup requires careful planning and a methodical approach, the long-term operational benefits are immense. By following this guide, you are now equipped with the knowledge to deploy a rock-solid network core that can withstand failures and meet the ever-increasing demands of your business.