VSX configuration synchronization

VSX configuration synchronization simplifies VSX solution management, reduces configuration misconfiguration, and drift across VSX peer switches. With configuration synchronization enabled, the primary peer configuration is synced to the secondary peer. This synchronization is controlled in an opt-in manner by enabling VSX synchronization on a section of configuration.

If one or more of the following scenarios occur, the secondary switch will receive the configuration update after it fulfills synchronization requirements and is fully enabled:

  • The secondary switch is not present.

  • The secondary switch is not connected to the primary switch through the ISL.

  • The secondary switch is not configured for VSX configuration synchronization at the time VSX configuration synchronization is enabled on the primary switch.

You can only enable a specific configuration for syncing through the vsx-sync CLI extension on the primary switch. This extension is blocked on the secondary peer switch except when VSX configuration-synchronization is disabled or the ISL link is down.

Attributes supporting VSX

You can enable VSX synchronization for:

  • Access lists associated with a system or LAG interface.

  • Active gateways associated with a VLAN interface

  • All associations with MCLAG interfaces (VLANs, access lists, policy, QoS schedule profile, rate limits) and additional attributes, including description, loop-protect, LACP, and sFlow

  • All instances of AAA configurations, including user profiles, RADIUS, and TACACS+ server configurations at the global level

  • All instances of DNS configurations at a global level

  • All instances of MCLAG configurations at a global level

  • All instances of NTP configurations at a global level

  • All instances of QoS CoS and DSCP map configurations at a global level

  • All instances of sFlow configurations at a global level

  • All instances of SNMP/SNMPv3 server configurations at a global level

  • All instance of SSH server configurations at a global level

  • All instances of static route configurations at a global level

  • Classifier policies associated with a system or LAG interface

  • Entire access list context

  • Entire ACL object group context

  • Entire classifier context

  • Entire Policy Based Routing context

  • Entire policy context

  • Entire QoS schedule and queue profile context

  • Entire VLAN context

  • QoS schedule profiles associated with a system or LAG interface

  • Rate limits associated with a system or LAG interface.

  • VLANs associated with a system or LAG interface.

Enables VSX synchronization for the entire VLAN context, access list context, policy context, or class context to the secondary peer.

VSX synchronization requirements

  • Software image versions must be the same on both switches.

  • Primary and secondary roles configured.*

  • An interswitch link must be configured.*

  • Keepalive*

*Steps on to how meet these requirements are provided in Configuring core 1 and core 2.