Keepalive
Keepalive is a layer 3 interface that is used to exchange heartbeats between VSX peer switches. The heartbeats are exchanged by using the User Datagram Protocol (UDP) and port 7678 (default). During an ISL failure, VSX switches use their keepalive connection to determine if both VSX switches are up and running. This configuration helps the VSX switches find alternative paths to the ISL link in the network so the two VSX switch can continue to stay in-sync.
Configure each VSX peer switch with a keepalive connection to the other VSX peer switch. This connection is established over a routed network (IPv4 currently) and is not required to be a dedicated peer-to-peer link unlike ISL. Keepalive packets are UDP-based.
Make sure that the VSX peer switches have layer 3 reachability for keepalive interfaces through directly connected interfaces or routed through the upstream layer 3 network. Source of keepalive interfaces can be a layer 3 interface (router port), a loopback interface, or a Switch Virtual Interface (SVI). An SVI is a logical layer 3 interface configured per VLAN (one-to-one mapping) that performs all layer 3 processing for packets to or from all switch ports associated with that VLAN.
With respect to the keepalive path, it is highly recommended to separate keepalive traffic from the ISL link.
Use a dedicated layer 3 link and as a best practice, also use a dedicated VRF, as shown in Recommended network configuration for keepalive.
Keepalive packets can be sourced from the supported layer 3 interface; however, the packet must not be transported over the ISL.
In the case of 6400 and 8400 switch series, it highly recommended to use keepalive and ISL on different line cards. A single point of failure on line card that has keepalive and ISL configuration might cause split brain.