I am doing the following topology between MX84 and Nexus 3K , the Nexus 3K have a Port channel and use Vpc , I know Meraki MX do not support Port channel , so what is the best Practice configuration in MX 84 LAN which is facing the Nexus Port channel and how to do the scenario below. Keep in mind VPC in Nexus is means Active Active .
Note the Port type form MX84 toward the Nexus are trunk ports .
vPC is basically a PortChannel so it expects LACP or a manually configured PortChannel from its peer.
I strongly believe your setup is not a supported configuration. It will probably work though, but some of the links will be disabled because of STP and LACP and I think you won't reap the benefits of a clean failover in case an MX or vPC member goes offline.
Also keep in mind the MXes *don't run STP*, take that into account when you design (= don't disable or filter STP).
We have a few clients with such a setup and the best way for us is to just use no vPC / bonding whatsoever between the MXes and the switches. Mainly because the MXes don't support bonding/aggregating their ports. (I don't know why they don't, it's a feature I dearly miss).
And I strongly recommend not to use the VRRP link between the MXes. According to our experience this would perhaps result in a bit better switchover behaviour, but it increases complexity of the setup and some MX firmwares (I think all 14.x) have a problem where during startup they actually create loops and flood the network in such a setup (and never converge as a result). We have seen this on occasion before fixing it by removing the VRRP link between the MXes (even if configured correctly with VLAN pruning).
Personally - I would simplify things. Nexus switches can be really finicking because of all their design rules. It is real easy to get caught out in different failure scenarios. Your diagram doesn't indicate if you have a seperate L2 forwarding path between the Nexus switches either.
I would single connect each MX84 to a Nexus switch. Then there are no loops and no spanning tree concerns. And it still preserves the "no single point of failure".
If you really want to you can put you could run a cable between the two MX84's (which you have labelled VRRP) but make sure this is using a dedicated VLAN that is not allowed on the trunk link to the Nexus switches. This is important to maintain a loop free solution. This link is used by the MX to exchange state information in this case.
You can check out this design guide by Aaron Willett: