802.1q Q-in-Q on UCS

Similar Messages

• Support of UCS P81E in third-party servers

  Hi there,
  is it possible to use UCS P81E (N2XX-ACPCI01=) with other servers than UCS C-series? If so, is there any compatibilty list of supported vendors or server types?
  Cheers,
  Helena

  The datasheet referenced her descibes Adapter-FEX the reference is specific to that technology.  It states:
  "...An ecosystem of adapter vendors is now about to  support this technology using the IEEE 802.1Qbh standard, the first  vendor being Cisco itself, with the Cisco UCS P81E VIC (Figure 2),  designed for use with Cisco UCS C-Series Rack-Mount Servers. Other  adapter vendors will soon follow, providing adapters that support this  capability. Both Cisco Nexus 5500 platform and the Cisco Nexus 2000  Series Fabric Extenders support the Adapter FEX technology across a  variety of adapter platforms. Therefore, the offering can now be  expanded outside a Cisco UCS environment to third-party server vendors  that support IEEE 802.1Qbh-capable adapters."
  This means that you could use a third-party adapter such as the Broadcom 57712 which is IEEE 802.1Qbh (prestandard IEEE 802.1Qbr) capable to configure Adapter-FEX in a Cisco or Non-Cisco server.
  As Manish mentions, the P81E is only supported in the C-Series servers and there are currently no immediate plans to qualify it with other third party servers.
  Steve McQuerry
  UCS - Technical Marketing

• ISE on UCS Platform with UC

  We are looking to deploy ISE supporting 5000 devices and would like to use the Cisco UCS platform to host this. Looking at the spec required a C22 M3 would be sufficient; however we would also like to host some UC applications on the same server if resources allow.
  Therefore we would like to deploy ISE on a C220 M3 server and connect the associated NIC to a DMZ. We would then like to deploy UC applications such as CUCM and CUPS on the same UCS server with a NIC attached to the internal network.
  Can anyone foresee any issues with this configuration?
  Also while the UC application would require a UC Foundation License (R-VMW-UC-FND5-K9) whould this also meet the requirements for ISE?

  Steward,
  Just so you are aware that Cisco ISE is a ATP solution that can only be purchased through approved VARs. There is an HLD process that the VAR must submit on your behalf before the purchase is approved.
  You mentioned connecting one nic to the dmz which is used for the ISE appliance, is profiling part of your deployment, if so then you may have issues with activating those probes. Also if you are using 802.1x then you will need to allow access for ISE to reach your domain controllers which could be spread across your network.
  Keep these few items in mind before moving forward with any hardware purchase.
  Tarik Admani
  *Please rate helpful posts*

• ESX vmnic Receive Discards on UCS

  I wanted to see if anyone here had any recommendations for me in troubleshooting a problem that has been ongoing ever since we got our UCS equipment...
  Initially it was noticed through solarwinds monitoring that many of our ESX hosts were showing receive discards.  Usually in the neighborhood of 3k-5k per day.  I have tried to diagnose this on my own and through several TAC cases over time but always failed to get anyone willing to help me out as I couldn't produce a packet capture of the traffic since it was usually very sporadic when the packets would drop throughout the day.
  Lately I have had one of our ESX hosts start showing close to 1k packets discarded every hour which I thought would make it easier to capture what TAC needed to tell me why these packets are being dropped.  I even isolated the issue of the excessive drops to one particular VM.  So I have one B230 blade in a UCS chassis running ESX 5.0U1 with one single Window 2008 R2 VM with a VMXNet3 interface and on this host I am getting 1000+ packets per hour that are being discarded.  As an FYI we are also running Nexus 1000V.
  We went with all of this information to TAC and at first were told that Solarwinds was misreporting and there was no problem.  After we pointed out that the same stats show within vCenter for the hosts they agreed to look a bit closer, and engaged VMWare.
  VMWare after first reviewing the case referred us to this article:  http://kb.vmware.com/kb/1010071
  At first I was hopeful but I tried doubling both of the RX buffers listed in this article but it had no effect at all.  We are not using Jumbo frames on this VM.
  After VMWare saw that this did not fix the issue they have now requested a packet capture.  Unfortunately, they want us to determine the other end of the conversation that is sending the dropped packets and get a capture there as well so they can see which packets are being dropped.  We don't know what is transmitting these discards so we can't capture the other end.
  I feel like there has to be a way of seeing what is dropping somewhere within UCS.  The packets are entering the fabric interconnect fine and somehow being dropped by the Palo NIC so there has to be some way of capturing this no?  There is absolutely no way that we are exceeding 10G of traffic to this one VM so it just seems bizarre that the packets would still be dropping.  We are not exceeding limitations of CPU or memory for either the VM or the host.  Also, to rule out issues specific to this particular host we migrated the VM to another host and see the excessive drops follow it.  The other hosts still show 3-k-5k per day as before (which ideally I would also like to resolve some day) but the 25k number moves to whichever ESX host this particular VM resides on.  The only thing this VM does is run an IIS server.
  We are running UCS v 2.0(4a) but this behavior of discards has persisted through many different versions of UCS.  VMWare version 5.0.0 8.21926.  enic driver version 2.1.2.22
  If anyone has any idea or thoughts on how to figure how what is being dropped I would love to hear.  Thanks.

  Thanks for the quick response on this.
  I too think it may be a L1/L2 problem so we are starting there.  There are currently 4x 10GE ports, in two port cahnnels,  from a VSS 6509 to the new UCS-A and UCS-B FI.  Right now all of the data is running over the FI to the UCS-B chassis and there are errors on both the port-channel and individual ports:
  Switch#sh int Te1/4/3
  TenGigabitEthernet1/4/3 is up, line protocol is up (connected)
    Hardware is C6k 10000Mb 802.3, address is c464.1304.91e2 (bia c464.1304.91e2)
    Description:
    MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
       reliability 253/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, loopback not set
    Keepalive set (10 sec)
    Full-duplex, 10Gb/s
    input flow-control is off, output flow-control is off
    ARP type: ARPA, ARP Timeout 04:00:00
    Last input 00:00:28, output 00:00:38, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/2000/539564/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/40 (size/max)
    5 minute input rate 942000 bits/sec, 594 packets/sec
    5 minute output rate 3255000 bits/sec, 647 packets/sec
       434969045 packets input, 220506190906 bytes, 0 no buffer
       Received 838344 broadcasts (439593 multicasts)
       0 runts, 0 giants, 0 throttles
       539564 input errors, 313755 CRC, 0 frame, 0 overrun, 0 ignored
       0 watchdog, 0 multicast, 0 pause input
       0 input packets with dribble condition detected
       1540935135 packets output, 1141605974908 bytes, 0 underruns
       0 output errors, 0 collisions, 2 interface resets
       0 babbles, 0 late collision, 0 deferred
       0 lost carrier, 0 no carrier, 0 PAUSE output
       0 output buffer failures, 0 output buffers swapped out
  The other ports in the non primary FI are showing clean.  The plan right now is to fail everything over to the other UCS and force it to use the other FI and see if the problem follows.  If it does it seems like a TAC case is involved.  If it runs clean, it seems that we may have some bad fiber or tranceivers on one end or the other

• Nexus 1000v UCS Manager M81KR

  Hello everyone
  I am confused about how works the integration between N1K and UCS Manager:
  First question:
  If two VMs on different ESXi and different VEM but in the same VLAN,would like to talk each other, the data flow between them is managed from the upstream switch( in this case UCS Fabric Inteconnect), isn'it?
  I created a Ethernet uplink port-profile on N1K in switch port mode access(100), I created a vEthernet port-profile for the VM in switchport mode access(100) as well. In the Fabric Interconnect I created a vNIC profile for the physical NICs of ESXi(where there are the VMs). Also I created the vlan 100(the same in N1K)
  Second question: With the configuration above, if I include in the vNIC profile the vlan 100 (not as native vlan) only, the two VMs can not ping each other. Instead if I include in the vNIC profile only the defaul vlan(I think it is the vlan 1) as native vlan evereything works fine. WHY????
  Third question: How it works the tagging vlan on Fabric interconnectr and also in N1K.
  I tried to read differnt documents, but I did not understand.
  Thanks                 

  Since you have defined switchport mode access vlan 100 on uplink port-profile of Nexus 1000v, it sends all ethernet frames untagged(without 802.1q tag).
  When you include in the vNIC profile the vlan 100 (not as native vlan) ONLY like below screenshot, untagged frames are dropped because UCS expects all frames received on this port as tagged frames.
  When you change vNIC template to include default vlan as native vlan ONLY like below screen shot, you basically bridge two vlans (vlan 100 and vlan 1) because UCS FI now puts all untagged frames in vlan 1. and sends untagged frames to other ESXi host and ESXi host again bridge vlan 1 to vlan 100 with switchport mode access vlan 100 on uplink port profile.

• UCS FEX Question

  Im wondering if someone can clear up one thing for me….
  What exactly does a UCS FEX do besides aggregate the server traffic  and push it up to the Fabric Interconnects? What I am wondering is what  functionality/technology does it need to possess to do that?
  From my understanding, a conventional blade switch needs to be  DCB-capable (support at least PFC and ETS) and do FIP snooping to be  used as an FCoE pass-through. IS that the case with a UCS FEX?? I dont  think so…it seems like nothing more than a “dumb” MUX that has no  intelligence, no code to upgrade and simply passes DCB traffic between  CNA and FI…
  What am I missing, if anything?

  Manish, as usual, great stuff. Thank you..
  So, what you are telling me is inline with my thoughts about the UCS FEX. There is no switching intelligence in it and -- more pertinent to this discussion  -- no Data Center Bridging (CEE) capability to speak of. Its just a traffic MUX/DeMUX.
  That means the UCS FEX HIF ports will NOT act as an 802.1D switch port does when it is DCB-enabled and generate a PFC PAUSE frame and send it back to the server CNA if its input buffers get overwhelmed. I Iimagine then that the UCS FEX leaves it up to the Fabric Interconnect's ingress port to generate the PUASE and the FEX will simply pass it on to the CNA. Correct? That would mean the FEX has no input buffers to speak of. If it did, it would have to be able to PAUSE traffic that is overrrunning them - or so I would think.
  The same then can be said for the FEX and ETS. The FEX does not contain the hardware to participate in ETS. There is no egress scheduling algorithm and no recognition of packet prioritization or a mechanism to honor any prioritization that can be leveraged to dynamically assign bandwidth to the confgiured Traffic Class that would be serviced acording to the ETS Transmission Scheduling Algorithm (Algorithim 2, according to IEEE 802.1qaz v2.4).
  Lastly, the FEX does not participate in DCBx either - the link initialization semantics occur between the CNA and the Fabric Interconnect port.
  Is all this correct, Manish?
  I really appreciate your time and help. Thank you!

• Does the new ISR platform support 802.11ac APs

  Hello,
  Is there a Cisco WLAN controller that is compatible with the new 11ac 3700 APs that can be installed in a 3900 series ISR platform?
  Thank you
  James

  Yes and no.  And I don't know which is which.  
  The current way to stick a WLC into a router is using an SRE.  This is basically a module which contains a hard drive and you create a VM in form of a WLC.  Now the latest SRE firmware is 7.4.121.0 (release date 20 December 2013). 
  There are currently three models of APs with can support 802.11ac.  They are the 3600*, 3700 and 2700.
  Ok, here's where the "kicker" comes in.  
  The 3600 (notice the "*") can support 802.11ac if you purchase the 802.11ac Wave 1 Module.  The 3600 is supported from firmware version 7.2.X.X but the 802.11ac Wave 1 Module requires a minimum firmware version 7.5.X.X (this version is now "deferred").   So this option doesn't work.
  3700 requires a minmum of 7.6.X.X firmware and the newly-released 2700 requires a soon-to-be-released 7.6MR2 or 8.X.X.X firmware.   
  Now if what I've mentioned above doesn't confuse you, this next one will bewilder absolutely:  Read the Release Notes for 7.6.X.X and scroll down to the Supported Cisco Wireless LAN Controller Platforms section and it's stated:  
  Cisco Virtual Wireless Controllers on Cisco Services-Ready Engine (SRE) or Cisco Wireless LAN Controller Module for Integrated Services Routers G2 (UCS-E)
  Hence, my response of Yes and No.  
  I have two recommendations:  
  On the bottom of the Release Notes, there's a Feedback link.  Use it.  Put a low score (this guarantees someone will contact you quickly).  When they contact you, ask them to do a proper QC on their documentation because, frankly, they've been "dropping the ball" lately.  
  Next, contact TAC.  
  Hope this helps.

• Nexus 5548 to UCS-C series network connectivity.

  Hi There,
  I am new to nexus world, mainly telecom side. I have a situation where a vendor like to deploy two Cisco UCS-C series servers for voice deployment.
  Each UCS C240 M3 server has 4 NICs, 2 nics bonded 802.1q will connect to primary nexus 5k switch and other two bonded will connect to secondary nexus switch. we have a vPC domain and no FEXes so we have to connect these two servers directly to Nexus 5ks.
  My question is it possible with teamed nics to coonect to 2 different nexus switches?
  Can anyone guide me how can I achieve this design? see attached.
  Thanks Much

  It will also depend on the Server network settings such as OS, software switch flavor and NIC teaming option on the server.
  x- if you run ESXi, then you may check out the following KB article. 
  http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004088
  x- if you use N1Kv, then you can use LACP or static port-channeling, but be sure to make it consistent on the upstream switches.
  hope it helps.
  Michael

• ISE 1.2 - WLC 5508 (7.5x) - Windows 7 802.1X

  Hi ,
  We deployed ISE 1.2 (patch 3) with 5580 WLC to authenticate machines and users using 802.1x .
  We are experiencing a strange issue - randomly some machines authenticate fine over wireless and we are able to see logs on ISE and nexst day the same machine stops authenticating itself and ISE doesnt generate any log.. seems like somehow no request is coming to ISE.
  we have checked all the settings including wireless settings ,services, 802.1x settings on the laptop but struggling to find the a reason why randomly machine would work and then not work.
  whenever a machine works we see all the logs but when a machine doesnt work no log is generated in ise.
  has anyone experienced a similar issue?
  Thanks

  Thanks, we have figured it out.
  Machine Auth timer would expire after 12 hours and ISE had another setting where it would blacklist the client and supress logs for an hour if it sees more then certain amount of failed authentication attempts.
  Thanks

• Unable to Connect Using New AirPort Express 802.11n

  My mom purchased an AirPort Express 802.11n wireless router (AX) and I, as the designated "technology guru", was tasked with setting it up. Unfortunately, I am having problems out of the box.
  When I connect it to the wall, it is found by AirPort Utility, but when I try to set it up, it is unable to connect to the wireless network. ("An error occurred joining the selected wireless network." "An error occurred, close the configuration window and try again.") This is annoying because I have an older AX and it was true to the "it just works" Apple mantra. It is also annoying because the error message has a comma splice.
  Feeling pretty proud of my "technology guru" title, I come here to see what I could be doing wrong. I try connecting the computer directly to the router via ethernet cable. With this, I am able to setup my wireless network. I am still not able to connect to it. Additionally, once the AX has been configured, the AirPort Utility can't find it.
  I tried updating firmware to 7.5.2. I've tried downgrading to 7.3.2. I've tried hard resets, soft resets. Every tip I could find I have tried. Please help. My self-confidence is wearing out.
  Is it time for a call to Apple or a visit to the Apple Store?

  Are you trying to configure the Express to "join" the wireless network?
  If yes, the message you are receiving is likely an indication that you do not have the correct security settings selected for the Express. Unless the security settings between the wireless router and Express match up exactly, the Express will display the error that "an error occurred, etc".
  The easiest way to confirm if you have this problem is temporarily set the main wireless router to "no security" and try to connect the Express that way. If you can connect, then you know that it is a security issue.
  Please tell us the exact setting for security that the wireless router there is using and we'll try to give you some more ideas.
  The Express will connect. It's just a matter of finding the right settings.
  Message was edited by: Bob Timmons

• 10.5.1 doesn't fix 802.1X WEP os-logon and Go To Folder in finder dock Bug

  Hi,
  I still have a bug when opening folder/directory view from the finder dock icon. it instantly locks the finder and i have to kill it to get it function again. This bug doesnt' work when a finder window is open.. (as referred to be me in http://discussions.apple.com/message.jspa?messageID=5768515#5768515)
  There is still also a bug when i was using 802.1X WEP encryption at college earlier today. when booting leopard it searches for new or known wireless networks and gives me a password dialog. Since I authenticate against a LDAP server (U/P settings stored in the 802.1X tab) ) and also have a certificate, this dialog box is wrong. If i enter my password it also doesn't work!
  When canceling the dialog box and going to the wireless menu in the top right screen and selecting my access point, i get connected right away!!
  Come on apple, you can do better then that!
  Also, please remove or upgrade the "address book" in the terminal application, its still a shame...
  Regards,
  Rick

  In my searching beforehand, there were some rare problems in Finder with fonts in the sidebar causing problems. I figured it couldn't hurt. If I don't get any kind of solution here, I'm just going to wipe the computer (data backed up, of course), since I've accumulated quite a few odd things the past 18 months. Thanks anyway.
  edit: I just realized what you meant about the /Library/Fonts folder. I did the ~ one too, but no dice.
  Message was edited by: mintrepublic

• Urgent Help required for UCS

  Hi Team ,
  We added new Chassis into our exisitng UCS infrastructure.
  We discovered Chassis also & gave IPs to CIMC of new servers also.
  New Chassis IOM to FI cabling is also correct.
  But when i am trying to communicate with CIMC of Servers, connecion is failed.
  Also i installed OS manually on 1of the blade after creating service profile , OS IP is not able to ping & coomunicate iwth outer world.
  Same Fabric interconnect , Same port channel , Same uplinks , OLD Chassis is working fine.
  New chassis not able to communicate with outter world.
  What can be the issue ? Am i missing something in configuration ?
  WHt new chassis CIMC & BLADE IP is not able to ping & communicate.

  Hello Ashish,
  Let us focus on network connectivity to OS interface.
  Make sure you have allowed necessary vlans in the vNIC defined in the Service profile.
  Does FI server ports learning the MAC address of the server in the correct VLAN ?
  connect nxos
  show mac address table
  Padma

• How do I connect my Airport Extreme 802.11n to Epson 645 Printer?

  I can't figure out how to connect my Airport Extreme 802.11n to my Epson 645 Printer.  Can anyone help me?  Thanks!

  You may want to try reinstalling Mavericks. Airport Utility installed by Mavericks may no longer connect to your older AEBS (though I've not heard that.) Installing the Old AirPort Utility (Version 5.6) on Mountain Lion | frank.is.
  Reinstall Lion, Mountain Lion, or Mavericks
       Boot to the Recovery HD: Restart the computer and after the chime press and hold down the
       COMMAND and R keys until the Utilities menu screen appears. Alternatively, restart the computer and
       after the chime press and hold down the OPTION key until the boot manager screen appears.
       Select the Recovery HD and click on the downward pointing arrow button.
       Repair the Hard Drive and Permissions: Upon startup select Disk Utility from the Utilities menu.
       Repair the Hard Drive and Permissions as follows.
  After DU loads select your hard drive entry (mfgr.'s ID and drive size) from the the left side list.  In the DU status area you will see an entry for the S.M.A.R.T. status of the hard drive.  If it does not say "Verified" then the hard drive is failing or failed. (SMART status is not reported on external Firewire or USB drives.) If the drive is "Verified" then select your OS X volume from the list on the left (sub-entry below the drive entry,) click on the First Aid tab, then click on the Repair Disk button. If DU reports any errors that have been fixed, then re-run Repair Disk until no errors are reported. If no errors are reported click on the Repair Permissions button. Wait until the operation completes, then quit DU and return to the main menu.
       Reinstall Lion/Mountain Lion, Mavericks: Select ReinstallLion/Mountain Lion, Mavericks from
       the Utilities menu, and click on the Continue button.
       Note: You will need an active Internet connection. I suggest using Ethernet if possible because it is
                  three times faster than wireless.

• Broadcom 802.11n Network Adapter not working on Windows 7 64bit

  As the title suggests, my laptop (Alienware m17x) is installed with the Broadcom 802.11n Network Adapter and Windows 7 64bit Home Premium.  I have had several other driver incompatibility issues with Windows 7, but those I have slowly been able to resolve.  This however just cropped up after two months of successful use.  Yesterday it started failing to connect to the internet, telling me that no wireless connections are available.  I live in a dorm, and everyone else on my floor has successful wireless, including my Ipod Touch, PS3 and XBox 360.  I called Alienware/Dell Support and we spent hours trying to fix the problem and all look well until I rebooted my laptop this morning and the same issue reappeared.  When I reboot my laptop, all I get is a notification that no networks appear in range.  If I uninstall the broadcom chip and let windows install it after a boot up it works until the machine is rebooted a second time.  I have tried over a dozen windows 7 drivers for the chip, and about half a dozen vista drivers and they all have the same results, works on the first boot, fails every time after that 

  Just registered to say, on an Alienware M17x system as well running Windows 7 Ultimate, here is a link to a solution that worked exactly for me:
  http://forum.notebookreview.com/alienware/436486-guide-properly-solve-wireless-connection-problems-m17x.html
  All I did was section I.a. If the link is down, I copied the only section that I needed to follow out of this guide, in order to get my wireless to work repeatedly without having to uninstall the wireless driver every single reboot. Now it works perfectly,
  already connected to a wireless network on startup.
  I.a. Disable Device sleep on disconnect
  Some newer Nvidia Ethernet drivers have a feature called Device sleep on disconnect. This is the culprit. Normally, it should only put the Ethernet adapter to sleep when the cable is disconnected, but it's buggy and thus kills the wireless connection as
  well.
  Follow these steps to disable this feature on your Nvidia Ethernet Adapter:
  1. Open the Windows Device Manager by hitting Win+Pause, then click on Device Manager on the left side.
  2. Double-click on Network adapters.
  3. Double-click on NVIDIA nForce Networking Controller (yes, that's the wired Ethernet adapter indeed).
  4. Click on the Advanced tab.
  5. Select Device sleep on disconnect.
  6. Set the Value to Disabled. 
  7. Click OK and wireless should work again (might require a reboot afterwards, but probably not).

• Dell wireless 1538 802.11 a/g/n adapter

  I have a Dell Venue 8 Pro 5830 and I cannot get an internet connection. When I run the Windows network diagnostics I get the message "The Dell wireless 1538 802.11 a/g/n adapter is experiencing driver or hardware related problems".
  I have tried everything suggested in the Tablet.  What can I do now? I bought the Tablet through Amazon and I live in Venezuela.

  I have the same EXACT problem for 3 days.Even with my 5 yr computer experience I still couldn't figure this issue out.Dell rep and I found a temp solution.restart......press f8 nonstop....click on repair......restore it to an earlier time....
  this so far is the ONLY thing wev'e tried thats had a temp and pleasing result.let me guess there's a big red x on the bottom right hand corner? also try pressing fn + f2 same time......device manger-right click on dell wireless and disable,then enable.......
  ive had my dell inspiron 5423 for 2 1/2 months off of ebay.still has warranty under owner before me.After tons of research I'm thinking either driver I bad,or hardware or when he installed fresh copy of windows 7,he didn't install everything in the correct order (very important thing to do).
  If by chance you come across a permanent solution please keep me informed.