Ask the Expert: Scaling Data Center Networks with Cisco FabricPath

Similar Messages

• Ask the Expert: Different Flavors and Design with vPC on Cisco Nexus 5000 Series Switches

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco® NX-OS.
  The biggest limitation to a classic port channel communication is that the port channel operates only between two devices. To overcome this limitation, Cisco NX-OS has a technology called virtual port channel (vPC). A pair of switches acting as a vPC peer endpoint looks like a single logical entity to port channel attached devices. The two devices that act as the logical port channel endpoint are actually two separate devices. This setup has the benefits of hardware redundancy combined with the benefits offered by a port channel, for example, loop management.
  vPC technology is the main factor for success of Cisco Nexus® data center switches such as the Cisco Nexus 5000 Series, Nexus 7000 Series, and Nexus 2000 Series Switches.
  This event is focused on discussing all possible types of vPC along-with best practices, failure scenarios, Cisco Technical Assistance Center (TAC) recommendations and troubleshooting
  Vishal Mehta is a customer support engineer for the Cisco Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in TAC for the past 3 years with a primary focus on data center technologies, such as the Cisco Nexus 5000 Series Switches, Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus 1000V Switch, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching, and service provider.
  Nimit Pathak is a customer support engineer for the Cisco Data Center Server Virtualization TAC team based in San Jose, California, with primary focus on data center technologies, such as Cisco UCS, the Cisco Nexus 1000v Switch, and virtualization. Nimit holds a master's degree in electrical engineering from Bridgeport University, has CCNA® and CCNP® Nimit is also working on a Cisco data center CCIE® certification While also pursuing an MBA degree from Santa Clara University.
  Remember to use the rating system to let Vishal and Nimit know if you have received an adequate response. 
  Because of the volume expected during this event, Vishal and Nimit might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure Community, under the subcommunity LAN, Switching & Routing, shortly after the event. This event lasts through August 29, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Gustavo
  Please see my responses to your questions:
  Yes almost all routing protocols use Multicast to establish adjacencies. We are dealing with two different type of traffic –Control Plane and Data Plane.
  Control Plane: To establish Routing adjacency, the first packet (hello) is punted to CPU. So in the case of triangle routed VPC topology as specified on the Operations Guide Link, multicast for routing adjacencies will work. The hellos packets will be exchanged across all 3 routers and adjacency will be formed over VPC links
  http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_L3_w_vpc_5500platform.html#wp999181
  Now for Data Plane we have two types of traffic – Unicast and Multicast.
  The Unicast traffic will not have any forwarding issues, but because the Layer 3 ECMP and port channel run independent hash calculations there is a possibility that when the Layer 3 ECMP chooses N5k-1 as the Layer 3 next hop for a destination address while the port channel hashing chooses the physical link toward N5k-2. In this scenario,N5k-2 receives packets from R with the N5k-1 MAC as the destination MAC.
  Sending traffic over the peer-link to the correct gateway is acceptable for data forwarding, but it is suboptimal because it makes traffic cross the peer link when the traffic could be routed directly.
  For that topology, Multicast Traffic might have complete traffic loss due to the fact that when a PIM router is connected to Cisco Nexus 5500 Platform switches in a vPC topology, the PIM join messages are received only by one switch. The multicast data might be received by the other switch.
  The Loop avoidance works little different across Nexus 5000 and Nexus 7000.
  Similarity: For both products, loop avoidance is possible due to VSL bit
  The VSL bit is set in the DBUS header internal to the Nexus.
  It is not something that is set in the ethernet packet that can be identified. The VSL bit is set on the port asic for the port used for the vPC peer link, so if you have Nexus A and Nexus B configured for vPC and a packet leaves Nexus A towards Nexus B, Nexus B will set the VSL bit on the ingress port ASIC. This is not something that would traverse the peer link.
  This mechanism is used for loop prevention within the chassis.
  The idea being that if the port came in the peer link from the vPC peer, the system makes the assumption that the vPC peer would have forwarded this packet out the vPC-enabled port-channels towards the end device, so the egress vpc interface's port-asic will filter the packet on egress.
  Differences:  In Nexus 5000 when it has to do L3-to-L2 lookup for forwarding traffic, the VSL bit is cleared and so the traffic is not dropped as compared to Nexus 7000 and Nexus 3000.
  It still does loop prevention but the L3-to-L2 lookup is different in Nexus 5000 and Nexus 7000.
  For more details please see below presentation:
  https://supportforums.cisco.com/sites/default/files/session_14-_nexus.pdf
  DCI Scenario:  If 2 pairs are of Nexus 5000 then separation of L3/L2 links is not needed.
  But in most scenarios I have seen pair of Nexus 5000 with pair of Nexus 7000 over DCI or 2 pairs of Nexus 7000 over DCI. If Nexus 7000 are used then L3 and L2 links are required for sure as mentioned on above presentation link.
  Let us know if you have further questions.
  Thanks,
  Vishal

• ASK THE EXPERTS - Update on 802.11n with Fred Niehaus

  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to get an update on 802.11n with Cisco expert Fred Niehaus. Fred is a Technical Marketing Engineer for the Wireless Networking Business Unit at Cisco, where he is responsible for developing and marketing enterprise wireless solutions using Cisco Aironet and Airespace wireless LAN products. In addition to his participation in major deployments, Fred has served as technical editor for several Cisco Press books including the "Cisco 802.11 Wireless Networking Reference Guide" and "The Business Case for Enterprise-Class Wireless LANs." Prior to joining Cisco with the acquisition of Aironet, Fred was a support engineer for Telxon Corporation, supporting some of the very first wireless implementations for major corporate customers. Fred has been in the data communications and networking industry for more than 20 years and holds a Radio Amateur (Ham) License "N8CPI."
  Remember to use the rating system to let  Fred know if you have received an adequate response.
  Fred might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Other Mobility Subjects discussion forum shortly after the event. This event lasts through March 25, 2011. Visit this forum often to view responses to your questions and the questions of other community members.

  So there are two parts of this question, the latter part I cannot address as it is a future question.  Cisco does not comment on products that have not been released or on the strategy of next generation products.
  That said, Cisco was first to market with an 802.11n Access Point and well (we didn't all go on vacation after we did that)
  So let's talk a little about spatial streams in general and how it relates to what customers are doing today.
  The Cisco 1040, 1140, 1250, 1260 and 3500 Series Access Points are all two spatial streams (2SS).
  As of the time of this writing, a critical mass of 3SS and 4SS compatible clients have yet to be deployed, and the vast majority of WiFi clients that will be deployed over the next 18 months will be 1SS and 2SS clients.
  The higher SS clients are likely only show up in some higher end notebooks -- Why? well it is a given that smartphones and tablets are likely to continue to be 1SS and in some rare cases 2SS.
  This is because additional radios used in this technology consume battery life, add to the physical size of the device and increase the cost. Also many devices leverage the same single antenna for cellular as well as WiFi.  Therefore, it is my opinion that 3SS Access Points provide little if any performance benefit for smartphones or tablets in the enterprise today, and any real throughput gain is likely to occur with high end notebooks in close proximity to the Access Point and those are rolling out very slowly and we are monitoring this.
  Now we get to my favorite part of this..  I get to ask myself a question and then answer it..
  So Fred are you saying that there is no value in 3SS and 4SS?
  Of course not, 3SS performs similar to 2SS beyond a short distance, and with any multi-SS product RF interference must be addressed to capture the performance benefits of higher SS Access Points. Actual throughput in any WiFi environment is highly dependent on the presence of interferers and obstacles.
  Without the ability to mitigate the impact of interference, 3SS solutions will "downshift" to 2SS of 1SS and lose all the performance benefits anyway IMHO.
  I don't want to sound like a commercial, but you really do need Cisco cleanair technology in the AP and Cisco innovations deliver more and will go beyond the simple 3SS aspects of the 802.11n standard.
  IMHO it's more about CleanAir, good RF system design, and what we put into the AP with regard to performance "in the environment" and not what is on some spec sheet today.
  For more on Cisco CleanAir see the following URL http://www.cisco.com/en/US/netsol/ns1070/index.html
  Fred

• Ask the Expert: Architecting your Collaboration Solution with Social and Video

  With Gebran Chahrouri
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about ways that Enterprise Social and Video are woven into traditional Voice solutions and Architectures  with Cisco expert Gebran Chahrouri. Extend your Cisco collaboration architecture to reach into Cloud and/or on premise Cisco WebEx Social and TelePresence offerings. Gebran will be answering any questions about architecting a current solution or devising a roadmap to take your collaboration deployment to the next level.
  Gebran Chahrouri is a principal engineer and architect for the WebEx Social product with a focus on scalability. Since joining Cisco in 1998 he has held engineering leadership and software management positions on products including Customer Contact, Cisco IPICS, and the Cisco TelePresence Exchange service. Chahrouri has nearly 30 years of experience in architecting, managing, and developing software products at Cisco, ROLM, IBM, Siemens, and Aspect. He holds a master's degree in electrical and computer engineering from the University of Michigan and has over 20 patents filed by the U.S. Patent Office.
  Remember to use the rating system to let Gebran  know if you have received an adequate response. 
  Gebran might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Collaboration, Voice and Video sub-community discussion forum shortly after the event.This event lasts through February 22, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

  Hi Jason,
  Thanks for your question.
  WebEx Social combines the power of social networking, content creation, and real-time communications. Employees can quickly connect with people, communities and information they need to get work done.
  The product tour video (http://www.cisco.com/en/US/prod/collateral/ps10680/vds_cQuad_prodTour.html) featured at http://www.cisco.com/web/products/quad/index.html gives a really good overview of the product.
  If you prefer a document to read I recommend http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps556/case_study_c36-706800_ps10668_Products_Case_Study.html
  I would be happy to answer any further questions.
  - Gebran

• Ask the Expert: Basic Introduction and Troubleshooting on Cisco Nexus 7000 NX-OS Virtual Device Context

  With Vignesh R. P.
  Welcome to the Cisco Support Community Ask the Expert conversation.This is an opportunity to learn and ask questions of Cisco expert Vignesh R. P. about the Cisco® Nexus 7000 Series Switches and support for the Cisco NX-OS Software platform .
  The Cisco® Nexus 7000 Series Switches introduce support for the Cisco NX-OS Software platform, a new class of operating system designed for data centers. Based on the Cisco MDS 9000 SAN-OS platform, Cisco NX-OS introduces support for virtual device contexts (VDCs), which allows the switches to be virtualized at the device level. Each configured VDC presents itself as a unique device to connected users within the framework of that physical switch. The VDC runs as a separate logical entity within the switch, maintaining its own unique set of running software processes, having its own configuration, and being managed by a separate administrator.
  Vignesh R. P. is a customer support engineer in the Cisco High Touch Technical Support center in Bangalore, India, supporting Cisco's major service provider customers in routing and MPLS technologies. His areas of expertise include routing, switching, and MPLS. Previously at Cisco he worked as a network consulting engineer for enterprise customers. He has been in the networking industry for 8 years and holds CCIE certification in the Routing & Switching and Service Provider tracks.
  Remember to use the rating system to let Vignesh know if you have received an adequate response. 
  Vignesh might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the  Data Center sub-community discussion forum shortly after the event. This event lasts through through January 18, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

  Hi Vignesh
  Is there is any limitation to connect a N2K directly to the N7K?
  if i have a an F2 card 10G and another F2 card 1G and i want to creat 3 VDC'S
  VDC1=DC-Core
  VDC2=Aggregation
  VDC3=Campus core
  do we need to add a link between the different VDC's
  thanks

• Ask the Expert: FSPF Concepts and Troubleshooting in Cisco SAN Environments

              With Upinder Sujlana
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about FSPF, VSAN interaction, load balancing, and troubleshooting with Upinder Sujlana.
  According to the FC-SW-2 standard, Fabric Shortest Path First (FSPF) is a link state path selection protocol. FSPF keeps track of the links on all switches in the fabric and associates a cost with each link. FSPF tracks the state of links on all switches in the fabric, associates a cost with each link in its database, and then chooses the path with a minimal cost. The cost associated with an interface can be administratively changed to implement the FSPF route selection. Upinder will discuss Cisco's implementation of FSPF.
  Upinder Sujlana is a customer support engineer for Cisco's SAN TAC team based in San Jose, CA. He has worked in the TAC for the past five years with a focus on WAN technologies (L2TP, T1, T3, SCE 2K, 8K) and data center technologies such as MDS; Cisco Nexus 7000, 5000, and 2000; FCoE; and FC. Prior to joining the TAC, Upinder was a Java client-side programmer for an NMS startup company and then transitioned to network testing for a cloud company. He holds a master's degree in electrical engineering from Santa Clara University and has CCIE certification (no. 37318) in routing and switching. These days he is enthusiastic about Python programming. 
  Remember to use the rating system to let Upinder know if you have received an adequate response. 
  Upinder might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation in Data Center community,  sub-community, Storage Networking   discussion forum shortly after the event. This event lasts through March 14, 2014. Visit this forum often to view responses to your questions and the questions of other community members.

  Hi Evan,
  You can use my favorite command as below to find out the cost and check what path traffic will take. Here is a example :
  switch1# show fspf internal route vsan 2
  FSPF Unicast Routes
  VSAN     Number          Dest Domain          Route Cost          Next hops
  1                   0x01(1)                    1000                  fc1/2
  1                   0xEF(239)                  1000                  fc1/1
  1                   0xED(238)                  2000                  fc1/1
                                                                       fc1/2
  This shows the total cost of all links.
  The next hop (238) has two interfaces. This indicates that both paths will be used during load sharing. Up to sixteen paths can be used by FSPF with a Cisco MDS 9000 Family switch.
  http://www.cisco.com/en/US/products/ps5989/prod_troubleshooting_guide_chapter09186a008067a306.html#wp126591
  HTH,
  ~upinder

• Ask the Expert: Configuration, Design, and Troubleshooting of Cisco Nexus 1000

  With Louis Watta
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about design, configuration, and troubleshooting of Cisco Nexus 1000V Series Switches operating inside VMware ESXi and Hyper-V with Cisco expert Louis Watta. Cisco Nexus 1000V Series Switches deliver highly secure, multitenant services by adding virtualization intelligence to the data center network. With Cisco Nexus 1000V Series Switches, you can have a consistent networking feature set and provisioning process all the way from the virtual machine access layer to the core of the data center network infrastructure.
  This is a continuation of the live Webcast.
  Louis Watta is a technical leader in the services organization for Cisco. Watta's primary background is in data center technologies: servers (UNIX, Windows, Linux), switches (MDS, Brocade), storage arrays (EMC, NetApp, HP), network switches (Cisco Catalyst and Cisco Nexus), and enterprise service hypervisors (VMware ESX, Hyper-V, KVM, XEN). As a Technical Leader in Technical Services, Louis currently supports beta and early field trials (EFTs) on new Cisco software and hardware. He has more than 15 years of experience in a wide variety of data center applications and is interested in data center technologies oriented toward data center virtualization and orchestration. Prior to Cisco, Louis was a system administrator for GTE Government Systems. He has a bachelor of science degree in computer science from North Carolina State University. .
  Remember to use the rating system to let Louis know if you have received an adequate response.
  Louis might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Data Center community Unified Computing shortly after the event.
  This event lasts through Friday, JUne 14, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
  Webcast related links:
  Slides
  FAQ
  Webcast Video Recording

  Right now there is only a few features that are not supported on N1Kv on Hyper-V
  They are VXLAN and QOS Fair Weighted Queuing. We are currently demoing VXLAN functionality at Microsoft TechEd Conference this week in New Orleans. So VXLAN support should be coming soon. I can't give you a specific timeline.
  For Fair Weighted Queuing I'm not sure. In the VMware world we take advantage of NETIOC infrastructure. In the MS world they do not have a NETIOC infrastructure that we can use to create a similar feature.
  Code base parity (as in VMware and Hyper-V VSMs running NXOS 5.x) will happen with the next major N1KV release for ESX.
  Let me know if that doesn't answer your question.
  thanks
  louis

• Deploying Cisco Overlay Transport Virtualization (OTV) in Data Center Networks

  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to plan, design, and implement Cisco Overlay Transport Virtualization (OTV) in your Data Center Network with Cisco experts Anees Mohamed Abdulla and Pranav Doshi.
  Anees Mohamed Abdulla is a network consulting engineer for Cisco Advanced Services, where he has been delivering plan, design, and implementation services for enterprise-class data center networks with leading technologies such as vPC, FabricPath, and OTV. He has 10 years of experience in the enterprise data center networking area and has carried various roles within Cisco such as LAN switching content engineer and LAN switching TAC engineer. He holds a bachelor's degree in electronics and communications and has a CCIE certification 18764 in routing and switching. 
  Pranav Doshi is a network consulting engineer for Cisco Advanced Services, where he has been delivering plan, design, and implementation services for enterprise-class data center networks with leading technologies such as vPC, FabricPath, and OTV. Pranav has experience in the enterprise data center networking area and has carried various roles within Cisco such as LAN switching TAC engineer and now network consulting engineer. He holds a bachelor's degree in electronics and communications and a master's degree in electrical engineering from the University of Southern California.
  Remember to use the rating system to let Anees and Pranav know if you have received an adequate response.  
  Because of the volume expected during this event, Anees and Pranav might not be able to answer each question. Remember that you can continue the conversation on the Data Center, sub-community forum shortly after the event. This event lasts through August 23, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Dennis,
      All those Layer 2 extension technologies require STP to be extended between Data Centers if you need to have multiple paths between Data Centers. OTV does not extend STP rather it has its own mechanism (AED election) to avoid loop when multiple paths are enabled. It means any STP control plane issue, we don't carry to the other Data Center.
      OTV natively suppresses Unknown Unicast Flooding across the OTV overlay. Unknown unicast flooding is a painful problem in layer 2 network and difficult to troubleshoot to identify the root cause if you don't have proper network monitoring tool.
     It has ARP optimization which eliminates flooding ARP packets across Data Center by responding locally with cached ARP messages. One of the common issues I have seen in Data Center is some server or device in the network sends continuous ARP packets which hits Control plane in the Aggregation layer which in turn causes network connectivity issue.
  The above three points proves the Layer 2 domain isolation between data centers. If you have redundant Data Centers with Layer 2 extended without OTV, the above explained layer 2 issue which happens in one Data Center carries the same failure to the second data center which creates the question of what is the point of having two different Data Centers if we can not isolate the failure domain.
    OTV natively supports HSRP localization with few command lines. This is a very important requirement in building Active/Active Data Center.
  Even though your question is related to L2TP, OTV deserves the comparison with VPLS and those comparison will also be applicable for L2TP. The below link explains in detail...
  http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/white_paper_c11-574984.html
  Thanks,
  Anees.

• Ask the Expert: Cisco Prime Infrastructure - Implementation and Deployment

  Welcome to the Cisco Support Community Ask the Expert conversation.
  This Ask The expert Session will cover questions spanning Cisco Prime Infrastructure on Implementation and Deployment on Wired and Wireless. This will be more specific to Customer’s and Partners questions product covering PI on configuration, Features and Menu, Network Monitoring, Maps, Implementation, High Availability and Maintenance and t/s parts.
  Monday, February 2nd, 2015 to Friday, February 13th, 2015
  Dhiresh Yadav is a customer support engineer in High-Touch Technical Services (HTTS)  handling supporting Wireless and Network Management based Cisco products and is based in Bangalore. His areas of expertise include Cisco Prime Infrastructure and Cisco Wireless products. He has over 7 years of industry experience working with large enterprise and service provider networks. He also holds CCNP (RS) and CCIE (DC) certifications.
  Afroz Ahmad is a customer support engineer in High-Touch Technical Services (HTTS)  handling supporting Wireless and Network Management based Cisco products and is based in Bangalore. His areas of expertise include Cisco NMS products like Prime Infrastructure, LMS, IP SLA and SNMP etc. He has over 7 years of industry experience working with large enterprise and service provider networks. He also holds CCNP (RS),CCIE (DC), and SCJP (Sun Certified Java Professional )
  Vinod Kumar Arya is a customer support engineer in High-Touch Technical Services (HTTS)  handling supporting Wireless and Network Management based Cisco products and is based in Bangalore. His areas of expertise include Cisco NMS products like Prime Infrastructure, LMS, IP SLA and SNMP etc. He has over 8 years of industry experience working with large enterprise and service provider networks. He also holds VCP 5 and RHCE certifications.
  ** Remember to use the rating system to let the experts know you have received an adequate response.**
  Because of the volume expected during this event, the experts might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure community, > Network Management, shortly after the event. This event lasts through February 13th 2015. Visit this forum often to view responses to your questions and those of other Cisco Support Community members.

  Hello Wilson,
  Thanks for joining us.
  1841 should just work fine for net flow . Hope you have a valid "PI Assurance license" installed on the server.
  "PI Assurance license" is required for "net-flow"  feature
  Devices supporting Netflow in PI ::
  1400, 1600, 1700 & 1800
  2500, 2600 & 2800
  3600, 3700, 3750 & 3800
  4500 & 4700
  AS5300 & 5800
  7200, 7300, 7400 & 7500
  Catalyst 4500 ASCI
  Catalyst 5000, 6500, & 7600 ASCI
  ESR 10000 ASCI
  GSR 12000 ASCI
  Cisco IOS Software Release Version
  Supported Cisco Hardware Platforms
  11.1CA, 11.1CC
  Cisco 7200 and 7500 series, RSP 7200 series
  12.0
  Cisco 1720, 2600, 3600, 4500, 4700, AS5800 
  RSP 7000 and 7200 series
  uBR 7200 and 7500 series
  RSM series
  12.0T, 12.0S
  Cisco 1720, 2600, 3600, 4500, 4700, AS5800 
  RSP 7000 and 7200 series
  uBR 7200 and 7500 series
  RSM series, MGX8800RPM series, and BPx8600 series
  12.0(3)T, 12.0(3)S
  Cisco 1720, 2600, 3600, 4500, 4700, AS5300, AS5800
  RSP 7000 and 7200 series
  uBR 7200 and 7500 series
  RSM series, MGX8800RPM series, and BPx8650 series
  12.0(4)T
  Cisco 1400, 1600, 1720, 2500, 2600, 3600, 4500,
  4700, AS5300, AS5800
  RSP 7000 and 7200 series
  uBR 7200 and 7500 series
  RSM series, MGX8800RPM series, and BPx8650 series
  12.0(4)XE
  Cisco 7100 series
  12.0(6)S
  Cisco 12000 series
  NetFlow is also supported by these devices Cisco 800, 1700, 1800, 2800, 3800, 6500, 7300, 7600, 10000, CRS-1 and these Catalyst series switches: 45xx, 55xx, 6xxx.
  NetFlow export is also supported on other Cisco switches when using a NetFlow Feature Card (NFFC) or NFFC II and the Route Switch Module (RSM), or Route Switch Feature Card (RSFC). However, check whether version 5 is supported, as most switches export version 7 by default.
  You can check the below steps to diagnose the issue::
   To verify that NetFlow is exported from a device to PI, follow the steps below:
  1)    Browse to Administration > Data Sources page. Check the value in column ‘Last Active Time’  for the ‘Device Data Sources’ table. If the table is empty or  the value does not represent recent time, then
  it is possible that the device is not exporting NetFlow or PI Assurance license is not applied / expired.
  2)    Login to PI console ( via SSH) as root user and run the command:
                  netstat –an | grep 9991 – Output of this should be like :  udp        0      0 :::9991         :::*
                  Check the firewall settings on PI server using the command: firewall -L
  1)    Check the configuration on an IOS / IOS –XE device. Run the commands
  a)    sh running-config | inc destination
  1)    This should list the IP address of the PI SERVER ( along with other outputs if any)
  b)    sh running-config | inc 9991
  1)    This should list at least one entry.
  c)    If the above are fine, then verify that the flow monitor, flow exporter and the flow records are correctly configured on the device.
  Refer to the URLs below to configure NetFlow export.
  http://preview.cisco.com/en/US/docs/net_mgmt/prime/infrastructure/2.0/user/guide/setup_monitor.html#wp1056427
  Thanks-
  Afroz
  ***Ratings Encourages Contributors ****

• Ask the Expert: Data Center Integrated Systems and Solutions

  Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about utilizing Cisco data center technology and solutions with subject matter expert Ramses Smeyers. Additionally, Ramses will answer questions about FlexPOD, vBlock, Unified Computing Systems, Nexus 2000/5000, SAP HANA, and VDI.
  Ramses Smeyers is a technical leader in Cisco Technical Services, where he works in the Datacenter Solutions support team. His main job consists of supporting customers to implement and manage Cisco UCS, FlexPod, vBlock, VDI, and VXI infrastructures. He has a very strong background in computing, networking, and storage and has 10+ years of experience deploying enterprise and service provider data center solutions. Relevant certifications include VMware VCDX, Cisco CCIE Voice, CCIE Data Center, and RHCE.
  Remember to use the rating system to let Ramses know if you have received an adequate response.
  Because of the volume expected during this event, Ramses might not be able to answer every question. Remember that you can continue the conversation in the Data Center Community, under the subcommunity Unified Computing, shortly after the event. This event lasts through August 1, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Ramses,
  I have dozen questions but will try to restrain myself and start with the most important ones :)
  1. Can cables between IOM and FI be configured in a port-channel? Let me clarify what I"m trying to achieve: if I have only one chassis with only one B200M3 blade inside, will the 2208 IOM and FI6296 allow me to achieve more than 10Gbps throughput between the blade and the Nexus 5k? Of course, we are talking here about clean ethernet environment.
       B200M3 --- IOM2208 --- 4 links --- FI6296 --- port-channel (4 links) --- Nexus5548
  2. Is it possible to view/measure throughput for Fibre Channel interfaces?
  3. Here is one about FlexPod: I know that in case of vBlock there is the company that delivers fully preconfigured system and offers one universal support point so customer don't have to call Cisco or VMware or storage supports separately. What I don't know is how it works for FlexPod. Before you answer that you are not sales guy, let me ask you more technical questions: Is FlexPod Cisco product or is NetApp product or this is just a concept developed by two companies that should be embraced by various Cisco/NetApp partners? As you obviously support Datacenter solutions, if customer/partner calls you with are FlexPod related problem, does it matter for you, from support side, if you are troubleshooting fully compliant FlexPod system or you'll provide same level of support even is the system is customized (not 100% FlexPod environment)?
  4. When talking about vCenter, can you share your opinion about following: what is the most important reason to create the cluster and what will be the most important limitation?
  5. I know that NetApp has feature called Rapid Clones that allows faster cloning than what vCenter offers. Any chance you can compare the two? I remember that NetApp option should be much faster but didn't understand what is actually happening during the cloning process and I'm hoping you can clarify this? Maybe a quick hint here: seems to me it will be helpful if I could understand the traffic path that is used in each case. Also, it will be nice to know if Vblock (i.e. EMC) offers similar feature and how it is called.
  6. Can I connect Nexus 2000 to the FI6xxx?
  7. Is vBlock utilizing Fabric Failover? Seems to me not and would like to hear your opinion why.
  Thanks for providing us this opportunity to talk about this great topic.
  Regards,
  Tenaro

• Ask the Expert: Hierarchical Network Design, Includes Core, Distribution, and Access

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about hierarchical network design. 
  Recommending a network topology is required for meeting a customer's corporate network design  needs in their business and technical goals and often consists of many interrelated components. The hierarchical design made this easier like "divide and conquer" the job and develop the design in layers.
  Network design experts have developed the hierarchical network design model to help to develop a topology in discrete layers. Each layer can be focused on specific functions, to select the right systems and features for the layer.
  A typical hierarchical topology is
  A core layer of high-end routers and switches that are optimized for availability and performance.
  A distribution layer of routers and switches that implement policies.
  An access layer that connects users via lower-end switches and wireless access points.
  Ahmad Manzoor is a Senior Pre-Sales Engineer at AGCN, Pakistan. He has more than 10 years of experience in first-rate management, commercial and technical skills in the field of data communication and services lifecycle—from solution design through sales pitch, designing RFPs, architecture, and solution—all with the goal toward winning projects (creating win/win situations) of obsolete solutions.  Ahmad also has vast experience in designing end-to-end data centers, from building infrastructure design to data communication and network Infrastructure design. He has worked for several large companies in Pakistan and United Arab Emirates markets; for example, National Engineer, WATEEN Telecom, Emircom, Infotech, Global Solutions, NETS International, Al-Aberah, and AGCN, also known as Getronics, Pakistan.
  Remember to use the rating system to let Ahmad know if he has given you an adequate response. 
  Because of the volume expected during this event, Ahmad might not be able to answer every question. Remember that you can continue the conversation in the  Solutions and Architectures under the sub-community Data Center & Virtualization, shortly after the event. This event lasts through August 15, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Dear Leo,
  We are discussing the following without any product line, discussing the concept of hierarchical design, which will help you to take decision which model is better for you Two Layer or Three Layer hierarchical model.  
  Two-Layer Hierarchy
  In many networks, you need only two layers to fulfill all of the layer functions—core and aggregation
  Only one zone exists within the core, and many zones are in the aggregation layer. Examine each of the layer functions to see where it occurs in a two-layer design:
  Traffic forwarding—Ideally, all interzone traffic forwarding occurs in the core. Traffic flows from each zone within the aggregation layer up the hierarchy into the network core and then back down the hierarchy into other aggregation zones.
  Aggregation—Aggregation occurs along the core/aggregation layer border, allowing only interzone traffic to pass between the aggregation and core layers. This also provides an edge for traffic engineering services to be deployed along.
  Routing policy—Routing policy is deployed along the edge of the core and the aggregation layers, generally as routes are advertised from the aggregation layer into the core.
  User attachment—User devices and servers are attached to zones within the aggregation layer. This separation of end devices into the aggregation permits the separation of traffic between traffic through a link and traffic to a link, or device. Typically, it is best not to mix transit and destination traffic in the same area of the network.
  Controlling traffic admittance—Traffic admittance control always occurs where user and server devices are attached to the network, which is in the aggregation layer. You can also place traffic admittance controls at the aggregation points exiting from the aggregation layer into the core of the network, but this is not common.
  You can see, then, how dividing the network into layers enables you to make each layer specialized and to hide information between the layers. For instance, the traffic admittance policy implemented along the edge of the aggregation layer is entirely hidden from the network core.
  You also use the core/aggregation layer edge to hide information about the topology of routing zones from each other, through summarization. Each zone within the aggregation layer should have minimal routing information, possibly just how to make it to the network core through a default route, and no information about the topology of the network core. At the same time, the zones within the aggregation layer should summarize their reachability information into as few routing advertisements as possible at their edge with the core and hide their topology information from the network core.
  Three-Layer Hierarchy
  A three-layer hierarchy divides these same responsibilities through zones in three vertical network layers,
  Traffic Forwarding—As with a two-layer hierarchy, all interzone traffic within a three- layer hierarchy should flow up the hierarchy, through the layers, and back down the hierarchy.
  Aggregation—A three-layer hierarchy has two aggregation points:
  At the edge of the access layer going into the distribution layer
  At the edge of the distribution layer going into the core
  At the edge of the access layer, you aggregate traffic in two places: within each access zone and flowing into the distribution layer. In the same way, you aggregate interzone traffic at the distribution layer and traffic leaving the distribution layer toward the network core. The distribution layer and core are ideal places to deploy traffic engineering within a network.
  Routing policy—The routing policy is deployed within the distribution layer in a three- layer design and along the distribution/core edge. You can also deploy routing policies along the access/distribution edge, particularly route and topology summarization, to hide information from other zones that are attached to the same distribution layer zone.
  User attachment—User devices and servers are attached to zones within the access layer. This separation of end devices into the access layer permits the separation of traffic between traffic through a link and traffic to a link, or device. Typically, you do not want to mix transit and destination traffic in the same area of the network.
  Controlling traffic admittance—Traffic admittance control always occurs where user and server devices are attached to the network, which is in the access layer. You can also place traffic admittance controls at the aggregation points along the aggregation/core edge.
  As you can see, the concepts that are applied to two- and three-layer designs are similar, but you have more application points in a three-layer design.
  Now the confusion takes place in our minds where do we use Two Layer and where the Three layer hierarchical model.
  Now we are discussing that How Many Layers to Use in Network Design?
  Which network design is better: two layers or three layers? As with almost all things in network design, it all depends. Examine some of the following factors involved in deciding whether to build a two- or three-layer network:
  Network geography—Networks that cover a smaller geographic space, such as a single campus or a small number of interconnected campuses, tend to work well as two-layer designs. Networks spanning large geographic areas, such as a country, continent, or even the entire globe, often work better as three layer designs.
  Network topology depth—Networks with a compressed, or flattened, topology tend to work better as two-layer hierarchies. For instance, service provider networks cover large geographic areas, but reducing number of hops through the network is critical in providing the services they sell; therefore, they are often built on a two-layer design. Networks with substantial depth in their topologies, however, tend to work better as three-layer designs.
  Network topology design—Highly meshed networks, with many requirements for interzone traffic flows, tend to work better as two-layer designs. Simplifying the hierarchy to two levels tends to focus the design elements into meshier zones. Networks that focus traffic flows on well-placed distributed resources, or centralized resources, such as a network with a large number of remote sites connecting to a number of centralized Data Centers, tend to work better as three-layer designs.
  Policy implementation—If policies of a network tend to focus on traffic engineering, two-layer designs tend to work better. Networks that attempt to limit access to resources attached to the network and other types of policies tend to work better as three-layer designs.
  Again, however, these are simple rules of thumb. No definitive way exists to decide whether a network should have two or three layers. Likewise, you cannot point to a single factor and say, “Because of this, the network we are working on should have three layers instead of two.”
  I hope that this helps you to understand the purposes of Two Layer & Three layer Hierarchical Model.
  Best regards,
  Ahmad Manzoor

• Ask the Expert: C-Series Integration with Cisco Unified Computing System Manager

  Welcome to the Cisco Support Community Ask the Expert conversation. This conversation is an opportunity to learn and ask questions about Cisco C-Series Integration with Cisco Unified Computing System® Manager (Cisco UCS® Manager) with Cisco experts Vishal Mehta and Manuel Velasco.
  Cisco UCS C-Series Rack-Mount Servers are managed by the built-in standalone software, Cisco Integrated Management Controller (Cisco IMC). When a C-Series rack-mount server is integrated with Cisco UCS Manager, the IMC no longer manages the server. Instead you will manage the server using the Cisco UCS Manager GUI or Cisco UCS Manager command-line interface (CLI).
  Cisco UCS Manager 2.2 provides three connectivity modes for Cisco UCS C-Series Rack-Mount Server management. The following are the connectivity modes:
  Dual-wire management (shared LAN On Motherboard [LOM]): Shared LOM ports on the rack server are used exclusively for carrying management traffic.A separate cable connected to one of the ports on the Payment Card Industry Express (PCIe) card carries the data traffic.
  SingleConnect (Sideband): Using Network Controller Sideband Interface (NC-SI), the Cisco UCS Virtual Interface Card 1225 (VIC1225) connects one cable that can carry both data and management traffic.
  Direct Connect Mode: Cisco UCS Manager Version 2.2 introduces an additional rack server management mode using direct connection to the Fabric Interconnect.
  Vishal Mehta is a customer support engineer for Cisco’s Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in the TAC for the past 3 years with a primary focus on data center technologies such as Cisco Nexus® 5000, Cisco UCS, Cisco Nexus 1000V, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching and service provider.
  Manuel Velasco is a customer support engineer for Cisco’s Data Center Server Virtualization TAC team based in San Jose, California.  He has been working in the TAC for the past 3 years with a primary focus on data center technologies such as Cisco UCS, Cisco Nexus 1000V, and virtualization.  Manuel holds a master’s degree in electrical engineering from California Polytechnic State University (Cal Poly) and CCNA® and VMware VCP certifications. Remember to use the rating system to let Vishal and Manuel know if you have received an adequate response. 
  Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation in the Data Center, under subcommunity, Unified Computing, shortly after the event. This event lasts through May 23, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Sebastian,
  The different modes of connecting C-Series with UCSM come into play depending on the type of infrastructure you already have along with C-Series and NIC model.
  Cisco UCS C-Series Rack-Mount Servers are managed by the built-in standalone software, Cisco Integrated Management Controller (CIMC) .
  Powerful features provided by Cisco UCS Manager can be leveraged to manage C-Series server by integrating  C-Series Rack-Mount Server with UCSM.
  This not only gives you rich-feature set but also one management plane to operate UCS-B Series Chassis and UCS-C Series Rack Server.
  You will manage the server using the Cisco UCS Manager GUI or Cisco UCS Manager CLI.
  Cisco UCS Manager 2.2 provides three connectivity modes for Cisco UCS C-Series Rack-Mount Server management.
  The following are the connectivity modes:
  •  Dual-wire Management (Shared LOM):
  Shared LAN on Motherboard (LOM) ports on the rack server are used exclusively for carrying management traffic. A separate cable connected to one of the ports on the PCIe card carries the data traffic. Using two separate cables for managing data traffic and management traffic is also referred to as dual-wire management.
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_0100.html
  This mode is recommended when you have C-Server which does not  have or cannot support VIC 1225 card (such C-200 server)
  •  SingleConnect (Sideband):
  Using Network Controller Sideband Interface (NC-SI), Cisco UCS VIC1225 Virtual Interface Card (VIC) connects one cable that can carry both data traffic and management traffic.
  This feature is referred to as SingleConnect.
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_011.html
  This most recommended Integration model when using FEX and VIC 1225 card
  •  Direct Connect Mode:
  Cisco UCS Manager release version 2.2 introduces an additional rack server management mode using direct connection to the Fabric Interconnect.
  This mode will eliminate the need for FEX module as Servers are directly plugged into the base ports of Fabric Interconnect
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm2-2/b_C-Series-Integration_UCSM2-2/b_C-Series-Integration_UCSM2-2_chapter_0110.html
  Please let us know if you need more information. Thank you!
  Thanks,
  Vishal

• Ask the Expert: One Management with Prime Infrastructure 1.2

  With Tejas Shah
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions from Cisco expert Tejas Shah on One Management with Prime Infrastructure 1.2 Combining the wireless functionality of Cisco Prime Network Control System (NCS) with the wired functionality of Cisco Prime LAN Management Solution (LMS),  Cisco Prime Infrastructure simplifies and automates many of the day-to-day tasks associated with maintaining and managing the end-to-end network infrastructure from a single pane of glass. The new converged solution delivers all of the existing wireless capabilities for RF management, user access visibility, reporting, and troubleshooting along with wired lifecycle functions such as discovery, inventory, configuration and image management, automated deployment, compliance reporting, integrated best practices, and reporting.
  Tejas Shah is a senior technical marketing engineer for Cisco Prime Infrastructure and Collaboration products. He has deployed Cisco Prime Collaboration Manager at various customer sites to help customers monitor and troubleshoot their video infrastructure. In addition, he is part of the Network Operations Center team at Cisco Live events for six years. Shah joined Cisco in 1995 and was in the Technical Assistance Center team supporting various network management system products for more than six years.
  Remember to use the rating system to let Tejas know if you have received an adequate response. 
  Tejas might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Wireless Mobility sub-community discussion forum shortly after the event. This event lasts through Sept 21, 2012. Visit this forum often to view responses to your questions and the questions of other community members.

  Raun, please see my responses inline:
  Can you go over the licensing method with Prime Infrastructure 1.2 please? 
  Raun, you can check out the following link for ordering guide at
  http://www.cisco.com/en/US/products/ps12239/products_data_sheets_list.html
  I currently have NCS and do NOT currently have LMS.  I know I can move to Prime Infrastructure through Cisco Product Upgrade Tool.  However, what I am confused about is do I still have to buy LMS to have LMS functionality in Prime Infrastructure 1.2? 
  ==> Not at all.  The converged product will give you basic management capability for routers and switches that LMS provided in this release.   Feature/Functionality will keep on growing with upcoming releases.
  If not, do the licenses I transfer into Prime Infrastructure 1.2 from NCS also work for devices to work under LMS? 
  ==> Licensing is different than NCS or LMS.  You don't have to transfer the license.  Each install of Prime Infrastructure will have a unique UID string on which the licenses are based.  A new license will be applied to the product.
  Mean, can my currently 350 licenses be used for AP's as in NCS and routers in the LMS portion of Prime Infrastructure 1.2?
  ==> I would recommend getting a total count of your wired and wireless devices and match the right SKU based on that.
  Hope this helps.. Let me know if you have any further questions,
  Tejas

• ASK THE EXPERTS - WI-FI NETWORKS

  Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get an update on different aspects of wireless network design and installation with Fred Niehaus.  Fred is a Technical Marketing Engineer for the Wireless Networking Business Unit at Cisco, where he is responsible for developing and marketing enterprise wireless solutions using Cisco Aironet and Airespace wireless LAN products. In addition to his participation in major deployments, Niehaus has served as technical editor for several Cisco Press books including the "Cisco 802.11 Wireless Networking Reference Guide" and "The Business Case for Enterprise-Class Wireless LANs." Prior to joining Cisco with the acquisition of Aironet, Niehaus was a support engineer for Telxon Corporation, supporting some of the very first wireless implementations for major corporate customers. Fred has been in the data communications and networking industry for more than 20 years and holds a Radio Amateur (Ham) License "N8CPI."
  Remember to use the rating system to let Fred know if you have received an adequate response.
  Fred might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through July 16, 2010. Visit this forum often to view responses to your questions and the questions of other community members.

  Hi Expert,
                   Before all, thank you for your great advice and helps. I've decided to implement a few of them. However, during preliminary test , i run into some issues. Hopefully, you will be able to help one last time.
  During my test, I implemented a few SSID wich worked fine in my lab with WEP encryption. And i decided to change the encryption, some of the SSID did work with wpa2. However, two remains my attention, the guess SSID which uses wpa with tkip and one of the test SSID. The guess SSID worked fine untill I decided to reload the AP. When the AP came back it could not grabs an ip, but sho commands shows that it is associate with the AP. See below. I am 100% certain that the config is correct as it was working fine before the reload.
  a) Show commands
  #sh dot11 associations
  802.11 Client Stations on Dot11Radio0:
  SSID [SAVY_GUESS] :
  MAC Address    IP address      Device        Name            Parent         State
  000e.9b6e.XXXX 169.254.97.66   ccx-client    -               self           Assoc
  Address           : 000e.9b6e.XXX     Name             : NONE
  IP Address        : 169.254.97.66      Interface        : Dot11Radio 0
  Device            : ccx-client         Software Version : NONE
  CCX Version       : 2
  State             : Assoc              Parent           : self
  SSID              : SAVY_GUESS
  VLAN              : 9
  Hops to Infra     : 1                  Association Id   : 13
  Clients Associated: 0                  Repeaters associated: 0
  Tunnel Address    : 0.0.0.0
  Key Mgmt type     : WPA PSK            Encryption       : TKIP
  Current Rate      : 54.0               Capability       : ShortHdr ShortSlot
  Supported Rates   : 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
  Voice Rates       : disabled
  Signal Strength   : -31  dBm           Connected for    : 11592 seconds
  Signal to Noise   : 61  dBm            Activity Timeout : 57 seconds
  Power-save        : Off                Last Activity    : 3 seconds ago
  Apsd DE AC(s)     : NONE
  Packets Input     : 8830               Packets Output   : 9
  Bytes Input       : 435094             Bytes Output     : 1154
  Duplicates Rcvd   : 15                 Data Retries     : 0
  Decrypt Failed    : 0                  RTS Retries      : 0
  MIC Failed        : 0                  MIC Missing      : 0
  Packets Redirected: 0                  Redirect Filtered: 0
  Session timeout   : 0 seconds
  Reauthenticate in : never
  b) SSID config
     dot11 ssid SAVY_GUESS
     vlan 9
     authentication open
     authentication key-management wpa
     mbssid guest-mode
     wpa-psk ascii 7 1240321A241F5B367B29281F6200133524422D325C
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption vlan 9 mode ciphers tkip
  encryption vlan 16 mode ciphers aes-ccm
  ssid SAVY_GUESS
  ssid Wireless-Test
  interface Dot11Radio0.9
  encapsulation dot1Q 164
  no ip route-cache
  bridge-group 9
  bridge-group 9 subscriber-loop-control
  bridge-group 164 block-unknown-source
  no bridge-group 9 source-learning
  no bridge-group 9 unicast-flooding
  bridge-group 9 spanning-disabled
  interface FastEthernet0.9
  encapsulation dot1Q 9
  ip helper-address 10.XXX.ZZZ.254
  no ip route-cache
  bridge-group 255
  no bridge-group 255 source-learning
  bridge-group 255 spanning-disabled
  ps. Wired Device connected on the vlan did grab an IP.
  2. Wireless_Test
  This SSID was working fine until I change the vlan associate to it.
  SSID [Wireless-Test] :
  MAC Address    IP address      Device        Name            Parent         State
  001f.3b51.XXXX 169.254.90.253  ccx-client    00C00070        self           EAP-Assoc
  Address           : 001f.3b51.XXXX     Name             : I00000070
  IP Address        : 169.254.90.253     Interface        : Dot11Radio 0
  Device            : ccx-client         Software Version : NONE
  CCX Version       : 4
  State             : EAP-Assoc          Parent           : self
  SSID              : Wireless-Test
  VLAN              : 16
  Hops to Infra     : 1                  Association Id   : 12
  Clients Associated: 0                  Repeaters associated: 0
  Tunnel Address    : 0.0.0.0
  Key Mgmt type     : WPAv2              Encryption       : AES-CCMP
  Current Rate      : 54.0               Capability       : WMM ShortHdr ShortSlot
  Supported Rates   : 1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0
  Voice Rates       : disabled
  Signal Strength   : -43  dBm           Connected for    : 14298 seconds
  Signal to Noise   : 52  dBm            Activity Timeout : 14 seconds
  Power-save        : On                 Last Activity    : 6 seconds ago
  Apsd DE AC(s)     : NONE
  Packets Input     : 15322              Packets Output   : 256
  Bytes Input       : 913707             Bytes Output     : 19866
  Duplicates Rcvd   : 249                Data Retries     : 14
  Decrypt Failed    : 0                  RTS Retries      : 0
  MIC Failed        : 0                  MIC Missing      : 0
  Packets Redirected: 0                  Redirect Filtered: 0
  Session timeout   : 0 seconds
  Reauthenticate in : never
  b) config
  dot11 ssid Wireless-Test
     vlan 16
     authentication open eap eap_methods2
     authentication network-eap eap_methods2
     authentication key-management wpa
     accounting acct_methods3
     mbssid guest-mode
  interface Dot11Radio0.16
  encapsulation dot1Q 16
  no ip route-cache
  bridge-group 16
  bridge-group 16 subscriber-loop-control
  bridge-group 16 block-unknown-source
  no bridge-group 16 source-learning
  no bridge-group 16 unicast-flooding
  bridge-group 16 spanning-disabled
  interface FastEthernet0.16
  encapsulation dot1Q 16
  ip helper-address 10.zzz.xxx.254
  no ip route-cache
  bridge-group 16
  no bridge-group 16 source-learning
  bridge-group 16 spanning-disabled
  Can the radio interface get mess by the reload? How can I verify theradio? Debug did not show Client asking for IP...
  3. My last question, my ACLs to limit guess access. Should i implement them in my firewall or in my distribution router? The distribution router has a sub_interface for each SSID. Would it be better  to block traffic right from the distribution router rather let unecessary traffic flow to the network?
  Thanks a lot for great advice and guidance,
  ---Jean Paul.

• Ask The Expert: Understanding, Implementing, and Troubleshooting Cisco Prime Network

  Ask questions and learn about Cisco Prime Network with Cisco experts Vignesh Rajendran Praveen and Jaminder Singh Bali.
  Cisco Prime Network is and  Cisco Prime Network provides cost-effective device operation, administration and network fault management for today’s complex and evolved programmable networks (EPNs). It is a single solution to support both the traditional physical network components, as well as compute infrastructure, and the virtual elements found in data centers. Automated configuration and change management combined with advanced troubleshooting and diagnostics greatly help service providers enable proactive service assurance. Additionally, the flexible and extensible architecture is designed to support the multivendor environment, helping to lower operational costs.
  This event runs January 5 through January 16, 2015.
  Vignesh Rajendran Praveen is a High Touch Engineer with the Focused Technical Services team supporting Cisco's major Service Provider customers in Routing, Switching, Multiprotocol Label Switching (MPLS) technologies and Cisco Prime Network related issues. Previously at Cisco he has worked as a Network Consulting Engineer for Enterprise Customers and as a Customer Support Engineer for Service Provider customers. He has been in the networking industry for ten years and holds CCIE certification (#34503) in the Routing and Switching as well as Service Provider tracks.
  Jaminder Singh Bali is a Customer Support Engineer working in SP-NMS TAC team, supporting Cisco's major service provider customers in Cisco Prime Network, Performance and Prime Central related issues. His areas of expertise include Oracle, Linux and NMS applications. He has been in the industry for past six years.
  Remember to use the rating system to let the experts know if you have received an adequate response. 
  The Experts might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation in Network Infrastructure community, sub-community, LAN, Switching and Routing discussion forum shortly after the event. This event lasts through January 16, 2015. Visit this forum often to view responses to your questions and the questions of other community members.

  Hello Jerome,
  A variety of Cisco devices are supported by the the Cisco Prime Network. I would encourage you to go through the below links on the user guide depending the version of Cisco Prime Network being used.
  "Cisco Prime Network Supported Cisco Virtual Network Elements (VNEs)"
  "Cisco Prime Network Supported Cisco VNEs - Addendum"
  Below is the link for the user guide.
  http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network/products-user-guide-list.html
  Hope this would help in providing you more clarity.
  ***********Plz do rate this post if you found it helpful*************************
  Thanks & Regards,
  Vignesh R P