Cisco Nexus 9300 Virtual Port Channel Support

Similar Messages

• Does Solaris 10 support cisco Virtual Port Channels over IP?

  Does anyone know if Solaris 10 support cisco Virtual Port Channels open IP?

  Hi user11114413,
  The issue you are seeing actually has little to do with VIP, and more to do with there being multiple IP addresses for us to choose from on your box. For such multi-IP boxes, you'll want to tell us the IP to use, and in your case you want to tell as a VIP. This can be done either by editing your operational configuration file, and including an <address> element within the <unicast-listener> element, or via the tangosol.coherence.localhost system property. For example:
  <unicast-listener>
      <well-known-addresses>
          <socket-address id="1">
              <address>1.2.3.260</address> <!--virtual ip -->
              <port>8088</port>
          </socket-address>
      </well-known-addresses>
      <address>1.2.3.260</address> <!--virtual ip -->
      <port>8088</port>
  </unicast-listener>or
  java ... -Dtangosol.coherence.localhost=1.2.3.260If you are using the same operational configuration on all nodes in your cluster then the system property approach is likely preferable, and would only be necessary on the two machines sharing the VIP.
  As for using VIP or an extended WKA list, the choice is yours, either will work. If you do go the VIP route, it would obviously be a very bad idea to simultaneously use the same VIP and port at the same time from the two machines.
  thanks,
  Mark
  Oracle Coherence

• Cisco Nexus 1000v Virtual Switch for Hyper-V Availability

  Hi,
  Does anyone have any information on the availability of the Cisco Nexus 1000v virtual switch for Hyper-V. Is it available to download from Cisco yet? If not when will it be released? Are there any Beta programs etc?
  I can download the 1000v for VmWare but cannot find any downloads for the Hyper-V version.
  Microsoft Partner

  Any updates on the Cisco Nexus 1000v virtual switch for Hyper-V? Just checked on the Cisco site, however still only the download for VMware and no trace of any beta version. Also posted the same question at:
  http://blogs.technet.com/b/schadinio/archive/2012/06/09/windows-server-2012-hyper-v-extensible-switch-cisco-nexus-1000v.aspx
  "Hyper-V support isn't out yet. We are looking at a beta for Hyper-V starting at the end of February or the begining of March. "
  -Ian @ Cisco Community
  || MCITP: EA, VA, EMA, Lync SA, makes a killer sandwich. ||

• Cisco Nexus and 10GbE Autonegotiation not supported?

  Hi,
  I'm currently reading through the Interfaces Config Guide for Nexus 5600 NX-OS 7.x and have found the following statement:
  Autonegotiation configuration is not applicable on 10-Gigabit Ethernet ports. When autonegotiation is
  configured on a 10-Gigabit port the following error message is displayed:
  ERROR: Ethernet1/40: Configuration does not match the port capability
  Is it true that autonegotiation is not supported for 10GbE Interfaces on Cisco Nexus? I thought autonegotation was supported by 10GbE?! So would it be best practice so set a fixed speed on all Interfaces (servers, other switches) connected to the 10GbE ports on the Nexus switches?
  Thanks,
  Michael

  Hi Bilal,
  thanks. Yes, I know that 10GbE can run over both media types, the problem here is that the documentation starts with stating that auto negotiation is not supported for 10GbE in beneral but later references only 10-GBASE-T, so I was not sure what is true - whether auto-negotiation only not works with copper or with all ports.
  But I guess then it is true for all 10GbE ports, no matter what media-type. It's somewhat stange however, since I have read that auto-negotiation is generally supported for 10GbE (according to Wikipedia, at least). Maybe only Cisco doesn't supported auto-negotiation for 10GbE.
  Thank you again,
  Michael

• Nexus 1010v interfaces, port-channel, Catalyst 6500E VSS

  I'm installing a pair of 1010v-X appliances using flexible network option 5 on version 4.2(1)SP1(5.1).
  I have all interfaces grouped into a single port channel 6.  All interfaces uplink to a pair of Catalyst 6506Es in a VSS (Sup2T).
  My question relates to the VSS configuration.
  For example, do I set up one port-channel on the VSS and put all 12 interfaces in it? Or, do I set up two port-channels on the VSS and put the active 1010v-X in one port-channel and the standby into another port-channel?
  Do I set dot1q trunking up on the port-channel(s) on the VSS?
  Thanks.

  Hi,
  What version of IOS are you running on the ASAs?
  see table-12-3 in this link:
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/interface_start.html
  Also, since the 4500x are in VSS mode, you need to bundle one link from each switch and use LACP.
  HTH

• UCS FI 6248 to Nexus 5548 San port-channel - not working

  Hi all,
  I'm sure I am missing something fairly obvious and stupid but I need several sets of eyes and help.
  Here is the scenario:
  I want to be able to create san port-channels between the FI and Nexus.  I don't need to trunk yet as I can't even get the channel to come up.
  UCS FI 6248:
  Interfaces fc1/31-32
  Nexus 5548
  interfaces fc2/15-16
  FI is in end-host mode and Nexus is running NPIV mode with fport-channel-trunk feature enabled.
  I'm going to output the relevants configurations below.
  Nexus 5548:
  NX5KA(config)# show feature | include enabled
  fcoe                  1         enabled
  fex                   1         enabled
  fport-channel-trunk   1         enabled
  hsrp_engine           1         enabled
  interface-vlan        1         enabled
  lacp                  1         enabled
  lldp                  1         enabled
  npiv                  1         enabled
  sshServer             1         enabled
  vpc                   1         enabled
  interface san-port-channel 133
    channel mode active
    no switchport trunk allowed  vsan all
    switchport trunk mode off
  interface fc2/15
    switchport trunk mode off
    channel-group 133 force
  no shutdown
  interface fc2/16
    switchport trunk mode off
    channel-group 133 force
  no shutdown
  NX5KA# show vsan membership
  vsan 1 interfaces:
      fc2/13            fc2/14          
  vsan 133 interfaces:
      fc2/15            fc2/16            san-port-channel 133
  vsan 4079(evfp_isolated_vsan) interfaces:
  vsan 4094(isolated_vsan) interfaces:
  NX5KA# show san-port-channel summary
  U-Up D-Down B-Hot-standby S-Suspended I-Individual link
  summary header
  Group  Port-      Type    Protocol               Member Ports
         Channel
  133    San-po133  FC      PCP      (D)  FC       fc2/15(D)    fc2/16(D)   
  UCS Fabric Interconnect outputs:
  UCS-FI-A-A(nxos)# show san-port-channel summary
  U-Up D-Down B-Hot-standby S-Suspended I-Individual link
  summary header
  Group  Port-      Type    Protocol               Member Ports
         Channel
  133    San-po133  FC      PCP      (D)  FC       fc1/31(D)    fc1/32(D)   
  UCS-FI-A-A(nxos)#
  UCS-FI-A-A(nxos)# show run int fc1/31-32
  !Command: show running-config interface fc1/31-32
  !Time: Fri Dec 20 22:58:51 2013
  version 5.2(3)N2(2.21b)
  interface fc1/31
    switchport mode NP
    channel-group 133 force
    no shutdown
  interface fc1/32
    switchport mode NP
    channel-group 133 force
    no shutdown
  UCS-FI-A-A(nxos)#
  UCS-FI-A-A(nxos)# show run int san-port-channel 133
  !Command: show running-config interface san-port-channel 133
  !Time: Fri Dec 20 22:59:09 2013
  version 5.2(3)N2(2.21b)
  interface san-port-channel 133
    channel mode active
    switchport mode NP

  !Command: show running-config interface san-port-channel 133
  !Time: Sat May 16 04:59:07 2009
  version 5.1(3)N1(1)
  interface san-port-channel 133
    channel mode active
    switchport mode F
    switchport trunk mode off
  Changed it as you suggested...
  Followed the order of operations for "no shut"
  Nexus FC -> Nexus SAN-PC -> FI FC -> FI SAN-PC.
  Didn't work:
  NX5KA(config-if)# show san-port-channel summary
  U-Up D-Down B-Hot-standby S-Suspended I-Individual link
  summary header
  Group  Port-      Type    Protocol               Member Ports
         Channel
  133    San-po133  FC      PCP      (D)  FC       fc2/15(D)    fc2/16(D)
  NX5KA(config-if)#
  Here is the output as you requested:
  NX5KA(config-if)# show int san-port-channel 133
  san-port-channel 133 is down (No operational members)
      Hardware is Fibre Channel
      Port WWN is 24:85:00:2a:6a:5a:81:00
      Admin port mode is F, trunk mode is off
      snmp link state traps are enabled
      Port vsan is 133
      1 minute input rate 1256 bits/sec, 157 bytes/sec, 0 frames/sec
      1 minute output rate 248 bits/sec, 31 bytes/sec, 0 frames/sec
        3966 frames input, 615568 bytes
          0 discards, 0 errors
          0 CRC,  0 unknown class
          0 too long, 0 too short
        2956 frames output, 143624 bytes
          0 discards, 0 errors
        46 input OLS, 41 LRR, 73 NOS, 0 loop inits
        257 output OLS, 189 LRR, 219 NOS, 0 loop inits
      last clearing of "show interface" counters never
      Member[1] : fc2/15
      Member[2] : fc2/16
  NX5KA(config-if)#
  NX5KA(config-if)# show int brief
  Interface  Vsan   Admin  Admin   Status          SFP    Oper  Oper   Port
                    Mode   Trunk                          Mode  Speed  Channel
                           Mode                                 (Gbps)
  fc2/13     1      auto   on      sfpAbsent        --     --           --
  fc2/14     1      auto   on      sfpAbsent        --     --           --
  fc2/15     133    F      off     init             swl    --           133
  fc2/16     133    F      off     init             swl    --           133

• Teaming or Port-channel support on NCS appliance

  Hi, we have purchased one NCS PRIME-NCS-APL-K9 appliance. We are looking at connecting this box to two more swicthes configured in HSRP for the VLAN on which this box will be place. Can i configure active/stand-by teaming of both the ethernet ports available on this box.
  If its possible, can you share with the relevant link on the Cisco website for the same.
  Thanks in advance!

  Have you gotten an answer to this question from any other source?  Trying to find the same answer for a client.
  Scott

• Ask the Expert: Basic Introduction and Troubleshooting on Cisco Nexus 7000 NX-OS Virtual Device Context

  With Vignesh R. P.
  Welcome to the Cisco Support Community Ask the Expert conversation.This is an opportunity to learn and ask questions of Cisco expert Vignesh R. P. about the Cisco® Nexus 7000 Series Switches and support for the Cisco NX-OS Software platform .
  The Cisco® Nexus 7000 Series Switches introduce support for the Cisco NX-OS Software platform, a new class of operating system designed for data centers. Based on the Cisco MDS 9000 SAN-OS platform, Cisco NX-OS introduces support for virtual device contexts (VDCs), which allows the switches to be virtualized at the device level. Each configured VDC presents itself as a unique device to connected users within the framework of that physical switch. The VDC runs as a separate logical entity within the switch, maintaining its own unique set of running software processes, having its own configuration, and being managed by a separate administrator.
  Vignesh R. P. is a customer support engineer in the Cisco High Touch Technical Support center in Bangalore, India, supporting Cisco's major service provider customers in routing and MPLS technologies. His areas of expertise include routing, switching, and MPLS. Previously at Cisco he worked as a network consulting engineer for enterprise customers. He has been in the networking industry for 8 years and holds CCIE certification in the Routing & Switching and Service Provider tracks.
  Remember to use the rating system to let Vignesh know if you have received an adequate response. 
  Vignesh might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the  Data Center sub-community discussion forum shortly after the event. This event lasts through through January 18, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

  Hi Vignesh
  Is there is any limitation to connect a N2K directly to the N7K?
  if i have a an F2 card 10G and another F2 card 1G and i want to creat 3 VDC'S
  VDC1=DC-Core
  VDC2=Aggregation
  VDC3=Campus core
  do we need to add a link between the different VDC's
  thanks

• Nexus 1000v - port-channel "refresh"

  Hi All,
  My question is, does anyone have any information on this 1000v command:
  Nexus-1000v(config)# port-channel internal device-id table refresh
  I am looking for a way for the port-channel interface to be automatically removed from the 1000v once the VEM has been deleted, currently the port-channel interface does not disappear when the VEM has been removed. This seems to be causing problems once the same VEM is re-added later on. Ports are getting sent into quarantine states and ending up in invalid states (eg. NoPortProfile state when there is actually a port-profile attached).
  Anyway, if anyone can explain the above command or tell me how to find out more, it would be great, I can't find it documented anywhere and the context-sensitive help in the NXOS is vague at best.

  Brendan,
  I don't have much information on that command, but I do know it wont remove any unused port channels.  They have to be manually deleted if they're no longer needed.
  The port Channel ID will remain even after a VEM is removed in case the assigned VEM comes back.  When a VEM is decommisioned permanently, I'll do a "no vem x" to also remove the Host entry for that VEM from the VSM.  This way the module slot # can be re-assigned to the next new VEM inserted.  After adding/removing VEMs just do a "show port-channel summary" to see any unused Port Channel IDs, and delete them.  It's a quick & painless task.
  I would hope this wouldn't be a common issue - how often are you deleting/removing VEMs?
  Regards,
  Robert

• Port Channel in Nexus

  Hi All,
  I have a scenario where I have two nexus 5596 as upstream and have vPC  in between. downstream is the server hooking to the upstrean both nexus  devices.
  On Both the Nexus switch the port channel is down and the VPC is also  down. The physical interfaces are up and passing traffic to the server.
  My understanding is if the server NIC's are teamed, even the switches should also have the portchannle to work properly.
  But since portchannel and vpc both are down in both the switches
  1. how the switch is passing traffic.
  2. I checked the configs for portchannel formation on phy ports which looks good to me still po is down. Why?
  3. I understand as port channel is down so vPC is down ( correct me if I am wrong).
  I have attached the diagram & below are the logs for ur reference:
  The output on Nexus5596 2 device is same as on Nexus5596 1
  Nexus5596 1#Sh vpc
  Legend:
                  (*) - local vPC is down, forwarding via vPC peer-link
  vPC domain id                   : 106
  Peer status                     : peer adjacency formed ok
  vPC keep-alive status           : peer is alive
  Configuration consistency status: success
  Per-vlan consistency status     : success
  Type-2 consistency status       : success
  vPC role                        : primary
  Number of vPCs configured       : 29
  Peer Gateway                    : Disabled
  Dual-active excluded VLANs      : -
  Graceful Consistency Check      : Enabled
  vPC Peer-link status
  id   Port   Status Active vlans
  1    Po4    up     1-2,713-718,999
  vPC status
  id     Port        Status Consistency Reason                     Active vlans
  9      Po9         up     success     success                    2,713-718
  701    Po701       down*  success     success                    -
  702    Po702       down*  success     success                    -
  Nexus5596 1# sh port-channel su
  Group Port-       Type     Protocol  Member Ports
        Channel
  4     Po4(SU)     Eth      LACP      Eth1/27(P)   Eth1/28(P)
  9     Po9(SU)     Eth      LACP      Eth1/29(P)   Eth1/30(P)   Eth1/31(P)
                                                      Eth1/32(P)
  701   Po701(SD)   Eth      LACP      Eth1/1(I)
  702   Po702(SD)   Eth      LACP      Eth1/2(I)
  Nexus5596 1#sh run int e1/1
  interface Ethernet1/1
    description snrkdc1285_1/0
    switchport mode trunk
    switchport trunk native vlan 713
    switchport trunk allowed vlan 713-718
    spanning-tree port type edge trunk
    no snmp trap link-status
    channel-group 701 mode active
  Nexus5596 1# sh int e1/1 status
  Port          Name               Status    Vlan      Duplex  Speed   Type
  Eth1/1        snrkdc1285_1/0     connected trunk     full    10G     10Gbase-SR
  Thanks,
  Sagar

  Reza - My bad I mistakenly mentioned e1/10 in diagram but it is e1/1 for po701
  Since these are L2 switches SH IP INT BR shows only mgmt Ip
  Please find the requested outputs as below.
  nexus5596 1#sh run int po701
  interface port-channel701
    description snrkdc1285
    switchport mode trunk
    switchport trunk native vlan 713
    switchport trunk allowed vlan 713-718
    spanning-tree port type edge trunk
    speed 10000
    no snmp trap link-status
    vpc 701
  nexus5596 2# sh run int po701
  interface port-channel701
    description snrkdc1285
    switchport mode trunk
    switchport trunk native vlan 713
    switchport trunk allowed vlan 713-718
    spanning-tree port type edge trunk
    speed 10000
    no snmp trap link-status
    vpc 701
  nexus5596 1#sh int br
  Ethernet      VLAN    Type Mode   Status  Reason                   Speed     Port
  Interface                                                                    Ch #
  Eth1/1        713     eth  trunk  up      none                        10G(D) --
  Eth1/2        713     eth  trunk  up      none                        10G(D) --
  Port-channel VLAN    Type Mode   Status  Reason                    Speed   Protocol
  Interface
  Po4          1       eth  trunk  up      none                       a-10G(D)  lacp
  Po9          2       eth  trunk  up      none                       a-10G(D)  lacp
  Po701        713     eth  trunk  down    No operational members       10G(D)  lacp
  Po702        713     eth  trunk  down    No operational members       10G(D)  lacp
  nexus5596 2#sh int br
  Ethernet      VLAN    Type Mode   Status  Reason                   Speed     Port
  Interface                                                                    Ch #
  Eth1/1        713     eth  trunk  up      none                        10G(D) --
  Eth1/2        713     eth  trunk  up      none                        10G(D) --
  Port-channel VLAN    Type Mode   Status  Reason                    Speed   Protocol
  Interface
  Po4          1       eth  trunk  up      none                       a-10G(D)  lacp
  Po9          2       eth  trunk  up      none                       a-10G(D)  lacp
  Po701        713     eth  trunk  down    No operational members       10G(D)  lacp
  Po702        713     eth  trunk  down    No operational members       10G(D)  lacp

• Ask the Expert: Different Flavors and Design with vPC on Cisco Nexus 5000 Series Switches

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco® NX-OS.
  The biggest limitation to a classic port channel communication is that the port channel operates only between two devices. To overcome this limitation, Cisco NX-OS has a technology called virtual port channel (vPC). A pair of switches acting as a vPC peer endpoint looks like a single logical entity to port channel attached devices. The two devices that act as the logical port channel endpoint are actually two separate devices. This setup has the benefits of hardware redundancy combined with the benefits offered by a port channel, for example, loop management.
  vPC technology is the main factor for success of Cisco Nexus® data center switches such as the Cisco Nexus 5000 Series, Nexus 7000 Series, and Nexus 2000 Series Switches.
  This event is focused on discussing all possible types of vPC along-with best practices, failure scenarios, Cisco Technical Assistance Center (TAC) recommendations and troubleshooting
  Vishal Mehta is a customer support engineer for the Cisco Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in TAC for the past 3 years with a primary focus on data center technologies, such as the Cisco Nexus 5000 Series Switches, Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus 1000V Switch, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching, and service provider.
  Nimit Pathak is a customer support engineer for the Cisco Data Center Server Virtualization TAC team based in San Jose, California, with primary focus on data center technologies, such as Cisco UCS, the Cisco Nexus 1000v Switch, and virtualization. Nimit holds a master's degree in electrical engineering from Bridgeport University, has CCNA® and CCNP® Nimit is also working on a Cisco data center CCIE® certification While also pursuing an MBA degree from Santa Clara University.
  Remember to use the rating system to let Vishal and Nimit know if you have received an adequate response. 
  Because of the volume expected during this event, Vishal and Nimit might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure Community, under the subcommunity LAN, Switching & Routing, shortly after the event. This event lasts through August 29, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Gustavo
  Please see my responses to your questions:
  Yes almost all routing protocols use Multicast to establish adjacencies. We are dealing with two different type of traffic –Control Plane and Data Plane.
  Control Plane: To establish Routing adjacency, the first packet (hello) is punted to CPU. So in the case of triangle routed VPC topology as specified on the Operations Guide Link, multicast for routing adjacencies will work. The hellos packets will be exchanged across all 3 routers and adjacency will be formed over VPC links
  http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_L3_w_vpc_5500platform.html#wp999181
  Now for Data Plane we have two types of traffic – Unicast and Multicast.
  The Unicast traffic will not have any forwarding issues, but because the Layer 3 ECMP and port channel run independent hash calculations there is a possibility that when the Layer 3 ECMP chooses N5k-1 as the Layer 3 next hop for a destination address while the port channel hashing chooses the physical link toward N5k-2. In this scenario,N5k-2 receives packets from R with the N5k-1 MAC as the destination MAC.
  Sending traffic over the peer-link to the correct gateway is acceptable for data forwarding, but it is suboptimal because it makes traffic cross the peer link when the traffic could be routed directly.
  For that topology, Multicast Traffic might have complete traffic loss due to the fact that when a PIM router is connected to Cisco Nexus 5500 Platform switches in a vPC topology, the PIM join messages are received only by one switch. The multicast data might be received by the other switch.
  The Loop avoidance works little different across Nexus 5000 and Nexus 7000.
  Similarity: For both products, loop avoidance is possible due to VSL bit
  The VSL bit is set in the DBUS header internal to the Nexus.
  It is not something that is set in the ethernet packet that can be identified. The VSL bit is set on the port asic for the port used for the vPC peer link, so if you have Nexus A and Nexus B configured for vPC and a packet leaves Nexus A towards Nexus B, Nexus B will set the VSL bit on the ingress port ASIC. This is not something that would traverse the peer link.
  This mechanism is used for loop prevention within the chassis.
  The idea being that if the port came in the peer link from the vPC peer, the system makes the assumption that the vPC peer would have forwarded this packet out the vPC-enabled port-channels towards the end device, so the egress vpc interface's port-asic will filter the packet on egress.
  Differences:  In Nexus 5000 when it has to do L3-to-L2 lookup for forwarding traffic, the VSL bit is cleared and so the traffic is not dropped as compared to Nexus 7000 and Nexus 3000.
  It still does loop prevention but the L3-to-L2 lookup is different in Nexus 5000 and Nexus 7000.
  For more details please see below presentation:
  https://supportforums.cisco.com/sites/default/files/session_14-_nexus.pdf
  DCI Scenario:  If 2 pairs are of Nexus 5000 then separation of L3/L2 links is not needed.
  But in most scenarios I have seen pair of Nexus 5000 with pair of Nexus 7000 over DCI or 2 pairs of Nexus 7000 over DCI. If Nexus 7000 are used then L3 and L2 links are required for sure as mentioned on above presentation link.
  Let us know if you have further questions.
  Thanks,
  Vishal

• Nexus 9500 : DAI is not supported

  Hello
  I have DCI network  which has double-side vPC configured 
  so I want filtering for HSRP localization between DCI  such as followed configuration
  ip access-list HSRP_IP_filter
   10 deny udp any 224.0.0.2/32 eq 1985
   20 deny udp any 224.0.0.102/32 eq 1985
   30 permit ip any any
  mac access-list HSRP_MAC_filter
    10 deny 0000.0c07.ac00 0000.0000.00ff any
    20 deny 0000.0c9f.f000 0000.0000.0fff any
    30 permit any any
  interface Po4
   ip port access-group HSRP_IP_filter in
   mac port access-group HSRP_MAC_filter
  but  DAI is supported in this NX-OS 6.1(2)I3(1)
  Do I need to apply DAI ? or if DAI needs, Do you have alternative way instead of DAI?

  Seems to be an error on the Nexus 3k product page.  We had a customer who purchased these for VPC support.
  http://www.cisco.com/en/US/products/ps11541/index.html
  Nexus 3500 Features
  Ultra-Low Latency
  Line-rate layer 2 and 3 switching at ultra-low latencies
  Ideal for high-performance trading workloads
  Mission-Critical Features
  Network Address Translation (NAT)
  Virtual Port Channel
  IEEE-1588 PTP

• Port channels across slots on a 6500

  Hi experts,
  we have 2 x 6509-E chassis NOT doing VSS, having a 10g module ( WS-X6708-10GE ) in each chassis. We plan to get another 10g module (same as existing) for each chassis. I was planning to move some ports from the existing module to the new module. 
  Question - Is a port channel supported across 2 modules on the same switch? 
  thnx

  Hey,
  Cross module etherchannel is supported as long as physical characteristics of ports match. Do check the QoS properties as well.
  Also check the restrictions section as well:
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/channel.html#wp1020420
  HTH.
  Regards,
  RS

• FEX-2232 FCoE Port channel limitation

  Hi all,
  i havea single FEX 2232 single homed to nexus 5020 via port-channel. at the FEX 2232, i connected a server which have 2 X CNA and running two vlans: vlan 200 for ethernet and vlan 300 for FCoE.
  i connected the server to the single fex via port-channel and allowed vlan 200 & 300. at the N5K i bounded single vfc interface to this port-channel.
  when i am issuing the show flogi database i see only single PWWN.
  as i understand, a single vfc interface can only see single PWWN, is this correct ?
  if it does, how can i have my setup running in a way that ethernet traffic  will used port-channel and for fcoe traffic i will see two PWWN ?
  please advise,
  Avi.

  It is not necessary to create another FCoE Vlan if the logins are coming on the same n5k. If there is a requirement for multiple fcoe logins on the same n5k, then it will need to be single link port channels instead of multiple links in the port channel. That way we acquire the ability to bind each physical port via port-channel into a separate vfc. In your case ideally you can have two n5ks with two n2232s single homed to each n5k and the server dual homed with 1 port each connected to two separate 2232s in active-active teaming. That way you can bind the physical interfaces into single virtual port channel on the respective n5ks. at that point, you can separate the san traffic into different vsan/vlan and make sure you dont trunk the fcoe vlan over the vpc peer link.
  Hope this helps, Vinayak.

• Port channel issue in ASA

  We have two Cisco ASA 55XX Firewalls and both are in HA (Active/Standy). Two ports from each Firewall is connecting two ports of Nexus 5K Switch and running port channel between Firewall & Nexus Switch and port-channel is UP. And Switches having back to back connection with allowed all VLAN trunk port.
  FW01 ----------------- SW01 (Two ports with Port channel)
  FW02 ----------------- SW02 (Two ports with Port channel)
  I have VLAN 10 with IP Subnet 10.10.10.0/28
  SW01 : 10.10.10.2
  SW02 : 10.10.10.3
  HSRP IP : 10.10.10.1
  FWs :  10.10.10.4 & 10.10.10.5
  Firewall Default Gateway : 10.10.10.1
  Problem : I am not able Ping Firewall IPs from Nexus Switches. When I checked ARP table in Nexus Switch; I have observed that Firealls two IPs having same MAC address; when I checked that MAC address in the Firewall; that MAC address is Port channel interface MAC address.
  This is issue (two IPs learing same MAC address) from ASA.
  How to fix this issue ?
  Thanks
  Venkat

  Hi,
  What version of IOS are you running on the ASAs?
  see table-12-3 in this link:
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/interface_start.html
  Also, since the 4500x are in VSS mode, you need to bundle one link from each switch and use LACP.
  HTH