Ciscoworks 2.6 and Nexus 7000 issues
Running LMS 2.6 with RME version 4.0.6, and DFM 2.0.13.
We keep getting false alerts in DFM on the temperature in our Nexus 7000 switches. The alert says that the high temp threshold is 45C, and it's being exceeded at 46C. The thing that bothers me is that the actual switch reads that the threshold is around 100C or more. Any ideas as to why DFM would be picking up a temperature so far off the mark?
Also, in regards to RME, I cannot pull configs from the Nexus 7000's. The check box in "archive config" is blanked out to where I can't check it. I download the device packages for the 7000 into RME but it will not pull configs. Is this not supported under our version of RME, or would there be some other reason that I can't do this?
Thanks for any assistance with these issues!
UPDATE:
I fixed the RMA config pull issue. I thought I had previously downloaded the Nexus device packages so that RMA could work with them, but upon checking again, it looks like I just didn't have them installed. Got that piece fixed and now I can pull configs from the switches just fine.
Still having problems with the temperature reading in DFM not accurately reflecting what is actually on the switches. Any suggestions as to where to start hunting down the issue for this are greatly appreciated. Thanks!
Similar Messages
-
Nexus 7000, 2000, FCOE and Fabric Path
Hello,
I have a couple of design questions that I am hoping some of you can help me with.
I am working on a Dual DC Upgrade. It is pretty standard design, customer requires a L2 extension between the DC for Vmotion etc. Customer would like to leverage certain features of the Nexus product suite, including:
Trust Sec
VDC
VPC
High Bandwidth Scalability
Unified I/O
As always cost is a major issue and consolidation is encouraged where possible. I have worked on a couple of Nexus designs in the past and have levergaed the 7000, 5000, 2000 and 1000 in the DC.
The feedback that I am getting back from Customer seems to be mirrored in Cisco's technology roadmap. This relates specifically to the features supported in the Nexus 7000 and Nexus 5000.
Many large enterprise Customers ask the question of why they need to have the 7000 and 5000 in their topologies as many of the features they need are supported in both platforms and their environments will never scale to meet such a modular, tiered design.
I have a few specific questions that I am hoping can be answered:
The Nexus 7000 only supports the 2000 on the M series I/O Modules; can FCOE be implemented on a 2000 connected to a 7000 using the M series I/O Module?
Is the F Series I/O Module the only I/O Module that supports FCOE?
Are there any plans to introduce the native FC support on the Nexus 7000?
Are there any plans to introduce full fabric support (230 Gbps) to the M series I/O module?
Are there any plans to introduce Fabric path to the M series I/O module?
Are there any plans to introduce L3 support to the F series I/O Module?
Is the entire 2000 series allocated to a single VDC or can individual 2000 series ports be allocated to a VDC?
Is Trust Sec only support on multi hop DCI links when using the ASR on EoMPLS pwire?
Are there any plans to inroduce Trust Sec and VDC to the Nexus 5500?
Thanks,
ColmHello Allan
The only IO card which cannot co-exist with other cards in the same VDC is F2 due to specific hardware realisation.
All other cards can be mixed.
Regarding the Fabric versions - Fabric-2 gives much bigger throughoutput in comparing with Fabric-1
So in order to get full speed from F2/M2 modules you will need Fab-2 modules.
Fab2 modules won't give any advantages to M1/F1 modules.
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/data_sheet_c78-685394.html
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/prodcut_bulletin_c25-688075.html
HTH,
Alex -
FCoE and multiple Nexus 5000s and a 7000 core
Hi
I have a customer who is looking at four Nexus 5020s to start with and more in the future uplinked to a Nexus 7000 core.
Am I right in thinking that whilst data traffic will be able to reach hosts ocnnected to a different Nexus 5002 via the 7000 core FCoE traffic will not ?
If so what is teh recommended way of rolling out pods of 5020s for VMware servers with converged network adaptors so that they can all access the SAN ?
Regards
PatDon't use corecenter for fan speed control. Instead, use the BIOS:
1) Open Corecenter from the administrator account or a user account that has admin privileges. Click on the top center logo which should open the fan speed control window. There should be two items, CoolnQuiet and User/Manual or something like. Put it in manual and move the slider all the way to the right. Ignore the CoolnQuiet, it's misnamed here - MSI's corecenter does not control CoolnQuiet. What MSI is calling CoolnQuiet is just fan speed control. Anyway, put it in manual. Close Corecenter and you should never have to open it again unless you want to monitor fan RPM's.
2) Next, reboot and enter the BIOS. Go to the H/W Monitor settings. Turn on Smart CPU Fan Speed. Set to 40 C +/- 1. This will allow the motherboard to control the fan speed. On the other hand, if you want your fan always at maximum, then disable Smart Fan Speen control. Don't worry about the Smart NB Fan speed, leave it disabled.
Also, keep in mind that when you first open Corecenter, the immediate fan RPM's reported are not correct. It takes it a few seconds to get the readings. So wait until Corecenter minimizes itself to the system tray, then open it from there, and you will see the correct fan RPM's. -
With Vignesh R. P.
Welcome to the Cisco Support Community Ask the Expert conversation.This is an opportunity to learn and ask questions of Cisco expert Vignesh R. P. about the Cisco® Nexus 7000 Series Switches and support for the Cisco NX-OS Software platform .
The Cisco® Nexus 7000 Series Switches introduce support for the Cisco NX-OS Software platform, a new class of operating system designed for data centers. Based on the Cisco MDS 9000 SAN-OS platform, Cisco NX-OS introduces support for virtual device contexts (VDCs), which allows the switches to be virtualized at the device level. Each configured VDC presents itself as a unique device to connected users within the framework of that physical switch. The VDC runs as a separate logical entity within the switch, maintaining its own unique set of running software processes, having its own configuration, and being managed by a separate administrator.
Vignesh R. P. is a customer support engineer in the Cisco High Touch Technical Support center in Bangalore, India, supporting Cisco's major service provider customers in routing and MPLS technologies. His areas of expertise include routing, switching, and MPLS. Previously at Cisco he worked as a network consulting engineer for enterprise customers. He has been in the networking industry for 8 years and holds CCIE certification in the Routing & Switching and Service Provider tracks.
Remember to use the rating system to let Vignesh know if you have received an adequate response.
Vignesh might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community discussion forum shortly after the event. This event lasts through through January 18, 2013. Visit this forum often to view responses to your questions and the questions of other community members.Hi Vignesh
Is there is any limitation to connect a N2K directly to the N7K?
if i have a an F2 card 10G and another F2 card 1G and i want to creat 3 VDC'S
VDC1=DC-Core
VDC2=Aggregation
VDC3=Campus core
do we need to add a link between the different VDC's
thanks -
ESXi 4.1 NIC Teaming's Load-Balancing Algorithm,Nexus 7000 and UCS
Hi, Cisco Gurus:
Please help me in answering the following questions (UCSM 1.4(xx), 2 UCS 6140XP, 2 Nexus 7000, M81KR in B200-M2, No Nexus 1000V, using VMware Distributed Switch:
Q1. For me to configure vPC on a pair of Nexus 7000, do I have to connect Ethernet Uplink from each Cisco Fabric Interconnect to the 2 Nexus 7000 in a bow-tie fashion? If I connect, say 2 10G ports from Fabric Interconnect 1 to 1 Nexus 7000 and similar connection from FInterconnect 2 to the other Nexus 7000, in this case can I still configure vPC or is it a validated design? If it is, what is the pro and con versus having 2 connections from each FInterconnect to 2 separate Nexus 7000?
Q2. If vPC is to be configured in Nexus 7000, is it COMPULSORY to configure Port Channel for the 2 Fabric Interconnects using UCSM? I believe it is not. But what is the pro and con of HAVING NO Port Channel within UCS versus HAVING Port Channel when vPC is concerned?
Q3. if vPC is to be configured in Nexus 7000, I understand there is a limitation on confining to ONLY 1 vSphere NIC Teaming's Load-Balancing Algorithm i.e. Route Based on IP Hash. Is it correct?
Again, what is the pro and con here with regard to application behaviours when Layer 2 or 3 is concerned? Or what is the BEST PRACTICES?
I would really appreciate if someone can help me clear these lingering doubts of mine.
God Bless.
SiMSim,
Here are my thoughts without a 1000v in place,
Q1. For me to configure vPC on a pair of Nexus 7000, do I have to connect Ethernet Uplink from each Cisco Fabric Interconnect to the 2 Nexus 7000 in a bow-tie fashion? If I connect, say 2 10G ports from Fabric Interconnect 1 to 1 Nexus 7000 and similar connection from FInterconnect 2 to the other Nexus 7000, in this case can I still configure vPC or is it a validated design? If it is, what is the pro and con versus having 2 connections from each FInterconnect to 2 separate Nexus 7000? //Yes, for vPC to UCS the best practice is to bowtie uplink to (2) 7K or 5Ks.
Q2. If vPC is to be configured in Nexus 7000, is it COMPULSORY to configure Port Channel for the 2 Fabric Interconnects using UCSM? I believe it is not. But what is the pro and con of HAVING NO Port Channel within UCS versus HAVING Port Channel when vPC is concerned? //The port channel will be configured on both the UCSM and the 7K. The pro of a port channel would be both bandwidth and redundancy. vPC would be prefered.
Q3. if vPC is to be configured in Nexus 7000, I understand there is a limitation on confining to ONLY 1 vSphere NIC Teaming's Load-Balancing Algorithm i.e. Route Based on IP Hash. Is it correct? //Without the 1000v, I always tend to leave to dvSwitch load balence behavior at the default of "route by portID".
Again, what is the pro and con here with regard to application behaviours when Layer 2 or 3 is concerned? Or what is the BEST PRACTICES? UCS can perform L2 but Northbound should be performing L3.
Cheers,
David Jarzynka -
We have two Nexus 7000, and I need use them with OTV between two data Centers separated 25 miles, but I don´t know what are the optimal values about bandwidth and delay (ms) for extended VLANs IDs (production and DAG replication) for Microsoft Exchange environment. Can somebody tell me please which are the values required for operate OTV in optimal conditions in this case? We have about 35 000 users that will use that platform of email. Thanks a lot for your comments. Regards.
We have two Nexus 7000, and I need use them with OTV between two data Centers separated 25 miles, but I don´t know what are the optimal values about bandwidth and delay (ms) for extended VLANs IDs (production and DAG replication) for Microsoft Exchange environment. Can somebody tell me please which are the values required for operate OTV in optimal conditions in this case? We have about 35 000 users that will use that platform of email. Thanks a lot for your comments. Regards.
-
Nexus 7000 with VPC and HSRP Configuration
Hi Guys,
I would like to know how to implement HSRP with the following setup:
There are 2 Nexus 7000 connected with VPC Peer link. Each of the Nexus 7000 has a FEX attached to it.
The server has two connections going to the FEX on each Nexus 7k (VPC). FEX's are not dual homed as far as I now they are not supported currently.
R(A) R(S)
| |
7K Peer Link 7K
| |
FEX FEX
Server connected to both FEX
The question is we have two routers connected to each of the Nexus 7k in HSRP (active and one is standby). How can I configure HSRP on the nexus switches and how the traffic will routed from the Standby Nexus switch to Active Nexus switch (I know HSRP works differently here as both of them can forward packets). Will the traffic go to the secondary switch and then via the peer link to the active switch and then to the active router ? (From what I read the packet from end hosts which will go via the peer link will get dropped)
Has anyone implemented this before ?
ThanksHi Kuldeep,
If you intend to put those routers on a non-vpc vlan, you may create a new inter-switch trunk between the N7K and allow that non-vpc vlan . However if those will be on a VPC vlan, best to create two links to the N7K pair and create a VPC, otherwise configure those ports as orphan ports which will leverage the VPC peer link .
HTH
Jay Ocampo -
Hi All
I am having issue while connect the cisco 2960G and nexus 5000, i have attached the network setup. so kinldy check and update how i can proceed further.
Regards
Sudharsan.R
91+8220088865Hi Sudharsan,
Nice working with you again
So, your issue is that the 2960 switches are seeing the Nexus device as one. What you have to do is to create a port-channel between the 2960 and nexus devices. That should solve your problem. -
Nexus 7000 and 2000. Is FEX supported with vPC?
I know this was not supported a few months ago, curious if anything has changed?
Hi Jenny,
I think the answer will depend on what you mean by is FEX supported with vPC?
When connecting a FEX to the Nexus 7000 you're able to run vPC from the Host Interfaces of a pair of FEX to an end system running IEEE 802.1AX (802.3ad) Link Aggregation. This is shown is illustration 7 of the diagram shown on the post Nexus 7000 Fex Supported/Not Supported Topologies.
What you're not able to do is run vPC on the FEX Network Interface that connect up to the Nexus 7000 i.e., dual-homing the FEX to two Nexus 7000. This is shown in illustrations 8 and 9 of under the FEX topologies not supported on the same page.
There's some discussion on this in the forum post DualHoming 2248TP-E to N7K that explains why it's not supported, but essentially it offers no additional resilience.
From that post:
The view is that when connecting FEX to the Nexus 7000, dual-homing does not add any level of resilience to the design. A server with dual NIC can attach to two FEX so there is no need to connect the FEX to two parent switches. A server with only a single NIC can only attach to a single FEX, but given that FEX is supported by a fully redundant Nexus 7000 i.e., SE, fabrics, power, I/O modules etc., the availability is limited by the single FEX and so dual-homing does not increase availability.
Regards -
Hello,
We recently had a power supply failure in one of our Nexus 7000s, and I noticed that the syslog for the Platform is only present in the default VDC, and not in any of the other VDCs syslogs. Is this by design, or is there a logging level I can turn up in another VDC to capture this log? Thanks for any input
syslog from default VDC -
2013 Mar 18 23:10:34 %PLATFORM-2-PS_CAPACITY_CHANGE: Power supply PS3 changed i
ts capacity. possibly due to power cable removal/insertion (Serial number xxxxxxxx)
nothing in the VDC where I would like to get the logging
default VDC logging level -
xxx7K02# show log level platform
Facility Default Severity Current Session Severity
platform 5 5
0(emergencies) 1(alerts) 2(critical)
3(errors) 4(warnings) 5(notifications)
6(information) 7(debugging)
xxx7K02#
loggging from the specific VDC where we have management tools.
xxx-LOW# show log level platform
Facility Default Severity Current Session Severity
platform 5 5
0(emergencies) 1(alerts) 2(critical)
3(errors) 4(warnings) 5(notifications)
6(information) 7(debugging)
xxx-LOW#Hello Carl,
What version of code are you running on your Nexus 7k?
The expected behavior is:
"When a hardware issue occurs, syslog messages are sent to all VDCs."
http://www.cisco.com/en/US/docs/switches/datacenter/sw/nx-os/virtual_device_context/configuration/guide/vdc_mgmt.html#wp1170241
Dave -
Privilege Level for Tacacs Account in Nexus 7000
Hi,
I have configured the Tacacs (ACS 4.2v) on Nexus 7000 (as mentioned below) and works fine but unlike IOS (6509) It's doesn't prompt that you are in userexec mode (>) and then need to type enable and password for full privilege.
In n7k when I entered into "configure terminal" It won't allow me to access other commands.
How to login into level 15 privilege mode after authenticating from tacacs
(config)# show running-config tacacs+
tacacs-server key 7 "xxxxx"
tacacs-server host x.x.x.x key 7 "xxxx"
aaa group server tacacs+ TacServer
server x.x.x.x (same ip as tacacs-server host)
use-vrf management
source-interface Vlan2
(config)# show running-config aaa
aaa authentication login default group TacServer
aaa authentication login console local
aaa user default-role
Here below are the commands accessible in "Terminal" currently
(config)# ?
no Negate a command or set its defaults
username Configure user information.
end Go to exec mode
exit Exit from command interpreter
isb.n7k-dcn-agg-1-sw(config)#Hi Jan.nielsen
Issue is resolved but by another way.
I have found the same resolution too of custom attirbute command but the Custom attribute Option for shell command wasn't available in ACS v4.2, so after enabling shell for users and by clicking exec--> Shell Exec and enabling priviledge level 15 in the same box of Shell options, It start working without any command -
Smart call home - HTTPS transport from the Nexus 7000 to Cisco
hi
i try configured call home on nexus 7000 with https transport and proxy server
i follow this guide -
http://www.cisco.com/en/US/docs/switches/lan/smart_call_home/QuickStart_NX7000.pdf
and configured this :
callhome
email-contact XXXXXXXXXXX
phone-contact XXXXXXXXXXX
streetaddress XXXXXXXXXXXXXXXX
destination-profile CiscoTAC-1 transport-method http
destination-profile CiscoTAC-1 http https://tools.cisco.com/its/service/oddce/services/DDCEService
transport http use-vrf management
transport http proxy server XXXXXXXXXX port 8080 --------- XXXXXXXXX = my proxy server
transport http proxy enable
enable
periodic-inventory notification interval 30
i have a problem to install the security certificate , i follow thw guide but i get the error :
failed to load or parse certificate
could not perform CA authentication
when i try test call home eith the command : callhome test
trying to send test callhome message
warning:no callhome message sent
email configuration incomplete for destination profile:full_txt
email configuration incomplete for destination profile:short_txt
Error in transporting http message for CiscoTAC-1
http: Received HTTP code 407 from proxy after CONNECT
i guess the problem is because i didnt install the certificate , how can i install the certificate ?
is this the real problem ?I agree with Bryan that the easiest proxy server to setup for the nexus 7000 is the Transport Gateway. The documentation (certificates) is setup to allow you to connect to a Cisco Transport Gateway or directly into tools.cisco.com. Both have a Cisco certificate.
But that doesn't explain your issue. To answer your issue, you need to look here
http://www.cisco.com/en/US/docs/switches/lan/smart_call_home/SCH31_Ch6.html#wp1039385
except you need your proxy server's chained certificate in PEM format since the Nexus 7000 is going to terminate at your proxy server. Take a look at this line in the documentation.
Input (cut & paste) the CA certificate (chain) in PEM format
The error code 407 you indicated makes sense and indicates "Proxy Authentication Required". You need the certificate installed first. NX-OS uses the openssl crypto library to implement the cert-pki feature if that helps. A complete certificate chain is required. Also, you might make sure the CRL (certificate revocation list) is set to none so it doesn't do that first.
revocation-check none
The 4 chained certificates given in the documentation are tools.cisco.com.cer, Verisign-G3-SSCA.cer, Verisign-G3-PRCA.cer, Verisign-Root-CA.cer. The non-nexus 7000 devices just use the last one. Most likely you need a certificate that looks like
your proxy server.cer,Verisign-G3-SSCA.cer, Verisign-G3-PRCA.cer, Verisign-Root-CA.cer
If you are using your own root CA (which typically are taken off-line after authorizing subordinate CAs for security reasons) , then make sure that their certificates are in the correct order to be processed so each can be authenticated.
Now you can see why a Cisco proxy server (Transport Gateway) is easier to setup. -
Frame generated by Nexus 7000 contains unexpected trailer when using GRE
I have observed some unexpected behaviour on a Nexus 7000 running 6.1(2) in respect of the Ethernet II frame generated when the Nexus 7000 is a GRE Tunnel endpoint.
The device receiving the Frame is discarding it and I waiting for the vendor to confirm the reason for this discard. However in case the reason is due to the Ethernet frame being "unusual" I am curious if any one else has come across this.
To generate the Frame I perform a ping (on a workstation) which the Nexus 7000 in encapsulating in a GRE tunnel. Using Wireshark on the Nexus 7000 egress interface I observed that the Frame contains the following protocols as expected; ETH:IP:GRE:IP:ICMP:data
When I issue the command "ping -l 1" on the workstation the Frame details from Wireshark are:
Frame 84 bytes on wire
Total IP payload = 53 bytes
Outer IP header (20 bytes)
GRE ( 4 bytes)
Inner IP header (20 bytes)
ICMP (header 8 bytes payload 1 byte)
Ethernet Trailer length = 17 bytes
What is curious about this Frame is that;
a) No Ethernet Trailer is needed as the IP payload exceeds 46 bytes
b) The amount of padding applied is what would be needed if the Inner IP datagram were encapsulated directly in an Ethernet II Frame. The Inner ip datagram is 29 bytes octets and hence padding needed = 46 - 29 = 17.
By doing ping sweep from length 1 to 18 the observed padding was;
1,17
2,16
3,15
17,1
18,0
So it would appear that the Nexus is adding padding to the Ethernet frame as though it were containing the pre GRE payload only.What module are you using?
Ron -
Hello,
My name is Benjamin and I have problems with my Nexus 7000. It have high cpu process, I think that is not normal., what do you think?
# sh process cpu sort
PID Runtime(ms) Invoked uSecs 1Sec Process
8259 1848785 56524183 32 27.6% in.dcos-telnetd
4717 231 96 2413 24.7% netstack
3536 402542882 64927941 6199 3.0% platform
4573 501774551 35371572 14185 1.0% xbar_driver_usd
4714 107 22 4871 1.0% arp
1 179754 5381666 33 0.0% init
2 2 300 9 0.0% kthreadd
3 3342 559942 5 0.0% migration/0
4 1936854 444724651 4 0.0% ksoftirqd/0
5 143477 2220884 64 0.0% watchdog/0
6 2042 349180 5 0.0% migration/1
7 1452663 372943404 3 0.0% ksoftirqd/1
1 111 111 11 1 1
907878660006976000800707766999960776799987777777777678687773
603310880008399000100504278989780308288903490180025795804831
100 ** *** *** ** * **** * ***
90 ** *** * *** ** * *##* * *** *
80 ** * * *** ** *#***#** *##* * ###* * * * ** * *
70 ##*************##**##*******##*******###*******************
60 ###########################################################
50 ###########################################################
40 ###########################################################
30 ###########################################################*
20 ###########################################################*
10 ############################################################
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%I solved my issue, it was a bug problem:
Some of the telnet sessions do not get cleared with recursive telnet
Bug: CSCtk56774
Workaround: to issue "clear user admin" command
Regards -
Built-in Wireshark in Nexus 7000
hello togehter,
I have problem to capture data from the built-in ethanalyzer (wireshark) on a USB flash or Bootflash when the capture size reach 10MB. I tested with NX 4.2.4 and 5.0(2a). Is anyone know this issue?
how can I extended the capture size on the flashs?
best regards
michaelhello togehter,I
have problem to capture data from the built-in ethanalyzer (wireshark)
on a USB flash or Bootflash when the capture size reach 10MB. I tested
with NX 4.2.4 and 5.0(2a). Is anyone know this issue?how can I extended the capture size on the flashs?best regardsmichael
Hi Michael,
As per the link i suppose capture file size is limited to 10 MB in nexus 7000
http://www.ciscosystems.com.ro/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/white_paper_c11-554444.html
Hope to Help !!
Ganesh.H
If helpful do rate the helpful post
Maybe you are looking for
-
Visual Studio Designer complianing about ObservableCollection in XAML?
I have a property on an object that is exposed like this: /// <summary> /// A collection of images and their keys for assembling the <see cref="ImageSelector"/> controls. /// </summary> [ContentProperty("ImageSource")] public class ImageDictionary //
-
HT204370 Rented movie stopped playing
I was watching a rented movie thru Apple TV and it stopped playing with a message that Apple TV was not connected to the internet. I check everything and it is fine. How can I restart a partially watched rented movie? All I can find is the option to
-
WIN - UNIX: color palette
Hi, How can you port as color palette definition file from win -> unix and get your custom colors displayed Form help guide takes you only to the point of creating a custom color palette and using it on windows - not actually deploying it ! I've trie
-
Display Costs on Accounting Tab in Company Code (object / Project) curerncy
Hello Forum Experts, We have this major issue whereas teh costs on the Accounting Tab are shown in Controlling Area Currency. It seems this is the standard cProjects behaviour. What changes / enhancement do we have to implement to ensure that the cos
-
Can I have a .swf file play in a lightbox-type window on link click?
Hello, I have a thumbnail on my page that I would like to link to a video. However, I do not want it to open in a new tab or window, rather, I'd just like it to appear like a lightbox display, fading out the background and playing the video within th