Creating VPC's between 2 NExus 5548's

Similar Messages

• NX-OS firmware Upgradation in Nexus 5548 with Enhanced vPC with Dual Active FEX

  Hi All,
           Please tell me how to do "NX-OS firmware Upgradation in Nexus 5548 with Enhanced vPC with Dual Active FEX" without downtime for FEX.
  The Server are connected to FEX.
  Attached the diagram.

  Hi,
  If the 5500s are layer-2 with vPC running between them than you can use ISSU to upgade.
  here is doc to follow:
  ISSU Support for vPC Topologies
  An ISSU is completely supported when two switches are paired in a vPC configuration. In a vPC configuration, one switch functions as a primary switch and the other functions as a secondary switch .They both run the complete switching control plane, but coordinate forwarding decisions to have optimal forwarding to devices at the other end of the vPC. Additionally, the two devices appear as a single device that supports EtherChannel (static and 802.3ad) and provide simultaneously data forwarding services to that device.
  While upgrading devices in a vPC topology,you should start with the switch that is the primary switch. The vPC secondary device should be upgraded after the ISSU process completes successfully on the primary device. The two vPC devices continue their control plane communication during the entire ISSU process (except when the ISSU process resets the CPU of the switch being upgraded).
  This example shows how to determine the vPC operational role of the switch:
  link:
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/upgrade/513_N1_1/n5k_upgrade_downgrade_513.html
  HTH

• Connectivity Issue between Nexus 5548 to VNX 5300

  Hi All,
  I am doing a lab setup where i want to connect Nexus 5548 UP to VNX 5300 storage directly. The physical connectivity is established between switch and storage but On Nexus the status of the port shows "linkFailure". I tried matching the port mode (like Auto, F) and speed but the port always shows "linkFailure".
  The connectivity from Nexus to VNX is FC.
  Anyone can suggest the root cause or any troubleshooting steps.
  Regards,
  Abhilash

  LinkFailure might be a GUI status.
  show interface fcx/y might say,
  Link failure or not connected
  The physical layer link is not operational.
  This means the switch is not detecting light, so the phyiscal layer is the cable and lasers (sfp's, HBAs or whatever adapter the VNX uses).  It could mean you need to turn the interfaace up from the vnx side.

• UCS FI 6248 to Nexus 5548 San port-channel - not working

  Hi all,
  I'm sure I am missing something fairly obvious and stupid but I need several sets of eyes and help.
  Here is the scenario:
  I want to be able to create san port-channels between the FI and Nexus.  I don't need to trunk yet as I can't even get the channel to come up.
  UCS FI 6248:
  Interfaces fc1/31-32
  Nexus 5548
  interfaces fc2/15-16
  FI is in end-host mode and Nexus is running NPIV mode with fport-channel-trunk feature enabled.
  I'm going to output the relevants configurations below.
  Nexus 5548:
  NX5KA(config)# show feature | include enabled
  fcoe                  1         enabled
  fex                   1         enabled
  fport-channel-trunk   1         enabled
  hsrp_engine           1         enabled
  interface-vlan        1         enabled
  lacp                  1         enabled
  lldp                  1         enabled
  npiv                  1         enabled
  sshServer             1         enabled
  vpc                   1         enabled
  interface san-port-channel 133
    channel mode active
    no switchport trunk allowed  vsan all
    switchport trunk mode off
  interface fc2/15
    switchport trunk mode off
    channel-group 133 force
  no shutdown
  interface fc2/16
    switchport trunk mode off
    channel-group 133 force
  no shutdown
  NX5KA# show vsan membership
  vsan 1 interfaces:
      fc2/13            fc2/14          
  vsan 133 interfaces:
      fc2/15            fc2/16            san-port-channel 133
  vsan 4079(evfp_isolated_vsan) interfaces:
  vsan 4094(isolated_vsan) interfaces:
  NX5KA# show san-port-channel summary
  U-Up D-Down B-Hot-standby S-Suspended I-Individual link
  summary header
  Group  Port-      Type    Protocol               Member Ports
         Channel
  133    San-po133  FC      PCP      (D)  FC       fc2/15(D)    fc2/16(D)   
  UCS Fabric Interconnect outputs:
  UCS-FI-A-A(nxos)# show san-port-channel summary
  U-Up D-Down B-Hot-standby S-Suspended I-Individual link
  summary header
  Group  Port-      Type    Protocol               Member Ports
         Channel
  133    San-po133  FC      PCP      (D)  FC       fc1/31(D)    fc1/32(D)   
  UCS-FI-A-A(nxos)#
  UCS-FI-A-A(nxos)# show run int fc1/31-32
  !Command: show running-config interface fc1/31-32
  !Time: Fri Dec 20 22:58:51 2013
  version 5.2(3)N2(2.21b)
  interface fc1/31
    switchport mode NP
    channel-group 133 force
    no shutdown
  interface fc1/32
    switchport mode NP
    channel-group 133 force
    no shutdown
  UCS-FI-A-A(nxos)#
  UCS-FI-A-A(nxos)# show run int san-port-channel 133
  !Command: show running-config interface san-port-channel 133
  !Time: Fri Dec 20 22:59:09 2013
  version 5.2(3)N2(2.21b)
  interface san-port-channel 133
    channel mode active
    switchport mode NP

  !Command: show running-config interface san-port-channel 133
  !Time: Sat May 16 04:59:07 2009
  version 5.1(3)N1(1)
  interface san-port-channel 133
    channel mode active
    switchport mode F
    switchport trunk mode off
  Changed it as you suggested...
  Followed the order of operations for "no shut"
  Nexus FC -> Nexus SAN-PC -> FI FC -> FI SAN-PC.
  Didn't work:
  NX5KA(config-if)# show san-port-channel summary
  U-Up D-Down B-Hot-standby S-Suspended I-Individual link
  summary header
  Group  Port-      Type    Protocol               Member Ports
         Channel
  133    San-po133  FC      PCP      (D)  FC       fc2/15(D)    fc2/16(D)
  NX5KA(config-if)#
  Here is the output as you requested:
  NX5KA(config-if)# show int san-port-channel 133
  san-port-channel 133 is down (No operational members)
      Hardware is Fibre Channel
      Port WWN is 24:85:00:2a:6a:5a:81:00
      Admin port mode is F, trunk mode is off
      snmp link state traps are enabled
      Port vsan is 133
      1 minute input rate 1256 bits/sec, 157 bytes/sec, 0 frames/sec
      1 minute output rate 248 bits/sec, 31 bytes/sec, 0 frames/sec
        3966 frames input, 615568 bytes
          0 discards, 0 errors
          0 CRC,  0 unknown class
          0 too long, 0 too short
        2956 frames output, 143624 bytes
          0 discards, 0 errors
        46 input OLS, 41 LRR, 73 NOS, 0 loop inits
        257 output OLS, 189 LRR, 219 NOS, 0 loop inits
      last clearing of "show interface" counters never
      Member[1] : fc2/15
      Member[2] : fc2/16
  NX5KA(config-if)#
  NX5KA(config-if)# show int brief
  Interface  Vsan   Admin  Admin   Status          SFP    Oper  Oper   Port
                    Mode   Trunk                          Mode  Speed  Channel
                           Mode                                 (Gbps)
  fc2/13     1      auto   on      sfpAbsent        --     --           --
  fc2/14     1      auto   on      sfpAbsent        --     --           --
  fc2/15     133    F      off     init             swl    --           133
  fc2/16     133    F      off     init             swl    --           133

• Vlan on Nexus 5548

  I have 2 Nexus 5548, and those are VPC members. If I create a new Vlan (vlan 90) on each switch, will there any impact on the Peer link? Like peer link goes down or link flap ? 
  Thanks & Regards, 
  Manu

  Hi Manu,
  Creating new Vlan on both switches wont get any impact.
  But be careful if you Vlan allow list on VPC peer link or VPC member link were you need to flow this new created vlan.  
  Br.
  Mohseen 

• FCoE with Cisco Nexus 5548 switches and VMware ESXi 4.1

  Can someone share with me what needs to be setup on the Cisco Nexus side to work with VMware in the following scenario?
  Two servers with two cards dual port FCoE cards with two ports connected to two Nexus 5548 switches that are clusterd together.  We want to team the ports together on the VMware side using IP Hash so what should be done on the cisco side for this to work? 
  Thanks...

  Andres,
  The Cisco Road Map for the 5010 and 5020 doesn't include extending the current total (12) FEX capabities.  The 5548 and 5596 will support more (16) per 55xxk, and with the 7K will support upto 32 FEX's.
  Documentation has been spotty on this subject, because the term 5k indicates that all 5000 series switches will support extended FEX's which is not the case only the 55xx will support more than 12 FEX.  Maybe in the future the terminology for the 5k series should be term 5000 series and 5500 series Nexus, there are several differences and advancements between the two series.

• Create port channel between UCS-FI and MDS 9124 (F Mode)

  Dear Team,
  We were trying to create  port channel between UCS FI and MDS 9124
  But the port channel not getting active in F mode on MDS 9124
  FI is in FC End Host Mode
  We have enabled FC uplink trunking on FI
  We have enabled NPIV on MDS
  We have enabled trunk on MDS
  FI and MDS in default VSAN
  To check we changed the FI mode to FC Switching mode and port channels became active but in E mode
  when we enabled FC uplink trunking on FI and FC Switching mode port channels became active in TE mode
  but in both the above cases showflogi database shows WWPN of SAN alone not showing any from FI.
  How to achive this?
  Have read that no need to change the swicthing mode to FC Switching mode and keep as FC Endhost mode
  SO how to achieve Port channel with F mode in MDS and FI ( Mode showing as NProxy)
  Does it has to do anything with MDS NX-OS version? (https://supportforums.cisco.com/thread/2179129)
  If yes how to upgrade as license for ports came along with Device and we do not have any PAC/PAK or license file as it came
  with license
  Also we have seen 2 files availabe for download (m9100-s2ek9-kickstart-mz.5.2.8b.bin and m9100-s2ek9-mz.5.2.8b.bin) which to use
  Thanks and Regards
  Jose

  Hi Jo Bo,
  what version of software if your MDS running?
  On your UCS do connect nxos and show inteface brieft and look at the mac address.
  it is possible that you might be hitting the bug below. if this is the case you might need to upgrade the firmware on your MDS.
  Add MAC OUI "002a6a", "8c604f", "00defb" for 5k/UCS-FI
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCty04686
  Symptom:
  Nexus switch unable to connect any other Nexus or other Cisco Switch in NPV mode with a F port-channel.   Issue might be seen in earlier 5.1 releases like
  5.1.3.N1.1a
  but not the latest
  5.1.3.N2.1c
  release. Issue is also seen in
  5.2(1)N1(1)
  and
  6.0(2)N1(1)
  and later releases.
  Conditions:
  Nexus configured for SAN PortChannels or NPIV trunking mode Nexus connected to UCS via regular F port channel where UCS in NPV mode  NPV edge switch: Port WWN OUI from UCS FI  or other Cisco manufactured switch:  xx:xx:00:2a:6a:xx:xx:xx   OR  xx:xx:8c:60:4f:xx:xx:xx
  Workaround:
  Turn-off trunking mode on Nexus 5k TF-port Issue does not happen with standard  F-PORT Remove SAN Portchannel config
  Further Problem Description:
  To verify the issue please collect  show flogi internal event-history errors  Each time the port is attempted OLS, NOS, LRR counters will increment. This can be determined via the following output,  show port internal info all show port internal event-history errors

• TACACS Nexus 5548 Authorization

  I am having an issue with authorization on the Nexus 5548. Note: The tacacs configuration has and still works correctly with all non-Nexus gear.
  Authentication succeeds, and initiatial authorization passes. However, all sh and config commands fail, though AAA Autho Config-Commands .... and Commands Default Group <Grp Name), are configured.
  ACS generates the following error: 13025 Command failed to match a Permit rule. The Selected Command Set is DenyAllCommands. I created an AllowAll, but am unclear how to associate this with Access Policy.
  Any help would be greatly appreciated.

  Hello,
  Hope the attached document points you into the right direction.
  Regards.

• Nexus 5548 L3 daughter card flapping

  Hi guys,
  Anyone of you here that experienced the logs below on their Nexus box:
  2011 Dec 12 06:24:45 GDCNXS5K01 %BTCM-2-BTCM_LOG_ROUTER_ERR: router card in slot 3 has internal link(s) flapped:     router ports down: 0x1a108000 0x1a109000 0x1a10a000 0x1a10b000 0x1a10c000 0x1a10d000 0x1a10e000 0x1a10f000
  I am getting this log at least once a day. Seems like it is shutting down the SVI of the box after the said log occured. Good thing I have enable vPC and I am able to access the NXS5K through the vCP keepalive link (mgmt).
  I have two Nexus 5548, but only one is experiencing the said error.
  Any inputs, suggestions would be greatly appreciated.
  Thanks,
  Edzel

  We had this same problem this past weekend, only in module 2 on a 5596.
  In our case, we had rebooted our primary Nexus and found the following message immediately preceeded the BTCM error you noted:
  %$ VDC-1 %$ %NOHMS-2-NOHMS_DIAG_ERROR: Module 2: Bootup diag detected major event: Forwarding ASIC failure: Ethernet2/9 Ethernet2/10 Ethernet2/11 Ethernet2/12 Ethernet2/13 Ethernet2/14 Ethernet2/15 Ethernet2/16
  We replaced the module.  A "show diag results module 3" would probably show you the same thing.  However, I don't think the error message will show up until you reboot.
  If your flapping Nexus is secondary, you probably won't notice anything major, but if it is your primary, it would probably affect your routing.

• Servers connected to Nexus 5548 only getting 200 Mbps of throughput

  Servers connected to NExus 5k were only getting 100 Mbps of throughput. So I disabled Flow control recieve on all the ports. After this we are getting 200 Mbps of speed. The servers are connected throuh 10 gig port. Could you guys please suggest why the throguhput is still low? Atleast we should get 1Gbps of thrpoughput.

  Hi Adam,
  I think we probably need a little more information to go on. Can you answer the following?
  What type of servers and NICs?
  What OS are you running on the servers?
  What cables do you have from the servers to the switch?
  Are the two servers in the same subnet or is the traffic between them routed?
  If routed, is that in the Nexus 5548 or some other router?
  How are you testing throughput?
  Presumably you're not seeing any errors on the switch ports that the servers are connected to?
  Regards

• EEM on Nexus 5548

  Hi all,
  I'm new to EEM and we are investigating using it to solve some issues that we are having, However, I can't seem to find any definitive information which tells me whether EEM is available in the nexus 5548 switches. Can anyone here help to confirm if this is the case? If not yet avalable for the 5548s, are there any indications as to when it might become available?
  thanks,
  Ram

  Might want to try the 6.0(2)N1(2) and later code.  I have it loaded on a N6004 and EEM is available there.  It is of course the NX-OS flavor of EEM but it is there. 
  N6K-Switch# show ver | grep 'System version'
    System version: 6.0(2)N1(2)
  N6K-Switch# conf t
  Enter configuration commands, one per line.  End with CNTL/Z.
  N6K-Switch(config)# event manager ?
    applet       Create/Modify an Event Manager Policy
    environment  Configure an environment variable
    policy       Register a script policy and activate it
  N6K-Switch(config)# event manager
  Mike

• Help please with TACACS authentication from a Nexus 5548

  I cannot get login working via TACACS from my Nexus 5548.  I've tried creating a group and a single server with key etc.
  Config is simple:
  tacacs-server key 7  ************
  ip tacacs source-interface Vlanx
  aaa group server tacacs+ tacacs
      server 10.x.y.z
  The test aaa command shows it's authenticating:
  NEX01# test aaa server tacacs+  10.x.y.z <username> <password)
  user has been authenticated
  Debug shows this:
  NEX01# 2011 Jun  8 12:31:03 NEX01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user <username>  from 10.x.y.z- login[1691]
  Am I doing something glaringly wrong here?
  Any advice is greatly appreciated.
  Thank you.

  Hi Paul,
  Looks like may be the packet dont have the route ACS when you try to login .
  Can you share sh run of the switch  ?
  Also do you see failed attempt on tacacs server side. ?
  Can you ping tacacs server with source interface Vlanx?
  Thanks
  Waris Hussain

• Urgent help: L3 daughter card for Nexus 5548

  Hi
  We have 2 Nexus 5548 which is in one vPC doamin. All the servers are teamed to these switches
  Requirement
  We have to install New L3 daughter card.(N55-D160L3-V2(=))
  I have gone through the Cisco websites and found that we have to do the following things
  1. software version:
  i Nexus 5548P Daughter Card (N55-D160L3)
  Before installing a Layer 3 daughter card (N55-D160L3) into a Cisco Nexus 5548P switch, you must upgrade to Cisco NX-OS Release 5.0(3)N1(1b) or NX-OS Release 5.0(3)N1(1c) and then install the card into the chassis. 
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_5_0_3_N2_1/Nexus5000_Release_Notes_5_0_3_N2.html
  2. license: 
  Also in order to enable this module following license should present on N5k device:
  LAN_BASE_SERVICES_PKG  - it's free and lifetime.
  https://supportforums.cisco.com/thread/2121574 
  I have 2 questions
  1- In cisco documentation its says that these cards will be installed in the front where I/O module is and after NX OS 5.X they are hot swappable
  Does that mean that no reboot will be required after installing this module (keeping in mind its the first time) so i am confused about the wording ???
  Does license installation requires reboot??? in short if you are installing for the first time do we require a reboot ???? that is my main question
  2- I have heard there is  a known bug which keep rebooting the switch after installation of L3 card
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtl45495
  has that been address in any version of license or NS-OS yet???
  Thanks heaps guys
  If the module is still offline when the requirements are met above, it could be a bug.(CSCtl45495) Try reloading the switch.

  1- In cisco documentation its says that these cards will be installed in the front where I/O module is and after NX OS 5.X they are hot swappable
  Does that mean that no reboot will be required after installing this module (keeping in mind its the first time) so i am confused about the wording ???
  Answer: -- Yes no reboot is required.
  Does license installation requires reboot??? in short if you are installing for the first time do we require a reboot ???? that is my main question
  Answer: As you are installing the license for the first time reboot of the box is not required.
  2- I have heard there is  a known bug which keep rebooting the switch after installation of L3 card
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtl45495
  has that been address in any version of license or NS-OS yet???
  Answer;--No this is not fixed yet.
  HTH
  Regards
  Inayath
  ********Please do not forget to rate the post if this info is helpfull.

• Connecting IBM v7000 to Nexus 5548

  20-Sep-2012 16:51 (in response to feisalb)
  IBM V7000 with Nexus 5548UP and Nexus 4000 Design/implemetation guide
  Hi Guys
  I have a question in regards to connecting IBM v7000 directly to Nexus5548.
  CAN WE DO THIS?
  Our current setup is IBM v7000 -> MDS 9124 -> Nexus 5548.
  But our MDS 9124 are out of warranty now and we need to take them out of production. And only way we can do this is if we connect our IBM v7000 fibre ports directly to our Nexus 5548.
  Can someone please point me to the right direction any knowledge base articles etc.
  Thanks Heaps
  Sid

  Dear prkrishn
  I am working on the Data Center Solution between two Data Center, details underneath
  DC 1 Site
  1. 2 x DC Core Switch (Nexus 7009) - will be used for Servers, Application, IBM V7000, Database, etc.
  2. 2 x Network Core Switch (Cisco 6509) - Handle Campus and Inter Building connection.
  3. IBM V7000 (SAN)
  DC 2 Site
  1. 2 x DC Core Switch (Nexus 7009) - will be used for Servers, Application, IBM V7000, Database, etc.
  2. 2 x Network Core Switch (Cisco 6509) - Handle Campus and Inter Building connection.
  3. IBM V7000 (SAN)
  With the above mention setup, can I configure FCIP between DC1 & DC2 using Nexus 7009? or I need FCIP capable Switch such as IBM SAN Switch (SAN06-BR), I was wondering if I can configure FCIP on Nexus 7009 DC Switch.
  Hoping for your kind response at earliest.
  Kind Regards,
  Arnold

• FCoE using Brocade cards CNA1020 and Cisco Nexus 5548 switches

  All,
  I have the following configuration and problem that I am not sure how to fix:
  I  have three Dell R910 servers with 1TB of memory and each has two  brocade 1020 CNA cards dual port.  I am using distributed switches for  the VM network and a second distributed switch for VMotion.  I have two  of the 10G ports configured in each distributed switch using IP Hash.   The management network is configured using a standard switch with two 1G  ports.
  The  Nexus configuration is we have two nexus 5548 switch connected together  with a trunk.  We have two VPC's configured to each ESX hosts  consisting of two 10gig ports in each VPC with one port going to each  switch.  The VPC is configured for static LAG.
  What  I am seeing is that after a few hours the virtual machines will not be  accessible via network anymore.  So if you ping the VM it will not work  and if you get on the console of the VM then ping the gateway then  nothing as well but if you try to ping another virtual machine on the  same host on the same VLAN then it will work so traffic is going through  the ESX backplane.  If I reboot the ESX host then things will work  again for another few hours or so then the problem repeats.
  The version of vSphere I am using is ESXi4.1
  Please assist I am stuck.
  Thanks...

  Here is the link for Nexus and Brocade interoperability Matrix
  http://www.cisco.com/en/US/docs/switches/datacenter/mds9000/interoperability/matrix/Matrix7.html#wp313498
  usually this table would show those models those have been tested and verified
  However I do not see  Brocade 5300 listed in the table . It could be, interoperability may have not been tested by both vendors perticularly to 5300 type Model.