LMS 4.2.2 Interface utilisation on Nexus 7000
Hi All,
I'm trying to poll some interfaces for their utilization on a nexus 7000 through LMS 4.2.2.
When I create a poller fot the specific instances, the LMS recognises the instances, but after activating the poller I get the error "No Such Instance - The specified instance is not available".
No info is displayed when I generate an interface utilization report for the specific nexus.
When I activate the automonitor for interface utilization, the interfaces on the nexus are polled.
On the cisco website there are some features listed which LMS does not support on the Nexus 7000, but polling is not in that list (neither in the supported feature list).
Any tips?
Thanks for your help.
Joris
Any Idea..??
Similar Messages
-
Dell Servers with Nexus 7000 + Nexus 2000 extenders
<< Original post by smunzani. Answered by Robert. Moving from Document section to Discussions>>
Team,
I would like to use some of the existing Dell Servers for new network design of Nexus 7000 + Nexus 2000 extenders. What are my options for FEC to the hosts? All references of M81KR I found on CCO are related to UCS product only.
What's best option for following setup?
N7K(Aggregation Layer) -- N2K(Extenders) -- Dell servers
Need 10G to the servers due to dense population of the VMs. The customer is not up for dumping recently purchased dell boxes in favor of UCS. Customer VMware license is Enterprise Edition.
Thanks in advance.To answer your question, the M81KR-VIC is a Mezz card for UCS blades only. For Cisco rack there is a PCIe version which is called the P81. These are both made for Cisco servers only due to the integration with server management and virtual interface functionality.
http://www.cisco.com/en/US/prod/collateral/ps10265/ps10493/data_sheet_c78-558230.html
More information on it here:
Regards,
Robert -
Privilege Level for Tacacs Account in Nexus 7000
Hi,
I have configured the Tacacs (ACS 4.2v) on Nexus 7000 (as mentioned below) and works fine but unlike IOS (6509) It's doesn't prompt that you are in userexec mode (>) and then need to type enable and password for full privilege.
In n7k when I entered into "configure terminal" It won't allow me to access other commands.
How to login into level 15 privilege mode after authenticating from tacacs
(config)# show running-config tacacs+
tacacs-server key 7 "xxxxx"
tacacs-server host x.x.x.x key 7 "xxxx"
aaa group server tacacs+ TacServer
server x.x.x.x (same ip as tacacs-server host)
use-vrf management
source-interface Vlan2
(config)# show running-config aaa
aaa authentication login default group TacServer
aaa authentication login console local
aaa user default-role
Here below are the commands accessible in "Terminal" currently
(config)# ?
no Negate a command or set its defaults
username Configure user information.
end Go to exec mode
exit Exit from command interpreter
isb.n7k-dcn-agg-1-sw(config)#Hi Jan.nielsen
Issue is resolved but by another way.
I have found the same resolution too of custom attirbute command but the Custom attribute Option for shell command wasn't available in ACS v4.2, so after enabling shell for users and by clicking exec--> Shell Exec and enabling priviledge level 15 in the same box of Shell options, It start working without any command -
Nexus 7000 - unexpected shutdown of vPC-Ports during reload of the primary vPC Switch
Dear Community,
We experienced an unusual behavior of two Nexus 7000 switches within a vPC domain.
According to the attached sketch, we have four N7Ks in two data centers - two Nexus 7Ks are in a vPC domain for each data center.
Both data centers are connected via a Multilayer-vPC.
We had to reload one of these switches and I expected the other N7K in this vPC domain to continue forwarding over its vPC-Member-ports.
Actually, all vPC ports have been disabled on the secondary switch until the reload of the first N7K (vPC-Role: primary) finished.
Logging on Switch B:
20:11:51 <Switch B> %VPC-2-VPC_SUSP_ALL_VPC: Peer-link going down, suspending all vPCs on secondary
20:12:01 <Switch B> %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 1, VPC peer keep-alive receive has failed
In case of a Peer-link failure, I would expect this behavior if the other switch is still reachable via the Peer-Keepalive-Link (via the Mgmt-Port), but since we reloaded the whole switch, the vPCs should continue forwarding.
Could this be a bug or are there any timers to be tuned?
All N7K switches are running on NX-OS 6.2(8)
Switch A:
vpc domain 1
peer-switch
role priority 2048
system-priority 1024
peer-keepalive destination <Mgmt-IP-Switch-B>
delay restore 360
peer-gateway
auto-recovery reload-delay 360
ip arp synchronize
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan <x-y>
spanning-tree port type network
vpc peer-link
Switch B:
vpc domain 1
peer-switch
role priority 1024
system-priority 1024
peer-keepalive destination <Mgmt-IP-Switch-A>
delay restore 360
peer-gateway
auto-recovery reload-delay 360
ip arp synchronize
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan <x-y>
spanning-tree port type network
vpc peer-link
Best regardsProblem solved:
During the reload of the Nexus 7K, the linecards were powerd off a short time earlier than the Mgmt-Interface. As a result of this behavior, the secondary Nexus 7K received at least one vPC-Peer-Keepalive Message while its peer-link was already powerd off. To avoid a split brain scenario, the VPC-member-ports have been shut down.
Now we are using dedicated interfaces on the linecards for the VPC-Peer-Keepalive-Link and a reload of one N7K won't result in a total network outage any more. -
We have GLBP configured on two Nexus 7000's using "load-balancing host-dependant" as our method of balancing. My question is, is there a quick way to determine which router each host is using. These are in production so any debugging is frowned on.
Thanks
DavidAvailable command to verify GLBP operation is following
show glbp [group group-number]
Displays the GLBP status for all or one group.
show glbp capability
Displays the GLBP capability for all or one group.
show glbp interface interface-type slot/port
Displays the GLBP status for an interface.
show glbp interface interface-type slot/port [active] [disabled] [init] [listen] [standby]
Displays the GLBP status for a group or interface for virtual forwarders in the selected state.
show glbp interface interface-type slot/port [active] [disabled] [init] [listen] [standby] brief
Displays a brief summary of the GLBP status for a group or interface for virtual forwarders in the selected state.
But none of these will show you which host uses which AVF. In GLBP, Hosts still point to a default gateway IP address, but GLBP causes different hosts to send their traffic to one of up to four routers in a GLBP group. To do so, the GLBP Active Virtual Gateway (AVG) assigns each router in the group a unique virtual MAC address format 0007.B400.xxyy, where xx is the GLBP group number, and yy is a different number for each router (01, 02, 03, or 04). When a client ARPs for the (virtual) IP address of its default gateway, the GLBP AVG replies with one of the four possible virtual MACs. By replying to ARP requests with different virtual MACs, the hosts in that subnet will in effect balance the traffic across the routers, rather than send all traffic to the one active router. You can check ARP table of host and see the mac address of default gateway. But this is not an easy way. -
Connecting IBM B22 FEXes to Nexus 7000
Hello everybody,
Could someone give an definite answer, better to based on personal experience - is it possible to attach B22 FEX going to the IBM chassis to Nexus 7000 via F2 series 48-port 10G card?
NXOS is currently running 6.1.5a but we plan to upgrade to 6.2.8 or 6.2.12 once we get new 4GB DIMMs for SUP1 modules.
Thanks.In my case, I was getting this error on a interface of a Nexus C6001 with the FET-10G transceiver. I was able to clear it up by temorarily replacing and configuring a slower GLC-T which worked as expected. I then removed all the settings an got the FET-10G to link.
-
Ciscoworks 2.6 and Nexus 7000 issues
Running LMS 2.6 with RME version 4.0.6, and DFM 2.0.13.
We keep getting false alerts in DFM on the temperature in our Nexus 7000 switches. The alert says that the high temp threshold is 45C, and it's being exceeded at 46C. The thing that bothers me is that the actual switch reads that the threshold is around 100C or more. Any ideas as to why DFM would be picking up a temperature so far off the mark?
Also, in regards to RME, I cannot pull configs from the Nexus 7000's. The check box in "archive config" is blanked out to where I can't check it. I download the device packages for the 7000 into RME but it will not pull configs. Is this not supported under our version of RME, or would there be some other reason that I can't do this?
Thanks for any assistance with these issues!UPDATE:
I fixed the RMA config pull issue. I thought I had previously downloaded the Nexus device packages so that RMA could work with them, but upon checking again, it looks like I just didn't have them installed. Got that piece fixed and now I can pull configs from the switches just fine.
Still having problems with the temperature reading in DFM not accurately reflecting what is actually on the switches. Any suggestions as to where to start hunting down the issue for this are greatly appreciated. Thanks! -
Hi all,
A few months ago I have configured netflow on a Nexus 7000 with NX-OS version 6.0.2.
This was my config:
flow exporter Fluke_NetflowTracker
description export netflow to Fluke_NetflowTracker
destination x.x.x.x use-vrf management
transport udp 2055
source mgmt0
version 9
flow exporter Fluke_Optiview
description export netflow to Fluke_Optiview
destination x.x.x.x transport udp 2055
source Vlanx
version 9
flow monitor MonitorTrafficToFluke
record netflow-original
exporter Fluke_NetflowTracker
exporter Fluke_Optiview
This flow was activated on some SVI's. "ip flow monitor MonitorTrafficToFluke input"
Recently we have upgraded the NX-OS to version 6.1.3. The netflow keeps on working, but the syntax of the netflow configuration has changed. Now you have to add a sampler as well.
So I have created the following sampler.
sampler NetFlow-Sampler
description Netflow Sampler
mode 1 out-of 1000
When I want to update the current configuration with the sampler I can't adapt or remove the existing netflow configuration on the SVI.
NK7(config-if)# no ip flow monitor MonitorTrafficToFluke input
ERROR: A sampler must be configured for an interface on an F2 card
NK7(config-if)# ip flow monitor MonitorTrafficToFluke input sampler NetFlow-Sampler
An additional 1:100 sampler, over the configured sampler is applicable for F2 ports
Error: Sampler can not be changed on Interface Vlanx. Remove flow monitor first.
ERROR: Command has failed
How do I update or remove the existing configuration on the SVI.
I want the config to be "ip flow monitor MonitorTrafficToFluke input sampler NetFlow-Sampler"
Thank you,
Best Regards,
JorisHi Joris,
Try no feature netflow under the interface and try to re-apply the whole configs. Since its a F2 we dont support config changes until 6.2(2) only way is to remove the configs using no feature netflow and re-applying it.
Thanks,
Richard.
*Rate if its useful -
Hi,
I have some Nexus 7000 with FET-10G with xcvrInval status
Eth7/33 N5k-S1-3T-1/3 xcvrInval trunk auto auto Fabric Exte
and some other FET-10G with notconn status
Eth7/8 FEX-101 notconnec 1 auto auto Fabric Exte
If I inter exchange the position of both FET-10G the status port doesn´t change
FET-10G from 7/8 to 7/33
FET-10G from 7/33 to 7/8
7/33 holds xcvrInval status
7/8 holds notconnec status
I have reconfigured from default interface with same results
Next you´ll find the same serial number in deferent port, the diference is the current
when is xcvrInva or when is notconnec
What can I do to get FET10G in e7/33 validated?
sh interface e7/33 transceiver details
Ethernet7/33
transceiver is present
type is Fabric Extender Transceiver
name is CISCO-FINISAR
part number is FTLX8570D3BCL-C2
revision is A
serial number is FNS17201TE5
nominal bitrate is 10300 MBit/sec
Link length supported for 62.5/125um fiber is 10 m
Link length supported for 50/125um OM3 fiber is 100 m
cisco id is --
cisco extended id number is 4
cisco part number is 10-2566-02
cisco product id is FET-10G
cisco vendor id is V02
number of lanes 1
SFP Detail Diagnostics Information (internal calibration)
Current Alarms Warnings
Measurement High Low High Low
Temperature 19.30 C 75.00 C 5.00 C 70.00 C 10.00 C
[7m--More-- [m
Voltage 3.31 V 3.63 V 2.97 V 3.46 V 3.13 V
Current 0.06 mA -- 11.80 mA 4.00 mA 10.80 mA 5.00 mA
Tx Power N/A 22.69 dBm 8.69 dBm 18.69 dBm 12.69 dBm
Rx Power N/A 22.99 dBm 6.09 dBm 18.99 dBm 10.09 dBm
Transmit Fault Count = 0
Note: ++ high-alarm; + high-warning; -- low-alarm; - low-warning
now in slot 7/8
Ethernet7/8
transceiver is present
type is Fabric Extender Transceiver
name is CISCO-FINISAR
part number is FTLX8570D3BCL-C2
revision is A
serial number is FNS17201TE5
nominal bitrate is 10300 MBit/sec
Link length supported for 62.5/125um fiber is 10 m
Link length supported for 50/125um OM3 fiber is 100 m
cisco id is --
cisco extended id number is 4
cisco part number is 10-2566-02
cisco product id is FET-10G
cisco vendor id is V02
number of lanes 1
SFP Detail Diagnostics Information (internal calibration)
Current Alarms Warnings
Measurement High Low High Low
Temperature 23.17 C 75.00 C 5.00 C 70.00 C 10.00 C
[7m--More-- [m
Voltage 3.30 V 3.63 V 2.97 V 3.46 V 3.13 V
Current 7.50 mA 11.80 mA 4.00 mA 10.80 mA 5.00 mA
Tx Power 17.65 dBm 22.69 dBm 8.69 dBm 18.69 dBm 12.69 dBm
Rx Power -12.21 dBm -- 22.99 dBm 6.09 dBm 18.99 dBm 10.09 dBm
Transmit Fault Count = 0
Note: ++ high-alarm; + high-warning; -- low-alarm; - low-warning
NX7K-1-VDC-3T-S1-L2FP# sh int e7/33
Ethernet7/33 is down (Transceiver validation failed)
admin state is up, Dedicated Interface
Belongs to Po51
Hardware: 1000/10000 Ethernet, address: 8478.ac23.6cec (bia 8478.ac23.6cec)
Description: N5k-S1-3T-1/3
MTU bytes (CoS values): MTU 1500(0-2,4-7) bytes MTU 2112(3) bytes
BW 10000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, medium is broadcast
Port mode is trunk
auto-speed auto-duplex,, media type is 10G
Beacon is turned off
Auto-Negotiation is turned on
Input flow-control is off, output flow-control is off
Auto-mdix is turned on
Rate mode is dedicated
Switchport monitor is off
EtherType is 0x8100
EEE (efficient-ethernet) : n/a
Last link flapped never
Last clearing of "show interface" counters 07:22:09
0 interface resets
Load-Interval #1: 30 seconds
30 seconds input rate 0 bits/sec, 0 packets/sec
30 seconds output rate 0 bits/sec, 0 packets/sec
Load-Interval #2: 5 minute (300 seconds)
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
RX
88 unicast packets 0 multicast packets 0 broadcast packets
0 input packets 0 bytes
0 jumbo packets 0 storm suppression packets
0 runts 0 giants 0 CRC/FCS 0 no buffer
0 input error 0 short frame 0 overrun 0 underrun 0 ignored
0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop
0 input with dribble 0 input discard
0 Rx pause
TX
88 unicast packets 0 multicast packets 0 broadcast packets
0 output packets 0 bytes
0 jumbo packets
0 output error 0 collision 0 deferred 0 late collision
0 lost carrier 0 no carrier 0 babble 0 output discard
0 Tx pause
NX7K-1-VDC-3T-S1-L2FP# sh int e7/33
Ethernet7/8 is down (Link not connected)
admin state is up, Dedicated Interface
Belongs to Po101
Hardware: 1000/10000 Ethernet, address: 8478.ac23.6cd3 (bia 8478.ac23.6cd3)
Description: FEX-101
MTU bytes (CoS values): MTU 1500(0-2,4-7) bytes MTU 2112(3) bytes
BW 10000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, medium is p2p
Port mode is fex-fabric
auto-speed auto-duplex,, media type is 10G
Beacon is turned off
Auto-Negotiation is turned on
Input flow-control is off, output flow-control is off
Auto-mdix is turned on
Rate mode is dedicated
Switchport monitor is off
EtherType is 0x8100
EEE (efficient-ethernet) : n/a
Last link flapped 5week(s) 1day(s)
Last clearing of "show interface" counters never
0 interface resets
Load-Interval #1: 30 seconds
30 seconds input rate 0 bits/sec, 0 packets/sec
[7m--More-- [m
30 seconds output rate 0 bits/sec, 0 packets/sec
Load-Interval #2: 5 minute (300 seconds)
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
RX
10588 unicast packets 0 multicast packets 0 broadcast packets
4 input packets 0 bytes
0 jumbo packets 0 storm suppression packets
0 runts 0 giants 0 CRC/FCS 0 no buffer
0 input error 0 short frame 0 overrun 0 underrun 0 ignored
0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop
0 input with dribble 0 input discard
0 Rx pause
TX
10588 unicast packets 1 multicast packets 0 broadcast packets
4 output packets 5688 bytes
0 jumbo packets
0 output error 0 collision 0 deferred 0 late collision
0 lost carrier 0 no carrier 0 babble 0 output discard
0 Tx pauseHi Ans,
You are rigth, I have defaulted againt the port, now configured with switchport mode FEX, and now the FET-10G is validated
NX7K-1-VDC-3T-S1-L2FP(config-if)# description FEX-101
NX7K-1-VDC-3T-S1-L2FP(config-if)# switchport
NX7K-1-VDC-3T-S1-L2FP(config-if)# switchport mode fex-fabric
NX7K-1-VDC-3T-S1-L2FP(config-if)# fex associate 101
NX7K-1-VDC-3T-S1-L2FP(config-if)# medium p2p
NX7K-1-VDC-3T-S1-L2FP(config-if)# channel-group 101
NX7K-1-VDC-3T-S1-L2FP(config-if)# no shutdown
NX7K-1-VDC-3T-S1-L2FP(config-if)#
NX7K-1-VDC-3T-S1-L2FP(config-if)# sh int e7/33 status
Port Name Status Vlan Duplex Speed Type
Eth7/33 FEX-101 notconnec 1 auto auto Fabric Exte
NX7K-1-VDC-3T-S1-L2FP(config-if)#
Thanks for your help, and have a nice weekend.
Atte,
EF -
Hi,
I have one Nexus 7000 with a fcoe supported blade N7K-F132XP-15.
Want to deply this in the LAB. I created a fcoe port for test purpose which is working. But some things are not very clear to me. I am pointing them below.
How to create the interface membership for storage VDC. Right now i created shared interfcae with the default VDC. But can i create the interfcae dedicated? What is the difference between when the interface is shared and dedicated ?
Also, on my shared interfcae while configuring FCoE port, it did not allow me to create priority flow control settings. See the error below.
fcoe-dvt(config-if)# priority-flow-control mode auto
ERROR: pfc config not allowed on shared interface (0x1a000000)
fcoe-dvt(config-if)#
On Nexus 5020, we have priority flow control settings as "auto" for eahc fcoe interface. In the nexus 7000 case, i dont know what and how priority flow control is taking place.
Any white paper on Nexus 7000 fcoe will be greatly appreciated.
Thanks,Marko,
Yes it is supported, here is a link to the interoperability matrix for storage, also you can find CNA compatibility
here as well. It is a difficult to find on cisco.com because it has been added in with the MDS.
http://www.cisco.com/en/US/docs/switches/datacenter/mds9000/interoperability/matrix/Matrix1.html
Thanks,
Bill -
EtherChannel problem on Nexus 7000
Dear NetPro gurus,
One of my customer is trying to setup an EtherChannel (LACP) on a pair of Nexus 7000. However, doesn't matter what we do, the port Eth 1/17 always become suspended. We have tried swapping fiber cables and also swapping SFPs, but no help.
The 1st Nexus 7010 - called 'VIWLRCA'
The 2nd Nexus 7010 - called 'VIWLRCB'
Originally port eth 1/17 are left as 'normal' trunk port, and we can see eth 1/17 shows up fine under 'show interface brief'
viwlrca-PROD# sh run int eth 1/17
interface Ethernet1/17
switchport
switchport mode trunk
udld disable
no shutdown
viwlrca-PROD# sh run int eth 1/18
interface Ethernet1/18
switchport
switchport mode trunk
udld disable
channel-group 20 mode active
no shutdown
viwlrca-PROD# sh int brief
Ethernet VLAN Type Mode Status Reason Speed Port
Interface Ch #
Eth1/17 1 eth trunk up none 10G(S) --
Eth1/18 1 eth trunk up none 10G(S) 20
Eth1/19 -- eth routed down SFP not inserted auto(S) --
Eth1/20 -- eth routed down SFP not inserted auto(S) --
Eth1/21 -- eth routed down Administratively down auto(S) --
Eth1/22 -- eth routed down Administratively down auto(S) --
Eth1/23 -- eth routed down Administratively down auto(S) --
Eth1/24 -- eth routed down Administratively down auto(S) --
Eth2/25 -- eth routed down Administratively down auto(D) --
Eth2/26 -- eth routed down Administratively down auto(D) --
Eth2/27 -- eth routed down SFP not inserted auto(D) --
Eth2/28 -- eth routed down SFP not inserted auto(D) --
Eth2/29 -- eth routed down SFP not inserted auto(D) --
Eth2/30 -- eth routed down SFP not inserted auto(D) --
Eth2/31 -- eth routed down SFP not inserted auto(D) --
Eth2/32 -- eth routed down SFP not inserted auto(D) --
viwlrca-PROD#
But as soon as I add the Eth 1/17 back onto PortChannel 20
The Eth 1/17 becomes "Suspended" straight away
viwlrca-PROD# sh int brief
Ethernet VLAN Type Mode Status Reason Speed Por
t
Interface Ch
Eth1/17 1 eth trunk down suspended auto(S) 20
Eth1/18 1 eth trunk up none 10G(S) 20
Eth1/19 -- eth routed down SFP not inserted auto(S) --
Eth1/20 -- eth routed down SFP not inserted auto(S) --
Eth1/21 -- eth routed down Administratively down auto(S) --
Eth1/22 -- eth routed down Administratively down auto(S) --
Eth1/23 -- eth routed down Administratively down auto(S) --
Eth1/24 -- eth routed down Administratively down auto(S) --
Eth2/25 -- eth routed down Administratively down auto(D) --
Eth2/26 -- eth routed down Administratively down auto(D) --
Eth2/27 -- eth routed down SFP not inserted auto(D) --
Eth2/28 -- eth routed down SFP not inserted auto(D) --
Eth2/29 -- eth routed down SFP not inserted auto(D) --
Eth2/30 -- eth routed down SFP not inserted auto(D) --
Eth2/31 -- eth routed down SFP not inserted auto(D) --
Eth2/32 -- eth routed down SFP not inserted auto(D) --
viwlrca-PROD#
viwlrca-PROD# sh port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
Group Port- Type Protocol Member Ports
Channel
20 Po20(SU) Eth LACP Eth1/17(s) Eth1/18(P)
viwlrca-PROD#
Config on Primary Nexus:-
viwlrca-PROD# sh run
!Command: show running-config
!Time: Tue Mar 22 06:04:26 2011
version 5.1(1a)
hostname PROD
cfs eth distribute
feature udld
feature interface-vlan
feature lacp
feature vpc
feature vtp
username admin password 5 $1$pkJaKHZW$Sx4wpDG5xXYkD.QfDk/Cg. role vdc-admin
no ip domain-lookup
ip domain-name vfc.com
crypto key param rsa label viwlrca-PROD.vfc.com modulus 2048
snmp-server user admin vdc-admin auth md5 0x05f7328e3b39a70be09abc3056ec2819 pri
v 0x05f7328e3b39a70be09abc3056ec2819 localizedkey
vrf context management
spanning-tree pathcost method long
spanning-tree port type edge bpduguard default
spanning-tree loopguard default
spanning-tree vlan 1-3967,4048-4093 priority 4096
interface Vlan1
interface Vlan161
ip address 172.30.161.2/24
interface Vlan162
ip address 172.30.162.2/24
interface Vlan163
ip address 172.30.163.2/24
interface Vlan164
ip address 172.30.164.2/24
interface Vlan165
ip address 172.30.165.2/24
interface Vlan190
ip address 172.30.190.2/24
interface port-channel20
switchport
switchport mode trunk
interface Ethernet1/17
switchport
switchport mode trunk
udld disable
channel-group 20 mode active
no shutdown
interface Ethernet1/18
switchport
switchport mode trunk
udld disable
channel-group 20 mode active
no shutdown
interface Ethernet1/19
interface Ethernet1/20
interface Ethernet1/21
interface Ethernet1/22
interface Ethernet1/23
interface Ethernet1/24
interface Ethernet2/25
interface Ethernet2/26
interface Ethernet2/27
interface Ethernet2/28
interface Ethernet2/29
interface Ethernet2/30
interface Ethernet2/31
interface Ethernet2/32
interface Ethernet2/33
interface Ethernet2/34
interface Ethernet2/35
interface Ethernet2/36
interface Ethernet3/25
interface Ethernet3/26
interface Ethernet3/27
interface Ethernet3/28
interface Ethernet3/29
interface Ethernet3/30
interface Ethernet3/31
interface Ethernet3/32
interface Ethernet3/33
interface Ethernet3/34
interface Ethernet3/35
interface Ethernet3/36
line vty
viwlrca-PROD#
Config for Secondary Nexus 7000
VIWLRCB-PROD# sh run
!Command: show running-config
!Time: Tue Mar 22 09:19:22 2011
version 5.1(1a)
hostname PROD
cfs eth distribute
feature interface-vlan
feature lacp
feature vpc
feature vtp
username admin password 5 $1$Lc486EOm$EtKhZWuxGjWWokfeuUsMk. role vdc-admin
no ip domain-lookup
ip domain-name vfc.com
crypto key param rsa label VIWLRCB-PROD.vfc.com modulus 2048
snmp-server user admin vdc-admin auth md5 0xeb607b54234985ed6740c5fdbb8d84c6 pri
v 0xeb607b54234985ed6740c5fdbb8d84c6 localizedkey
vrf context management
spanning-tree pathcost method long
spanning-tree port type edge bpduguard default
spanning-tree loopguard default
spanning-tree vlan 1-3967,4048-4093 priority 8192
interface Vlan1
interface port-channel20
switchport
switchport mode trunk
interface Ethernet1/17
switchport
switchport mode trunk
channel-group 20 mode active
no shutdown
interface Ethernet1/18
switchport
switchport mode trunk
channel-group 20 mode active
no shutdown
interface Ethernet1/19
interface Ethernet1/20
interface Ethernet1/21
interface Ethernet1/22
interface Ethernet1/23
interface Ethernet1/24
interface Ethernet2/25
interface Ethernet2/26
interface Ethernet2/27
interface Ethernet2/28
interface Ethernet2/29
interface Ethernet2/30
interface Ethernet2/31
interface Ethernet2/32
interface Ethernet2/33
interface Ethernet2/34
interface Ethernet2/35
interface Ethernet2/36
interface Ethernet3/25
interface Ethernet3/26
interface Ethernet3/27
interface Ethernet3/28
interface Ethernet3/29
interface Ethernet3/30
interface Ethernet3/31
interface Ethernet3/32
interface Ethernet3/33
interface Ethernet3/34
interface Ethernet3/35
interface Ethernet3/36
line vty
VIWLRCB-PROD#
Cheers,
HuntQuick troubleshoot:
Default all interfaces in newly created port-channel as well as the port-channel interface, then delete port-channel interface. Recreate port-channel without the LACP protocol:
interface e1/17,e1/18
switchport
channel-group 20 mode on
no shutdown
exit
interface port-channel20
switchport
switchport mode trunk
no shutdown
exit
show port-channel summ
show int trunk
HTH,
Sean -
We are in the process of migrating our servers from Cat6500 (HSRPv1) to Nexus 7000 (HSRPv2). The HSRP virtual ip address remains the same after the migration. During the migration, we will shut down the Layer3 interface vlan on the Cat6500 and create the new Layer 3 interface vlan on the N7K. Because we are migrating to HSRPv2, the HSRP virtual MAC address will change. Would like to check if there is there any way for the N7K to send gratuitous ARP to all the servers so that their ARP cache are refreshed. does "ip arp gratuitous update" help ? THanks Eng Wee
Hi Eng Wee,
Nexus sends gratuitous arp by default. This command is enabled on the interface by default. There is nothing special that you need to do for the switch to send the gratuitous arps.
JayaKrishna -
Frame generated by Nexus 7000 contains unexpected trailer when using GRE
I have observed some unexpected behaviour on a Nexus 7000 running 6.1(2) in respect of the Ethernet II frame generated when the Nexus 7000 is a GRE Tunnel endpoint.
The device receiving the Frame is discarding it and I waiting for the vendor to confirm the reason for this discard. However in case the reason is due to the Ethernet frame being "unusual" I am curious if any one else has come across this.
To generate the Frame I perform a ping (on a workstation) which the Nexus 7000 in encapsulating in a GRE tunnel. Using Wireshark on the Nexus 7000 egress interface I observed that the Frame contains the following protocols as expected; ETH:IP:GRE:IP:ICMP:data
When I issue the command "ping -l 1" on the workstation the Frame details from Wireshark are:
Frame 84 bytes on wire
Total IP payload = 53 bytes
Outer IP header (20 bytes)
GRE ( 4 bytes)
Inner IP header (20 bytes)
ICMP (header 8 bytes payload 1 byte)
Ethernet Trailer length = 17 bytes
What is curious about this Frame is that;
a) No Ethernet Trailer is needed as the IP payload exceeds 46 bytes
b) The amount of padding applied is what would be needed if the Inner IP datagram were encapsulated directly in an Ethernet II Frame. The Inner ip datagram is 29 bytes octets and hence padding needed = 46 - 29 = 17.
By doing ping sweep from length 1 to 18 the observed padding was;
1,17
2,16
3,15
17,1
18,0
So it would appear that the Nexus is adding padding to the Ethernet frame as though it were containing the pre GRE payload only.What module are you using?
Ron -
Migration from Nexus 7000 without VDC to VDC
Hi all
I am working on a DataCenter architecture where we would like to implement Nexus 7000.
For the time being, there only one "context" but we may take the opportunity to implement VDC in a later future
I was not able to find a clear answer on the following :
Can we add the VDC licence & configure a new VDC on a Nexus 7000 running without VDC ?
I suppose this is possible. but does it need to have the whole configuration changed or adding a VDC can be done without any interruption on the current environnement ?
Thanks in advance !Hello
To have VDC support on n7k you will require following license:
LAN_ADVANCED_SERVICES_PKG
To configure new vdc you need to run:
Nexus(config)# vdc
This will create new VDC which is separate from the current one. It shouldn't affect productional environment since separate processes started for new VDC.
Then you can allocate some interfaces to it and configure.
But you need to be careful to check whether you allocate unused interfaces and don't add resource excessive configuration.
Here is a very good explanation of what is VDC and how it works:
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/White_Paper_Tech_Overview_Virtual_Device_Contexts.html
And here is VDC config guide:
http://www.cisco.com/en/US/docs/switches/datacenter/sw/nx-os/virtual_device_context/configuration/guide/vdc_nx-os_cfg.html
HTH,
Alex -
PortChannel table in Nexus 7000/5000 through MIB
I ma trying to query "CISCO-PORT-CHANNEL" mib on Nexus 7000 for portChannel table and I am not getting any info.
Nexus OS versions : Nexus 7000 - System version: 5.1(5)
Nuxus 5000 - System version: 5.0(3)N1(1a)
Any pointers or other alternatives to query through MIB ?
Thanks,
Chandra.Hi Chandra
Here is a list of MIBS supproted on n7k:
ftp://ftp-sj.cisco.com/pub/mibs/supportlists/nexus7000/Nexus7000MIBSupportList.html
You can use IF-MIB to poll general port-channel interface status and use following command to find port-channel interface indexes among other output:
sh interface snmp-ifindex
Also you can poll the CISCO-LAG-MIB for port-chanel details.
HTH,
Alex
Maybe you are looking for
-
How do I restore the ipod 7th generation to a previous backup
Can the ipod 7th generation be restored to a previous backup? I just replaced my ipod because of a defective battery and I want to restore the playlists exactly as they were on the old one.
-
MWST not getting determined at header
Hi, In CRM 4.0, I am getting the pricing conditions correctly including MWST at item level. But still there is an error which says that MWST not found. I observed that at the header, there is no MWST determined. Any clues. thanks Yash
-
Connecting to Wireless AP with non-english SSID name
Hi everyone I have a wireless AP with a non-english name ( The name is "IsolÈ coffee"), when I do scan for wireless network in Mac OS X it will not show this network and even if I use iStumbler it will show it but it will not able to connect to it if
-
Two Chief Position for an org unit
HI, In PPOM I am unable to view two chief position for an 'X' org unit. I have checked in other 'Y' org. unit ( having similar attributes) and there two chief positions are displayed. The validity period and other relationship in both the org units a
-
Help understanding Analyzer output
Can anyone help on understanding the db analyzer output attached ? The MaxCPUs message is clear I'd like to understand there are some issues that can be fixed. Thank you !! ===== #0 at 2009-03-20 11:53:42 * I Database Analyzer configuratio