Nexus 1000V - what is a DVS really?

Hello 1000V Experts,
I'm hoping I can get some clarification on the functions of a 1000V and what happens if they are shut down. I've had a few 1KVs in existance for some time and after running them on active servers I've come under the impression that a 1KV is basically a pre-configurator. It has a predefined configuration that is uploaded to VCenter. VCenter guys then can use that config to modify their servers uplinks.
It does not do anything for the servers in real time, ie no inspection, no ACLs(that are not uploaded to VCenter), etc (other than CDP).
If i shut down a 1KV live, nothing will happen, services will go on as normal as the config was uplinked to VCenter?
I have a feeling I may be missing something and would really appreciate any clarification.
/r
Rob

Let's set the record straight here - to avoid confusion.
1. VEMs will continue to forward traffic in the event one or both VSM are unavailable - this requires the VEM to remain online and not reboot while both VSMs are offline. VSM communication is only required for config changes (and LACP negociation prior to 1.4)
2. If there is no VSM reachable, and a VEM is reboot, only then will the System VLANs go into a forwarding state. All other non-system VLANs will remain down. This is to faciliate the Chicken & Egg theory of a VEM being able to initially communicate with a VSM to obtain its programming.
The ONLY VLANs & vEth Profiles that should be set as system vlans are:
1000v-Control
1000v-Packet
Service Console/VMkernel for Mgmt
IP Storage (iSCSI or NFS)
Everything else should not be defined as a system VLAN including VMotion - which is a common Mistake.
**Remember that for a vEth port profile to behave like a system profile, it must be define on BOTH the vEth and Eth port profiles. Two factor check. This allows port profiles that maybe are not critical, yet share the same VLAN ID to behave differently.
There are a total of 16 profiles that can include system VLANs. If you exceed this, you can potentially run into issues with the Opaque data pushed from vCenter is truncated causing programming errors on your VEMs. Adhering to the limitations above should never lead to this situation.
Regards,
Robert

Similar Messages

[Nexus 1000v] VEM can't be add into VSM

hi all,
following my lab, i have some problems with Nexus 1000V when VEM can't be add into VSM.
+ on VSM has already installed on ESX 1 (standalone or ha) and you can see:
Cisco_N1KV# show module
Mod Ports Module-Type                       Model               Status
1    0      Virtual Supervisor Module         Nexus1000V          active *
Mod Sw                Hw
1    4.2(1)SV1(4a)     0.0
Mod MAC-Address(es)                         Serial-Num
1    00-19-07-6c-5a-a8 to 00-19-07-6c-62-a8 NA
Mod Server-IP        Server-UUID                           Server-Name
1    10.4.110.123     NA                                    NA
+ on ESX2 that 's installed VEM
[root@esxhoadq ~]# vem status
VEM modules are loaded
Switch Name      Num Ports   Used Ports Configured Ports MTU     Uplinks
vSwitch0         128         3           128               1500    vmnic0
VEM Agent (vemdpa) is running
[root@esxhoadq ~]#
any advices for this,
thanks so much

Hi,
i'm having similar issue: the VEM insatlled on the ESXi is not showing up on the VSM.
please check from the following what can be wrong?
This is the VEM status:
~ # vem status -v
Package vssnet-esx5.5.0-00000-release
Version 4.2.1.1.4.1.0-2.0.1
Build 1
Date Wed Jul 27 04:42:14 PDT 2011
Number of PassThru NICs are 0
VEM modules are loaded
Switch Name     Num Ports   Used Ports Configured Ports MTU     Uplinks
vSwitch0         128         4           128               1500   vmnic0
DVS Name         Num Ports   Used Ports Configured Ports MTU     Uplinks
VSM11           256         40         256               1500   vmnic2,vmnic1
Number of PassThru NICs are 0
VEM Agent (vemdpa) is running
~ # vemcmd show port
LTL   VSM Port Admin Link State PC-LTL SGID Vem Port
   18               UP   UP   F/B*     0       vmnic1
   19             DOWN   UP   BLK       0       vmnic2
* F/B: Port is BLOCKED on some of the vlans.
Please run "vemcmd show port vlans" to see the details.
~ # vemcmd show trunk
Trunk port 6 native_vlan 1 CBL 1
vlan(1) cbl 1, vlan(111) cbl 1, vlan(112) cbl 1, vlan(3968) cbl 1, vlan(3969) cbl 1, vlan(3970) cbl 1, vlan(3971) cbl 1,
Trunk port 16 native_vlan 1 CBL 1
vlan(1) cbl 1, vlan(111) cbl 1, vlan(112) cbl 1, vlan(3968) cbl 1, vlan(3969) cbl 1, vlan(3970) cbl 1, vlan(3971) cbl 1,
Trunk port 18 native_vlan 1 CBL 0
vlan(111) cbl 1, vlan(112) cbl 1,
~ # vemcmd show port
LTL   VSM Port Admin Link State PC-LTL SGID Vem Port
   18               UP   UP   F/B*     0       vmnic1
   19            DOWN   UP   BLK       0       vmnic2
* F/B: Port is BLOCKED on some of the vlans.
Please run "vemcmd show port vlans" to see the details.
~ # vemcmd show port vlans
                       Native VLAN   Allowed
LTL   VSM Port Mode VLAN   State Vlans
   18             T       1   FWD   111-112
   19             A       1   BLK   1
~ # vemcmd show port
LTL   VSM Port Admin Link State PC-LTL SGID Vem Port
   18               UP   UP   F/B*     0       vmnic1
   19             DOWN   UP   BLK       0       vmnic2
* F/B: Port is BLOCKED on some of the vlans.
Please run "vemcmd show port vlans" to see the details.
~ # vemcmd show port vlans
                       Native VLAN   Allowed
LTL   VSM Port Mode VLAN   State Vlans
   18             T       1   FWD   111-112
   19             A       1   BLK   1
~ # vemcmd show trunk
Trunk port 6 native_vlan 1 CBL 1
vlan(1) cbl 1, vlan(111) cbl 1, vlan(112) cbl 1, vlan(3968) cbl 1, vlan(3969) cbl 1, vlan(3970) cbl 1, vlan(3971) cbl 1,
Trunk port 16 native_vlan 1 CBL 1
vlan(1) cbl 1, vlan(111) cbl 1, vlan(112) cbl 1, vlan(3968) cbl 1, vlan(3969) cbl 1, vlan(3970) cbl 1, vlan(3971) cbl 1,
Trunk port 18 native_vlan 1 CBL 0
vlan(111) cbl 1, vlan(112) cbl 1,
~ # vemcmd show card
Card UUID type 2: ebd44e72-456b-11e0-0610-00000000108f
Card name: esx
Switch name: VSM11
Switch alias: DvsPortset-0
Switch uuid: c4 be 2c 50 36 c5 71 97-44 41 1f c0 43 8e 45 78
Card domain: 1
Card slot: 1
VEM Tunnel Mode: L2 Mode
VEM Control (AIPC) MAC: 00:02:3d:10:01:00
VEM Packet (Inband) MAC: 00:02:3d:20:01:00
VEM Control Agent (DPA) MAC: 00:02:3d:40:01:00
VEM SPAN MAC: 00:02:3d:30:01:00
Primary VSM MAC : 00:50:56:ac:00:42
Primary VSM PKT MAC : 00:50:56:ac:00:44
Primary VSM MGMT MAC : 00:50:56:ac:00:43
Standby VSM CTRL MAC : ff:ff:ff:ff:ff:ff
Management IPv4 address: 10.1.240.30
Management IPv6 address: 0000:0000:0000:0000:0000:0000:0000:0000
Secondary VSM MAC : 00:00:00:00:00:00
Secondary L3 Control IPv4 address: 0.0.0.0
Upgrade : Default
Max physical ports: 32
Max virtual ports: 216
Card control VLAN: 111
Card packet VLAN: 112
Card Headless Mode : Yes
       Processors: 8
Processor Cores: 4
Processor Sockets: 1
Kernel Memory:   16712336
Port link-up delay: 5s
Global UUFB: DISABLED
Heartbeat Set: False
PC LB Algo: source-mac
Datapath portset event in progress : no
~ #
On VSM
VSM11# sh svs conn
connection vcenter:
   ip address: 10.1.240.38
   remote port: 80
   protocol: vmware-vim https
   certificate: default
   datacenter name: New Datacenter
   admin:
   max-ports: 8192
   DVS uuid: c4 be 2c 50 36 c5 71 97-44 41 1f c0 43 8e 45 78
   config status: Enabled
   operational status: Connected
   sync status: Complete
   version: VMware vCenter Server 4.1.0 build-345043
VSM11# sh svs ?
connections Show connection information
domain       Domain Configuration
neighbors   Svs neighbors information
upgrade     Svs upgrade information
VSM11# sh svs dom
SVS domain config:
Domain id:   1
Control vlan: 111
Packet vlan: 112
L2/L3 Control mode: L2
L3 control interface: NA
Status: Config push to VC successful.
VSM11# sh port
           ^
% Invalid command at '^' marker.
VSM11# sh run
!Command: show running-config
!Time: Sun Nov 20 11:35:52 2011
version 4.2(1)SV1(4a)
feature telnet
username admin password 5 $1$QhO77JvX$A8ykNUSxMRgqZ0DUUIn381 role network-admin
banner motd #Nexus 1000v Switch#
ssh key rsa 2048
ip domain-lookup
ip domain-lookup
hostname VSM11
snmp-server user admin network-admin auth md5 0x389a68db6dcbd7f7887542ea6f8effa1
priv 0x389a68db6dcbd7f7887542ea6f8effa1 localizedkey
vrf context management
ip route 0.0.0.0/0 10.1.240.254
vlan 1,111-112
port-channel load-balance ethernet source-mac
port-profile default max-ports 32
port-profile type ethernet Unused_Or_Quarantine_Uplink
vmware port-group
shutdown
description Port-group created for Nexus1000V internal usage. Do not use.
state enabled
port-profile type vethernet Unused_Or_Quarantine_Veth
vmware port-group
shutdown
description Port-group created for Nexus1000V internal usage. Do not use.
state enabled
port-profile type ethernet system-uplink
vmware port-group
switchport mode trunk
switchport trunk allowed vlan 111-112
no shutdown
system vlan 111-112
description "System profile"
state enabled
port-profile type vethernet servers11
vmware port-group
switchport mode access
switchport access vlan 11
no shutdown
description "Data Profile for VM Traffic"
port-profile type ethernet vm-uplink
vmware port-group
switchport mode access
switchport access vlan 11
no shutdown
description "Uplink profile for VM traffic"
state enabled
vdc VSM11 id 1
limit-resource vlan minimum 16 maximum 2049
limit-resource monitor-session minimum 0 maximum 2
limit-resource vrf minimum 16 maximum 8192
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 32 maximum 32
limit-resource u6route-mem minimum 16 maximum 16
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8
interface mgmt0
ip address 10.1.240.124/24
interface control0
line console
boot kickstart bootflash:/nexus-1000v-kickstart-mz.4.2.1.SV1.4a.bin sup-1
boot system bootflash:/nexus-1000v-mz.4.2.1.SV1.4a.bin sup-1
boot kickstart bootflash:/nexus-1000v-kickstart-mz.4.2.1.SV1.4a.bin sup-2
boot system bootflash:/nexus-1000v-mz.4.2.1.SV1.4a.bin sup-2
svs-domain
domain id 1
control vlan 111
packet vlan 112
svs mode L2
svs connection vcenter
protocol vmware-vim
remote ip address 10.1.240.38 port 80
vmware dvs uuid "c4 be 2c 50 36 c5 71 97-44 41 1f c0 43 8e 45 78" datacenter-n
ame New Datacenter
max-ports 8192
connect
vsn type vsg global
tcp state-checks
vnm-policy-agent
registration-ip 0.0.0.0
shared-secret **********
log-level
thank you
Michel

Nexus 1000v VEM module bouncing between hosts

I'm receiving these error messages on my N1KV and don't know how to fix it. I've tried removing, rebooting, reinstalling host B's VEM but that did not fix the issue. How do I debug this?
My setup,
Two physical hosts running esxi 5.1, vcenter appliance, n1kv with two system uplinks and two uplinks for iscsi for each host. Let me know if you need more output from logs or commands, thanks.
N1KV# 2013 Jun 17 18:18:07 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.52.100 detected as module 3
2013 Jun 17 18:18:07 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 17 18:18:08 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_UNEXP_NODEID_REQ: Removing VEM 3 (Unexpected Node Id Request)
2013 Jun 17 18:18:09 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 17 18:18:13 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.51.100 detected as module 3
2013 Jun 17 18:18:13 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 17 18:18:16 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_UNEXP_NODEID_REQ: Removing VEM 3 (Unexpected Node Id Request)
2013 Jun 17 18:18:17 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 17 18:18:21 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.52.100 detected as module 3
2013 Jun 17 18:18:21 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 17 18:18:22 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_UNEXP_NODEID_REQ: Removing VEM 3 (Unexpected Node Id Request)
2013 Jun 17 18:18:23 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 17 18:18:28 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.51.100 detected as module 3
2013 Jun 17 18:18:29 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 17 18:18:44 N1KV %PLATFORM-2-MOD_DETECT: Module 2 detected (Serial number :unavailable) Module-Type Virtual Supervisor Module Model :unavailable
N1KV# sh module
Mod Ports Module-Type                       Model               Status
1    0      Virtual Supervisor Module         Nexus1000V          ha-standby
2    0      Virtual Supervisor Module         Nexus1000V          active *
3    248    Virtual Ethernet Module           NA                  ok
Mod Sw                  Hw
1    4.2(1)SV2(1.1a)     0.0
2    4.2(1)SV2(1.1a)     0.0
3    4.2(1)SV2(1.1a)     VMware ESXi 5.1.0 Releasebuild-838463 (3.1)
Mod MAC-Address(es)                         Serial-Num
1    00-19-07-6c-5a-a8 to 00-19-07-6c-62-a8 NA
2    00-19-07-6c-5a-a8 to 00-19-07-6c-62-a8 NA
3    02-00-0c-00-03-00 to 02-00-0c-00-03-80 NA
Mod Server-IP        Server-UUID                           Server-Name
1    192.168.54.2     NA                                    NA
2    192.168.54.2     NA                                    NA
3    192.168.51.100   03000200-0400-0500-0006-000700080009 NA
* this terminal session
~ # vemcmd show card
Card UUID type 2: 03000200-0400-0500-0006-000700080009
Card name:
Switch name: N1KV
Switch alias: DvsPortset-1
Switch uuid: e6 dc 36 50 c0 a9 d9 a5-0b 98 fb 90 e1 fc 99 af
Card domain: 2
Card slot: 3
VEM Tunnel Mode: L3 Mode
L3 Ctrl Index: 49
L3 Ctrl VLAN: 51
VEM Control (AIPC) MAC: 00:02:3d:10:02:02
VEM Packet (Inband) MAC: 00:02:3d:20:02:02
VEM Control Agent (DPA) MAC: 00:02:3d:40:02:02
VEM SPAN MAC: 00:02:3d:30:02:02
Primary VSM MAC : 00:50:56:b6:0c:b2
Primary VSM PKT MAC : 00:50:56:b6:35:3f
Primary VSM MGMT MAC : 00:50:56:b6:d5:12
Standby VSM CTRL MAC : 00:50:56:b6:96:f2
Management IPv4 address: 192.168.51.100
Management IPv6 address: 0000:0000:0000:0000:0000:0000:0000:0000
Primary L3 Control IPv4 address: 192.168.54.2
Secondary VSM MAC : 00:00:00:00:00:00
Secondary L3 Control IPv4 address: 0.0.0.0
Upgrade : Default
Max physical ports: 32
Max virtual ports: 216
Card control VLAN: 1
Card packet VLAN: 1
Control type multicast: No
Card Headless Mode : No
       Processors: 4
Processor Cores: 4
Processor Sockets: 1
Kernel Memory:   16669760
Port link-up delay: 5s
Global UUFB: DISABLED
Heartbeat Set: True
PC LB Algo: source-mac
Datapath portset event in progress : no
Licensed: Yes
~ # vemcmd show card
Card UUID type 2: 03000200-0400-0500-0006-000700080009
Card name:
Switch name: N1KV
Switch alias: DvsPortset-0
Switch uuid: e6 dc 36 50 c0 a9 d9 a5-0b 98 fb 90 e1 fc 99 af
Card domain: 2
Card slot: 3
VEM Tunnel Mode: L3 Mode
L3 Ctrl Index: 49
L3 Ctrl VLAN: 52
VEM Control (AIPC) MAC: 00:02:3d:10:02:02
VEM Packet (Inband) MAC: 00:02:3d:20:02:02
VEM Control Agent (DPA) MAC: 00:02:3d:40:02:02
VEM SPAN MAC: 00:02:3d:30:02:02
Primary VSM MAC : 00:50:56:b6:0c:b2
Primary VSM PKT MAC : 00:50:56:b6:35:3f
Primary VSM MGMT MAC : 00:50:56:b6:d5:12
Standby VSM CTRL MAC : 00:50:56:b6:96:f2
Management IPv4 address: 192.168.52.100
Management IPv6 address: 0000:0000:0000:0000:0000:0000:0000:0000
Primary L3 Control IPv4 address: 192.168.54.2
Secondary VSM MAC : 00:00:00:00:00:00
Secondary L3 Control IPv4 address: 0.0.0.0
Upgrade : Default
Max physical ports: 32
Max virtual ports: 216
Card control VLAN: 1
Card packet VLAN: 1
Control type multicast: No
Card Headless Mode : Yes
       Processors: 4
Processor Cores: 4
Processor Sockets: 1
Kernel Memory:   16669764
Port link-up delay: 5s
Global UUFB: DISABLED
Heartbeat Set: False
PC LB Algo: source-mac
Datapath portset event in progress : no
Licensed: Yes
! ports 1-6 connected to physical host A
interface GigabitEthernet1/0/1
description VMWARE ESXi Trunk
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
spanning-tree portfast trunk
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
channel-group 1 mode active
! ports 7-12 connected to phys host B
interface GigabitEthernet1/0/7
description VMWARE ESXi Trunk
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
spanning-tree portfast trunk
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
channel-group 2 mode active

ok after deleteing the n1kv vms and vcenter and then reinstalling all I got the error again,
N1KV# 2013 Jun 18 17:48:12 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_STATE_CONFLICT: Removing VEM 3 due to state conflict VSM(NodeId Processed), VEM(ModIns End Rcvd)
2013 Jun 18 17:48:13 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 18 17:48:16 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.52.100 detected as module 3
2013 Jun 18 17:48:16 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 18 17:48:22 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_STATE_CONFLICT: Removing VEM 3 due to state conflict VSM(NodeId Processed), VEM(ModIns End Rcvd)
2013 Jun 18 17:48:23 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 18 17:48:34 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.52.100 detected as module 3
2013 Jun 18 17:48:34 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 18 17:48:41 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_STATE_CONFLICT: Removing VEM 3 due to state conflict VSM(NodeId Processed), VEM(ModIns End Rcvd)
2013 Jun 18 17:48:42 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 18 17:49:03 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.52.100 detected as module 3
2013 Jun 18 17:49:03 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 18 17:49:10 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_STATE_CONFLICT: Removing VEM 3 due to state conflict VSM(NodeId Processed), VEM(ModIns End Rcvd)
2013 Jun 18 17:49:11 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 18 17:49:29 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.51.100 detected as module 3
2013 Jun 18 17:49:29 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 18 17:49:35 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_STATE_CONFLICT: Removing VEM 3 due to state conflict VSM(NodeId Processed), VEM(ModIns End Rcvd)
2013 Jun 18 17:49:36 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 18 17:49:53 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.51.100 detected as module 3
2013 Jun 18 17:49:53 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
2013 Jun 18 17:49:59 N1KV %VEM_MGR-2-VEM_MGR_REMOVE_STATE_CONFLICT: Removing VEM 3 due to state conflict VSM(NodeId Processed), VEM(ModIns End Rcvd)
2013 Jun 18 17:50:00 N1KV %VEM_MGR-2-MOD_OFFLINE: Module 3 is offline
2013 Jun 18 17:50:05 N1KV %VEM_MGR-2-VEM_MGR_DETECTED: Host 192.168.52.100 detected as module 3
2013 Jun 18 17:50:05 N1KV %VEM_MGR-2-MOD_ONLINE: Module 3 is online
Host A
~ # vemcmd show card
Card UUID type 2: 03000200-0400-0500-0006-000700080009
Card name:
Switch name: N1KV
Switch alias: DvsPortset-0
Switch uuid: e6 dc 36 50 c0 a9 d9 a5-0b 98 fb 90 e1 fc 99 af
Card domain: 2
Card slot: 1
VEM Tunnel Mode: L3 Mode
L3 Ctrl Index: 49
L3 Ctrl VLAN: 52
VEM Control (AIPC) MAC: 00:02:3d:10:02:00
VEM Packet (Inband) MAC: 00:02:3d:20:02:00
VEM Control Agent (DPA) MAC: 00:02:3d:40:02:00
VEM SPAN MAC: 00:02:3d:30:02:00
Primary VSM MAC : 00:50:56:b6:96:f2
Primary VSM PKT MAC : 00:50:56:b6:11:b6
Primary VSM MGMT MAC : 00:50:56:b6:48:c6
Standby VSM CTRL MAC : ff:ff:ff:ff:ff:ff
Management IPv4 address: 192.168.52.100
Management IPv6 address: 0000:0000:0000:0000:0000:0000:0000:0000
Primary L3 Control IPv4 address: 192.168.54.2
Secondary VSM MAC : 00:00:00:00:00:00
Secondary L3 Control IPv4 address: 0.0.0.0
Upgrade : Default
Max physical ports: 32
Max virtual ports: 216
Card control VLAN: 1
Card packet VLAN: 1
Control type multicast: No
Card Headless Mode : Yes
       Processors: 4
Processor Cores: 4
Processor Sockets: 1
Kernel Memory:   16669764
Port link-up delay: 5s
Global UUFB: DISABLED
Heartbeat Set: False
PC LB Algo: source-mac
Datapath portset event in progress : no
Licensed: No
Host B
~ # vemcmd show card
Card UUID type 2: 03000200-0400-0500-0006-000700080009
Card name:
Switch name: N1KV
Switch alias: DvsPortset-0
Switch uuid: bf fb 28 50 1b 26 dd ae-05 bd 4e 48 2e 37 56 f3
Card domain: 2
Card slot: 3
VEM Tunnel Mode: L3 Mode
L3 Ctrl Index: 49
L3 Ctrl VLAN: 51
VEM Control (AIPC) MAC: 00:02:3d:10:02:02
VEM Packet (Inband) MAC: 00:02:3d:20:02:02
VEM Control Agent (DPA) MAC: 00:02:3d:40:02:02
VEM SPAN MAC: 00:02:3d:30:02:02
Primary VSM MAC : 00:50:56:a8:f5:f0
Primary VSM PKT MAC : 00:50:56:a8:3c:62
Primary VSM MGMT MAC : 00:50:56:a8:b4:a4
Standby VSM CTRL MAC : 00:50:56:a8:30:d5
Management IPv4 address: 192.168.51.100
Management IPv6 address: 0000:0000:0000:0000:0000:0000:0000:0000
Primary L3 Control IPv4 address: 192.168.54.2
Secondary VSM MAC : 00:00:00:00:00:00
Secondary L3 Control IPv4 address: 0.0.0.0
Upgrade : Default
Max physical ports: 32
Max virtual ports: 216
Card control VLAN: 1
Card packet VLAN: 1
Control type multicast: No
Card Headless Mode : No
       Processors: 4
Processor Cores: 4
Processor Sockets: 1
Kernel Memory:   16669760
Port link-up delay: 5s
Global UUFB: DISABLED
Heartbeat Set: True
PC LB Algo: source-mac
Datapath portset event in progress : no
Licensed: Yes
I used the nexus 1000v java installer so I don't know what it keeps assigning the same UUID nor do I know how to change it.
Here is the other output you requested,
N1KV# show vms internal info dvs
DVS INFO:
DVS name: [N1KV]
      UUID: [bf fb 28 50 1b 26 dd ae-05 bd 4e 48 2e 37 56 f3]
      Description: [(null)]
      Config version: [1]
      Max ports: [8192]
      DC name: [Galaxy]
     OPQ data: size [1121], data: [data-version 1.0
switch-domain 2
switch-name N1KV
cp-version 4.2(1)SV2(1.1a)
control-vlan 1
system-primary-mac 00:50:56:a8:f5:f0
active-vsm packet mac 00:50:56:a8:3c:62
active-vsm mgmt mac 00:50:56:a8:b4:a4
standby-vsm ctrl mac 0050-56a8-30d5
inband-vlan 1
svs-mode L3
l3control-ipaddr 192.168.54.2
upgrade state 0 mac 0050-56a8-30d5 l3control-ipv4 null
cntl-type-mcast 0
profile dvportgroup-26 trunk 1,51-57,110
profile dvportgroup-26 mtu 9000
profile dvportgroup-27 access 51
profile dvportgroup-27 mtu 1500
profile dvportgroup-27 capability l3control
profile dvportgroup-28 access 52
profile dvportgroup-28 mtu 1500
profile dvportgroup-28 capability l3control
profile dvportgroup-29 access 53
profile dvportgroup-29 mtu 1500
profile dvportgroup-30 access 54
profile dvportgroup-30 mtu 1500
profile dvportgroup-31 access 55
profile dvportgroup-31 mtu 1500
profile dvportgroup-32 access 56
profile dvportgroup-32 mtu 1500
profile dvportgroup-34 trunk 220
profile dvportgroup-34 mtu 9000
profile dvportgroup-35 access 220
profile dvportgroup-35 mtu 1500
profile dvportgroup-35 capability iscsi-multipath
end-version 1.0
      push_opq_data flag: [1]
show svs neighbors
Active Domain ID: 2
AIPC Interface MAC: 0050-56a8-f5f0
Inband Interface MAC: 0050-56a8-3c62
Src MAC           Type   Domain-id    Node-id     Last learnt (Sec. ago)
0050-56a8-30d5     VSM         2         0201      1020.45
0002-3d40-0202     VEM         2         0302         1.33
I cannot add Host A to the N1KV it errors out with,
vDS operation failed on host 192.168.52.100, An error occurred during host configuration. got (vim.fault.PlatformConfigFault) exception
Host B (192.168.51.100) was added fine, then I moved a vmkernel to the N1KV which brought up the VEM and got the VEM flapping errors.

VM-FEX and Nexus 1000v relation

Hi
I am a new in virtulaization world and I need to know what is the relation between Cisco Nexus 1000v and Cisco VM-FEX?, and when to use VM-FEX and when to use Nexus 1000v.
Regards

Ahmed,
Sorry for taking this long to get back to you.
Nexus 1000v is a virtualized switch and as such will require that any traffic coming in or leaving the VM will first need to pass through the virtualization layer, therefore causing a minimum delay that for some applications (VMs) can be catastrophic enough that may mean too much delay.
With VM-FEX you gain the option to bypass the virtualization layer with for example "Pass-Through" mode where the vmnics are really assigned and managed by the OS, minimizing the delay and making the VMs look as if they were directly attached, also, this offloads CPU workload in the mean time, optimizing the host/VM's performance.
The need for one or the other will be defined as always by the needs your organization/business has.
Benefits of VM-FEX (from cisco.com):
Simplified operations: Eliminates the need for a separate, virtual networking infrastructure
Improved network security: Contains VLAN proliferation
Optimized network utilization: Reduces broadcast domains
Enhanced application performance: Offloads virtual machine switching from host CPU to parent switch application-specific integrated circuits (ASICs)
Benefits of Nexus 1000v here on another post from Rob Burns:
https://supportforums.cisco.com/thread/2087541
https://communities.vmware.com/thread/316542?tstart=0
I hope that helps
-Kenny

Port-security and Nexus 1000v

Is there really any true need for port-security on Nexus 1000v for vethernet ports? Can a VM be assigned a previously used vethernet port that would trigger a port-security action?

If you want to prevent admins or malicious users from being able change the mac address of a VM then port-security is a useful feature. Especially in VDI environments where users might have full admin control of the VM and can change the mac of the vnic.
Now about veths ports. A veth gets assigned to a VM and stays with that VM. A veth is only released when either the nic on the VM is deleted or the nic is assigned to another port-profile on the N1KV or a port-group on a vSwitch or VMware DVS. Now when the veth is released it does not retain any of the piror information. It's freed up and added to a pool of available veths. When a veth is needed for a VM in either the same port-profile or a different port-profile the free veth will be grabbed and initialized. It does not retain any of the previous settings.
So assigning a VM to a previsously used veth port should not trigger a violation. The MAC should get learned and traffic should be able to flow.

Nexus 1000V VMotion between 2 different 1KV Switches

Hello Virtual Experts,
I was informed that you cannot Vmotion from one N1kv in one domain ID instance to another N1kv in a different domain ID.
As I understand, every Nexus 1000v switch needs to be in its own domain.
If this is the case, how does Cisco facilitate VMotion between switches? How does Cisco facilitate long range Vmotion?
Any response is much appreciated.
/r
Rob

Robert,
You are correct, just as with any vDS and a standard vSwitch you can't VMotion them between (while the Network interfaces are connected anyway). VMotion will fail the Network Port Group validation. The networking is what is tripping you up here, and it's not specific to Cisco, it's a VMware validation requirement.
With long distance vMotion, the VMs are still part of the same DVS so there's no issue here.
You have a couple options here.
1. You can do a cold migration, then re-assign the network binding on the destination switch. This would require VM downtime.
2. If going from a Host connected to a vDS to a Host using a vSwitch, you can create a temporaty vSwitch on the source host, create the Port Group with the same name as the Destination host's Port Group, give it an uplink and then migrate it that way from there. This can be done online w/o downtime of the VM.
Not sure of any other methods, but if anyone else has an idea, feel free to share!
Regards,
Robert

VN-Link Hardware require Nexus 1000v yes or not?

I have a problem about VN-Link Hardware. When i create port profile on UCS Manager and Create Port Profile Client then vCenter will create Port Group too. But when i apply network in Virtual Machine by select Port Group in vCenter i can't see Virtual Maching Guest in VM tab on UCS Manager.
Finally question VN-Link Hardware require Nexus 1000v install on ESX yes or not? in UCS Manager GUI document say need require DVS Switch.

Thank you for reply. I have successfully turn on VN-Link hardware by follow this video --> http://tinyurl.com/23p896k
and i have install Nexus 1000v VEM in ESX for turn on VN-Link hardware.
I need test performance of CNA Card (palo) and report to my CEO.
- How to test it?
- What is tool for test?
PS.Sorry for English language

Nexus 1000v, VMWare ESX and Microsoft SC VMM

Hi,
Im curious if anybody has worked up any solutions managing network infrastructure for VMWare ESX hosts/vms with the Nexus 1000v and Microsoft's System Center Virtual Machine Manager.
There currently exists support for the 1000v and ESX and SCVMM using the Cisco 1000v software for MS Hyper-V and SCVMM. There is no suck support for VMWare ESX.
Im curious as to what others with VMWare, Nexus 1000v or equivalent and SCVMM have done to work around this issue.
Trying to get some ideas.
Thanks

Aaron,
The steps you have above are correct, you will need steps 1 - 4 to get it working correctly. Normally people will create a separate VLAN for their NLB interfaces/subnet, to prevent uncessisary flooding of mcast frames within the network.
To answer your questions
1) I've seen multiple customer run this configuration
2) The steps you have are correct
3) You can't enable/disable IGMP snooping on UCS. It's enabled by default and not a configurable option. There's no need to change anything within UCS in regards to MS NLB with the procedure above. FYI - the ability to disable/enable IGMP snooping on UCS is slated for an upcoming release 2.1.
This is the correct method untill the time we have the option of configuring static multicast mac entries on
the Nexus 1000v. If this is a feature you'd like, please open a TAC case and request for bug CSCtb93725 to be linked to your SR.
This will give more "push" to our develpment team to prioritize this request.
Hopefully some other customers can share their experience.
Regards,
Robert

Firewall between Nexus 1000V VSM and vCenter

Hi,
Customer has multiple security zones in environment, and VMware vCenter is located in a Management Security Zone. VSMs in security zones have dedicated management interface facing Management Security Zone with firewall in between. What ports do we need to open for the communication between VSMs and vCenter? The Nexus 1000V troubleshooting guide only mentioned TCP/80 and TCP/443. Are these outbound from VSM to vCenter? Is there any requirements from vCenter to VSM? What's the best practice for VSM management interface configuration in multiple security zones environment? Thanks.

Avi -
You need the connection between vCenter and the VSM anytime you want to add or make any changes to the existing port-profiles. This is how the port-profiles become available to the virtual machines that reside on your ESX hosts.
One problem when the vCenter is down is what you pointed out - configuration changes cannot be pushed
The VEM/VSM relationship is independent of the VSM/vCenter connection. There are separate VLANs or L3 interfaces that are used to pass information and heartbeats between the VSM and its VEMs.
Jen

VN-Tag with Nexus 1000v and Blades

Hi folks,
A while ago there was a discussion on this forum regarding the use of Catalyst 3020/3120 blades switches in conjunction with VN-tag. Specifically, you can't do VN-Tag with that Catalyst blade switch sitting inbetween the Nexus 1000V and the Nexus 5000. I know there's a Blade switch for the IBM blade servers, but will there be a similar version for the HP C-class blades? My guess is NO, since Cisco just kicked HP to the curb. But if that's the case, what are my options? Pass-through switches? (ugh!)
Previous thread:
https://supportforums.cisco.com/message/469303#469303

wondering the same...

Nexus 1000V. problem when working with the console VMWare

I have a problem when working with the console VMWare.
Sometimes it is impossible to connect any of the hypervisor to the guest OS managed by them.
I get the message: "Unable connect to the MKS: Host address lookup for server <name of the hypervisor> failed: No such host is known."
This message always appears in conjunction with the reconfiguration of virtual switch: "Reconfigure vNetwork Distributed Switch .... Initiated by Cisco_Nexus_1000V_ ....."
Upon completion of the reconfiguration, Communication console, with guest OS is restored, or on its own or after a reboot srv-vc.
In this time, I do not see any message in Nexus 1000v log.
What is this?
Thanks in advance.

Smells of a DNS issue. Are you sure your ESX hosts are reachable from your client via DNS hostname? Try pinging them from a command prompt/terminal. You may have DNS server issues.
As a temp fix, edit your [windowspath]/system32/etc/drivers/hosts file and manually add the ESX host name and IP, then re-test.
Regards,
Robert

Vmware Tools for Nexus 1000v, VNMC and VSG

Hi everyone, a customer is asking me about how to install the vmware tools in the virtual machines of N1Kv, VSG and VNMC.
Someone knows the procedure, or if thats posiible or not.

@Robert
Wanted to know / understand what hardware version would be compatible for Nexus 1000V ? Is there any dependency for hardware version ?
Regards,
Amit Vyas

VWLC and Nexus-1000V

Hi Experts!
Does anybody try to install vWLC on ESX with Nexus-1000V as switch?
All deployment guide are based on standard VMWare vSwitch and I can not find any information about questions:
1. Is vWLC compatible with Nexus-1000V?
2. What configuration should be done on Nexus-1000V to vWLC works properly?

Hi Dave,
You can access below URL for nexus 1000v -4.0(4)SV1(3b) docs:
http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_b/roadmap/guide/n1000v_roadmap.html
And
Nexus5000
http://www.cisco.com/en/US/products/ps9670/tsd_products_support_series_home.html
BR,
John Meng

VSM and Cisco nexus 1000v

Hi,
We are planning to install Cisco Nexus 1000v in our environment. Before we want to install we want to explore little bit about Cisco Nexus 1000v
• I know there is 2 elements for Cisco 1k, VEM and VSM. Does VSM is required? Can we configure VEM individually?
• How does Nexus 1k integrated with vCenter. Can we do all Nexus 1000v configuration from vCenter without going to VEM or VSM?
• In term of alarming and reporting, does we need to get SNMP trap and get from individual VEM or can be use VSM to do that. OR can we get Cisco Nexus 1000v alarming and reporting form VMware vCenter.
• Apart from using Nexus 1010 can what’s the recommended hosting location for VSM, (same Host as VEM, different VM, and different physical server)
Foyez Ahammed

Hi Foyez,
Here is a brief on the Nexus1000v and I'll answer some of your questions in that:
The Nexus1000v is a Virtual Distributed Switch (software based) from Cisco which integrated with the vSphere environment to provide uniform networking across your vmware environment for the host as well as the VMs. There are two components to the N1K infrastructure 1) VSM 2) VEM.
VSM - Virtual supervisor module is the one which controls the entire N1K setup and is from where the configuration is done for the VEM modules, interfaces, security, monitoring etc. VSM is the one which interacts with the VC.
VEM - Virtual ethernet module are simply the module or virtual linecards which provide the connectivity option or virtual ports for the VMs and other virtaul interfaces. Each ESX host today can only have one VEM. These VEMs recieve their configuration / programing from the VSM.
If you are aware of any other switching products from Cisco like the Cat 6k switches, the n1k behaves the same way but in a software / virtual environment. Where the VSM are equal of a SUPs and the VEM are similar to the line cards. The control and the packet VLANs in the n1k provide the same kind of AIPC and Inband connectivity as the 6k backplane would for the communication between the modules and the SUP (VSM in this case).
*The n1k configuration is done only from the VSM and is visible in the VC.However the port-profiles created from the VSM are pushed from the VSM to the VC and have to be assigned to the virtual / physical ports from the VC.
*You can run the VSM either on the Nexus1010 as a Virtual service blade (VSB) or as a normal VM on any of the ESX/ESXi server. The VSM and the VEM on the same server are fully supported.
You can refer the following deployment guide for some more details: http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/guide_c07-556626.html
Hope this answers your queries!
./Abhinav

Nexus 1000V, 4K and 5K

I'm looking over the deployment guide for 1000Vs, and am not clear on the design. If I have a Nexus 4k connecting to a Nexus 5k, how does the Nexus 1000V fit? What I'm seeing is that typically a vpc is built between the Nexus 1k and a clustered upstream switch, such as Nexus 5ks, or VSS with 6500s. However, if I already have a vpc between a Nexus 4k and a pair of 5ks, what affect does adding 1ks to the configuration have? Or is the idea to move the vpc back to the 1000Vs instead of the between the 4k and 5ks? Or perhaps is using a 1000V more suited when you have blades that are pass through modules where each blade has its own NIC or there are blade switches (non Nexus 4k) in the chassis?
thank you,
Bill

hi bill
mainly there are two options
first option if to use the N1K with a clustered up stream switches as you mentioned vPC or VSS
in this case all what you need form the N1K/ESXi host is to use a normal portchannel and multihome th eport channel links to both of these switches ( this is a recommended solution if applicable )
option two is to use non-clustered switches like in your case the two 4K switches as the upstream switches with the N1K
and in this case you can use vPC host mode where the N1K with new releases uses mac-pining to chose uplink subgroup within the port channel
see below:

Nexus 1000V - what is a DVS really?

Similar Messages

Maybe you are looking for