Nexus 5000/2000 connected to ESX host with 2 teamed NICS
Hi,
I have a question regarding a configuration we have in our Datacenter (see above)
The issue is with the Server configuration on the switch (Please note this is an ESX host with 2 NICs (active/active, same vSwitch), 1 NIC each connected to a different FEX)
Currently we have removed the 'channel-group x' from under the individual ports on each FEX and have full connectivity, i.e. no vPC configuration, how can this be working?
Rgds
Jake
ESX uses per default the following NIC-teaming method:
"Route based on the originating port ID" - Also know as vSwitch port-based load-balancing, this method chooses an uplink based on the virtual port where the traffic entered the virtual switch
(check out this PDF: http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf)
With this method you don't need to configure a channel on your Nexus switches. If you configure a port-channel (vPC) you should reconfigure the ESX vSwitch teaming to "Route based on IP hash" and make sure your port-channels on the nexus are configured as static ports (mode on) because ESX is not able to do LACP.
HTH
Marcel
Similar Messages
-
Problem connecting to HTTPS host with self signed certificate
I have set up a tomcat server with SSL running in a vmware on my machine using a self signed certificate. I can connect to this no problem with a browser from my main machine with the url https://myserver:8443.
However, I am not able to connect with a Java client. I always get the below exception. I read that I need to add it as a trusted certificate in the keystore. I went to the site with firefox and saved the certificate as a .cer file, and imported it into the default keystore at c:\users\louis\.keystore. I still have the same problem. I think the problem is the client is not using the keystore, and I don't know how to make it do so. I tried adding the following argument to the run command:
-Djavax.net.ssl.trustStore=c:\users\louis\.keystore -Djavax.net.ssl.trustStorePassword=changeit
but it doesn't help.
Here is the exception I'm getting:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at Test.main(Test.java:39)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
... 12 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 18 moreI have worked around this problem by configuring the Java client to trust all certificates and disabling hostname verification. That way I don't need a trust store. I'll just have to remove that code in production. Not ideal since I'd rather have certificate/hostname verification working for testing, but it works at least.
I have looked at the Java security documentation and as far as i can tell a keystore and trust store is still basically the same type of file and created the same way with the keytool. The difference is when you import a cert you use the -trustcacerts option. The client 'keystore' is only being used to store the trusted cert, so it essentially is a trust store. This is documented in the keytool doc for the command -importcert.
http://download.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
I actually think my problem is more to do with the hostname, since my server doesn't have a real domain hostname like www.myserver.com. I am just using the machine name for the host, although web browsers do not have a problem with this. When I set my java client to trust all certs, I was getting the following error:
java.io.IOException: HTTPS hostname wrong
Disabling hostname verification fixed this, so I'm wondering if my cert has the wrong hostname. I originally created the self signed cert using the keytool with the command -genkey, which creates a key pair and also a self signed cert. I looked at the keytool docs, and I don't see any way of specifying the hostname or even seeing what the host name of a cert is. What does it put as the hostname by default? The IP address or machine name, or am I understanding this wrong? -
Connecting Nexus 5000 to HP Bladeserver using LACP
We are connecting the Nexus 5000 to an HP bladeserver. I know the NICs are HP NC553i. We have 2 5000 and create a port-channel. Everything works fine until we turn on LACP and then everything goes down.
Thanks,
DianeLACP is a protocol negociation normally used between switches, not switch and host.
What switching module does the HP Blade Chassis have (uplinked to the N5Ks) ?
Pass through modules will not be able to create an LACP port channel unless the host can speak LACP. Host OSes like ESX can only support a static port channel (using IP Hashing), but not LACP.
The NIC model is irrevelant for the most part.
Regards,
Robert -
N1010/N1000v : VMWare Vcenter - VSM (L3) on N1010 - VEM on ESX-host
Hi Vishal Mehta,
I am currently busy with the rollout of a nexus1010/nexus1000v.
Current status :
1/ Nexus 1010 (primary/secondary) setup is done/ok.
2/ Add VSB’s for Nexus1000v is aswell done/ok.
3/ VSB(VSM) towards VMWare VCenter communication (show svs connections J) is aswell done/ok.
4/ VEM activation on a ESX-Host à and this is the part were I’m a bit lost (sorry for that L… ) : how should I “understand” the VSM to VEM communication. And/or in other words : can a ESX-host (with a vswitch or distributed vswitch stay active in parallel with a VEM on that same ESX-Host ? Based on my current testing, everything points into the direction of “migrating from an existing vswitch to a VEM setup”).
[Note : I have a VSM to VEM Layer3 setup configured.]
4bis / what about the mgmt. communication between the ESX-host vswitch & the mgmt.communication between the ESC-host VEM (which is in my case layer3).
Is there a "good" one-pager available which shows the difference between VMware (distributed)vswitch vs VMware with Cisco Nexus1000v VEM. And additionally which parts can run in parallel between the VMware vcenter & an ESX-Host (when it comes to "controlling the vswitch & the nexus 1000v VEM).
Many thanks for your replies,
Best Regards,
Joost.Hi Joost,
You have scored on all the initial setup steps and almost close to using VSM-VEM :)
To answer your main question – Yes a ESXi host can have multiple active Virtual Switches in parallel.
That is to say, you can have VMware’s DVS, Nexus 1000v VEM, vSwitch 1, vSwitch 2, …., vSwitch X all ON at same time.
The separation at switching level happens on basis of which VMs (via Port-Groups) use which Virtual Switch.
The uplinks (network adapters - vmnics) of host are distributed across virtual switches (CANNOT be shared)
So multiple active Virtual Switches gives you flexibility to segregate your virtual workloads across those uplinks
Now regarding the L3 mode between VSM and VEM
You can either use existing mgmt. interface (vmk0) to communicate between ESXi host (VEM) and Nexus 1000v VSM
Or you can have dedicated (separate from mgmt.) IP subnet with new VMkernel (say vmk1) for VEM-VSM communication.
Please refer below document which walks through the scenario you have implemented:
https://communities.cisco.com/docs/DOC-28631
we don’t have specific document to compare Nexus 1000v with other Distributed Virtual Switches
But few of advantages for opting Nexus 1000v are – its free, all NX-OS features, separate entity which can be owned/managed by Network team and other special features which I presented in above webcast recordings
Common deployments I have seen in field is Customers using vSwitch for mgmt. (vmk0) and other host specific functions
And they use Nexus 1000v VEM for NX-OS for additional functionality like LACP, PVLAN, QoS, ERSPAN and Virtual Machines traffic.
Thank you!!
Regards,
Vishal -
Can't Connect to Remote Server with DW CS6?
In the last couple of days I'm having trouble connecting to my website host server (IPower) via Dreamweaver CS6.
I've been using this program and setup for several years but this weekend it takes 4 times longer to try and connect and ends up cancelling the operation usually.
Sometimes it connects for a few seconds then I get an error message: "the connection to the remote host has been lost."
Just wondering if this issue is Hughes ISP related. I tried disabling web acceleration with the same result. All other web and email operations are working fine.
A colleague with cable internet connects to my host with Dreamweaver with no problems.
Any ideas? Thanks in advance, JohnIt could also be a local hardware issue.
I had a wireless router that went belly up once in a very odd manner. I could connect and see the files on my FTP server, but uploads wouldn't work. I connected the computer directly to the modem, bypassing the router all together, and everything worked fine.
It's something to check before you call your ISP and start sending them off on a possible wild goose chase. -
The meaning of Interface Ethernet250/1 under the Nexus 2000 is connected to Nexus 5000 switch
Dear all,
Recently, I prepared and deploy a network monitoring system to monitor the new generation Nexus connected network. With using snmpwalk to query the interfacs information from the Nexus 5000 switch (one Nexus 2000 is connected to it via FlexLink), I found that other than normal Nexus 5000 and 2000 ports(ifName to be Ethernet1/1, Ethernet1/2, ... Ethernet190/1/1, Ethernet190/1/2...), a series of interface with ifName Ethernet250/1, Ethernet250/2, .... to be appeared in the interface SNMP tree. With logged into the Nexus 5000 and issue display interface command, I can only found the information on the normal interfaces but not the abnormal interface Ethernet250/1, ...
Would someone know what is it (do E250/1 is a logical interface like port channel or VLAN) and how to monitor it ? Thanks in advances.
HC WongI've not seen that myself. Could it perhaps be a VPC (Virtual Portchannel)?
-
Ask the Expert: Different Flavors and Design with vPC on Cisco Nexus 5000 Series Switches
Welcome to the Cisco® Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco® NX-OS.
The biggest limitation to a classic port channel communication is that the port channel operates only between two devices. To overcome this limitation, Cisco NX-OS has a technology called virtual port channel (vPC). A pair of switches acting as a vPC peer endpoint looks like a single logical entity to port channel attached devices. The two devices that act as the logical port channel endpoint are actually two separate devices. This setup has the benefits of hardware redundancy combined with the benefits offered by a port channel, for example, loop management.
vPC technology is the main factor for success of Cisco Nexus® data center switches such as the Cisco Nexus 5000 Series, Nexus 7000 Series, and Nexus 2000 Series Switches.
This event is focused on discussing all possible types of vPC along-with best practices, failure scenarios, Cisco Technical Assistance Center (TAC) recommendations and troubleshooting
Vishal Mehta is a customer support engineer for the Cisco Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in TAC for the past 3 years with a primary focus on data center technologies, such as the Cisco Nexus 5000 Series Switches, Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus 1000V Switch, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching, and service provider.
Nimit Pathak is a customer support engineer for the Cisco Data Center Server Virtualization TAC team based in San Jose, California, with primary focus on data center technologies, such as Cisco UCS, the Cisco Nexus 1000v Switch, and virtualization. Nimit holds a master's degree in electrical engineering from Bridgeport University, has CCNA® and CCNP® Nimit is also working on a Cisco data center CCIE® certification While also pursuing an MBA degree from Santa Clara University.
Remember to use the rating system to let Vishal and Nimit know if you have received an adequate response.
Because of the volume expected during this event, Vishal and Nimit might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure Community, under the subcommunity LAN, Switching & Routing, shortly after the event. This event lasts through August 29, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.Hello Gustavo
Please see my responses to your questions:
Yes almost all routing protocols use Multicast to establish adjacencies. We are dealing with two different type of traffic –Control Plane and Data Plane.
Control Plane: To establish Routing adjacency, the first packet (hello) is punted to CPU. So in the case of triangle routed VPC topology as specified on the Operations Guide Link, multicast for routing adjacencies will work. The hellos packets will be exchanged across all 3 routers and adjacency will be formed over VPC links
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_L3_w_vpc_5500platform.html#wp999181
Now for Data Plane we have two types of traffic – Unicast and Multicast.
The Unicast traffic will not have any forwarding issues, but because the Layer 3 ECMP and port channel run independent hash calculations there is a possibility that when the Layer 3 ECMP chooses N5k-1 as the Layer 3 next hop for a destination address while the port channel hashing chooses the physical link toward N5k-2. In this scenario,N5k-2 receives packets from R with the N5k-1 MAC as the destination MAC.
Sending traffic over the peer-link to the correct gateway is acceptable for data forwarding, but it is suboptimal because it makes traffic cross the peer link when the traffic could be routed directly.
For that topology, Multicast Traffic might have complete traffic loss due to the fact that when a PIM router is connected to Cisco Nexus 5500 Platform switches in a vPC topology, the PIM join messages are received only by one switch. The multicast data might be received by the other switch.
The Loop avoidance works little different across Nexus 5000 and Nexus 7000.
Similarity: For both products, loop avoidance is possible due to VSL bit
The VSL bit is set in the DBUS header internal to the Nexus.
It is not something that is set in the ethernet packet that can be identified. The VSL bit is set on the port asic for the port used for the vPC peer link, so if you have Nexus A and Nexus B configured for vPC and a packet leaves Nexus A towards Nexus B, Nexus B will set the VSL bit on the ingress port ASIC. This is not something that would traverse the peer link.
This mechanism is used for loop prevention within the chassis.
The idea being that if the port came in the peer link from the vPC peer, the system makes the assumption that the vPC peer would have forwarded this packet out the vPC-enabled port-channels towards the end device, so the egress vpc interface's port-asic will filter the packet on egress.
Differences: In Nexus 5000 when it has to do L3-to-L2 lookup for forwarding traffic, the VSL bit is cleared and so the traffic is not dropped as compared to Nexus 7000 and Nexus 3000.
It still does loop prevention but the L3-to-L2 lookup is different in Nexus 5000 and Nexus 7000.
For more details please see below presentation:
https://supportforums.cisco.com/sites/default/files/session_14-_nexus.pdf
DCI Scenario: If 2 pairs are of Nexus 5000 then separation of L3/L2 links is not needed.
But in most scenarios I have seen pair of Nexus 5000 with pair of Nexus 7000 over DCI or 2 pairs of Nexus 7000 over DCI. If Nexus 7000 are used then L3 and L2 links are required for sure as mentioned on above presentation link.
Let us know if you have further questions.
Thanks,
Vishal -
Can a Nexus 1000v be configured to NOT do local switching in an ESX host?
Before the big YES, use an external Nexus switch and use VN-Tag. The question is when there is a 3120 in a blade chassis that connects to the ESX hosts that have a 1000v installed on the ESX host. So, first hop outside the ESX host is not a Nexus box.
Looking for if this is possible, if so how, and if not, where that might be documented. I have a client who's security policy prohibits switching (yes, even on the same VLAN) within a host (in this case blade server). Oh and there is an insistance to use 3120s inside the blade chassis.
Has to be the strangest request I have had in a while.
Any data would be GREATY appreciated!Thanks for the follow up.
So by private VLANs, are you referring to "PVLAN":
"PVLANs: PVLANs are a new feature available with the VMware vDS and the Cisco Nexus
1000V Series. PVLANs provide a simple mechanism for isolating virtual machines in the
same VLAN from each other. The VMware vDS implements PVLAN enforcement at the
destination host. The Cisco Nexus 1000V Series supports a highly efficient enforcement
mechanism that filters packets at the source rather than at the destination, helping ensure
that no unwanted traffic traverses the physical network and so increasing the network
bandwidth available to other virtual machines" -
Hi,
We are currently seeing issues on a ESX Host using 10G Fibre dual connectivity to a pair of Nexus 7010's using vPC for the port channel to this ESX host which was working fine , up to this weekend. No changes had been made on the Nexus or ESX host.
We have changed the hardware path for the believed fault on a vmnic which when part of the virtual switch cause VM's on the Host to stop pinging, although we still see a CDP neighborship with the ESX from the Nexus, but changing fibre and Nexus ports has not worked.
As part of the testing , the vmware guy was removing this 'faulty' vmnic from the Virtual switch , which is part of an ether channel bundle his end. My first question is, how does the Nexus detect a link leaving the bundle for the ESX host , when the actual physical link is still up , and all they have done is software removed it from on the ESX, as the Nexus will still attempt to push traffic across both bundled links. I know there is the Cisco 1000V software , which can be used at an extra price, but is this the only option.
Any help will be gladly welcome.Hi
How the switch detects a link 'moving out' of the Etherchannel would depend on how you have configured it...
If you have used 'channel-group x mode on' under the physical ports in the channel, then it will not detect the change, and you will get problems. The solution is to ensure the config of the channel on both ends (server/switch) is consistent in this case. An inconsistent config will cause you connectivity issues.
If the switch automatically negotiates the Etherchannel (i.e. you are using LACP, and the server supports LACP) then it should detect the change.
Regards
Aaron
Please rate helpful posts... -
VPC on Nexus 5000 with Catalyst 6500 (no VSS)
Hi, I'm pretty new on the Nexus and UCS world so I have some many questions I hope you can help on getting some answers.
The diagram below is the configuration we are looking to deploy, that way because we do not have VSS on the 6500 switches so we can not create only one Etherchannel to the 6500s.
Our blades inserted on the UCS chassis have INTEL dual port cards, so they do not support full failover.
Questions I have are.
- Is this my best deployment choice?
- vPC highly depend on the management interface on the Nexus 5000 for the keep alive peer monitoring, so what is going to happen if the vPC brakes due to:
- one of the 6500 goes down
- STP?
- What is going to happend with the Etherchannels on the remaining 6500?
- the Management interface goes down for any other reason
- which one is going to be the primary NEXUS?
Below is the list of devices involved and the configuration for the Nexus 5000 and 65000.
Any help is appreciated.
Devices
· 2 Cisco Catalyst with two WS-SUP720-3B each (no VSS)
· 2 Cisco Nexus 5010
· 2 Cisco UCS 6120xp
· 2 UCS Chassis
- 4 Cisco B200-M1 blades (2 each chassis)
- Dual 10Gb Intel card (1 per blade)
vPC Configuration on Nexus 5000
TACSWN01
TACSWN02
feature vpc
vpc domain 5
reload restore
reload restore delay 300
Peer-keepalive destination 10.11.3.10
role priority 10
!--- Enables vPC, define vPC domain and peer for keep alive
int ethernet 1/9-10
channel-group 50 mode active
!--- Put Interfaces on Po50
int port-channel 50
switchport mode trunk
spanning-tree port type network
vpc peer-link
!--- Po50 configured as Peer-Link for vPC
inter ethernet 1/17-18
description UCS6120-A
switchport mode trunk
channel-group 51 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-A
int port-channel 51
swithport mode trunk
vpc 51
spannig-tree port type edge trunk
!--- Associates vPC 51 to Po51
inter ethernet 1/19-20
description UCS6120-B
switchport mode trunk
channel-group 52 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-B
int port-channel 52
swithport mode trunk
vpc 52
spannig-tree port type edge trunk
!--- Associates vPC 52 to Po52
!----- CONFIGURATION for Connection to Catalyst 6506
Int ethernet 1/1-3
description Cat6506-01
switchport mode trunk
channel-group 61 mode active
!--- Associate interfaces to Po61 connected to Cat6506-01
Int port-channel 61
switchport mode trunk
vpc 61
!--- Associates vPC 61 to Po61
Int ethernet 1/4-6
description Cat6506-02
switchport mode trunk
channel-group 62 mode active
!--- Associate interfaces to Po62 connected to Cat6506-02
Int port-channel 62
switchport mode trunk
vpc 62
!--- Associates vPC 62 to Po62
feature vpc
vpc domain 5
reload restore
reload restore delay 300
Peer-keepalive destination 10.11.3.9
role priority 20
!--- Enables vPC, define vPC domain and peer for keep alive
int ethernet 1/9-10
channel-group 50 mode active
!--- Put Interfaces on Po50
int port-channel 50
switchport mode trunk
spanning-tree port type network
vpc peer-link
!--- Po50 configured as Peer-Link for vPC
inter ethernet 1/17-18
description UCS6120-A
switchport mode trunk
channel-group 51 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-A
int port-channel 51
swithport mode trunk
vpc 51
spannig-tree port type edge trunk
!--- Associates vPC 51 to Po51
inter ethernet 1/19-20
description UCS6120-B
switchport mode trunk
channel-group 52 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-B
int port-channel 52
swithport mode trunk
vpc 52
spannig-tree port type edge trunk
!--- Associates vPC 52 to Po52
!----- CONFIGURATION for Connection to Catalyst 6506
Int ethernet 1/1-3
description Cat6506-01
switchport mode trunk
channel-group 61 mode active
!--- Associate interfaces to Po61 connected to Cat6506-01
Int port-channel 61
switchport mode trunk
vpc 61
!--- Associates vPC 61 to Po61
Int ethernet 1/4-6
description Cat6506-02
switchport mode trunk
channel-group 62 mode active
!--- Associate interfaces to Po62 connected to Cat6506-02
Int port-channel 62
switchport mode trunk
vpc 62
!--- Associates vPC 62 to Po62
vPC Verification
show vpc consistency-parameters
!--- show compatibility parameters
Show feature
!--- Use it to verify that vpc and lacp features are enabled.
show vpc brief
!--- Displays information about vPC Domain
Etherchannel configuration on TAC 6500s
TACSWC01
TACSWC02
interface range GigabitEthernet2/38 - 43
description TACSWN01 (Po61 vPC61)
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 61 mode active
interface range GigabitEthernet2/38 - 43
description TACSWN02 (Po62 vPC62)
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 62 mode activeihernandez81,
Between the c1-r1 & c1-r2 there are no L2 links, ditto with d6-s1 & d6-s2. We did have a routed link just to allow orphan traffic.
All the c1r1 & c1-r2 HSRP communications ( we use GLBP as well ) go from c1-r1 to c1-r2 via the hosp-n5k-s1 & hosp-n5k-s2. Port channels 203 & 204 carry the exact same vlans.
The same is the case on the d6-s1 & d6-s2 sides except we converted them to a VSS cluster so we only have po203 with 4 *10 Gb links going to the 5Ks ( 2 from each VSS member to each 5K).
As you can tell what we were doing was extending VM vlans between 2 data centers prior to arrivals of 7010s and UCS chassis - which worked quite well.
If you got on any 5K you would see 2 port channels - 203 & 204 - going to each 6500, again when one pair went to VSS po204 went away.
I know, I know they are not the same things .... but if you view the 5Ks like a 3750 stack .... how would you hook up a 3750 stack from 2 6500s and if you did why would you run an L2 link between the 6500s ?
For us using 4 10G ports between 6509s took ports that were too expensive - we had 6704s - so use the 5Ks.
Our blocking link was on one of the links between site1 & site2. If we did not have wan connectivty there would have been no blocking or loops.
Caution .... if you go with 7Ks beware of the inability to do L2/L3 via VPCs.
better ?
one of the nice things about working with some of this stuff is as long as you maintain l2 connectivity if you are migrating things they tend to work, unless they really break -
I'm trying to install and configure NSX 6.1.2 / ESX 5.5 in a nested environment using VMware Workstation lastest bits "VMware-workstation-full-11.1.0-2496824"
I've configured the MTU on the virtual adapter (VMNet1) used by the VXLAN transport network to 9000 bytes.
C:\Users\admin>netsh int ipv4 show int
Idx Met MTU State Name
1 50 4294967295 connected Loopback Pseudo-Interface 1
19 25 1500 connected Wireless Network Connection 4
16 40 1500 disconnected Bluetooth Network Connection
11 5 1500 disconnected Local Area Connection
20 5 1500 disconnected Wireless Network Connection 5
18 5 1400 disconnected Local Area Connection* 11
31 20 9000 connected VMware Network Adapter VMnet1
when I test VTEP connectivity between ESXi nested host with MTU > 1500, using the following command,
ping ++netstack=vxlan -d -s 1572 -I vmk2 192.168.192.102
the ESXi crashes with the following error
2015-05-21T11:20:47.180+02:00| vcpu-1| I120: Coredump encountered overflow 10218:10218 (2172 duplicates)
2015-05-21T11:20:48.969+02:00| vcpu-1| I120: Backtrace:
2015-05-21T11:20:48.970+02:00| vcpu-1| I120: backtrace[00] frame 0x0881eb38 IP 0x13f0820de params 0 0xa6 0x64e 0x312d75706376 ??? [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x000310de]
2015-05-21T11:20:48.971+02:00| vcpu-1| I120: backtrace[01] frame 0x0881f460 IP 0x13f068129 params 0x13f78dc30 0x13f890928 0x2ce 0x3fff ??? [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x00017129]
2015-05-21T11:20:48.971+02:00| vcpu-1| I120: backtrace[02] frame 0x0881f8b0 IP 0x13f4498bc params 0x13fb8e840 0x3a63ec0 0x13f050000 0x13fb8e840 opus_decoder_destroy + 0x1dec0c [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x003f88bc]
2015-05-21T11:20:48.972+02:00| vcpu-1| I120: backtrace[03] frame 0x0881f8e0 IP 0x13f6809a2 params 0x161 0x35a59e0 0 0xa36333237 opus_repacketizer_get_nb_frames + 0x163fc2 [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x0062f9a2]
2015-05-21T11:20:48.972+02:00| vcpu-1| I120: backtrace[04] frame 0x0881f920 IP 0x13f6b8229 params 0x258 0 0 0 opus_repacketizer_get_nb_frames + 0x19b849 [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x00667229]
2015-05-21T11:20:48.973+02:00| vcpu-1| I120: backtrace[05] frame 0x0881faa0 IP 0x13f680d3c params 0x13f809d60 0x13f7c7374 0x5 0x13fd65da0 opus_repacketizer_get_nb_frames + 0x16435c [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x0062fd3c]
2015-05-21T11:20:48.973+02:00| vcpu-1| I120: backtrace[06] frame 0x0881fb00 IP 0x13f20c736 params 0 0 0 0 ??? [C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe base 0x13f050000 0x0001:0x001bb736]
2015-05-21T11:20:48.976+02:00| vcpu-1| I120: backtrace[07] frame 0x0881fb08 IP 0x76ee59cd params 0 0 0 0 BaseThreadInitThunk + 0x000d [C:\Windows\system32\kernel32.dll base 0x76ed0000 0x0001:0x000149cd]
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: backtrace[08] frame 0x0881fb38 IP 0x7701b891 params 0 0 0 0 RtlUserThreadStart + 0x0021 [C:\Windows\SYSTEM32\ntdll.dll base 0x76ff0000 0x0001:0x0002a891]
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: Msg_Post: Error
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: [msg.log.error.unrecoverable] VMware Workstation unrecoverable error: (vcpu-1)
2015-05-21T11:20:48.980+02:00| vcpu-1| I120+ VERIFY d:/build/ob/bora-2496824/bora/devices/vmxnet3/vmxnet3_hosted.c:718
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: [msg.panic.haveLog] A log file is available in "X:\vCACupdate\Capricornus\vmware.log".
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: [msg.panic.requestSupport.withoutLog] You can request support.
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: [msg.panic.requestSupport.vmSupport.windowsOrLinux]
2015-05-21T11:20:48.980+02:00| vcpu-1| I120+ To collect data to submit to VMware support, choose "Collect Support Data" from the Help menu.
2015-05-21T11:20:48.980+02:00| vcpu-1| I120+ You can also run the "vm-support" script in the Workstation folder directly.
2015-05-21T11:20:48.980+02:00| vcpu-1| I120: [msg.panic.response] We will respond on the basis of your support entitlement.
Any help is appreciated.One detail:
I use Vcloud from my work, so I changed iPv4 addresses of machines. For example, DC1 192.168.2.101,
Internet names are 192.169.2.101 and so on.
I mean it is fine that IP addresses differ from mentioned in guide -
CRS 5 Backups fail with this error: Unknown error occured while connecting to the host
Dear All,
We have backup issue with UCCX 5.0(2)SR03_Build317, while trying to take backup giving following error "Unknown error occurred while connecting to the host".
I have found the solution in the Cisco and tried all the suggestion, still not working and same error observed. Due to backup issue we unable to do any changes on the CRS, when we try to create new agents, those agents are not reflecting in the CRS.
Also I have observed bellow error , when try to re-sync the JTAPI,
Error while handling the input request.
Top of Form
Config Changes are not allowed during 'Backup' operation, which was started by 'Scheduler' at 'Fri Jun 08 18:00:03 GMT+08:00 2012 '. Please try again after 'Backup' is complete.
Bottom of Form
http://www.cisco.com/en/US/products/sw/custcosw/ps1846/products_tech_note09186a00809a752c.shtml
Solution
Complete these steps in order to resolve this issue:
•1. Access the UCCX server and navigate to Start > Run, and type CET.
•2. When the warning message appears, click NO.
•3. Choose com.cisco.crs.cluster.config.ArchiveAdminConfig.
•4. On the right side, double-click the record ID.
•5. Click the com.cisco.crs.cluster.config.ArchiveAdminConfig tab, and clear the password under Backup Storage.
•6. Click Apply.
•7. Navigate to Appadmin > Tools > Backup and Restore.
•8. Under Backup Storage Location, type the new password, and click Update.
After you complete these steps, you can run the backup. If the backup fails, restart the server, and try the backup again. If the backup still fails, you can navigate to CET, clear all the fields, and then type the new information for the storage location.
Please help me with your suggestions.
Thanks & Regards,
Naveen .SPlease any one help me on this issue..
-
Anyone successfully set up connection pool in s1as with ms sql server 2000?
As subject. Since I have seen a lot of posts about the NoSuchMethodException issue with various dbms providers, and the only "official information" I found thru different forums, google, different sun/javasoft sites and forums are this:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsunone%2F8172&zone_32=NoSuchMethodException&wholewords=on
Which is wonderfully vague and provide not-so-much useful information...
As for the information and suggestion posted by other forum members, most or all of them have experience with setting up Oracle, DB2, mySQL, etc., not aimed for MS SQL Server 2000 (you may think, I am just asking for it running MS SQL server with Java... oh well, not my choice)
I still haven't seen any positive feedbacks on how this exception was caused and how to resolve it. I have literally exhausted all leads on how to fix this issue, so right now I'm only interested to know whether anyone in the forum actually have a successful connection pool set up with MS SQL server 2000.
My platform:
w2k sp3
SunOne app server, update1, JDK 1.4.1
latest MS SQL 2000 JDBC driver
This fails with the NoSuchMethodException error:
try {
InitialContext ic = new InitialContext();
DataSource ds = (DataSource) ic.lookup("test_db");
con = ds.getConnection();
System.out.println( "con is created -> " + con );
} catch (Exception ex) {
System.out.println( "failed -> " + ex.getMessage() );
This works just fine:
try {
Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
con = DriverManager.getConnection("jdbc:microsoft:sqlserver://xxx.xxx.xxx.xxx:1433;DatabaseName=testdb;SelectMethod=cursor", "username", "password");
System.out.println( "con is created -> " + con );
} catch (Exception ex) {
System.out.println( "failed is fucked -> " + ex.getMessage() );
thanks,
--kuanHi,
Thanks for pointing out that article, I did not find it previously. After following the directions in the artile and your advise, now dbping seems to be able to connect to SQL server.
Thank you very much.
--kuan -
Connect webdynpro callable object with ms sql server 2000
Hi all
how connect webdynpro callable object with ms sql server 2000?
How can I register on the portal as an additional connection?
thank you very much!Thanks for your answers, Now I have the following problem, to develop this code:
try {
InitialContext iC = new InitialContext();
DataSource dataSource = (DataSource)iC.lookup("jdbc/ConnectionAlias");
Connection con = dataSource.getConnection();
java.sql.Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("select * from ejemplo");
while (rs.next()){
com.sap.test.sql.testsql.wdp.IPrivateTestIViewView.IDatosElement
DatosElement =
wdContext.nodeDatos()
.createDatosElement();
DatosElement.setId(rs.getString("id"));
DatosElement.setNom(rs.getString("nom"));
DatosElement.setNum(rs.getInt("num"));
}catch (SQLException e) {
wdContext.currentContextElement().setB(e.getMessage());
}catch (Exception e){
wdContext.currentContextElement().setB(e.getMessage());
and shows me the following exception
ResourceException in method ConnectionFactoryImpl.getConnection(): com.sap.engine.services.dbpool.exceptions.BaseResourceException: SQLException thrown by the physical connection: java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Error establishing socket.
the data that you place in the visual administrator were:
Drivers: com.sap.aii.af.jmsproviderlib (msutil.jar , mssqlserver.jar , msbase.jar)
DataSources: sap.com/JDBCConnector_MyDatasource.xml
Name: MyDatasource
Alias: ConnectionAlias
DriverName: com.sap.aii.af.jmsproviderlib
JDBC Version: 1.x
Driver Class: com.microsoft.jdbc.sqlserver.SQLServerDriver
Database URL: jdbc:microsoft:sqlserver://181.42.101.219:1433;DatabaseName=test
User: sa
Password: abcd1234
did not know the cause of the problem
thanks! -
Best Practice connecting VmWare ESX with a Channel
Hello
which methode (fix,pagp or lacp) should I use with an ESX server and what other interesting point should I care about it?
The customer would like to connect the ESX Server to a WS-4006 Chassis with WS-X4013 supervisor.
many thanks for any input
OliverFew server MFG's support PAGP, so you'll probably end up using LACP, which is fine (that's what we use). It's a straight forward setup.
interface Port-channel11
description ESX_Server 2
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 402,403,541-544
switchport mode trunk
switchport nonegotiate
no ip address
end
HTH and please rate.
Maybe you are looking for
-
Mark For Deletion of STO's which purchase order history
Is there a way, where I can set mark for deletion for a STO which has partial goods issue/receipt { i.e. it has purchase order history } Thanks In Advance!!
-
hi gurus, i want notes for creating materials and to create purchase order using bdc and to upload some datas using that recording from datas in note pad or any external file with screen shots. if any body sent to it ll be very useful to me... tha
-
Can i change or add few rows to taxclassification table in BAPI
Hi , I have used BAPI_MATERIAL_SAVEDATA for updating few views. But here i am facing some problem, In taxclassification table there are only 9 tax cod available in the BAPI, But user requirement is 12 .ie He has 12 taxcodes like MWST,LCIT like wise.
-
Hi, My problem is I have an servlet which reads data from the data base and it display on the browser. But my question the resultant page must be refreshed every 3 min ..(means every 3 min it retives data from the data base and it shown on the broser
-
How much is it to replace the screen of an iPod Touch 4G?
My iPod's front screen is cracked in 3 different places. It is fully functional, but I was wondering how much it would cost to get the screen replaced. If apple cannot replace it, does anyone know where you can get it replaced?