Nexus 5000 vPC suspended during reload delay period
Hi ,
after reloading on vPC-Peer-Switch be box comes up and all vPC-Member-Ports on the box are in suspended state until the reload delay time expired.
Unfortunately the link of the vPC-Member Ports are already up. This behaviour leads us in some problems if we connect a Cisco-UCS-FI with a LACP-Portchannel to a vPC on N5K.
Because the link of the suspended Port is up the FI detects the port also as up and running and set it to individual state, because of missing LACP-BPDUs, So at this time the FI hast two uplinks, one Port-Channel and one individual Ports. After 30 seconds the FI starts to repinning the servers over these two uplinks. Because the individual Port is not in forwarding state an the reloaded N5K until reload delay timer expired.
So during this period all the servers which are pinned to the individual Port are blackholed.
Possible Workarrounds
1. Creating a Pin-Group for the Port-Channel and pinning all Servers to this Pin-Group to avoid in case on channel-Member goes to individual state, any server is pinned to this individual Port . This could be a solution
2.Configuring the Port-Channel on FI for "suspend individual". Unfortunately I could not find a way to achive this. This would avoid that the individual Port is considered as possible uplink-port, so no pinning to the individual Port would happen.
3. Find a way that during the delay restore time on the suspended vPC-Member-Ports also the link is down. (In my opinion this would be the best way)
I am not sure if configuration of "individual suspend" on the vPC on the N5K would help.
any other ideas?
Hubert
What I really want is a command I can use to prevent VPC from turning off ports at all. I'd much rather have an active-active situation than have my entire network go down just because the primary VPC peer rebooted. VPC is not designed correctly to deal with that situation. And yes, it has happened. Multiple times with different VPC keepalive setups.
Similar Messages
-
Nexus 7000 - unexpected shutdown of vPC-Ports during reload of the primary vPC Switch
Dear Community,
We experienced an unusual behavior of two Nexus 7000 switches within a vPC domain.
According to the attached sketch, we have four N7Ks in two data centers - two Nexus 7Ks are in a vPC domain for each data center.
Both data centers are connected via a Multilayer-vPC.
We had to reload one of these switches and I expected the other N7K in this vPC domain to continue forwarding over its vPC-Member-ports.
Actually, all vPC ports have been disabled on the secondary switch until the reload of the first N7K (vPC-Role: primary) finished.
Logging on Switch B:
20:11:51 <Switch B> %VPC-2-VPC_SUSP_ALL_VPC: Peer-link going down, suspending all vPCs on secondary
20:12:01 <Switch B> %VPC-2-PEER_KEEP_ALIVE_RECV_FAIL: In domain 1, VPC peer keep-alive receive has failed
In case of a Peer-link failure, I would expect this behavior if the other switch is still reachable via the Peer-Keepalive-Link (via the Mgmt-Port), but since we reloaded the whole switch, the vPCs should continue forwarding.
Could this be a bug or are there any timers to be tuned?
All N7K switches are running on NX-OS 6.2(8)
Switch A:
vpc domain 1
peer-switch
role priority 2048
system-priority 1024
peer-keepalive destination <Mgmt-IP-Switch-B>
delay restore 360
peer-gateway
auto-recovery reload-delay 360
ip arp synchronize
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan <x-y>
spanning-tree port type network
vpc peer-link
Switch B:
vpc domain 1
peer-switch
role priority 1024
system-priority 1024
peer-keepalive destination <Mgmt-IP-Switch-A>
delay restore 360
peer-gateway
auto-recovery reload-delay 360
ip arp synchronize
interface port-channel1
switchport mode trunk
switchport trunk allowed vlan <x-y>
spanning-tree port type network
vpc peer-link
Best regardsProblem solved:
During the reload of the Nexus 7K, the linecards were powerd off a short time earlier than the Mgmt-Interface. As a result of this behavior, the secondary Nexus 7K received at least one vPC-Peer-Keepalive Message while its peer-link was already powerd off. To avoid a split brain scenario, the VPC-member-ports have been shut down.
Now we are using dedicated interfaces on the linecards for the VPC-Peer-Keepalive-Link and a reload of one N7K won't result in a total network outage any more. -
Nexus 5000 vpc and fabricpath considerations
Hello community,
I'm currently in the process of implementing a fabricpath environment which includes Nexus 5548UP as well Nexus 7009
NX OS on N5K is 6.0(2)N1(2)
Regarding the FP config on the N5K I wonder what is the best practice for the peer-link. Is it necessary to configure the Portchannel like below:
interface port-channel2
description VPC+ Peer Link
switchport mode fabricpath
spanning-tree port type network
vpc peer-link
There are several VLANs configured as FP.
As I understand we can remove the command:
spanning-tree port type network
Can anyone confirm this ?
Also I noticed a "cosmetic" problem. On two port 1/9 and 1/10 on both N5K it isn't possible to execute the command "speed"?!
When the command speed is executed I receive the following error:
ERROR: Ethernet1/9: Configuration does not match the port capability
Also please notice after the vPC and FP configuration we don't do a reload!
Thanks
UdoHi Simon -
Have done some testings in the lab on ISSU with FEXes either in Active/Active and Straight-through fashion, and it works.
Disabling BA on N5K(except the vPC peer link) is one of the requirements for ISSU .
In a lately lab testing with the following topo, BA is configured on the vpc 101 between the N5Ks and Cat6k. We have a repeated regular ping between the SVI interfaces of c3750 and Cat6K.
c3750
||
vPC
||
N5K =====vPC====== N5K
||
vpc 101
||
Cat6k
When we changed the network type to disable BA, we observed some ping drops, which around 20-30.
I am not sure what your network looks like, hopefully this will give you some ideas about the ISSU. As a general recommendation, schedule a change window for some changes or even ISSU.
regards,
Michael -
Nexus 7000 vPC suspended VLAN problem
I am trying to connect a Cat3560G switch to an N7K pair via a vPC. The VLANs I wish to trunk are being suspended, I am getting the following error messages:
2010 Jun 22 17:03:36 N7K-Core1 %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 2,301 on Interface port-channel2 are being suspended. (Reason: Vlan is not allowed on Peer-link)
The VLANs do exist , but a STP instance isnt created for it (I am using RPVST);
N7K-Core1# sh vlan id 2
VLAN Name Status Ports
2 VLAN0002 active Po2, Po75
N7K-Core1# sh spanning-tree vlan 2
ERROR: Spanning tree instance(s) for vlan does not exist.
Port Vlans Err-disabled on Trunk
Eth1/9 none
Eth1/10 none
Eth1/17 2,301
Eth1/18 2,301
Eth1/25 2,301
Eth1/26 2,301
Eth2/2 none
Eth10/1 none
Eth10/2 2,301
Po2 2,301
Po75 2,301
Po99 none
The VLANs are allowed on the trunk (it by default allows all)
interface port-channel1
description * vPC Peer-Link *
vpc peer-link
spanning-tree port type network
I have turned off bridge assurance as a test but no no avail.
Any ideas?I'm having the same issue between a pair of vPC'd 5020s going to a 6500 using a vPC.
All VLANs which are supposed to go over the trunk/vPC, are showing as err-disable on trunk. I've checked all configs and they are the same... allowed vlans match on all po interfaces and physical interfaces.
6509:
interface Port-channel78
description Connection to n5020s @ in the MDC
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 2240
switchport trunk allowed vlan 2002-2006,2010,2014,2018,2022,2024,2026,2240
switchport trunk allowed vlan add 2244,2248,2252,2254,4050,4052,4054
switchport mode trunk
end
N5020-1:
interface port-channel100
description Uplink to dist01 @ A building
switchport mode trunk
switchport trunk native vlan 2240
switchport trunk allowed vlan 2002-2006,2010,2014,2018,2022,2024
switchport trunk allowed vlan add 2026,2240,2244,2248,2252,2254,4050
switchport trunk allowed vlan add 4052,4054
vpc 100
N5020-2:
interface port-channel100
description Uplink to dist01 @ A building
switchport mode trunk
switchport trunk native vlan 2240
switchport trunk allowed vlan 2002-2006,2010,2014,2018,2022,2024
switchport trunk allowed vlan add 2026,2240,2244,2248,2252,2254,4050
switchport trunk allowed vlan add 4052,4054
vpc 100
All member ports reflect the correct config.
Both 5020s have the same config for the peer-link:
interface port-channel2
description VPC Peer-link
vpc peer-link
spanning-tree port type network
Output form 'show interface trunk"
n5020-1# sh int tru
Port Native Status Port
Vlan Channel
Eth1/1 2240 trnk-bndl Po100
Eth1/2 1 trnk-bndl Po200
Eth1/17 2240 trnk-bndl Po78
Eth1/18 2240 trnk-bndl Po78
Eth1/19 2240 trnk-bndl Po87
Eth1/20 2240 trnk-bndl Po87
Po78 2240 trunking --
Po87 2240 trunking --
Po100 2240 trunking --
Po200 1 trunking --
Port Vlans Allowed on Trunk
Eth1/1 2002-2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2254,4
050,4052,4054
Eth1/2 180-183
Eth1/17 180-183
Eth1/18 180-183
Eth1/19 2002-2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2254,4
050,4052,4054
Eth1/20 2002-2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2254,4
050,4052,4054
Po78 180-183
Po87 2002-2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2254,4
050,4052,4054
Po100 2002-2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2254,4
050,4052,4054
Po200 180-183
Port Vlans Err-disabled on Trunk
Eth1/1 2002-2004,2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2
254,4050,4052,4054
Eth1/2 180-183
Eth1/17 180-183
Eth1/18 180-183
Eth1/19 2002-2004,2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2
254,4050,4052,4054
Eth1/20 2002-2004,2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2
254,4050,4052,4054
Po78 180-183
Po87 2002-2004,2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2
254,4050,4052,4054
Po100 2002-2004,2006,2010,2014,2018,2022,2024,2026,2240,2244,2248,2252,2
254,4050,4052,4054
Po200 180-183
Port STP Forwarding
Eth1/1 none
Eth1/2 none
Eth1/17 none
Eth1/18 none
Eth1/19 none
Eth1/20 none
Po78 none
Po87 none
Po100 none
Po200 none
Thank you,
Chris Perkins
INX Inc. -
VPC on Nexus 5000 with Catalyst 6500 (no VSS)
Hi, I'm pretty new on the Nexus and UCS world so I have some many questions I hope you can help on getting some answers.
The diagram below is the configuration we are looking to deploy, that way because we do not have VSS on the 6500 switches so we can not create only one Etherchannel to the 6500s.
Our blades inserted on the UCS chassis have INTEL dual port cards, so they do not support full failover.
Questions I have are.
- Is this my best deployment choice?
- vPC highly depend on the management interface on the Nexus 5000 for the keep alive peer monitoring, so what is going to happen if the vPC brakes due to:
- one of the 6500 goes down
- STP?
- What is going to happend with the Etherchannels on the remaining 6500?
- the Management interface goes down for any other reason
- which one is going to be the primary NEXUS?
Below is the list of devices involved and the configuration for the Nexus 5000 and 65000.
Any help is appreciated.
Devices
· 2 Cisco Catalyst with two WS-SUP720-3B each (no VSS)
· 2 Cisco Nexus 5010
· 2 Cisco UCS 6120xp
· 2 UCS Chassis
- 4 Cisco B200-M1 blades (2 each chassis)
- Dual 10Gb Intel card (1 per blade)
vPC Configuration on Nexus 5000
TACSWN01
TACSWN02
feature vpc
vpc domain 5
reload restore
reload restore delay 300
Peer-keepalive destination 10.11.3.10
role priority 10
!--- Enables vPC, define vPC domain and peer for keep alive
int ethernet 1/9-10
channel-group 50 mode active
!--- Put Interfaces on Po50
int port-channel 50
switchport mode trunk
spanning-tree port type network
vpc peer-link
!--- Po50 configured as Peer-Link for vPC
inter ethernet 1/17-18
description UCS6120-A
switchport mode trunk
channel-group 51 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-A
int port-channel 51
swithport mode trunk
vpc 51
spannig-tree port type edge trunk
!--- Associates vPC 51 to Po51
inter ethernet 1/19-20
description UCS6120-B
switchport mode trunk
channel-group 52 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-B
int port-channel 52
swithport mode trunk
vpc 52
spannig-tree port type edge trunk
!--- Associates vPC 52 to Po52
!----- CONFIGURATION for Connection to Catalyst 6506
Int ethernet 1/1-3
description Cat6506-01
switchport mode trunk
channel-group 61 mode active
!--- Associate interfaces to Po61 connected to Cat6506-01
Int port-channel 61
switchport mode trunk
vpc 61
!--- Associates vPC 61 to Po61
Int ethernet 1/4-6
description Cat6506-02
switchport mode trunk
channel-group 62 mode active
!--- Associate interfaces to Po62 connected to Cat6506-02
Int port-channel 62
switchport mode trunk
vpc 62
!--- Associates vPC 62 to Po62
feature vpc
vpc domain 5
reload restore
reload restore delay 300
Peer-keepalive destination 10.11.3.9
role priority 20
!--- Enables vPC, define vPC domain and peer for keep alive
int ethernet 1/9-10
channel-group 50 mode active
!--- Put Interfaces on Po50
int port-channel 50
switchport mode trunk
spanning-tree port type network
vpc peer-link
!--- Po50 configured as Peer-Link for vPC
inter ethernet 1/17-18
description UCS6120-A
switchport mode trunk
channel-group 51 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-A
int port-channel 51
swithport mode trunk
vpc 51
spannig-tree port type edge trunk
!--- Associates vPC 51 to Po51
inter ethernet 1/19-20
description UCS6120-B
switchport mode trunk
channel-group 52 mode active
!--- Associates interfaces to Po51 connected to UCS6120xp-B
int port-channel 52
swithport mode trunk
vpc 52
spannig-tree port type edge trunk
!--- Associates vPC 52 to Po52
!----- CONFIGURATION for Connection to Catalyst 6506
Int ethernet 1/1-3
description Cat6506-01
switchport mode trunk
channel-group 61 mode active
!--- Associate interfaces to Po61 connected to Cat6506-01
Int port-channel 61
switchport mode trunk
vpc 61
!--- Associates vPC 61 to Po61
Int ethernet 1/4-6
description Cat6506-02
switchport mode trunk
channel-group 62 mode active
!--- Associate interfaces to Po62 connected to Cat6506-02
Int port-channel 62
switchport mode trunk
vpc 62
!--- Associates vPC 62 to Po62
vPC Verification
show vpc consistency-parameters
!--- show compatibility parameters
Show feature
!--- Use it to verify that vpc and lacp features are enabled.
show vpc brief
!--- Displays information about vPC Domain
Etherchannel configuration on TAC 6500s
TACSWC01
TACSWC02
interface range GigabitEthernet2/38 - 43
description TACSWN01 (Po61 vPC61)
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 61 mode active
interface range GigabitEthernet2/38 - 43
description TACSWN02 (Po62 vPC62)
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
channel-group 62 mode activeihernandez81,
Between the c1-r1 & c1-r2 there are no L2 links, ditto with d6-s1 & d6-s2. We did have a routed link just to allow orphan traffic.
All the c1r1 & c1-r2 HSRP communications ( we use GLBP as well ) go from c1-r1 to c1-r2 via the hosp-n5k-s1 & hosp-n5k-s2. Port channels 203 & 204 carry the exact same vlans.
The same is the case on the d6-s1 & d6-s2 sides except we converted them to a VSS cluster so we only have po203 with 4 *10 Gb links going to the 5Ks ( 2 from each VSS member to each 5K).
As you can tell what we were doing was extending VM vlans between 2 data centers prior to arrivals of 7010s and UCS chassis - which worked quite well.
If you got on any 5K you would see 2 port channels - 203 & 204 - going to each 6500, again when one pair went to VSS po204 went away.
I know, I know they are not the same things .... but if you view the 5Ks like a 3750 stack .... how would you hook up a 3750 stack from 2 6500s and if you did why would you run an L2 link between the 6500s ?
For us using 4 10G ports between 6509s took ports that were too expensive - we had 6704s - so use the 5Ks.
Our blocking link was on one of the links between site1 & site2. If we did not have wan connectivty there would have been no blocking or loops.
Caution .... if you go with 7Ks beware of the inability to do L2/L3 via VPCs.
better ?
one of the nice things about working with some of this stuff is as long as you maintain l2 connectivity if you are migrating things they tend to work, unless they really break -
Ask the Expert: Different Flavors and Design with vPC on Cisco Nexus 5000 Series Switches
Welcome to the Cisco® Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco® NX-OS.
The biggest limitation to a classic port channel communication is that the port channel operates only between two devices. To overcome this limitation, Cisco NX-OS has a technology called virtual port channel (vPC). A pair of switches acting as a vPC peer endpoint looks like a single logical entity to port channel attached devices. The two devices that act as the logical port channel endpoint are actually two separate devices. This setup has the benefits of hardware redundancy combined with the benefits offered by a port channel, for example, loop management.
vPC technology is the main factor for success of Cisco Nexus® data center switches such as the Cisco Nexus 5000 Series, Nexus 7000 Series, and Nexus 2000 Series Switches.
This event is focused on discussing all possible types of vPC along-with best practices, failure scenarios, Cisco Technical Assistance Center (TAC) recommendations and troubleshooting
Vishal Mehta is a customer support engineer for the Cisco Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in TAC for the past 3 years with a primary focus on data center technologies, such as the Cisco Nexus 5000 Series Switches, Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus 1000V Switch, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching, and service provider.
Nimit Pathak is a customer support engineer for the Cisco Data Center Server Virtualization TAC team based in San Jose, California, with primary focus on data center technologies, such as Cisco UCS, the Cisco Nexus 1000v Switch, and virtualization. Nimit holds a master's degree in electrical engineering from Bridgeport University, has CCNA® and CCNP® Nimit is also working on a Cisco data center CCIE® certification While also pursuing an MBA degree from Santa Clara University.
Remember to use the rating system to let Vishal and Nimit know if you have received an adequate response.
Because of the volume expected during this event, Vishal and Nimit might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure Community, under the subcommunity LAN, Switching & Routing, shortly after the event. This event lasts through August 29, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.Hello Gustavo
Please see my responses to your questions:
Yes almost all routing protocols use Multicast to establish adjacencies. We are dealing with two different type of traffic –Control Plane and Data Plane.
Control Plane: To establish Routing adjacency, the first packet (hello) is punted to CPU. So in the case of triangle routed VPC topology as specified on the Operations Guide Link, multicast for routing adjacencies will work. The hellos packets will be exchanged across all 3 routers and adjacency will be formed over VPC links
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_L3_w_vpc_5500platform.html#wp999181
Now for Data Plane we have two types of traffic – Unicast and Multicast.
The Unicast traffic will not have any forwarding issues, but because the Layer 3 ECMP and port channel run independent hash calculations there is a possibility that when the Layer 3 ECMP chooses N5k-1 as the Layer 3 next hop for a destination address while the port channel hashing chooses the physical link toward N5k-2. In this scenario,N5k-2 receives packets from R with the N5k-1 MAC as the destination MAC.
Sending traffic over the peer-link to the correct gateway is acceptable for data forwarding, but it is suboptimal because it makes traffic cross the peer link when the traffic could be routed directly.
For that topology, Multicast Traffic might have complete traffic loss due to the fact that when a PIM router is connected to Cisco Nexus 5500 Platform switches in a vPC topology, the PIM join messages are received only by one switch. The multicast data might be received by the other switch.
The Loop avoidance works little different across Nexus 5000 and Nexus 7000.
Similarity: For both products, loop avoidance is possible due to VSL bit
The VSL bit is set in the DBUS header internal to the Nexus.
It is not something that is set in the ethernet packet that can be identified. The VSL bit is set on the port asic for the port used for the vPC peer link, so if you have Nexus A and Nexus B configured for vPC and a packet leaves Nexus A towards Nexus B, Nexus B will set the VSL bit on the ingress port ASIC. This is not something that would traverse the peer link.
This mechanism is used for loop prevention within the chassis.
The idea being that if the port came in the peer link from the vPC peer, the system makes the assumption that the vPC peer would have forwarded this packet out the vPC-enabled port-channels towards the end device, so the egress vpc interface's port-asic will filter the packet on egress.
Differences: In Nexus 5000 when it has to do L3-to-L2 lookup for forwarding traffic, the VSL bit is cleared and so the traffic is not dropped as compared to Nexus 7000 and Nexus 3000.
It still does loop prevention but the L3-to-L2 lookup is different in Nexus 5000 and Nexus 7000.
For more details please see below presentation:
https://supportforums.cisco.com/sites/default/files/session_14-_nexus.pdf
DCI Scenario: If 2 pairs are of Nexus 5000 then separation of L3/L2 links is not needed.
But in most scenarios I have seen pair of Nexus 5000 with pair of Nexus 7000 over DCI or 2 pairs of Nexus 7000 over DCI. If Nexus 7000 are used then L3 and L2 links are required for sure as mentioned on above presentation link.
Let us know if you have further questions.
Thanks,
Vishal -
UCS C-Series VIC-1225 to Nexus 5000 setup
Hello,
I have two nexus 5000 setup with a vpc peer link. I also have an cisco c240 m3 server with a vic-1225 card that will be running esx 5.1. I also have some 4 2248 fabric extenders. I have been searching for some best practice information on how to best setup this equipment. The nexus equipment is already running, so its more about connecting the c240 and the vic-1225 to the nexus switches. I guess this is better to do rather than to connect to the fabric extenders in order to minmize hops?
All documention I have found involves setup/configuration etc with fabric interconnects which I dont have, and have been told that I do not need. Does anyone have any info on this? and can point me in the right direction to setup this correctly?
More specifically, how should I setup the vic-1225 card to the nexus? just create a regular vpc/port-channel to the nexuses? use lacp and set it to active?
Do I need to make any configuration changes on the vic card via the cimc on the c240 server to make this work?Hello again, Im stuck
This is what I have done. I have created the vPC between my esx host and my two nexus 5000 switches, but it doesnt seem to come up:
S02# sh port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
Group Port- Type Protocol Member Ports
Channel
4 Po4(SD) Eth LACP Eth1/9(D)
vPC info:
S02# sh vpc 4
vPC status
id Port Status Consistency Reason Active vlans
4 Po4 down* success success -
vPC config:
interface port-channel4
switchport mode trunk
switchport trunk allowed vlan 20,27,30,50,100,500-501
spanning-tree port type edge trunk
vpc 4
interface Ethernet1/9
switchport mode trunk
switchport trunk allowed vlan 20,27,30,50,100,500-501
spanning-tree port type edge trunk
channel-group 4 mode active
Im unsure what I must configure on the cisco 240M3(esx host) side to make this work. I only have the two default interfaces(eth0 and eth1) on the vic-1225 installed in the esx host, and both have the vlan mode is set to TRUNK.
Any ideas on what I am missing?
Message was edited by: HDA -
Nexus 5000 - Odd Ethernet interface behavior (link down inactive)
Hi Guys,
This would sound really trivial but it is very odd behavior.
- We have a server connected to a 2, Nexus 5000s (for resiliancy)
- When there is no config on the ethernet interfaces whatsoever, the ethernet interface is UP / UP, there is minimal amount of traffic on the link etc. E.g.
Ethernet1/16 is up
Hardware: 1000/10000 Ethernet, address: 000d.ece7.85d7 (bia 000d.ece7.85d7)
Description: shipley-p1.its RK14/A13
MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA
Port mode is access
full-duplex, 10 Gb/s, media type is 1/10g
Beacon is turned off
Input flow-control is off, output flow-control is off
Rate mode is dedicated
Switchport monitor is off
Last link flapped 00:00:07
Last clearing of "show interface" counters 05:42:32
30 seconds input rate 0 bits/sec, 0 packets/sec
30 seconds output rate 96 bits/sec, 0 packets/sec
Load-Interval #2: 5 minute (300 seconds)
input rate 0 bps, 0 pps; output rate 8 bps, 0 pps
RX
0 unicast packets 0 multicast packets 0 broadcast packets
0 input packets 0 bytes
0 jumbo packets 0 storm suppression packets
0 runts 0 giants 0 CRC 0 no buffer
0 input error 0 short frame 0 overrun 0 underrun 0 ignored
0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop
0 input with dribble 0 input discard
0 Rx pause
TX
0 unicast packets 163 multicast packets 0 broadcast packets
163 output packets 15883 bytes
0 jumbo packets
0 output errors 0 collision 0 deferred 0 late collision
0 lost carrier 0 no carrier 0 babble
0 Tx pause
1 interface resets
- As soon as I configure the link to be an access port, the link goes down, flagging "inactivity" E.g.
sh int e1/16
Ethernet1/16 is down (inactive)
Hardware: 1000/10000 Ethernet, address: 000d.ece7.85d7 (bia 000d.ece7.85d7)
Description: shipley-p1.its RK14/A13
MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA
Port mode is access
auto-duplex, 10 Gb/s, media type is 1/10g
Beacon is turned off
Input flow-control is off, output flow-control is off
Rate mode is dedicated
Switchport monitor is off
Last link flapped 05:38:03
Last clearing of "show interface" counters 05:41:33
30 seconds input rate 0 bits/sec, 0 packets/sec
30 seconds output rate 0 bits/sec, 0 packets/sec
Load-Interval #2: 5 minute (300 seconds)
input rate 0 bps, 0 pps; output rate 0 bps, 0 pps
RX
0 unicast packets 0 multicast packets 0 broadcast packets
0 input packets 0 bytes
0 jumbo packets 0 storm suppression packets
0 runts 0 giants 0 CRC 0 no buffer
0 input error 0 short frame 0 overrun 0 underrun 0 ignored
0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop
0 input with dribble 0 input discard
0 Rx pause
TX
0 unicast packets 146 multicast packets 0 broadcast packets
146 output packets 13083 bytes
0 jumbo packets
0 output errors 0 collision 0 deferred 0 late collision
0 lost carrier 0 no carrier 0 babble
0 Tx pause
0 interface resets
- This behavior is seen on both 5Ks
- I've tried using a different set of ports, changed SFPs, and fibre cabling to no avail
- I can't seem to understand this behavior?! In that, why would configuring the port cause the link to go down?
- If anyone has experience this before, or could shed some light on this behavior, it would be appreciated.
sh ver
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2010, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.
Software
BIOS: version 1.2.0
loader: version N/A
kickstart: version 4.2(1)N1(1)
system: version 4.2(1)N1(1)
power-seq: version v1.2
BIOS compile time: 06/19/08
kickstart image file is: bootflash:/n5000-uk9-kickstart.4.2.1.N1.1.bin
kickstart compile time: 4/29/2010 19:00:00 [04/30/2010 02:38:04]
system image file is: bootflash:/n5000-uk9.4.2.1.N1.1.bin
system compile time: 4/29/2010 19:00:00 [04/30/2010 03:51:47]
thanks
SheldonI had identical issue
Two interfaces on two different FEXes were INACTIVE. I have two Nexus 5596 in vPC and A/A FEXes.
I also use config-sync feature.
Very same configuration was applied to other ports on other FEXes and they were working with no problems.
interface Ethernet119/1/1
inherit port-profile PP-Exchange2003
I checked VLAN status associated with this profile and it was active (of course it was, other ports were ok).
I solved it by removing port profile from this port and re-applied it... voila, port changed state to up!
Very very strange. -
What are best practices for connecting asa to nexus 5000
just trying to get a feel for the best way to connect redundant asa to redundant nexus 5000
using a vpc vlan is fine, but then running a routing protocol isn't supported, so putting static routes on 5000 works, but it doesn't support ip sla yet so you cant really stop distributing the default if your internet goes down. just looking for what was recommended.you want to test RAC upgrade on NON RAC database. If you ask me that is a risk but it depends on may things
Application configuration - If your application is configured for RAC, FAN etc. you cannot test it on non RAC systems
Cluster upgrade - If your standalone database is RAC one node you can probably test your cluster upgrade there. If you have non RAC database then you will not be able to test cluster upgrade or CRS
Database upgrade - There are differences when you upgrade RAC vs non RAC database which you will not be able to test
I think the best way for you is to convert your standalone database to RAC one node database and test it. that will take you close to multi node RAC -
During logshipping, job on secondary server is ran successfully BUT give this information
"Skipping log backup file since load delay period has not expired ...."
What is this "Load delay period" ? Can we configure this somehow, somewhere ?
NOTE : The value on "Restore Transasction Log tab", Delay Restoring backups at least = Default (zero minutes)
Thanks
Think BIG but Positive, may be GLOBAL better UNIVERSAL.How to get the LSBackup, LSCopy, and LSRestore jobs back in sync...
Last I posted the issue was that my trn backups were not being copied from Primary to Secondary.
I found upon further inspection of the LS related tables in MSDB the following likely candidates for adjustment:
1) dbo.log_shipping_monitor_secondary, column last_copied_file
change last copied file column to something older than the file that is stuck. For example, the value in the table was
E:\SQLLogShip\myDB_20140527150001.trn
I changed last_copied_file to E:\SQLLogShip\myDB_20140525235000.trn. Note that this is just a made up file name that is a few minutes before the actual file that I would like to restore (myDB_2014525235428.trn). 4 mins and 28 seconds before, to
be exact.
LSCOPY runs and voila! now it is copied from primary to secondary. That appears to be the only change needed to get the copy going again.
2) For LSRestore, see the MSDB table dbo.log_shipping_monitor_secondary, change
last_restored_file
again I used the made up file E:\SQLLogShip\myDB_20140525235000.trn
LSRESTORE runs and my just copied myDB_2014525235428.trn is restored
** note that
dbo.log_shipping_secondary_databases also has a last_restored_file column - this did not seem to have any effect, though I see that it updates after completing the above and LSRestore has run successfully, so now it is correct as well
3) LSBackup job is still not running, the job still has a last run date in the future. Could just leave it and eventually it will come right, but I made a fairly significant time change, plus it's all an experiment....back to MSDB.
look at dbo.sysjobs, get the job_id of your LSBackup job
edit dbo.sysjobschedules - change next_run_date next_run_time as needed to a datetime before the current time, or when you would like the job to start running.
I wouldn't be so cavalier with data that was important, but that's the benefit of being in Test, and it appears that these time comparisons are very rudimentary - a value in the relevant log shipping table and the name of the trn file. That said, if you
were facing a problem of this nature due to lost trn files, corrupted, or some similar scenario, this wouldn't fix your problem, though it _might_ allow you to continue? But in my case I know I have all the trn files, it's just the time that changed, in this
case on my Primary server, and thus the names of the trn logs got out sync. -
PFC configuration on Nexus 5000
Hi,
I have a CNA in my server connected to cisco nexus 5000 interfcae. I Want to genearate pause frames for FCOE class of traffic using the default class class-fcoe and cos value 3, the firmware version running is 5.0(3) N1 (1b). Can anyone tell me how can i configure it ?
Thanks,
ManjuSorry for the delayed response, Here is what you asked
Cisco-5020# sh mod
Mod Ports Module-Type Model Status
1 40 40x10GE/Supervisor N5K-C5020P-BF-SUP active *
2 8 4x10GE + 4x1/2/4G FC Module N5K-M1404 ok
Mod Sw Hw World-Wide-Name(s) (WWN)
1 5.0(3)N1(1b) 1.2 --
2 5.0(3)N1(1b) 1.0 20:41:00:0d:ec:b2:15:40 to 20:44:00:0d:ec:b2:15:40
Mod MAC-Address(es) Serial-Num
1 000d.ecb2.1548 to 000d.ecb2.156f JAF1303ACES
2 000d.ecb2.1570 to 000d.ecb2.1577 JAF1245AJLF
Cisco-5020#
Cisco-5020#
Cisco-5020# sh run
!Command: show running-config
!Time: Fri Oct 28 17:40:02 2005
version 5.0(3)N1(1b)
feature fcoe
feature npiv
feature telnet
feature lldp
username admin password 5 $1$v9Tm8Y77$ZSdbOfBxe1.Z9Oz1V9V2B0 role network-admin
no password strength-check
ip domain-lookup
hostname Cisco-5020
logging event link-status default
service unsupported-transceiver
class-map type qos class-fcoe
class-map type queuing class-all-flood
match qos-group 2
class-map type queuing class-ip-multicast
match qos-group 2
class-map type network-qos class-all-flood
match qos-group 2
class-map type network-qos class-ip-multicast
match qos-group 2
policy-map type network-qos jumbo
class type network-qos class-fcoe
pause no-drop
mtu 2158
class type network-qos class-default
mtu 9216
system qos
service-policy type network-qos jumbo
snmp-server user admin network-admin auth md5 0x2694501fdfbe5abed9e85d51e4e31038 priv 0x2694501fdfbe5abed9e85d51e4e31038 localizedkey
snmp-server host 138.239.198.184 traps version 2c public udp-port 1163
snmp-server host 138.239.198.184 traps version 2c public udp-port 1164
snmp-server host 138.239.198.200 traps version 2c public udp-port 1163
snmp-server host 138.239.198.200 traps version 2c public udp-port 1164
snmp-server host 138.239.200.118 traps version 2c public udp-port 1163
snmp-server host 138.239.198.200 traps version 2c public udp-port 1163
snmp-server enable traps entity fru
snmp-server community snmpv3 group network-operator
vrf context management
ip route 0.0.0.0/0 10.192.207.254
vlan 1-2,8
vlan 10
fcoe vsan 10
vlan 20
fcoe vsan 20
vlan 30
vlan 35
fcoe vsan 35
vlan 40,50
vlan 52
fcoe vsan 52
vsan database
vsan 20
vsan 52
fcdomain fcid database
vsan 52 wwn 10:00:00:00:c9:b1:e5:3d fcid 0x180000 dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e5:3b fcid 0x180001 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:4d:e3 fcid 0x180002 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:ab:ad fcid 0x180003 dynamic
vsan 52 wwn 10:00:00:00:c9:ad:ac:41 fcid 0x180004 dynamic
vsan 52 wwn 10:00:00:00:c9:ad:ac:b9 fcid 0x180005 dynamic
vsan 52 wwn 10:00:00:00:c9:ad:ac:b5 fcid 0x180006 dynamic
vsan 52 wwn 10:00:00:00:c9:f2:73:d1 fcid 0x180007 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:4d:e1 fcid 0x180008 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:ab:a9 fcid 0x180009 dynamic
vsan 52 wwn 10:00:00:00:c9:f2:73:d5 fcid 0x18000a dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e5:5d fcid 0x18000b dynamic
vsan 52 wwn 10:00:00:00:c9:5b:ab:9b fcid 0x18000c dynamic
vsan 52 wwn 10:00:00:00:c9:5b:ab:99 fcid 0x18000d dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e5:5b fcid 0x18000e dynamic
vsan 1 wwn 10:00:00:00:c9:f2:73:b3 fcid 0x050000 dynamic
vsan 52 wwn 10:00:00:00:c9:ad:ac:47 fcid 0x18000f dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a7:93 fcid 0x180010 dynamic
vsan 52 wwn 10:00:00:00:c9:91:f8:19 fcid 0x180011 dynamic
vsan 52 wwn 10:00:00:00:c9:9c:e0:77 fcid 0x180012 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a7:d3 fcid 0x180013 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a3:bb fcid 0x180014 dynamic
vsan 52 wwn 10:00:00:00:c9:97:3b:c5 fcid 0x180015 dynamic
vsan 52 wwn 10:00:00:00:c9:f2:73:91 fcid 0x180016 dynamic
vsan 52 wwn 10:00:00:00:c9:a4:00:91 fcid 0x180017 dynamic
vsan 52 wwn 10:00:00:00:c9:f2:73:8d fcid 0x180018 dynamic
vsan 52 wwn 20:0f:00:11:0d:7f:a8:00 fcid 0x180019 dynamic
vsan 52 wwn 20:0f:00:11:0d:7f:a8:01 fcid 0x18001a dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a3:b7 fcid 0x18001b dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a5:27 fcid 0x18001c dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a3:53 fcid 0x18001d dynamic
vsan 52 wwn 10:00:00:00:c9:bb:c8:37 fcid 0x18001e dynamic
vsan 52 wwn 10:00:00:00:c9:5b:76:e5 fcid 0x18001f dynamic
vsan 20 wwn 10:00:00:00:c9:5b:a3:83 fcid 0xd30000 dynamic
vsan 52 wwn 10:00:00:00:c9:91:00:00 fcid 0x180020 dynamic
vsan 52 wwn 10:00:00:00:00:91:f7:f1 fcid 0x180021 dynamic
vsan 1 wwn 10:00:00:00:c9:5b:4d:e3 fcid 0x050001 dynamic
vsan 52 wwn 10:00:00:00:c9:97:3b:0f fcid 0x180022 dynamic
vsan 52 wwn 10:00:00:00:c9:3c:8e:21 fcid 0x180023 dynamic
vsan 52 wwn 10:00:00:00:c9:97:3b:11 fcid 0x180024 dynamic
vsan 20 wwn 10:00:00:00:c9:b1:e6:b7 fcid 0xd30001 dynamic
vsan 52 wwn 10:00:f8:19:00:91:f8:19 fcid 0x180025 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:a3:8b fcid 0x180026 dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e4:ff fcid 0x180027 dynamic
vsan 52 wwn 10:00:00:00:c9:3c:8e:25 fcid 0x180028 dynamic
vsan 52 wwn 50:06:01:61:44:60:23:4f fcid 0x1800ef dynamic
vsan 52 wwn 10:00:00:00:c9:5b:d6:b9 fcid 0x180029 dynamic
vsan 52 wwn 10:00:00:00:c9:ad:ac:43 fcid 0x18002a dynamic
vsan 52 wwn 20:01:00:00:c9:5b:ab:99 fcid 0x18002b dynamic
vsan 52 wwn 20:02:00:00:c9:5b:ab:99 fcid 0x18002c dynamic
vsan 52 wwn 50:06:01:60:44:60:23:4f fcid 0x1801ef dynamic
vsan 52 wwn 10:00:00:00:c9:9d:1f:bf fcid 0x18002d dynamic
vsan 52 wwn 10:00:00:00:c9:9d:1f:c1 fcid 0x18002e dynamic
vsan 52 wwn 10:00:00:00:c9:f2:73:d3 fcid 0x18002f dynamic
vsan 20 wwn 10:00:00:00:c9:bb:c8:37 fcid 0xd30002 dynamic
vsan 52 wwn 10:00:00:00:c9:12:34:56 fcid 0x180030 dynamic
vsan 52 wwn 10:00:00:00:c9:12:34:57 fcid 0x180031 dynamic
vsan 52 wwn 10:00:00:00:c9:b1:ea:81 fcid 0x180032 dynamic
vsan 52 wwn 10:00:00:00:c9:b1:ea:7f fcid 0x180033 dynamic
vsan 20 wwn 10:00:00:00:c9:12:34:56 fcid 0xd30003 dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e5:1b fcid 0x180034 dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e5:1d fcid 0x180035 dynamic
vsan 52 wwn 10:00:00:00:c9:bb:c7:8f fcid 0x180036 dynamic
vsan 52 wwn 10:00:00:00:c9:bb:cb:8f fcid 0x180037 dynamic
vsan 52 wwn 10:00:00:00:c9:bb:cb:93 fcid 0x180038 dynamic
vsan 52 wwn 10:00:00:00:c9:bb:c7:93 fcid 0x180039 dynamic
vsan 20 wwn 10:00:00:00:c9:12:34:57 fcid 0xd30004 dynamic
vsan 52 wwn 10:00:00:00:c9:5b:ab:c4 fcid 0x18003a dynamic
vsan 52 wwn 10:00:00:00:c9:bb:17:b7 fcid 0x18003b dynamic
vsan 52 wwn 10:00:00:00:c9:a0:ce:2d fcid 0x18003c dynamic
vsan 52 wwn 10:00:00:00:c9:91:f7:f1 fcid 0x18003d dynamic
vsan 52 wwn 10:00:00:00:c9:5b:ab:c0 fcid 0x18003e dynamic
vsan 52 wwn 10:00:00:00:c9:b1:e5:5f fcid 0x18003f dynamic
vsan 52 wwn 10:00:00:00:c9:e3:06:89 fcid 0x180040 dynamic
vsan 52 wwn 50:06:01:68:44:60:23:4f fcid 0x1802ef dynamic
vsan 1 wwn 50:06:01:61:44:60:23:4f fcid 0x0500ef dynamic
vsan 52 wwn 10:00:00:00:c9:d1:16:24 fcid 0x180041 dynamic
vsan 52 wwn 10:00:00:00:c9:d1:16:25 fcid 0x180042 dynamic
vsan 52 wwn 10:00:00:00:c9:d1:0a:6d fcid 0x180043 dynamic
vsan 20 wwn 10:00:00:00:c9:d1:16:25 fcid 0xd30005 dynamic
vsan 20 wwn 10:00:00:00:c9:d1:16:24 fcid 0xd30006 dynamic
vsan 20 wwn ff:f2:00:00:c9:12:34:78 fcid 0xd30007 dynamic
vsan 20 wwn ff:f2:00:00:c9:d1:16:46 fcid 0xd30008 dynamic
vsan 52 wwn ff:f2:00:00:c9:d1:0a:8c fcid 0x180044 dynamic
vsan 20 wwn ff:f3:00:00:c9:d1:16:46 fcid 0xd30009 dynamic
vsan 52 wwn ff:f0:00:00:c9:d1:0a:8c fcid 0x180045 dynamic
vsan 52 wwn 10:00:00:00:c9:d1:0a:6c fcid 0x180046 dynamic
vsan 20 wwn ff:f2:00:00:c9:d1:0a:8c fcid 0xd3000a dynamic
vsan 20 wwn 10:00:00:00:c9:d1:0a:6d fcid 0xd3000b dynamic
vsan 52 wwn ff:f2:00:00:c9:d1:16:46 fcid 0x180047 dynamic
vsan 20 wwn ff:f3:00:00:c9:12:34:78 fcid 0xd3000c dynamic
vsan 52 wwn ff:f3:00:00:c9:12:34:78 fcid 0x180048 dynamic
vsan 52 wwn 50:06:01:69:44:60:23:4f fcid 0x1803ef dynamic
vsan 52 wwn ff:f3:00:00:c9:d1:16:46 fcid 0x180049 dynamic
vsan 52 wwn 10:00:00:00:c9:12:34:5b fcid 0x18004a dynamic
vsan 52 wwn 10:00:00:00:c9:12:34:5a fcid 0x18004b dynamic
vsan 52 wwn ff:f2:00:00:c9:12:34:78 fcid 0x18004c dynamic
vsan 52 wwn 10:00:00:00:c9:a5:ac:f3 fcid 0x18004d dynamic
vsan 52 wwn 10:00:00:00:c9:a5:ad:15 fcid 0x18004e dynamic
vsan 52 wwn 10:00:00:00:c9:a5:ac:f5 fcid 0x18004f dynamic
vsan 52 wwn 20:01:00:00:c9:a5:ac:f3 fcid 0x180050 dynamic
vsan 52 wwn 20:02:00:00:c9:a5:ac:f3 fcid 0x180051 dynamic
vsan 52 wwn ff:f3:00:00:c9:12:34:85 fcid 0x180052 dynamic
vsan 52 wwn 20:00:00:11:0d:77:9c:00 fcid 0x180053 dynamic
vsan 52 wwn 20:01:00:11:0d:77:9d:00 fcid 0x180054 dynamic
interface port-channel3
interface vfc1
no shutdown
interface vfc4
interface vfc9
bind interface Ethernet1/9
no shutdown
interface vfc10
interface vfc11
bind interface Ethernet1/11
no shutdown
interface vfc19
bind interface Ethernet1/19
no shutdown
interface vfc21
bind interface Ethernet1/21
no shutdown
interface vfc22
bind interface Ethernet1/22
switchport trunk allowed vsan 52
no shutdown
interface vfc24
bind interface Ethernet1/24
switchport trunk allowed vsan 52
no shutdown
interface vfc25
bind interface Ethernet1/25
switchport trunk allowed vsan 52
no shutdown
interface vfc26
bind interface Ethernet1/26
switchport trunk allowed vsan 52
no shutdown
interface vfc27
bind interface Ethernet1/27
no shutdown
interface vfc28
bind interface Ethernet1/28
no shutdown
interface vfc29
bind interface Ethernet1/29
no shutdown
interface vfc30
bind interface Ethernet1/30
switchport trunk allowed vsan 52
no shutdown
interface vfc31
bind interface Ethernet1/31
shutdown
interface vfc32
bind interface Ethernet1/32
no shutdown
interface vfc33
bind interface Ethernet1/33
no shutdown
interface vfc34
bind interface Ethernet1/34
no shutdown
interface vfc35
bind interface Ethernet1/35
no shutdown
interface vfc36
bind interface Ethernet1/36
no shutdown
interface vfc37
bind interface Ethernet1/37
no shutdown
interface vfc38
bind interface Ethernet1/38
no shutdown
interface vfc39
bind interface Ethernet1/39
no shutdown
interface vfc40
bind interface Ethernet1/40
no shutdown
vsan database
vsan 52 interface vfc1
vsan 52 interface vfc9
vsan 52 interface vfc11
vsan 52 interface vfc19
vsan 52 interface vfc21
vsan 52 interface vfc22
vsan 52 interface vfc24
vsan 52 interface vfc26
vsan 52 interface vfc27
vsan 52 interface vfc28
vsan 52 interface vfc29
vsan 52 interface vfc30
vsan 52 interface vfc31
vsan 52 interface vfc32
vsan 52 interface vfc33
vsan 52 interface vfc34
vsan 20 interface vfc35
vsan 52 interface vfc36
vsan 52 interface vfc37
vsan 52 interface vfc38
vsan 52 interface vfc39
vsan 52 interface vfc40
vsan 52 interface fc2/1
vsan 52 interface fc2/2
vsan 52 interface fc2/3
vsan 52 interface fc2/4
interface fc2/1
switchport trunk allowed vsan 1
switchport trunk allowed vsan add 52
switchport trunk mode auto
no shutdown
interface fc2/2
switchport trunk mode auto
no shutdown
interface fc2/3
no shutdown
interface fc2/4
no shutdown
interface Ethernet1/1
interface Ethernet1/2
speed 1000
interface Ethernet1/3
interface Ethernet1/4
interface Ethernet1/5
interface Ethernet1/6
interface Ethernet1/7
switchport mode trunk
interface Ethernet1/8
interface Ethernet1/9
switchport mode trunk
switchport trunk allowed vlan 1,10,20,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/10
interface Ethernet1/11
priority-flow-control mode on
switchport mode trunk
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/12
switchport mode trunk
interface Ethernet1/13
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet1/14
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet1/15
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet1/16
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet1/17
interface Ethernet1/18
switchport mode trunk
switchport trunk allowed vlan 1,30
interface Ethernet1/19
switchport mode trunk
switchport access vlan 10
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/20
switchport mode trunk
switchport access vlan 52
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/21
switchport mode trunk
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/22
interface Ethernet1/23
flowcontrol receive on
flowcontrol send on
interface Ethernet1/24
switchport mode trunk
switchport access vlan 52
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/25
switchport mode trunk
switchport trunk allowed vlan 1,8,30,52
interface Ethernet1/26
switchport mode trunk
switchport access vlan 52
switchport trunk allowed vlan 1,8,30,52
interface Ethernet1/27
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet1/28
switchport mode trunk
switchport trunk allowed vlan 1,8,30,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/29
switchport mode trunk
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/30
description line
switchport mode trunk
switchport access vlan 52
switchport trunk allowed vlan 1,8,30,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/31
switchport mode trunk
switchport trunk allowed vlan 1,10,20,52
interface Ethernet1/32
switchport mode trunk
switchport trunk allowed vlan 1,10,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/33
switchport mode trunk
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/34
switchport mode trunk
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/35
switchport mode trunk
switchport access vlan 10
switchport trunk allowed vlan 1,10,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/36
switchport mode trunk
switchport trunk allowed vlan 1,30,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/37
switchport mode trunk
switchport trunk allowed vlan 1,30,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/38
switchport mode trunk
switchport trunk allowed vlan 1,10,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/39
shutdown
switchport mode trunk
switchport trunk allowed vlan 1,10,20,52
flowcontrol receive on
flowcontrol send on
interface Ethernet1/40
switchport mode trunk
switchport trunk allowed vlan 1,52
flowcontrol receive on
flowcontrol send on
interface Ethernet2/1
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet2/2
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet2/3
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface Ethernet2/4
switchport mode trunk
flowcontrol receive on
flowcontrol send on
interface mgmt0
ip address 10.192.194.111/20
system default zone default-zone permit
system default zone distribute full
line console
line vty
boot kickstart bootflash:/n5000-uk9-kickstart.5.0.3.N1.1b.bin
boot system bootflash:/n5000-uk9.5.0.3.N1.1b.bin
interface fc2/1
interface fc2/2
interface fc2/3
interface fc2/4
zone default-zone permit vsan 20
zone default-zone permit vsan 52
zoneset distribute full vsan 1
zoneset distribute full vsan 20
zoneset distribute full vsan 52
!Full Zone Database Section for vsan 1
zone name bg-qa vsan 1
member pwwn 10:00:00:00:c9:5b:ab:ca
member pwwn 21:00:00:0c:50:c3:70:23
member pwwn 21:00:00:0c:50:c3:70:22
member pwwn 21:00:00:0c:50:c3:70:16
member pwwn 21:00:00:0c:50:c3:70:1e
member pwwn 22:00:00:0c:50:c3:70:26
member pwwn 22:00:00:18:62:06:76:8a
member pwwn 22:00:00:11:c6:17:68:c3
member pwwn 22:00:00:0c:50:c3:70:1d
member pwwn 22:00:00:0c:50:c3:6f:c2
member pwwn 22:00:00:11:c6:17:68:dc
member pwwn 21:00:00:0c:50:c3:6a:d0
member pwwn 21:00:00:0c:50:79:92:90
member pwwn 21:00:00:11:c6:17:69:a0
member pwwn 21:00:00:0c:50:79:93:af
member pwwn 22:00:00:0c:50:48:10:80
member pwwn 22:00:00:11:c6:18:46:c6
member pwwn 22:00:00:0c:50:32:2e:0f
member pwwn 22:00:00:0c:50:48:10:74
member pwwn 22:00:00:11:c6:18:46:f2
member pwwn 21:00:00:00:87:13:cb:d1
member pwwn 21:00:00:0c:50:79:91:0f
member pwwn 10:00:00:00:c9:3c:8e:49
member pwwn 10:00:00:00:c9:5b:ab:c2
member pwwn 10:00:00:00:c9:5b:af:f3
zone name sf_RAM vsan 1
member pwwn 10:00:00:00:c9:5b:af:c9
member pwwn 21:00:00:0c:50:b4:8e:20
zone name anand vsan 1
member pwwn 10:00:00:00:c9:65:69:31
member pwwn 22:00:00:18:62:06:7f:f6
zone name syedzone vsan 1
member fwwn 20:11:00:0d:ec:56:7b:40
member pwwn 50:06:01:60:44:60:23:4f
zone name bg_qa vsan 1
zoneset name TOM vsan 1
member bg-qa
zoneset name bg_dvt vsan 1
member sf_RAM
zoneset name lancer vsan 1
member anand
zoneset name bg-qa vsan 1
zoneset name syed vsan 1
member syedzone
zoneset activate name lancer vsan 1
!Full Zone Database Section for vsan 20
zone name amrita_zone1 vsan 20
member pwwn 10:00:00:00:c9:5b:a3:83
member pwwn 22:00:00:04:cf:89:19:67
member pwwn 22:00:00:0c:50:48:10:80
member pwwn 22:00:00:11:c6:18:46:f2
member pwwn 22:00:00:0c:50:79:93:ae
zone name amr_zset vsan 20
zoneset name amr_zset vsan 20
member amrita_zone1
zoneset activate name amr_zset vsan 20
!Full Zone Database Section for vsan 52
zone name vinod vsan 52
member pwwn 50:06:01:69:44:60:23:4f
member pwwn ff:f3:00:00:c9:12:34:78
member pwwn 10:00:00:00:c9:12:34:5b
member pwwn 10:00:00:00:c9:12:34:57
zone name neha vsan 52
zone name siv1 vsan 52
member pwwn 10:00:00:00:c9:ad:ac:43
member pwwn 50:06:01:61:44:60:23:4f
member pwwn 10:00:00:00:c9:ad:ac:47
zone name neha1 vsan 52
member pwwn 10:00:00:00:c9:5b:ab:ad
member pwwn 50:06:01:60:44:60:23:4f
zone name neha2 vsan 52
member pwwn 50:06:01:60:44:60:23:4f
member pwwn 10:00:00:00:c9:5b:ab:a9
zone name neha3 vsan 52
member pwwn 10:00:00:00:c9:9d:1f:bf
member pwwn 50:06:01:60:44:60:23:4f
zone name neha4 vsan 52
member pwwn 50:06:01:60:44:60:23:4f
member pwwn 10:00:00:00:c9:9d:1f:c1
zone name chetan vsan 52
member pwwn 10:00:00:00:c9:f2:73:d3
member pwwn 50:06:01:60:44:60:23:4f
member pwwn 10:00:00:00:c9:ad:ac:47
zone name siv2 vsan 52
member pwwn 10:00:00:00:c9:d1:0a:6d
member pwwn ff:f2:00:00:c9:d1:0a:8c
member pwwn 22:00:00:0c:50:79:93:af
member pwwn 22:00:00:0c:50:79:92:90
member pwwn 22:00:00:0c:50:79:91:0f
member pwwn 20:01:00:11:0d:77:9d:00
zone name sroy vsan 52
member pwwn 10:00:00:00:c9:b1:ea:7f
member pwwn 50:06:01:60:44:60:23:4f
member pwwn 10:00:00:00:c9:5b:ab:99
member pwwn 10:00:00:00:c9:bb:cb:8f
member pwwn 10:00:00:00:c9:5b:ab:c4
member pwwn 10:00:00:00:c9:d1:16:25
member pwwn 50:06:01:61:44:60:23:4f
member pwwn 10:00:00:00:c9:a5:ac:f3
zone name manju vsan 52
member pwwn 10:00:00:00:c9:bb:c7:8f
member pwwn 50:06:01:61:44:60:23:4f
zone name ram vsan 52
member pwwn 50:06:01:60:44:60:23:4f
member pwwn 10:00:00:00:c9:a0:ce:2d
member pwwn 10:00:00:00:c9:bb:17:b7
member pwwn 10:00:00:00:c9:5b:a5:27
member pwwn 10:00:00:00:c9:91:f7:f1
member pwwn 10:00:00:00:c9:b1:e5:5f
zone name jana vsan 52
member pwwn 10:00:00:00:c9:91:f7:f1
member pwwn 50:06:01:60:44:60:23:4f
zone name priya vsan 52
member pwwn 10:00:00:00:c9:e3:06:89
member pwwn 50:06:01:60:44:60:23:4f
zoneset name IBMraptor vsan 52
member vinod
member siv1
member neha1
member neha2
member neha3
member neha4
member chetan
member siv2
member sroy
member manju
member ram
member priya
zoneset name ananda vsan 52
zoneset name vinod vsan 52
zoneset activate name IBMraptor vsan 52
no system default switchport shutdown san
Cisco-5020# sh system internal dcbx info interface ethernet 1/38
Interface info for if_index: 0x1a025000(Eth1/38)
tx_enabled: TRUE
rx_enabled: TRUE
dcbx_enabled: TRUE
DCX Protocol: CIN
Port MAC address: 00:0d:ec:b2:15:6d
DCX Control FSM Variables: seq_no: 0x1, ack_no: 0x0,my_ack_no: 0x0, peer_seq_no:
0x0 oper_version: 0x0, max_version: 0x0 fast_retries 0x0
Lock Status: UNLOCKED
PORT STATE: UP
LLDP Neighbors
No DCX tlvs from the remote peer
6 Features on this intf for Protocol CIN(0)
3 Features on this intf for Protocol CEE(1)
6 Features on this intf for Protocol CIN(0)
Feature type LLS (6)sub_type FCoE Logical Link Status (0)
feature type 6(LLS)sub_type 0
Feature State Variables: oper_version 0 error 0 local error 0 oper_mode 0
feature_seq_no 0 remote_feature_tlv_present 0 remote_tlv_aged_out 0
remote_tlv_not_present_notification_sent 0
Feature Register Params: max_version 0, enable 1, willing 0 advertise 1
disruptive_error 0 mts_addr_node 0x101 mts_addr_sap 0x1d9
Desired config cfg length: 1 data bytes:00
Operating config cfg length: 0 data bytes:
Peer config cfg length: 0 data bytes:
Feature type PFC (3)
feature type 3(PFC)sub_type 0
Feature State Variables: oper_version 0 error 0 local error 0 oper_mode 0
feature_seq_no 0 remote_feature_tlv_present 0 remote_tlv_aged_out 1
remote_tlv_not_present_notification_sent 0
Feature Register Params: max_version 0, enable 1, willing 0 advertise 1
disruptive_error 0 mts_addr_node 0x101 mts_addr_sap 0x179
Desired config cfg length: 1 data bytes:08
Operating config cfg length: 0 data bytes:
Peer config cfg length: 0 data bytes:
Feature type App(Fcoe) (5)sub_type FCoE (0)
feature type 5(App(Fcoe))sub_type 0
Feature State Variables: oper_version 0 error 0 local error 0 oper_mode 0
feature_seq_no 0 remote_feature_tlv_present 0 remote_tlv_aged_out 1
remote_tlv_not_present_notification_sent 0
Feature Register Params: max_version 0, enable 1, willing 0 advertise 1
disruptive_error 0 mts_addr_node 0x101 mts_addr_sap 0x179
Desired config cfg length: 1 data bytes:08
Operating config cfg length: 0 data bytes:
Peer config cfg length: 0 data bytes:
Feature type PriMtu (8)
feature type 8(PriMtu)sub_type 0
Feature State Variables: oper_version 0 error 0 local error 0 oper_mode 0
feature_seq_no 0 remote_feature_tlv_present 0 remote_tlv_aged_out 1
remote_tlv_not_present_notification_sent 0
Feature Register Params: max_version 0, enable 1, willing 0 advertise 1
disruptive_error 0 mts_addr_node 0x101 mts_addr_sap 0x179
Desired config cfg length: 16 data bytes:24 00 24 00 24 00 08 6e 24 00 24 00 24 00 24 00
Operating config cfg length: 0 data bytes:
Peer config cfg length: 0 data bytes:
Feature type PriGrp (2)
feature type 2(PriGrp)sub_type 0
Feature State Variables: oper_version 0 error 0 local error 0 oper_mode 0
feature_seq_no 0 remote_feature_tlv_present 0 remote_tlv_aged_out 1
remote_tlv_not_present_notification_sent 0
Feature Register Params: max_version 0, enable 1, willing 0 advertise 1
disruptive_error 0 mts_addr_node 0x101 mts_addr_sap 0x179
Desired config cfg length: 24 data bytes:32 32 00 00 00 00 00 00 00 0f 00 0f 00 0e 20 64 00 0e 00 0e
00 0e 00 0e
Operating config cfg length: 0 data bytes:
Peer config cfg length: 0 data bytes:
Feature type LLS (6)sub_type LAN Logical Link Status (1)
feature type 6(LLS)sub_type 1
Feature State Variables: oper_version 0 error 0 local error 0 oper_mode 0
feature_seq_no 0 remote_feature_tlv_present 0 remote_tlv_aged_out 1
remote_tlv_not_present_notification_sent 0
Feature Register Params: max_version 0, enable 1, willing 0 advertise 1
disruptive_error 0 mts_addr_node 0x101 mts_addr_sap 0xaf
Desired config cfg length: 1 data bytes:80
Operating config cfg length: 0 data bytes:
Peer config cfg length: 0 data bytes:
Traffic Counters
DCBX pkt stats:
Total frames out: 20296
Total Entries aged: 27
Total frames in: 0
DCBX frames in: 0
Total frames received in error: 0
Total frames discarded: 0
Total TLVs unrecognized: 0
Cisco-5020#
Cisco-5020#
Cisco-5020#
I am new to this PFC, and first time trying to configure so you can see nothing being configured. -
Trunking on Nexus 5000 to Catalyst 4500
I have 2 devices on the each end of a Point to Point. One side has a Nexus 5000 the other end a Catalyst 4500. We want a trunk port on both sides to allow a single VLAN for the moment. I have not worked with Nexus before. Could someone look at the configurations of the Ports and let me know if it looks ok?
nexus 5000
interface Ethernet1/17
description
switchport mode trunk
switchport trunk allowed vlan 141
spanning-tree guard root
spanning-tree bpdufilter enable
speed 1000
Catalyst 4500
interface GigabitEthernet3/39
description
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 141
switchport mode trunk
speed 1000
spanning-tree bpdufilter enable
spanning-tree guard rootThanks guys, we found the issue. The Catalyst is on my side and the Nexus is on the side of the hosting center. The hosting center moved his connection to a different Nexus 5000 and the connection came right up. We dropped the spanning-tree guard root.
It was working on the previous nexus when we set the native vlan for 141. So we thought it was the point to point dropping the tags.
The hosting center engineer this it might have to do with the VPC Peer-Link loop prevention on the previous Nexus.
Anyway it is working the way we need it to. -
We run 6509 core routers as NTP servers to other IOS routers/switches & servers of several OS flavours.
All good.
Recently added some Nexus 5000s and cannot get them to lock.
No firewalls or ACLs in the path
6509 (1 of 4) state:
LNPSQ01CORR01>sh ntp ass
address ref clock st when poll reach delay offset disp
+ 10.0.1.2 131.188.3.220 2 223 1024 377 0.5 -6.23 0.7
+~130.149.17.21 .PPS. 1 885 1024 377 33.7 -0.26 0.8
*~138.96.64.10 .GPS. 1 680 1024 377 22.7 -2.15 1.0
+~129.6.15.29 .ACTS. 1 720 1024 377 84.9 -3.37 0.6
+~129.6.15.28 .ACTS. 1 855 1024 377 84.8 -3.30 2.3
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
Nexus state:
BL01R01B10SRVS01# sh ntp peer-status
Total peers : 4
* - selected for sync, + - peer mode(active),
- - peer mode(passive), = - polled in client mode
remote local st poll reach delay
=10.0.1.1 10.0.201.11 16 64 0 0.00000
=10.0.1.2 10.0.201.11 16 64 0 0.00000
=10.0.1.3 10.0.201.11 16 64 0 0.00000
=10.0.1.4 10.0.201.11 16 64 0 0.00000
Nexus config:
ntp distribute
ntp server 10.0.1.1
ntp server 10.0.1.2
ntp server 10.0.1.3
ntp server 10.0.1.4
ntp source 10.0.201.11
ntp commit
interface mgmt0
ip address 10.0.201.11/24
vrf context management
ip route 0.0.0.0/0 10.0.201.254
Reachability to the NTP source...
BL01R01B10SRVS01# ping 10.0.1.1 vrf management source 10.0.201.11
PING 10.0.1.1 (10.0.1.1) from 10.0.201.11: 56 data bytes
64 bytes from 10.0.1.1: icmp_seq=0 ttl=253 time=3.487 ms
64 bytes from 10.0.1.1: icmp_seq=1 ttl=253 time=4.02 ms
64 bytes from 10.0.1.1: icmp_seq=2 ttl=253 time=3.959 ms
64 bytes from 10.0.1.1: icmp_seq=3 ttl=253 time=4.053 ms
64 bytes from 10.0.1.1: icmp_seq=4 ttl=253 time=4.093 ms
--- 10.0.1.1 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 3.487/3.922/4.093 ms
BL01R01B10SRVS01#
Are we missing some NTP or managment vrf setup in the Nexus 5Ks??
Thanks
Rob Spain
UKI have multiple 5020's, 5548's, and 5596's, and they all experience this same problem. Mind you I run strictly layer 2. I don't even have feature interface-vlan enabled. I tried: "ntp server X.X.X.X use-vrf management" as well as "clock protocol ntpt". These didn't help.
I was told by TAC that there is a bug (sorry I do not have the ID), but basically NTP will not work over the management VRF. The only way I got NTP to work, was by enabling the feature interface-vlan, and adding a vlan interface with an IP and retrieving NTP through this interface.
I upgraded to 5.2 (1) in hopes that this would fix the issue. but it did not. -
6500-VSS and NEXUS 56XX vPC interoperability
Hello, is it possible to establish a PORT CHANNEL between a couple of Cisco 6500 running VSS mode and a couple of NEXUS 5000 running vPC? . Design should be " Back-to-Back" : VSS-- Port-Channel--vPC.
I want also to support L2 and L3 flows between the two couples.
I read many forums but i am not sure it runs.
Is such design, if it runs; supported by Cisco?
Thanks a lot for your help.Hi Tlequertier,
We have VSS 6509Es with Sup 2Ts & 6908 modules. These have a 40gb/sec (4 x 10gb/sec) uplink to our NEXUS 5548UP vPC switches.
So we have a fully meshed ether-channel between the 4 physical switches (2 x N5548UP & 2x6509E)
Kind regards,
Tim -
The meaning of Interface Ethernet250/1 under the Nexus 2000 is connected to Nexus 5000 switch
Dear all,
Recently, I prepared and deploy a network monitoring system to monitor the new generation Nexus connected network. With using snmpwalk to query the interfacs information from the Nexus 5000 switch (one Nexus 2000 is connected to it via FlexLink), I found that other than normal Nexus 5000 and 2000 ports(ifName to be Ethernet1/1, Ethernet1/2, ... Ethernet190/1/1, Ethernet190/1/2...), a series of interface with ifName Ethernet250/1, Ethernet250/2, .... to be appeared in the interface SNMP tree. With logged into the Nexus 5000 and issue display interface command, I can only found the information on the normal interfaces but not the abnormal interface Ethernet250/1, ...
Would someone know what is it (do E250/1 is a logical interface like port channel or VLAN) and how to monitor it ? Thanks in advances.
HC WongI've not seen that myself. Could it perhaps be a VPC (Virtual Portchannel)?
Maybe you are looking for
-
how can I receive a fax? The phone jack does not seem to fit in the ethernet port....(OS 10.6.7)
-
How to seperate two input signals
Hi people, currently i have one input voltage signal, i would like to add another input signal which display the temp from my Arduino IDE wirelessly via serial visa configure. After doing that, i would like seperate these two signals by using data bi
-
Hello: I need to convert a PDF document to Indesign. How do I do that? I've tried looking it up online but have been unsuccessful. Please advise. Thank you. Sara
-
Custom dowload manager for pacman in chroot env
Hello As this is the place for pacman in general I post here. Feel free to move that thread if you feel it would have a more suitable place. I'm willing to install Arch on my computer from the live disk of another distro (Tails, based on Debian). I f
-
Apple ProRes in Quicktime Export
I have a client that is just starting to use Creative Cloud and Premier Pro. When the client attempts to use Prelude to ingest, he attempts to transcode, selects quicktime, but does not see the Apple ProRes codec