Ucs uplinks 4500X VSS

New deployment of a pair of 4500X in VSS mode and Cisco UCS.
FI-A has 1 10G link to each 4500X
FI-B has 1 10G link to each 4500X
How should the ports and port channels on the 4500X be configured for UCS uplinks?

Hi Reed,
In the end you will just create two port channels, one to each FI.
This is the documentation to create etherchannel on 4500X.
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/15.02SG/configuration/guide/channel.html#wp1020670
The interfaces "Ten 1/1" of each 4500X will be part of the first etherchannel andin the second the interfaces "Ten 1/2". (This is just a representation not the real interface number).
Remeber to use the mode active (LACP) of the etherchannel, because this is enabled by default in the Fabric Interconnects.
Richard

Similar Messages

  • Cisco 4500X VSS & MEC Cisco 2960X

    Hi
    I have Cisco 4500x VSS  connect to  MEC Cisco 2960X using LACP.
    I encountered a problem about C2960X
    Integration reason
    1.C2960X Ten 1/0/2 link flapping interface error-disable .  I am  disable interface then  enable interface , switch show SFP not Present .
       Te1/0/2                      notconnect   1            full    10G Not Present. (SPF plug-in  Correct)
    2.use CLI reload C2960X , Ten 1/0/1 ,Ten 1/0/2   notconnect  SPF Not Present.  (SPF plug-in  Correct)
      error message :
    Dec 18 12:40:25.250: %SYS-5-CONFIG_I: Configured from console by console
    Dec 18 12:41:48.888: % ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco's authorization.  This product may contain software that was copied in violation of Cisco's license terms.  If your use of this product is the cause of a support issue, Cisco may deny operation of the product, support under your warranty or under a Cisco technical support program such as Smartnet.  Please contact Cisco's Technical Assistance Center for more information.
    26F_guest_switch#show license
    Index 1 Feature: lanlite       
            Period left: 0  minute  0  second 
    Index 2 Feature: lanbase       
            Period left: Life time
            License Type: Permanent
            License State: Active, In Use
            License Priority: Medium
            License Count: Non-Counted
    3.C2960X power Cycle ,C2960X  operation normal, ,but recurring problems  every day.
    I do not know where the problem , I have  upgrade C2960X IOS but it had same problem.
    Cisco 2960X IOS version:  15.2(3)E    C2960X-UNIVERSALK9-M 
    Cisco 4500X IOS version: cat4500e-universalk9.SPA.03.05.00.E.152-1.E.bin
    Thanks for your help,

    Hi Reza,
    Thanks for your help
    I can not confirm that because I have a few switch have the same problem.
    C2960X 10G port 1 is connected to C4500X slot 1, Port 2 is connected to C4500X Slot2.
     link flapping, On the switch  port 2.
    I need to do a more precise test to confirm the problem is C2960X or 4500VSS

  • Prime 2.1 and 4500X-VSS support?

    Anyone with a Prime 2.1.2 that successfully archives configurations from a WS-C4500X-16 running VSS?
    Error message after Configuration Archive:
    No device package found for the specified device.
    The software on the 4500X is 03.04.03SG.
    Support for 4500X in PI 2.1.2:
    Device Type
    SYSOIDS
    S/W Version
    Software
    Cisco Catalyst 4500X-16 SFP+ Switch
    OID:1.3.6.1.4.1.9.1.1605
    IOS
    Cisco Catalyst 4500X-32 SFP+ Switch
    OID:1.3.6.1.4.1.9.1.1606
    IOS
    Tanks

    Yes, all device packages are installed (including 7.0) and the Pi 2.1.2 patch.
    Info from "ifm_config_archive.log" when trying Archive the Configuration:
    [2014-12-09 19:58:11,300] [pool-37-thread-5] [service] [ERROR] - Thread Id : [9,460] : IFM_CONFIG_ARCHIVE_ERROR_DETAILS: [Error in fetching VLAN file] : IFM_CONFIG_ARCHIVE_ERROR: [com.cisco.ifm.config.archive.service.exceptions.XDEFeatureExecutionException: No device package found for the specified device.]'
    Maybe the Prime don't know where to find the vlan.dat on the 4500X-VSS ?
    #dir cat4000_flash:
    Directory of cat4000_flash:/
        1  -rw-        2236                    <no date>  vlan.dat
    sysObjectID (1.3.6.1.2.1.1.2)  is
    .iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.cat4xxxVirtualSwitch 
    That is not the expected and supported value  "4500X-16"  above
    Update: Error on fetching running and startup config as well:
    [2014-12-09 20:24:21,818] [pool-37-thread-9] [service] [ERROR] - Thread Id : [10,013] : IFM_CONFIG_ARCHIVE_ERROR_DETAILS: [Error in fetching RUNNINGCONFIG file] : IFM_CONFIG_ARCHIVE_ERROR: [com.cisco.ifm.config.archive.service.exceptions.XDEFeatureExecutionException: No device package found for the specified device.]
    [2014-12-09 20:25:31,882] [pool-37-thread-9] [service] [ERROR] - Thread Id : [10,013] : IFM_CONFIG_ARCHIVE_ERROR_DETAILS: [Error in fetching STARTUPCONFIG file] : IFM_CONFIG_ARCHIVE_ERROR: [com.cisco.ifm.config.archive.service.exceptions.XDEFeatureExecutionException: No device package found for the specified device.]

  • 4500x VSS and SFP-H10GB-CU1M

    Hello
    I have (2) Cisco 4500x with a VSS config. I als have a couple cables "SFP-H10GB-CU1M".
    I want to make sure I have this physically setup correctly. I have searched but not found anything specific enough.
    Please review and advise.

    Yes, all device packages are installed (including 7.0) and the Pi 2.1.2 patch.
    Info from "ifm_config_archive.log" when trying Archive the Configuration:
    [2014-12-09 19:58:11,300] [pool-37-thread-5] [service] [ERROR] - Thread Id : [9,460] : IFM_CONFIG_ARCHIVE_ERROR_DETAILS: [Error in fetching VLAN file] : IFM_CONFIG_ARCHIVE_ERROR: [com.cisco.ifm.config.archive.service.exceptions.XDEFeatureExecutionException: No device package found for the specified device.]'
    Maybe the Prime don't know where to find the vlan.dat on the 4500X-VSS ?
    #dir cat4000_flash:
    Directory of cat4000_flash:/
        1  -rw-        2236                    <no date>  vlan.dat
    sysObjectID (1.3.6.1.2.1.1.2)  is
    .iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.cat4xxxVirtualSwitch 
    That is not the expected and supported value  "4500X-16"  above
    Update: Error on fetching running and startup config as well:
    [2014-12-09 20:24:21,818] [pool-37-thread-9] [service] [ERROR] - Thread Id : [10,013] : IFM_CONFIG_ARCHIVE_ERROR_DETAILS: [Error in fetching RUNNINGCONFIG file] : IFM_CONFIG_ARCHIVE_ERROR: [com.cisco.ifm.config.archive.service.exceptions.XDEFeatureExecutionException: No device package found for the specified device.]
    [2014-12-09 20:25:31,882] [pool-37-thread-9] [service] [ERROR] - Thread Id : [10,013] : IFM_CONFIG_ARCHIVE_ERROR_DETAILS: [Error in fetching STARTUPCONFIG file] : IFM_CONFIG_ARCHIVE_ERROR: [com.cisco.ifm.config.archive.service.exceptions.XDEFeatureExecutionException: No device package found for the specified device.]

  • Core (4500x vss) with Access HP switch spanning tree

    Hello Friends,
    i need your support to guide me for this type of topology network in-order to avoid loops...
    like
    2  4500X series switch configure as a VSS working as core switch
    in access layer i have HP switches which are connected with 1G fiber uplinks to each other (cascaded) and back to these Core switch for Vlan forwarding.
    i need help to configure  spanning tree  for such topology and avoid loops.
    Topology is in attached..

    Hi,
    you mean to say, connect each HP switch back to core (VSS) with 2 uplinks and configure as a ether-channel?
    Yes, exactly.
    actually that is  not possible because the lack of fiber cable between the cabinets (core to access) are not much cores.
    How could it not be possible? According to your drawing in your current design ASW-HP1 and ASW-HP3 both connect to the core VSS, core anyway. So it is just a matter of connecting ASW-HP2 to the core.
    Of course you want 2 uplinks from each HP.
    HTH

  • Question about 4500X VSS management port

    I have two standalone 4500X switches that I'm planning to convert to VSS. If I cable the management port on both switches to a management cloud, which management port should I put the management IP address? Is it the port on the active switch? if the active switch failed, would the management port on the standby switch take over the management IP?
    The management port is in VRF mgmtVrf. Should I create a default route for the VRF such as "ip route vrf mgmtvrf 0.0.0.0 0.0.0.0 ....." to point to its default gateway IP?
    Thanks

    When you convert the chassis to VSS, only the management interfaces (FastEthernet1) for switch-1 (active) will be visible in the config.  So you want to cable both management interfaces to your management cloud, but you only apply the IP to the active switch.
    The management port is in VRF mgmtVrf. Should I create a default route for the VRF such as "ip route vrf mgmtvrf 0.0.0.0 0.0.0.0 ....." to point to its default gateway IP?
    Correct, you need a default route in that mgmt vrf pointing to the gateway.
    HTH

  • 4500X VSS Password Recovery issue

    Hello -
    I am trying to recover the password for 4500X in VSS following the guide below:
                       http://www.cisco.com/en/US/products/hw/switches/ps4324/products_tech_note09186a0080c17598.shtml
    However the config-register is setting to 0x2141 and the configuration file is not being ignored. I am unable to directly set the config-register (the command errors and says to use confreg command) - when I check the SET variables it is 0x2141 and not 0x2142.
    The confreg wizard indicates the configuration file will be ignored; and I have cleared the swnum (had to use clear swnum; it would not let me use the VSS_SWITCH_NUMBER=0 command); however the configuration file is still being loaded and I am unable to reset the password.
    Does anyone have any insight or suggestions?
    Thanks
    John

    In order to set 0x2142 you need to answer Y to:
    change the boot characteristics? y/n
    Then select 2 - this changes the config-register to 0x2142
    Also, another difference from the guide, as mentioned above, you need to use the clear swnum command as it does not accept the VSS_SWITCH_NUMBER=0 command
    Booting into password recover (no configuration) mode now.
    Thanks - solved my own question

  • HELP - Licence Error on 4500x VSS

    HI there,
    have 2 4500x in vss mode. both are running 3.4.2 ipbase and are running on the correct licences etc.
    after putting them in VSS mode the following error shows in the logs.
    %SW_LEVEL-6-RESULT: Operational redundancy mode is UNKNOWN, due to software license-level mismatch at ACTIVE and STANDBY. Software Level on Active: ipbase; on Standby: ipbase
    Any suggestions would be appreciated.
    I thought it maybe related to bug CSCui54147 but cant see any details of it and it only seems to relate to 3.5.x
    Thanks in advance.
    Ross

    Hi Apologies for not getting back.
    To fix this I had to manually accept the EULA for ipbase licence on the 4500x.
    After the reload everything worked correctly and I stopped getting this error.

  • Cisco 4500X + VSS + Trust Sec Switch to Switch Encryption

    Hi,
    actually im testing and evaluationg the Cisco 4500X switch as new distribution switch for our Company.... Now i have some issues with one of our requirements.
    For security reasons i need to encrypt the links between the 4500X and the access switches in other buildings (no issue with Trust Sec)
    But ... now i also need to encrypt the link between the two 4500X if i run VSS ... my question is .. is it possible to encrypt the VSL link with TrustSec Switch to Switch encryption?
    BR,
    Florian

    Hi Frloian,
    If you have 2 switches in different data centers than you do not need VSS. In fact this is very bad design as the whole concept of VSS is grasped on dual home design. In the essence the proper design of VSS system is to have every downsteram switch connected with one link to one VSS switch and other link to second VSS switch, so that when one VSS switch would fail other can take over. Please look at the VSS best practises:
    http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-virtual-switching-system-1440/109547-vss-best-practices.html#vss_best
    Update:
    There is possibility to encrypt VSL link, but only in 6500 sup2t environment:
    http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-0SY/configuration/guide/15_0_sy_swcg/virtual_switching_systems.html#wp1341144

  • Cisco 4500x vss issue

    i configure vss on 4500x ,with one switch is active and the other switch go into recovery mode,with all port except the vsl links in the amber orange,shutdown,
    i want to make two switch into active state,some one could help in this.
    the configuration which i used is below
    itch virtual domain 100 
    switch 1
    exit
    switch virtual domain 100
    switch 2
    exit
    interface port-channel 10
    switchport
    switch virtual link 1
    no shut
    exit
    interface port-channel 20
    switchport
    switch virtual link 2
    no shut
    exit
    int range tengigabitethernet 1/15 - 16
    switchport
    switchport mode trunk
    switchport nonegotiate
    no shut
    channel-group 10 mode on
    int range tengigabitethernet 1/15 - 16
    switchport
    switchport mode trunk
    switchport nonegotiate
    no shut
    channel-group 20 mode on
    switch convert mode virtual 
    switch convert mode virtual 

    i can share two core switch configuration which is there 
    please suggest if something which i misconfigured and need to be corrected.
    TAKAFUL-CORE-01#show run
    Building configuration...
    Current configuration : 7510 bytes
    ! Last configuration change at 01:57:12 UTC Sun Aug 10 2014
    version 15.2
    service nagle
    no service pad
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service compress-config
    service sequence-numbers
    no service dhcp
    hostname TAKAFUL-CORE-01
    boot-start-marker
    boot system flash bootflash:cat4500e-universalk9.SPA.03.05.00.E.152-1.E.bin
    boot-end-marker
    vrf definition mgmtVrf
     address-family ipv4
     exit-address-family
     address-family ipv6
     exit-address-family
    username admin privilege 15 password 7 104F0D140C19
    no aaa new-model
    switch virtual domain 100
     switch mode virtual
     mac-address use-virtual
    no dual-active detection pagp
    no ip source-route
    ip vrf Liin-vrf
    no ip domain-lookup
    ip dhcp pool management
     network 10.2.20.0 255.255.255.0
     default-router 10.2.20.2
     option 43 ascii "10.2.20.1"
    ip dhcp pool Data
     network 10.3.30.0 255.255.255.0
     default-router 10.3.30.2
     dns-server 4.2.2.2 8.8.8.8
    ip dhcp pool Voice
     network 10.1.10.0 255.255.255.0
     default-router 10.1.10.2
    ip dhcp pool wireless
     network 10.4.40.0 255.255.255.0
     default-router 10.4.40.2
     dns-server 4.2.2.2 8.8.8.8
    no ip bootp server
    ip device tracking
    power redundancy-mode redundant
    mac access-list extended VSL-BPDU
     permit any 0180.c200.0000 0000.0000.0003
    mac access-list extended VSL-CDP
     permit any host 0100.0ccc.cccc
    mac access-list extended VSL-DOT1x
     permit any any 0x888E
    mac access-list extended VSL-GARP
     permit any host 0180.c200.0020
    mac access-list extended VSL-LLDP
     permit any host 0180.c200.000e
    mac access-list extended VSL-SSTP
     permit any host 0100.0ccc.cccd
    spanning-tree mode rapid-pvst
    spanning-tree portfast bpduguard default
    spanning-tree extend system-id
    spanning-tree vlan 1-4094 priority 24576
    redundancy
     mode sso
    vlan internal allocation policy ascending
    class-map match-any VSL-MGMT-PACKETS
     match access-group name VSL-MGMT
    class-map match-any VSL-DATA-PACKETS
     match any
    class-map match-any VSL-L2-CONTROL-PACKETS
     match access-group name VSL-DOT1x
     match access-group name VSL-BPDU
     match access-group name VSL-CDP
     match access-group name VSL-LLDP
     match access-group name VSL-SSTP
     match access-group name VSL-GARP
    class-map match-any VSL-L3-CONTROL-PACKETS
     match access-group name VSL-IPV4-ROUTING
     match access-group name VSL-BFD
     match access-group name VSL-DHCP-CLIENT-TO-SERVER
     match access-group name VSL-DHCP-SERVER-TO-CLIENT
     match access-group name VSL-DHCP-SERVER-TO-SERVER
     match access-group name VSL-IPV6-ROUTING
    class-map match-any VSL-MULTIMEDIA-TRAFFIC
     match dscp af41
     match dscp af42
     match dscp af43
     match dscp af31
     match dscp af32
     match dscp af33
     match dscp af21
     match dscp af22
     match dscp af23
    class-map match-any VSL-VOICE-VIDEO-TRAFFIC
     match dscp ef
     match dscp cs4
     match dscp cs5
    class-map match-any VSL-SIGNALING-NETWORK-MGMT
     match dscp cs2
     match dscp cs3
     match dscp cs6
     match dscp cs7
    policy-map VSL-Queuing-Policy
     class VSL-MGMT-PACKETS
      bandwidth percent 5
     class VSL-L2-CONTROL-PACKETS
      bandwidth percent 5
     class VSL-L3-CONTROL-PACKETS
      bandwidth percent 5
     class VSL-VOICE-VIDEO-TRAFFIC
      bandwidth percent 30
     class VSL-SIGNALING-NETWORK-MGMT
      bandwidth percent 10
     class VSL-MULTIMEDIA-TRAFFIC
      bandwidth percent 20
     class VSL-DATA-PACKETS
      bandwidth percent 20
     class class-default
      bandwidth percent 5
    interface Port-channel10
     switchport
     switchport mode trunk
     switchport nonegotiate
     switch virtual link 1
    interface FastEthernet1
     vrf forwarding mgmtVrf
     no ip address
     speed auto
     duplex auto
    interface TenGigabitEthernet1/1/1
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/2
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/3
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/4
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/5
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/6
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/7
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/8
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/9
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/10
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/11
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/12
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/13
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/14
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet1/1/15
     switchport mode trunk
     switchport nonegotiate
     no lldp transmit
     no lldp receive
     no cdp enable
     channel-group 10 mode on
     service-policy output VSL-Queuing-Policy
    interface TenGigabitEthernet1/1/16
     switchport mode trunk
     switchport nonegotiate
     no lldp transmit
     no lldp receive
     no cdp enable
     channel-group 10 mode on
     service-policy output VSL-Queuing-Policy
    interface Vlan1
     no ip address
     shutdown
    interface Vlan10
     description IP Telephony VLAN
     ip address 10.1.10.2 255.255.255.0
     no ip redirects
    interface Vlan20
     description Automation & Management VLAN
     ip address 10.2.20.2 255.255.255.0
     no ip redirects
    interface Vlan30
     description Data VLAN
     ip address 10.3.30.2 255.255.255.0
     no ip redirects
    interface Vlan40
     description Wireless Users VLAN
     ip address 10.4.40.2 255.255.255.0
     no ip redirects
    ip forward-protocol nd
    no ip forward-protocol udp netbios-ns
    no ip forward-protocol udp netbios-dgm
    no ip http server
    no ip http secure-server
    ip access-list extended VSL-BFD
     permit udp any any eq 3784
    ip access-list extended VSL-DHCP-CLIENT-TO-SERVER
     permit udp any eq bootpc any eq bootps
    ip access-list extended VSL-DHCP-SERVER-TO-CLIENT
     permit udp any eq bootps any eq bootpc
    ip access-list extended VSL-DHCP-SERVER-TO-SERVER
     permit udp any eq bootps any eq bootps
    ip access-list extended VSL-IPV4-ROUTING
     permit ip any 224.0.0.0 0.0.0.255
    snmp-server community ro RO
    ipv6 access-list VSL-IPV6-ROUTING
     permit ipv6 any FF02::/124
    banner login ^CC
    #### Login for authorized Takaful IT Personnel ONLY ####
                          TAKAFUL
    #### Login for authorized Takaful IT Personnel ONLY ####
    ^C
    banner motd ^CC
    WARNING, unauthorised access to this network is prohibited.
    Authorized access only
    This system is the property of Takaful Company.^C
    line con 0
     privilege level 15
     login local
     stopbits 1
    line vty 0 4
     privilege level 15
     login local
    line vty 5 15
     privilege level 15
     login local
    module provision switch 1
     chassis-type 70 base-mac F40F.1B56.31D8
     slot 1 slot-type 401 base-mac F40F.1B56.31D8
    module provision switch 2
    end
    TAKAFUL-CORE-01#
    TAKAFUL-CORE-02(recovery-mode)#show run
    Building configuration...
    Current configuration : 5641 bytes
    ! Last configuration change at 02:05:27 UTC Sun Aug 10 2014
    version 15.2
    service nagle
    no service pad
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service compress-config
    service sequence-numbers
    no service dhcp
    hostname TAKAFUL-CORE-02
    boot-start-marker
    boot system flash bootflash:cat4500e-universalk9.SPA.03.05.00.E.152-1.E.bin
    boot-end-marker
    vrf definition mgmtVrf
     address-family ipv4
     exit-address-family
     address-family ipv6
     exit-address-family
    no aaa new-model
    switch virtual domain 100
     switch mode virtual
     mac-address use-virtual
    no dual-active detection pagp
    no ip source-route
    ip vrf Liin-vrf
    no ip domain-lookup
    no ip bootp server
    ip device tracking
    vtp mode transparent
    power redundancy-mode redundant
    mac access-list extended VSL-BPDU
     permit any 0180.c200.0000 0000.0000.0003
    mac access-list extended VSL-CDP
     permit any host 0100.0ccc.cccc
    mac access-list extended VSL-DOT1x
     permit any any 0x888E
    mac access-list extended VSL-GARP
     permit any host 0180.c200.0020
    mac access-list extended VSL-LLDP
     permit any host 0180.c200.000e
    mac access-list extended VSL-SSTP
     permit any host 0100.0ccc.cccd
    spanning-tree mode pvst
    spanning-tree extend system-id
    redundancy
     mode sso
    vlan internal allocation policy ascending
    class-map match-any VSL-MGMT-PACKETS
     match access-group name VSL-MGMT
    class-map match-any VSL-DATA-PACKETS
     match any
    class-map match-any VSL-L2-CONTROL-PACKETS
     match access-group name VSL-DOT1x
     match access-group name VSL-BPDU
     match access-group name VSL-CDP
     match access-group name VSL-LLDP
     match access-group name VSL-SSTP
     match access-group name VSL-GARP
    class-map match-any VSL-L3-CONTROL-PACKETS
     match access-group name VSL-IPV4-ROUTING
     match access-group name VSL-BFD
     match access-group name VSL-DHCP-CLIENT-TO-SERVER
     match access-group name VSL-DHCP-SERVER-TO-CLIENT
     match access-group name VSL-DHCP-SERVER-TO-SERVER
     match access-group name VSL-IPV6-ROUTING
    class-map match-any VSL-MULTIMEDIA-TRAFFIC
     match dscp af41
     match dscp af42
     match dscp af43
     match dscp af31
     match dscp af32
     match dscp af33
     match dscp af21
     match dscp af22
     match dscp af23
    class-map match-any VSL-VOICE-VIDEO-TRAFFIC
     match dscp ef
     match dscp cs4
     match dscp cs5
    class-map match-any VSL-SIGNALING-NETWORK-MGMT
     match dscp cs2
     match dscp cs3
     match dscp cs6
     match dscp cs7
    policy-map VSL-Queuing-Policy
     class VSL-MGMT-PACKETS
      bandwidth percent 5
     class VSL-L2-CONTROL-PACKETS
      bandwidth percent 5
     class VSL-L3-CONTROL-PACKETS
      bandwidth percent 5
     class VSL-VOICE-VIDEO-TRAFFIC
      bandwidth percent 30
     class VSL-SIGNALING-NETWORK-MGMT
      bandwidth percent 10
     class VSL-MULTIMEDIA-TRAFFIC
      bandwidth percent 20
     class VSL-DATA-PACKETS
      bandwidth percent 20
     class class-default
      bandwidth percent 5
    interface Port-channel20
     switchport
     switchport mode trunk
     switchport nonegotiate
     switch virtual link 2
    interface FastEthernet1
     vrf forwarding mgmtVrf
     speed auto
     duplex auto
    interface TenGigabitEthernet2/1/1
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/2
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/3
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/4
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/5
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/6
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/7
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/8
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/9
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/10
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/11
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/12
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/13
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/14
     switchport trunk native vlan 20
     switchport mode trunk
    interface TenGigabitEthernet2/1/15
     switchport mode trunk
     switchport nonegotiate
     no lldp transmit
     no lldp receive
     no cdp enable
     channel-group 20 mode on
     service-policy output VSL-Queuing-Policy
    interface TenGigabitEthernet2/1/16
     switchport mode trunk
     switchport nonegotiate
     no lldp transmit
     no lldp receive
     no cdp enable
     channel-group 20 mode on
     service-policy output VSL-Queuing-Policy
    interface Vlan1
     no ip address
    ip forward-protocol nd
    no ip http server
    no ip http secure-server
    ip access-list extended VSL-BFD
     permit udp any any eq 3784
    ip access-list extended VSL-DHCP-CLIENT-TO-SERVER
     permit udp any eq bootpc any eq bootps
    ip access-list extended VSL-DHCP-SERVER-TO-CLIENT
     permit udp any eq bootps any eq bootpc
    ip access-list extended VSL-DHCP-SERVER-TO-SERVER
     permit udp any eq bootps any eq bootps
    ip access-list extended VSL-IPV4-ROUTING
     permit ip any 224.0.0.0 0.0.0.255
    ipv6 access-list VSL-IPV6-ROUTING
     permit ipv6 any FF02::/124
    line con 0
     stopbits 1
    line vty 0 4
     login
     length 0
    module provision switch 1
    module provision switch 2
     chassis-type 70 base-mac 88F0.3104.0058
     slot 1 slot-type 401 base-mac 88F0.3104.0058
    end

  • 4500X VSS - Dual Active Detection with ePAgP

    Hello,
    I am interesting if 3560x supports ePAgP. I have VSS which is formed by two 4500x switches. Can I use 3560x, which is connected two both VSS members via 10Gb optics for Dual Active detection ?

    Hi,
    As PagP is not supported accross differents 3750(-X) units of a stack (but LACP yes), ePagp is not supported also. The MEC has to be formed from the same 3750(-X) unit / Standalone 35xx and 37xx do support PAgPand thus ePAgP.
    Page 17 and 20 of http://www.cisco.com/web/DK/assets/docs/presentations/VSS_0109.pdf =>
    "Since cross-stack EtherChannel does not support PAgP, it can not use enhanced PAgP for dual ACTIVE detection.
    Hence the only alternative for cross-stack EtherChannel configuration is to use BFD as a dual ACTIVE detection method"
    Hope it helps.
    Regards;
    Inayath

  • Nexus 5010 uplink to VSS-1440

    We are deploying a new set of VMware server farms and would like to use the Nexus line for these 40 servers. Does is make sense to connect these via layer 2 to our VSS on a WS-X6708-10G-3C? Or should we wait a few years until we have a budget for a pair of Nexus 7k's and run everything to the VSS? thanks

    hi Jim,
    Nexus 5000 is a L2 switch, so pretty much whatever you do, its going to be a L2 Portchannel 'northbound' from N5K up to the C6K VSS pair.
    Your VSS pair would be the L2/L3 boundary, so you'd have a SVI configured on it that is the L3 default gateway (from your servers).
    Best practice would be that you distribute the portchannel members across the pair of physical switches in the VSS pair.
    I'm involved in the development of the Nexus range within Cisco, so I'd be all for recommending you deploy Nexus 7000 too. :) But the reality is that you can probably achieve what you want today with C6K VSS, and in future if you did deploy Nexus 7000 too, you could make use of virtual Port Channel (vPC) to allow for full bisectional bandwidth from 'access' to 'agg/core' without any blocked links in STP.
    vPC is available today on N7K and provides roughly similar L2 multichassis etherchannel as what VSS enables today in C6K VSS.
    hope that helps.
    cheers,
    lincoln.

  • 4500X VSS Trunking issue

    Hi,
    I am having an issue that the VSS is different for each switch and the trunking is not working, is there anyway to configure the trunking on the VSL port without breaking the VSS? I have set the trunking on both switches but somehow after the VSS connection is up the trunking is removed on the switch 2. The following are the snippet of the VSS configuration:
    Switch 1:
    interface Port-channel1
     description *** VSS Port-Channel 1 ***
     switchport
     switchport mode trunk
     switchport nonegotiate
     switch virtual link 1
    interface TenGigabitEthernet1/2/8
     description *** VSS Links ***
     switchport mode trunk
     switchport nonegotiate
     no lldp transmit
     no lldp receive
     no cdp enable
     channel-group 1 mode on
     service-policy output VSL-Queuing-Policy
    Switch 2:
    interface Port-channel2
     switchport
     switch virtual link 2
    interface TenGigabitEthernet2/2/8
     no lldp transmit
     no lldp receive
     no cdp enable
     channel-group 2 mode on
     service-policy output VSL-Queuing-Policy
    Now I only have limited command on the Port-Channel 2:
    SWITCH01(config)#int po2
    SWITCH01(config-if)#?
    virtual link interface commands (restricted):
      default         Set a command to its defaults
      description     Interface specific description
      exit            Exit from virtual link interface configuration mode
      load-interval   Specify interval for load calculation for an interface
      logging         Configure logging for interface
      no              Negate a command or set its defaults
      service-policy  Configure CPL Service Policy
      shutdown        Shutdown the selected interface
      switch          Configure switch link
    Thanks in advance for any helpful comment.

    Hi,
    You don't need to configure the VSL link as trunk:
    just follow this config example:
    Switch-1(config)# interface port-channel 10
    Switch-1(config-if)# switch virtual link 1
    Switch-1(config-if)# no shutdown (If the port is admin shutdown)
    Switch-1(config)# interface tenGigabitEthernet 5/1
    Switch-1(config-if)# channel-group 10 mode on
    Switch-1(config-if)# no shutdown (If the port is admin shutdown)
    Switch-2(config)# interface port-channel 25
    Switch-2(config-if)# switch virtual link 2
    Switch-2(config-if)# no shutdown (If the port is admin shutdown)
    Switch-2(config-if)# interface tenGigabitEthernet 5/2
    Switch-2(config-if)# channel-group 25 mode on
    Switch-2(config-if)# no shutdown (If the port is admin shutdown)
    link:
    http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1-2/XE_340/configuration/guide/config/vss.html#wp1060298
    HTH

  • UCS Uplinks and vPC

    Hello,
    I try to build virtual Portchannels on 2 Nexus 5548UP and 2 UCS 6248FI. With standalone links (without vPC) the communication between some ESX-Server and my Network is working. When I build vPCs on the N5k the vPC all portchannels (on N5K and FIs) are up.
    The Portchannels are pinned to the vNICs and all looks fine. But there is no communication between my ESXs and my network. My configuration is like this:

    Hi Roberts,
    Are the VLANs allowed on the peer link? because if they work in standalone then that means trunk is fine but if they don't have them allowed on the peer link then it will stay up but wont talk

  • 4500X as collapsed core design

    We have 2 4500x switches with Ent Services licences.  The plan is to replace the current core routers with a L3 switched core using the 4500x with VSS.  The core will connect 3 building data closets, a local data center and 18 remote WAN sites.  Engineering the remote sites is where I need some advise.
    The in place design has fiber from each remote site connected to a 1 gigabit interface on a Ciena L2 distribution switch.  The Ciena switch is connected to the core router via a gigabit Ethernet interface.  The interface on the router is divided into 18 sub interfaces one for each branch.  Each sub interface has a service policy that shapes the traffic to varying bandwidths in increments of 10mbps up to 50mbps.
    The proposed design involves connecting the the Ciena switch to the 4500x VSS pair using 2 10 gigabit Ethernet interfaces.  The connections to the Ciena would be L2 and the 4500x would have SVIs for each branch connection.  The problem is that the 4500x does not allow traffic shaping on an SVI.  Also you can not configure sub interfaces on a routed interface on the 4500x.  
    Since the Ciena will be connected to the core via 20Gbps would it be necessary to shape traffic to the core from the remote sites?  The only concern I have regarding not shaping traffic is that there is a potential to oversubscribe other segments of the network like the data center and the internet link.
    Is there another way that we can shape traffic to remote sites?  I was thinking if we put a router between the 4500x and the Ciena this would work but I would have to get a pretty beefy router to support 20Gbps.
    Thanks

    I've installed several in use cases like the one you describe. Functionally they pretty much suffice.
    If you're a small shop and don't otherwise use Nexus gear, there is the learning curve of NX-OS and the associated technologies like VPCs and FEXes. It's not super hard, but different from IOS with different design considerations.
    There are some features on the Nexus (like unified ports) not available on a Catalyst switch and vice versa (e.g. VSS).

Maybe you are looking for

  • How to only allow certain users to use internet?

    Hello, I've recently taken over the job of overseeing the internet connection here in my building. We have a shared internet connection and I was told to just give out the same WEP key to everyone. The problem now is that many people have canceled, b

  • Non-Database Item Sort Using Multiple Block Values

    I need to sort the result set of a block based on a calculated item. I found several messages addressing this, however they all speak to using the columns from within the same block as input variables to the function used to calculate the non-databas

  • CIN related to problem

    Hi Sap Gurus, its  reg to  cin condition types JEXT ,JCET weather i have to maintian condition records for the above conditions to get total Basic excise duties , cess in the pricing please give the sugestions Thanks n Regards..... Murali

  • Change vendor evaluation with new scores for automatic criteria

    Hi, I would like to delete actual vendor evaluations and revaluate my vendors with new scores for the automatic criteria on time delivery. Using the program RMEVALDL doesn't work. Does somebody have a suggestion please ?? Thanks in advance, Kind rega

  • NWDI in E.P 7.0 Configuration Problem

    Hello Everyone, I have Selected 'DI' While Installing SAP and for Configuring NWDI I have run the DI Template in SAP Netweaver Adminstration. Imported the Configuration in NWDS in DevelopmentConfiguration Perspective. 1.While creating the Development