VN-Tag with Nexus 1000v and Blades

Similar Messages

• Weird syslog format messages with Nexus 1000v

  I'm  trying out the Nexus 1000v, and have the VEM configured to write logs to my  syslog server. The thing is, the messages are in a weird format that my  log management tools cannot parse. Here is an example:
  <189>: 2012 Oct 21 15:22:40 UTC: %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on unknown_session
  I found the documentation rather  amusing, where it states "The syslog client functionality is RFC-5424  compliant" - doesn't look like they've even read the RFC! This is closer  to the format of the older (but more often found in the wild,  RFC3164... though not compliant with that either :/
  Anyway,  I guess the main issue here is that the hostname of the 1000v is not  being added to the logs (it is set in my config). Any ideas how I can  fix this?
  Thanks!

  Hi,
       Do you have vCenter install on Win2012 Server? The installation would not continue until you have vCenter installed.
  Hardik

• Configuring Tacacs with Nexus 1000v

  Hi Experts,
  Does anyone share a sample configuration of AAA (Tacacs+) with Nexus 1000v? I have found some documents, but it only covers authentication, no one document found that can cover authorization, and accounting in detail with Nexus 100v.
  Thanks and Regards,
  Ahmed Shahzad.    

  Hi Experts,Does
  anyone share a sample configuration of AAA (Tacacs+) with Nexus 1000v?
  I have found some documents, but it only covers authentication, no one
  document found that can cover authorization, and accounting in detail
  with Nexus 100v.Thanks and Regards,
  Ahmed Shahzad.
  Hi Ahmed,
  Check out the below link for TACAS configuration in Nexus 1000
  http://cco.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0/security/configuration/guide/security_4tacacs.html
  Hope to Help !!
  Ganesh.H

• Nexus 1000V and strange ping behavior

  Hi ,
  I am using a Nexus 1000v a FI 6248 with a Nexus 5K in redundant architecture and I have a strange bevahior with VMs.
  I am using  port-profiles without any problems but in one case I have this issue
  I have 2 VMs assigned to the same port profile
  When the 2 Vms are on the same esx I can ping (from a VM)  the gateway and the other VM, now when I move one of the VM to an other ESX (same chassis or not).
  From both , I can ping the gateway, a remote IP but VMs are unreachable between them.
  and a remote PC are able to ping both Vms.
  I checked the mac table, from N5k it's Ok , from FI 6348 it's Ok , but from N1K I am unable to see the mac address of both VMs.
  Why I tried ( I performed at each step a clear mac table)
      Assign to an other vmnic , it works.
      On UCS I moved it to an other vmnic , it works
      On UCS I Changed the QOS policy , it works.
      I reassigned it , and I had the old behavior
      I checked all trunk links it's ok
  So i didn't understand why I have this strange behavior and how I can troubleshoot it deeper?
  I would like if possible to avoid to do that but the next step will be to create a new vmnic card and assign the same policy and after to suppress the vnmic and to recreate the old one.
  Regards

  From what you mentioned here's my thoughts.
  When the two VMs are on the same host, they can reach each other.  This is because they're locally switching in the VEM so this doesn't tell us much other than the VEM is working as expected.
  When you move one of the VMs to a different UCS ESX host, the path changes.    Let's assume you've moved one VM to a different host, within the UCS system.
  UCS-Blade1(Host-A) - VM1
  UCS-Blade2(Host-B) - VM2
  There are two paths option from VM1 -> VM2
  VM1 -> Blade1 Uplink -> Fabric Interconnect A -> Blade 2 Uplink -> VM2
  or
  VM1-> Blade1 Uplink -> Fabric Interconnect A -> Upstream Switch -> Fabric Interconnect B -> Blade 2 Uplink -> VM2
  For the two options I've seen many instances were the FIRST option works fine, but the second doesn't.  Why?  Well as you can see option 1 has a path from Host A to FI-A and back down to Host B.  In this path there's no northbound switching outside of UCS.  This would require both VMs to be be pinned to the Hosts Uplink going to the same Fabric Interconnect. 
  In the second option if the path involves going from Host-A up to FI-A, then northbound to the upstream switch, then back down eventually to FI-B  and then Host-B. When this path is taken, if the two VMs can't reach each other then you have some problem with your upstream switches.  If both VMs reside in the same subnet, it's a Layer2 problem.  If they're in different subnets, then it's a Layer 2 or 3 problem somewhere north of UCS.
  So knowing this - why did manual pinning on the N1K fix your problem?  What pinning does is forces a VM to a particular uplink.  What likely happened in your case is you pinned both VMs to Host Uplinks that both go to the same UCS Fabric Interconnect (avoiding having to be switched northbound).  Your original problem still exists, so you're not clear out of the woods yet.
  Ask yourself is - Why are just these two VMs affected.   Are they possibly the only VMs using a particular VLAN or subnet?
  An easy test to verify the pinning to to use the command below.  "x" is the module # for the host the VMs are running on.
  module vem x execute vemcmd show port-old
  I explain the command further in another post here -> https://supportforums.cisco.com/message/3717261#3717261.  In your case you'll be looking for the VM1 and VM2 LTL's and finding out which SubGroup ID they use, then which SG_ID belongs to whch VMNIC.
  I bet your find the manual pinning "that works" takes the path from each host to the same FI. If this is the case, look northbound for your L2 problem.
  Regards,
  Robert

• Nexus 1000v and vcenter domain admin account

  I changed out domain admin account on our domain in which vcenter services runs as and now its using a different services account. I am wondering if I need to update anything on the nexus 1000v switch side between the 1000v and venter

  Hi Dan,
  You are on the right track. However you can perform some of these function "online".
  First you want to ensure that you are running at a minimum, Nexus 1000v SV1(4a) as ESXi 5.0 only began support on this release. With SV1(4a), it provides support for both ESXi 5.0 and ESX/i 4.1.
  Then you can follow the procedure documented here:
  Upgrading from VMware Release 4.0/4.1 to VMware Release 5.0.0
  This document walks you through upgrading your ESX infrastructure to VMware Release 5.0.0 when Cisco Nexus 1000V is installed. It is required to be completed in the following order:
  1. Upgrade the VSMs and VEMs to Release 4.2(1)SV1(4a).
  2. Upgrade the VMware vCenter Server to VMware Release 5.0.0.
  3. Upgrade the VMware Update Manager to VMware Release 5.0.0.
  4. Upgrade your ESX hosts to VMware Release 5.0.0 with a custom ESXi image that includes the VEM bits.
  Upgrading the ESX/ESXi hosts consists of the following procedures:
  –Upgrading the vCenter Server
  –Upgrading the vCenter Update Manager
  –Augmenting the Customized ISO
  –Upgrading the ESXi Hosts
  There is also a 3 part video highlighting the procedure to perfrom the last two steps above (customized ISO and upgrading ESXi hosts)
  Video: Upgrading the VEM to VMware ESXi Release 5.0.0
  Hope that helps you with your upgrade.
  Thanks,
  Michael

• New vcenter server but keeping database with nexus 1000v

  I have been reading through all the details of migrating to new hardware for the vcenter server with the nexus 1000v.  i wish to avoid doing the vswitch thing.  If I am keeping the same database but just moving to new hardware and possibly new ip address I was hoping to be able to do something along the lines of.
  Leave everything as is,
  Reinstall vcenter on new server and point to existing database.
  reconnect the esx hosts
  disconnect the VSM
  get the xml from the vsm
  install on vcenter server
  reconnect the VSM to the new server
  all should be good.
  From my reading it appears as tho most of the issues are around connecting to a fresh database.
  Is there anything wrong with my assumptions??
  Regards Justin

  I have done this before but I always keep the same name an IP so that I don't have to reconnect each ESXi host and my vSphere Client users don't have to use a different name.
  What I do in this scenario is build the new server with a temp name/IP.
  Backup the vCenter DB and SSL certs (this is very important).
  Power down the old vCenter.
  Re-IP/Re-Name the new to match the old.
  Copy the SSL certs to the proper location (C:\ProgramData\VMware\VMware VirtualCenter\SSL)
  Create your DSN and install vCenter using the old DB. The DB will be upgraded.
  Your hosts will automatically connect to the new server.

• DCNM compatibilty with nexus 2000 and 5000 series

  Hi,
  I would to know if the DNCM can manage a Data Center composed with Nexus 2000 & 5000 series only!
  Kind regards

  Hi reswaran,
  The features are:
  - Automatic network discovering and real- time topology.
  - Network anomaliy detection (threshold, alarms, errors, ...)
  - Use email or aletrs to notify notify operations staff of critical outages thant may be service-imapcting
  - Centralized administration interface, with acces via web
  - Securised acces and rights managment
  - Stock of data in an exportable database
  - Quick, simple qnd transparent deployment
  - Monitoring WAN bandwith usage
  - Configurable report generation
  - Generation of the performance reports
  - Provide network map
  - Support several network unit
  - Intergrated Syslog server
  - Polling andt  monitoring SNMP trap alarms
  - Secure config distribution
  - Support 200 devices
  What kind of NMS can you recommend?
  thanks a lot

• Nexus 1000v and fabric extenders

  Would be possible in near future to connect fabric extenders like n2k-c2232tm to nexus 1000v virtual switch?
  Regards,
  Vice

  Hi vlacmanov, 
  It would depend on the current hardware setup that you have. please feel free to send me an email [email protected] so we can discuss this further. hope to hear from you soon!

• Conditional build tags with character styles and ignored text

  RoboHelp HTML v8.0.2.208
  Windows XP Professional Version 2002 Service Pack 3 with 2 GB of RAM
  Output: WebHelp and HTML Help
  I have recently moved my projects from RH HTML X5 to RH HTML 8 and this is when the following problem appeared. I use lots of conditional build tags within the help projects. Some of these tags are for my own use for reference and I combine these with character styles containing a coloured background (highlight) so that they show up in the WebHelp or HTML Help output (e.g. text to identify the software version that the field/feature/text was added, reminders to check details, insertion of bug ID numbers, design document names, etc.). These areas of text are stripped out of the final build for customers by using a conditional build expression.
  What I have noticed is that if a paragraph contains text with a conditional build tag applied AND that tagged text has a character style applied AND an unknown word within the conditional build tag is ignored (with the HTML tag <?rh-ignored text="word_to_be_ignored" ?>), saving the topic, closing it, then re-opening it shows that the conditional build text has stretched to the next conditional build tag, or to the end of the topic if there aren’t any other conditional build tags. This also happens by switching from Design View to HTML View. Note that this doesn’t happen if Ignore All is applied to the unknown word.
  This doesn’t just apply to projects converted from RH X5. I created a new test project in RH8 and the same behaviour was observed. Similar behaviour occurred very occasionally in RH X5 but that seemed to be down to HTML tags being nested incorrectly.
  The largest project contains around 1200 topics and with many hundreds of conditional build text areas this now causes a problem. I’ll probably have to locate every ignored word in an area of conditional text within each project, set it to Ignore All and then manually remove and re-apply the conditional build tags, unless someone can come up with something clever. Can anyone else replicate this and should it be logged as a bug?

  Hi Daggins,
  Thanks - that is good info to have. But as we all agree, that does take away from the point of single-sourcing.
  You aren't misunderstsanding exactly... I am doing all my conditional tagging in FM and it works like a charm in terms of the PDFs that I generate from FM, and even the conditionally tagged text in RH shows/hides correctly. The issue is I am also importing my index and TOC from FM... and even if I have an entire file in FM tagged as conditional (all the text is tagged as conditional, I don't know if you can tag a file as conditional), the file name as a heading it still appears in the RH TOC. There is no text... but in my view it shouldn't appear in the TOC either (it looks like just a broken link when I generate my online help) - this is not ideal.

• Management vlan with the 1000V and UCS

  If I want to use VLAN 10 for management, I would have to configure the following:
  1000V -VM vEthernet port profile access port with VLAN 10, Ethernet uplink profile includes VLAN 10
  UCS - vNIC in Service Profile, include VLAN 10, and include VLAN 10 in uplink trunk from UCS
  Upstream switch: Include VLAN 10 in trunk port.
  OK?
  Now, this management VLAN, can I Iuse this for everything? I mean for 1000V management VLAN, vSPhere management, FI management and switch management? Or should for instance the 1000V management be different from the others?

  Hi Atle,
  Yes, what you have mentioned is the correct in terms of activities you need to carry out. However i would like to add a few:
  1) define the vlan on the UCS - unless you do this you will not be able to add it to the vnic. Plus once you have the vlan defined it will automatiaclly get added to the trunk list on the uplinks ports (unless you l2-disjoint configured)
  You can have the same vlan for all the management, unless you have certain traffic you would not like certain device to see / reach.
  ./Abhinav

• Nexus 1000V and sub-groups

  Hi,
  I have a questions about the number of subgroups in Nexus1000V. I can use sub-groups with an ID between 0-31.
  Does it mean that I can have only 32 subgroups for all my port-channels ?  Or can I use the same sub-group-ID for interfaces that are in different port-channels ?
  Thanks
  Hendrik

  You can use same sub group id for interfaces that are in different port channels. Sub-groups are local to a port channel. Hope that helps.

• Nexus 1000v, VMWare ESX and Microsoft SC VMM

  Hi,
  Im curious if anybody has worked up any solutions managing network infrastructure for VMWare ESX hosts/vms with the Nexus 1000v and Microsoft's System Center Virtual Machine Manager.
  There currently exists support for the 1000v and ESX and SCVMM using the Cisco 1000v software for MS Hyper-V and SCVMM.   There is no suck support for VMWare ESX.
  Im curious as to what others with VMWare, Nexus 1000v or equivalent and SCVMM have done to work around this issue.
  Trying to get some ideas.
  Thanks

  Aaron,
  The steps you have above are correct, you will need steps 1 - 4 to get it working correctly.  Normally people will create a separate VLAN for their NLB interfaces/subnet, to prevent uncessisary flooding of mcast frames within the network.
  To answer your questions
  1) I've seen multiple customer run this configuration
  2) The steps you have are correct
  3) You can't enable/disable IGMP snooping on UCS.  It's enabled by default and not a configurable option.  There's no need to change anything within UCS in regards to MS NLB with the procedure above.  FYI - the ability to disable/enable IGMP snooping on UCS is slated for an upcoming release 2.1.
  This is the correct method untill the time we have the option of configuring static multicast mac entries on
  the Nexus 1000v.  If this is a feature you'd like, please open a TAC case and request for bug CSCtb93725 to be linked to your SR. 
  This will give more "push" to our develpment team to prioritize this request.
  Hopefully some other customers can share their experience.
  Regards,
  Robert

• VWLC and Nexus-1000V

  Hi Experts!
  Does anybody try to install vWLC on ESX with Nexus-1000V as switch?
  All deployment guide are based on standard VMWare vSwitch and I can not find any information about questions:
  1. Is vWLC compatible with Nexus-1000V?
  2. What configuration should be done on Nexus-1000V to vWLC works properly?

  Hi Dave,
  You can access  below URL for nexus 1000v -4.0(4)SV1(3b) docs:
  http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_b/roadmap/guide/n1000v_roadmap.html
  And
  Nexus5000
  http://www.cisco.com/en/US/products/ps9670/tsd_products_support_series_home.html
  BR,
  John Meng

• VM-FEX and Nexus 1000v relation

  Hi
  I am a new in virtulaization world and I need to know what is the relation between Cisco Nexus 1000v and Cisco VM-FEX?, and when to use VM-FEX and when to use Nexus 1000v.
  Regards

  Ahmed,
  Sorry for taking this long to get back to you.
  Nexus 1000v is a virtualized switch and as such will require that any traffic coming in or leaving the VM will first need to pass through the virtualization layer, therefore causing a minimum delay that for some applications (VMs) can be catastrophic enough that may mean too much delay.
  With VM-FEX you gain the option to bypass the virtualization layer with for example "Pass-Through" mode where the vmnics are really assigned and managed by the OS, minimizing the delay and making the VMs look as if they were directly attached, also, this offloads CPU workload in the mean time, optimizing the host/VM's performance.
  The need for one or the other will be defined as always by the needs your organization/business has.
  Benefits of VM-FEX (from cisco.com):
  Simplified operations: Eliminates the need for a separate, virtual networking infrastructure
  Improved network security: Contains VLAN proliferation
  Optimized network utilization: Reduces broadcast domains
  Enhanced application performance: Offloads virtual  machine switching from host CPU to parent switch application-specific  integrated circuits (ASICs)
  Benefits of Nexus 1000v here on another post from Rob Burns:
  https://supportforums.cisco.com/thread/2087541 
  https://communities.vmware.com/thread/316542?tstart=0
  I hope that helps 
  -Kenny

• Install and Configure Nexus 1000V

  Hi all !! Hope everyone is well !!
  I just purchase 2 Nexus 1000V's. Could someone give me some guidance on how to go about installing / configuring a Nexus 1000V switch ? This is my first time working with Nexus series switches. Thanks in advance !!!
  D.

  Hi,
  Here are some of the documents and video links that will help you to proceed futher with Nexus 1000v installation:
  http://www.cciemachine.com/en/US/products/ps9902/prod_installation_guides_list.html
  http://www.google.co.in/search?q=nexus+1000v+installation&hl=en&client=firefox-a&hs=Hnt&rls=org.mozilla:en-US:official&prmd=v&source=univ&tbs=vid:1&tbo=u&ei=WtloTI6hAc-rcbb98I8F&sa=X&oi=video_result_group&ct=title&resnum=4&ved=0CCwQqwQwAw