HP Cisco MDS 9020 Cisco Nexus 5000 Series Switch CLI Software Configuration Gu
HP Cisco MDS 9020 - Fabric Switch Manual
View all HP Cisco MDS 9020 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP Cisco MDS 9020 manual content summary:
- HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 1
Send feedback to [email protected] Cisco Nexus 5000 Series Switch CLI Software Configuration Guide Software Release 4.0(1a)N1 January 2009 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 2
ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You Guide © 2009 Cisco Systems, Inc. All rights reserved - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 3
ii iii Obtaining Documentation and Submitting a Service Request 1-iii iii Product Overview 1-1 New Serviceability 1-5 Switch Management 1-6 Network Security Features 1-7 Virtual Device Contexts 1-7 Typical Deployment Topologies 1-7 Ethernet TOR Switch Topology 1-8 IOC Topology 1-9 Supported - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 4
Configure the Switch 3-8 Default Login 3-9 Configuring the Switch 3-9 Changing the Initial Configuration 3-12 Accessing the Switch 3-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide ii OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 5
3-25 4 C H A P T E R OL-16597-01 Managing Licenses 4-1 Licensing Terminology 4-1 Licensing Model 4-2 License Installation 4-3 Obtaining a Factory-Installed License 4-3 Performing a Manual Installation 4-4 Obtaining the License Key File 4-4 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 6
a VLAN 6-4 Creating and Deleting a VLAN 6-4 Entering the VLAN Submode and Configuring the VLAN 6-5 Adding Ports to a VLAN 6-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide iv OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 7
Specifying the Link Type 8-24 Restarting the Protocol 8-25 Verifying Rapid PVST+ Configurations 8-25 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide v - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 8
Restarting the Protocol 9-25 Verifying MST Configurations 9-25 Configuring STP Extensions 10-1 Information About STP Extensions 10-1 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide vi OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 9
Interfaces 12-1 Understanding Access and Trunk Interfaces 12-1 Understanding IEEE 802.1Q Encapsulation 12-2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide vii - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 10
Configuration 15-3 Displaying Traffic Storm Control Counters 15-3 Traffic Storm Control Example Configuration 15-4 Default Settings 15-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide viii OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 11
Information About AAA 16-1 AAA Security Services 16-1 Benefits of Using AAA 16-2 Remote AAA Services 16-2 AAA Server Groups 16-3 AAA Service Configuration Options 16-3 Authentication and Authorization RADIUS Server at Login 17-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide ix - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 12
Monitoring 17-11 Configuring the Dead-Time Interval 17-12 Manually Monitoring RADIUS Servers or Groups 17-13 Verifying RADIUS Periodic TACACS+ Server Monitoring 18-11 Configuring the Dead-Time Interval 18-12 Manually Monitoring TACACS+ Servers or Groups 18-12 Disabling TACACS+ 18-12 Displaying - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 13
ACL Configurations 20-8 Displaying and Clearing IP ACL Statistics 20-9 Configuring MAC ACLs 20-9 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xi - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 14
Cisco Fabric Services 21-1 Support for Applications 21-6 CFS Application Requirements 21-6 Enabling CFS for an Application 21-7 Locking the Network 21-8 Committing Changes 21-8 Discarding Changes 21-9 Saving the Configuration 21-9 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 15
Limitations 23-1 Configuring Session Manager 23-2 Creating a Session 23-2 Configuring ACLs in a Session 23-2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xiii - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 16
Profiles 26-2 Call Home Alert Groups 26-2 Call Home Message Levels 26-4 Obtaining Smart Call Home 26-5 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xiv OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 17
/ Down Notifications on an Interface 27-10 Enabling One-Time Authentication for SNMP over TCP 27-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xv - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 18
-6 Configuring LLDP 29-6 Configuring Global LLDP Commands 29-7 Configuring Interface LLDP Commands 29-7 Verifying FCoE Configuration 29-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xvi OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 19
Virtual Fibre Channel Interface 30-3 Verifying Virtual Interface Information 30-4 Quality of Service 31 C H A P T E R Configuring QoS 31-1 Information Class Maps 31-9 Configuring Policy Maps 31-10 Creating the System Service Policy 31-11 System Class Example 31-11 Enabling Jumbo MTU 31 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 20
-3 About Domain Manager Fast Restart 33-3 Enabling Domain Manager Fast Restart 33-4 About Switch Priority 33-4 xviii Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 21
33-19 34 C H A P T E R Configuring N Port Virtualization 34-1 Information About NPV 34-1 NPV Overview 34-1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xix - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 22
-6 About SAN Port Channel Modes 36-6 About SAN Port Channel Deletion 36-7 Deleting SAN Port Channels 36-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xx OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 23
Autocreation Guidelines 36-13 Enabling and Configuring Autocreation 36-14 About Manually Configured Channel Groups 36-14 Converting to Manually Configured Channel Groups 36-14 Verifying SAN Port Channel Configuration 36- -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxi - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 24
Default Zoning Settings 38-23 Verifying Enhanced Zone Information 38-24 Compacting the Zone Database 38-24 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxii OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 25
Analysis 38-24 Default Settings 38-25 39 C H A P T E R Distributing Device Alias Services 39-1 Information About Device Aliases 39-1 Device Alias Features 39-1 Device Alias Requirements 39-2 Zone Aliases 40-6 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxiii - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 26
pWWNs 41-3 About Name Server Database Entries 41-3 Displaying Name Server Database Entries 41-3 FDMI 41-4 xxiv Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 27
-6 FC ID Allocation for HBAs 43-7 Default Company ID List 43-7 Verifying the Company ID Configuration 43-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxv - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 28
45-3 Configuring Port Security with Auto-Learning and CFS Distribution 45-3 Configuring Port Security with Auto-Learning without CFS 45-4 Configuring Port Security with Manual Database Configuration 45-5 Enabling Port Security 45-5 xxvi Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 29
Auto-Learning 45-8 Auto-Learning Device Authorization 45-8 Authorization Scenario 45-9 Port Security Manual Configuration 45-10 WWN Identification Guidelines 45-10 Adding Authorized Port Pairs 45-11 Switch WWN List 46-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxvii - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 30
Forceful Shutdown 48-6 Forcefully Shutting Down a Tracked Port 48-6 Displaying Port Tracking Information 48-6 Default Port Tracking Settings 48-7 Troubleshooting 49 C H A P T E R Configuring SPAN 49-1 SPAN Sources 49-1 Characteristics of Source Ports 49-1 SPAN Destinations 49-2 Characteristics of - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 31
Privileges 50-1 Power Cycling the Switch 50-2 Using Ethanalyzer 50-3 Troubleshooting Fibre Channel 50-5 fctrace 50-5 fcping 50-7 show tech-support Command 50-8 show tech-support brief Command 50-10 show tech-support fc Command 50-12 show tech-support platform Command 50-14 Default Settings 50-16 51 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 32
Contents Send feedback to [email protected] Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxx OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 33
and maintaining Cisco Nexus 5000 Series switches. Organization This guide is organized as follows: Chapter Chapter 1 Title Product Overview System Management Part 5 Part 6 Fibre Channel over Ethernet Quality of Service Description Presents an overview of the Cisco Nexus 5000 Series switches. - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 34
features). Contains chapters on how to perform basic troubleshooting. Document Conventions Command descriptions use these conventions: boldface helpful suggestions or references to material not covered in the manual. Caution Means reader be careful. In this situation, Guide ii OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 35
Series CLI Software Configuration Guide, Release 4.0 Cisco Nexus 5000 Series Fabric Manager Software Configuration Guide, Release 4.0 Cisco Nexus a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0. OL-16597-01 Cisco Nexus 5000 Series Switch - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 36
Obtaining Documentation and Submitting a Service Request Send feedback to [email protected] Preface Cisco Nexus 5000 Series Switch CLI Software Configuration Guide iv OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 37
Series offers high-speed Ethernet switching and supports Fibre Channel over Ethernet (FCoE) to provide Typical Deployment Topologies, page 1-7 • Supported Standards, page 1-10 New Technologies implements lossless service using a buffer-to-buffer must provide lossless service. Ethernet links on - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 38
Nexus 5000 Series switches provide quality of service (QoS) capabilities to ensure lossless service across the switch for Fibre Channel traffic. Best-effort service can be applied to all of the 10GE FC NIC HBA 187213 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 1-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 39
eight 1/2/4-Gigabit Fibre Channel ports. The expansion modules are field-replaceable units (FRUs) that support online insertion and removal (OIR). Ethernet Interfaces The Nexus 5010 switch has 20 fixed 10- module. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 1-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 40
available on the expansion modules. All of the 10-Gigabit Ethernet ports support FCoE. Each port can be used as a downlink (connected to a page 1-5 • Licensing, page 1-5 • QoS, page 1-5 • Serviceability, page 1-5 • Switch Management, page 1-6 • Network Security Features Guide 1-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 41
and Fibre Channel Switching Cisco Nexus 5000 Series switches support data center I/O consolidation (IOC) by providing FCoE service for Ethernet traffic. Serviceability The Cisco Nexus 5000 Series switch serviceability functions provide data for network planning and help to improve problem Guide 1-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 42
Ethanalyzer to troubleshoot your network services support engineer, send an e-mail message to a network operations center (NOC), and employ Cisco AutoNotify services problem occurs and helps to ensure that the problem Bases (MIBs) is supported. Role-Based Access services hosted on a Fabric - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 43
For more information, see the Cisco NX-OS XML Management Interface User Guide, Release 4.0. • SNMP-SNMP allows you to configure switches using that emulate virtual devices. The Cisco Nexus 5000 Series switch does not support multiple VDCs. All switch resources are managed in the default VDC. - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 44
example, the blade server rack incorporates blade switches that support 10-Gigabit Ethernet uplinks to the Cisco Nexus 5000 Series switch. The blade switches do not support FCoE, so there is no FCoE traffic and HBAs. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 1-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 45
be used for this purpose. The CNA is configured in active-passive mode, and the server needs to support server-based failover. On the Cisco Nexus 5000 Series switch, the Ethernet network-facing ports are connected to . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 1-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 46
Overview Send feedback to [email protected] Supported Standards Table 1-1 lists the standards supported by the Cisco Nexus 5000 Series switches. Table Class of Service Tagging for Ethernet frames 1-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 47
Send feedback to [email protected] PART 1 Configuration Fundamentals - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 48
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 49
to set console port parameters. You can also connect to the switch with Telnet or SSH. The switch supports up to eight simultaneous Telnet and SSH connections. To connect with Telnet or SSH, you need to know finished. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 50
in this mode are saved across system resets if you save your configuration. Prompt switch# switch(config)# Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 51
FSPF parameters no Negate a command or set its defaults out-of-service Put an interface out of service. shutdown Enable/disable an interface switchport Configure switchport parameters EXEC Mode CLI commands OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 52
or usb drive Update license Write current configuration xml agent Execute Zone Server commands Execute zoneset commands Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 53
a port-channel port-security Configure Port Security port-track Configure Switch port track config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 54
, keywords, and arguments you have already entered. switch# # configure ? terminal Configure the system from terminal input Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 55
the Command-Line Interface Using Commands Send feedback to [email protected] Tip If you are having trouble entering a command, check the system prompt and enter the question mark (?) for a list of . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 56
database switch(config-console) switch(config-line)# switch(config-role)# switch(config-vlan)# switch(config-vsan-db)# Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 57
name name vsan vsan-id switch(config-zoneset)# Using CLI Variables The Cisco Nexus 5000 Series CLI parser supports the definition and use of variables in CLI commands. CLI variables can be used as follows: • 0 errors OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 58
-defined CLI session variable: switch# cli no var name testinterface Using Command Aliases Command alias support has the following characteristics: • Command aliases are global for all user sessions. • Command alias. 2-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 59
state traps are enabled Port mode is TE Port vsan is 1 Speed is 2 Gbps OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 60
interface $(var1) $(var2) switch# run bootflash:test2.vsh var1="fc2/1" var2="brief" `show interface $(var1) $(var2)` 2-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 61
, and then waits for 10 seconds before executing the show scsi-target disk command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 62
Command Scripts Chapter 2 Using the Command-Line Interface Send feedback to [email protected] 2-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 63
the golden BIOS are programmed onto the 2 MB flash part. You cannot upgrade the golden BIOS. When you download a new pair of kickstart and system images, you also get a new BIOS image because it is included in page 3-2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 64
at 9600 baud every 30 seconds that indicates a failure. Figure 3-1 shows the normal and recovery boot sequence. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 65
@ CMOS baud Switch/boot/ prompt For information about recovery procedures, see Chapter 50, "Troubleshooting." Console Settings The loader, kickstart, and system images have the following factory default console settings -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 66
to Cisco.com and download the kickstart and system images to a server. Download the kickstart and system in to Cisco.com to access the Software Download Center. To log in to Cisco.com, Access the Software Download Center using this URL: http://www. . Select and download the kickstart and - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 67
.4.0.0.N1.2.bin Step 10 Install the new images, specifying the new image names that you downloaded in step 9. switch(config)# install all kickstart bootflash:n5000-uk9-kickstart.4.0.0.N1.2.bin system is disruptive. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 68
show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2008, Cisco 46:39 2008 Reason: Reset by installer System version: 4.0(0)N1(1) Service: Downgrading from a Higher Release Note Only users with the network- Guide 3-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 69
by entering the dir bootflash: command. If the image files are not stored on the bootflash memory, download the files from Cisco.com (using steps 1 through 9 of the software upgrade procedure). Install the new switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 70
The management Ethernet port (mgmt0) is connected to an external hub, switch, or router. Refer to the Cisco Nexus 5000 Series Hardware Installation Guide (for the required product) for more information. Tip Save the host ID information for future use (for example, to enable licensed features). The - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 71
3 Configuring the Switch Initial Configuration Send feedback to [email protected] • SSH service on the switch (optional). To enable this service, select the type of SSH key (dsa/rsa/rsa1) and number of SSH OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 72
ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes The setup utility guides you through the basic configuration process. Press Ctrl-C at any prompt to end the configuration process. Enter the new password for the administrator (admin - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 73
(yes is the default) to enable the Telnet service. Enable the telnet service? (yes/no) [y]: yes Step 11 Enter yes (no is the default) to enable the SSH service. Enabled SSH service? (yes/no) [n]: yes Step 12 Enter OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 74
ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes The setup utility guides you through the basic configuration process. Accessing the Switch After the initial configuration, you can access the switch in a number of ways: • Serial - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 75
which it is deployed. The assigned name is displayed in the command-line prompt. The switch name is limited to 20 alphanumeric characters. Note This guide refers to a switch in the Cisco Nexus 5000 Series switch as switch, and it uses the switch# prompt. To change the name of the switch - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 76
time). By default, Cisco NX-OS does not automatically adjust for daylight saving time. You must manually configure the switch to adjust to the daylight saving time. For example, following U.S. standards (defined by : 3-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 77
. Many enterprise customers with extremely mission-critical networks maintain their own stratum-1 NTP source. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 78
If both these instances point to different time servers, your NTP service is more reliable. Even if the active server link is lost Provide a direct NTP server association and configure a peer to ensure backup support if the active server fails. If you only configure a peer, the Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 79
10.10.10.1 Configuring NTP You can configure NTP using either IPv4 addresses, IPv6 addresses, or Domain Name Services (DNS) names. To configure NTP associations, perform this task: Step 1 Step 2 Step 3 Step 4 18 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 80
configuration mode. Discards the NTP configuration changes in the pending database and releases the fabric lock. 3-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 81
but first you must configure some IP parameters so that the switch is reachable. You can manually configure the management interface from the CLI. This section includes the following sections: • About the , page 3-21 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-19 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 82
The mgmt0 interface uses 10/100/1000 Ethernet. Note Before you begin to configure the management interface manually, obtain the switch's IP address and subnet mask. Also make sure that the console cable DLY 0 usec, 3-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 83
are briefly described in this section and listed at the end of each chapter. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-21 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 84
system is erased when the switch reboots. The syntax for this command is cd directory name. 3-22 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 85
rmdir directory name. This example deletes the directory called test in the bootflash directory: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-23 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 86
. Deleting Files The delete command deletes a specified file or the specified directory and all its contents. 3-24 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 87
compresses (zips) the specified file using LZ77 coding. This example directs the output of the show tech-support command to a file (Samplefile), and then zips the file and displays the difference in the space .gz OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 3-25 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 88
:51:03 2003 Samplefile Usage for volatile:// 1527808 bytes used 19443712 bytes free 20971520 bytes total 3-26 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 89
host ID. • Host IDs-A unique chassis serial number that is specific to each switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 90
instructions Support-If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you purchased support directly from Cisco Systems, contact Cisco Technical Support Services Package. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 91
-Installed License, page 4-3 • Performing a Manual Installation, page 4-4 Obtaining a Factory-Installed service. Note If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you purchased support directly from Cisco Systems, contact Cisco Technical Support Guide 4-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 92
Send feedback to [email protected] Performing a Manual Installation All Cisco Nexus 5000 Series licenses are factory-installed. Manual installation is not required. Obtaining the License Key File key file. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 93
uncounted \ HOSTID=VDH=FOX0646S017 \ NOTICE="0 \ dummyPak" SIGN=EE9F91EA4B64 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 94
being used. Features turned on by permanent licenses must first be disabled, before that license is uninstalled. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 95
evaluation license expires. Removing an evaluation license immediately triggers a grace period without service disruption. Caution Disable related features before uninstalling a license. The delete procedure fails . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 96
Note If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you purchased support directly from Cisco Systems, contact Cisco Technical Support at this URL: http:// a license. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 4-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 97
license from one switch to another, contact your customer service representative. Note If you purchased Cisco support through a Cisco reseller, contact the reseller directly. If you purchased support directly from Cisco Systems, contact Cisco Technical Support at this URL: http://www.cisco.com/warp - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 98
ID for the physical switch. switch# show license usage Displays the usage information for installed licenses. 4-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 99
Send feedback to [email protected] PART 2 LAN Switching - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 100
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 101
as standard Ethernet interfaces connected to servers or to a LAN. The Ethernet interfaces also support Fibre Channel over Ethernet (FCoE). FCoE allows the physical Ethernet link to carry both Ethernet (if populated). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 102
user. Unidirectional links can cause a variety of problems, including spanning tree topology loops. UDLD is a . Devices on both ends of the link must support UDLD in order for the protocol to successfully identify detects the problem and disables the port. Cisco Nexus 5000 Series - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 103
default. You can configure UDLD aggressive mode only on point-to-point links between network devices that support UDLD aggressive mode. If UDLD aggressive mode is enabled, when a port on a bidirectional link discarded. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 104
listens to the messages sent by other devices to learn about neighboring devices. The switch supports both CDP Version 1 and Version 2. Default CDP Configuration Table 5-2 shows the default CDP time in milliseconds. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 105
some protocols. About MTU Configuration A per-physical Ethernet interface maximum transmission unit (MTU) is not supported. Instead, MTU is set according to the QoS classes. You modify MTU by setting Policy and device. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 106
. This interface must have a 1-Gigabit Ethernet SFP transceiver inserted into it. Sets the speed on the interface. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 107
. Use the no form of the CDP commands to return to the default settings. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 108
for the amount of time (1 to 5000 milliseconds) specified. Disables the debounce timer if you specify 0 milliseconds. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 109
Enters configuration mode. Enters interface configuration mode for the specified interface. Disables the interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 110
, 10 Gb/s, media type is 1/10g Input flow-control is off, output flow-control is off 5-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 111
number is SFBR-7700SDZ B4 R revision is B4 R serial number is AGD1134229V 070823 nominal bitrate is 0 MBits/sec Link length supported for 50/125mm fiber is 0 m(s) Link length supported for 62.5/125mm fiber is 0 m(s) cisco id is -- cisco extended id number is 4 OL-16597-01 Cisco Nexus 5000 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 112
, H - Host, I - IGMP, r - Repeater, V - VoIP-Phone, D - Remotely-Managed-Device, s - Supports-STP-Dispute Device ID d13-dist-1 n5k(FLC12080012) Local Intrfce Hldtme Capability Platform Port ID mgmt0 Eth1/5 148 5-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 113
by selecting maps of QoS classes. See Chapter 31, "Configuring QoS," for additional information. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 114
Displaying Interface Information Chapter 5 Configuring Ethernet Interfaces Send feedback to [email protected] 5-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 115
for stations that do not belong to the VLAN must be forwarded through a router. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 116
and pass traffic. Understanding VLAN Ranges The Cisco Nexus 5000 Series switch supports VLAN numbers 1to 4094 in accordance with the IEEE 802.1Q standard. of VLANs it can support. The hardware also shares this available range with its VSANs. For details of the number of supported VLANs and VSANs, - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 117
, the specified VLAN, the system automatically reinstates all the original ports to that VLAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 118
to create a range of VLANs from 15 to 20: switch# configure terminal switch(config)# vlan 15-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 119
(config-vlan)# name accounting switch(config-vlan)# state active switch(config-vlan)# no shutdown OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 120
/23, Eth1/24, Eth1/25 Eth1/26, Eth1/27, Eth1/28 Eth1/29, Eth1/30, Eth1/31 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 121
Number of existing VLANs : 2 Number of existing user VLANs : 2 Number of existing extended VLANs : 0 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 122
Verifying VLAN Configuration Chapter 6 Configuring VLANs Send feedback to [email protected] Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 6-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 123
ports in other community VLANs. Note A PVLAN isolated port on a Cisco Nexus 5000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1q encapsulation and cannot be used as a trunk port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 124
cannot communicate with ports in other community VLANs or in any isolated VLANs at the Layer 2 level. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 125
communities and from all isolated ports within the private VLAN domain. Note Because trunks can support the VLANs carrying traffic between promiscuous, isolated, and community ports, the isolated and community ports. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 126
a primary VLAN. • The secondary VLAN must exist and be configured as either an isolated or community VLAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 127
can assign the specified VLAN as a private VLAN, This section includes the following topics: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 128
disable private VLANs if there are operational ports on the switch that are in private VLAN mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 129
IDs. • The secondary-vlan-list parameter can contain multiple community and isolated VLAN IDs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 130
VLANs or isolated VLANs. You then associate the host port with both the primary and secondary VLANs. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 131
. Selects the port to configure as a private VLAN promiscuous port. A physical interface is required. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 132
5 109 isolated switch# show vlan private-vlan type Vlan Type 5 primary Ports Eth1/12, veth1/1 Eth1/2 7-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 133
shows how to display enabled features: switch# show system internal clis feature 7 pvlan enabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 7-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 134
Verifying Private VLAN Configuration Chapter 7 Configuring Private VLANs Send feedback to [email protected] 7-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 135
802.1D STP, page 8-16 • Rapid PVST+ Interoperation with 802.1s MST, page 8-17 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 136
in an STP-blocked state. The topology on an active switched network is determined by the following: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 137
3 Bit 2 Bit 1 32768 16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 138
bridge • The STP path cost to the root • The bridge ID of the transmitting bridge • Message age Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 139
recalculation to form a new spanning tree topology with the ideal switch as the root. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 140
RSTP) standard implemented per VLAN. A single instance of STP runs on each configured VLAN (if you do not manually disable STP). Each Rapid PVST+ instance on a VLAN has a single root switch. You can enable and disable . Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 141
PVST+ (in contrast to 50 seconds with the default settings in the 802.1D STP). Note Rapid PVST+ supports one STP instance for each VLAN. Using Rapid PVST+, STP convergence occurs rapidly. Each designated or root port OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 142
blocking state. Assume that the priority of switch A is a smaller numerical value than the priority of switch B. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 143
topology. Protocol Timers Table 8-2 describes the protocol timers that affect the Rapid PVST+ performance. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 144
. A port with the alternate or backup port role is excluded from the active topology (see Figure 8-5). 8-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 145
. • Disabled-The LAN port does not participate in STP and is not forwarding frames. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 146
follows: • Forwards frames received from the attached segment. • Forwards frames switched from another port for forwarding. 8-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 147
not satisfy any of the above conditions, its port state is set to blocking. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 148
and state in the received BPDUs to detect unidirectional link failures that could cause bridging loops. 8-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 149
; you can configure the same port cost to all the VLANs on a trunk port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 150
is active, the switch processes all BPDUs received on that port and ignores the protocol type. 8-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 151
PVST+ is the default STP mode. You cannot simultaneously run MST and Rapid PVST+. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 152
example shows how to enable STP on VLAN 5: switch# configure terminal switch(config)# spanning-tree vlan 5 8-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 153
You can enter the hello-time keyword to override the automatically calculated hello time. Note With the switch configured as the root bridge, do not manually configure the hello time, forward-delay time, and maximum-age time using the spanning-tree mst hello-time, spanning-tree mst forward-time, and - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 154
when configuring the primary root bridge. Note With the switch configured as the root bridge, do not manually configure the hello time, forward-delay time, and maximum-age time using the spanning-tree mst of 4: 8-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 155
method used for Rapid PVST+ pathcost calculations. The default method is the short method. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-21 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 156
5 on Gigabit Ethernet port 1/4 to 8192: switch# configure terminal switch(config)# spanning-tree vlan 5 priority 8192 8-22 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 157
+. To configure the maximum age time for a VLAN in Rapid PVST+, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-23 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 158
-tree link-type point-to-point You can only apply this command to a physical Ethernet interface. 8-24 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 159
/3 Root FWD 2 128.131 P2p Peer(STP) veth1/1 Desg FWD 2 128.129 Edge P2p OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 8-25 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 160
Verifying Rapid PVST+ Configurations Chapter 8 Configuring Rapid PVST+ Send feedback to [email protected] 8-26 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 161
Failure, page 9-8 • Port Cost and Port Priority, page 9-8 • Interoperability with IEEE 802.1D, page 9-9 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 162
units (BPDUs). There is no limit to the number of MST regions in a network. Each region can support up to 65 MST instances (MSTIs). Instances are identified by any number in the range from 1 to 4094. protocols. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-2 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 163
MST BPDU carries information for all instances, the number of BPDUs that need to be processed to support MSTIs is significantly reduced. Figure 9-1 MST BPDU with M-Records for MSTIs Protocol information for the MST. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 164
encompasses the entire switched domain. The CIST is formed by the spanning tree algorithm running among switches that support the 802.1w, 802.1s, and 802.1D standards. The CIST inside an MST region is the on page 9-5. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-4 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 165
regional root for region 3 (C) are the roots for their respective subtrees within the CIST. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 166
root path cost calculated between these virtual switches and switches that do not belong to any region. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-6 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 167
B Bridge B1 Bridge B2 Bridge B3 182777 B2 designated => B1 boundary, B2 & B3 internal OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 168
priority is 128. You can configure the priority to values between 0 and 224, in increments of 32. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-8 OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 169
feedback to [email protected] Interoperability with IEEE 802.1D A switch that runs MST supports a built-in protocol migration feature that enables it to interoperate with 802.1D STP switches Mode, page 9-11 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 170
all spanning tree instances are stopped for the previous mode and started for the new mode. 9-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 171
configuration mode. In addition, the pending region configuration starts with the current region configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 172
region, they must have the identical MST name, VLAN-to-instance mapping, and MST revision number. 9-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 173
be capable of processing IEEE 802.1w RSTP BPDUs. There is no limit to the number of MST regions in a network, but each region can support only up to 65 MST instances. You can assign a VLAN to only one MST instance at a time. OL-16597-01 Cisco Nexus 5000 Series Switch - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 174
region1 switch(config-mst)# revision 1 switch(config-mst)# show pending Pending MST configuration Name [region1] Revision 1 9-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 175
specified instance and returns the VLANs to the default MSTI, which is the CIST. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 176
. You can enter the hello keyword to override the automatically calculated hello time. Note With the switch configured as the root bridge, do not manually configure the hello time, forward-delay time, and maximum-age time using the spanning-tree mst hello-time, spanning-tree mst forward-time, and - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 177
the primary root bridge with the spanning-tree mst root primary global configuration command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 178
configure the port priority, perform this task: Step 1 Command switch# configure terminal Purpose Enters configuration mode. 9-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 179
port cost, perform this task: Step 1 Command switch# configure terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-19 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 180
primary and the spanning-tree mst root secondary global configuration commands to modify the switch priority. 9-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 181
the switch to 1 second: switch# configure terminal switch(config)# spanning-tree mst hello-time 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-21 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 182
that region. The hop count achieves the same result as the message-age information (triggers a reconfiguration). 9-22 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 183
port stops receiving BPDUs, and then the port resumes the normal STP transition process. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-23 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 184
default is auto, which sets the link type based on the duplex setting of the interface. 9-24 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 185
-attempt] Revision 1 Instances configured 2 Instance Vlans mapped 0 1-12,14-41,43-4094 1 13,42 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9-25 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 186
Verifying MST Configurations Chapter 9 Configuring MST Send feedback to [email protected] 9-26 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 187
BPDU Filtering, page 10-3 • Understanding Loop Guard, page 10-4 • Understanding Root Guard, page 10-5 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 188
Bridge Assurance You can use Bridge Assurance to protect against certain problems that can cause bridging loops in the network. Specifically, you algorithm. Note Bridge Assurance is supported only by Rapid PVST+ and MST. Legacy 802.1D spanning tree does not support Bridge Assurance. 10-2 Cisco - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 189
BPDU Guard provides a secure response to invalid configurations, because you must manually put the LAN interface back in service after an invalid configuration. Note When enabled globally, BPDU Guard applies to . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 190
which that port belongs. When you disable Loop Guard, it is disabled for the specified ports. 10-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 191
link will not work. • You cannot enable Loop Guard if Root Guard is enabled. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 192
as spanning tree network ports: switch# configure terminal switch(config)# spanning-tree port type network default 10-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 193
network ports on specified interfaces. Bridge Assurance runs only on spanning tree network ports. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 194
following: • Ensure that STP is configured. • Ensure that you have configured some spanning tree edge ports. 10-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 195
1/4: switch# configure terminal switch (config)# interface ethernet 1/4 switch(config-if)# spanning-tree bpduguard enable OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 196
it receives. This BPDU Filtering functionality applies to the entire interface, whether trunking or not. 10-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 197
port and if you enter the spanning-tree port type edge bpdufilter default command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 198
. Before you configure this feature, you should do the following: • Ensure that STP is configured. 10-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 199
tree on the switch Displays selected detailed information for the current spanning tree configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 10-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 200
Verifying STP Extension Configuration Chapter 10 Configuring STP Extensions Send feedback to [email protected] 10-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 201
channels, Cisco NX-OS provides wider bandwidth, redundancy, and load balancing across the channels. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 202
Channels" section on page 11-7). Note Cisco NX-OS does not support Port Aggregation Protocol (PAgP) for port channels. A port channel bundles .3x flow control setting • MTU The Cisco Nexus 5000 Series switch only supports system level MTU. This attribute cannot be changed on an individual port basis - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 203
port number • Source TCP/UDP port number • Source and destination TCP/UDP port number OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 204
, page 11-6 • LACP Marker Responders, page 11-7 • LACP-Enabled and Static Port Channels Differences, page 11-7 11-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 205
all compatible ports from aggregating and which ports should be put into active mode. A OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 206
state. The passive mode is useful when you do not know whether the remote system, or partner, supports LACP. Ports can form an LACP port channel when they are in different LACP modes as long as port in passive mode. 11-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 207
ensure that frames are not duplicated or reordered because of this redistribution. Cisco NX-OS supports only Marker Responders. LACP-Enabled and Static Port Channels Differences Table 11-3 provides a brief group. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 208
to a channel group and enters the interface configuration mode. (Optional) Configures the interface as a trunk port. 11-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 209
port channels: switch# configure terminal switch (config)# port-channel load-balance ethernet source-ip OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 210
protocol, all interfaces on both sides of the link remain in the on channel mode. 11-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 211
, you can configure each link in the LACP port channel for the port priority. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 212
used and unused channel numbers. Displays information on current running of the port channel feature. 11-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 213
ID for Trunk Ports, page 12-3 • Understanding Allowed VLANs, page 12-4 Note Cisco NX-OS supports only IEEE 802.1Q-type VLAN trunk encapsulation. Understanding Access and Trunk Interfaces Ethernet interfaces can be OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 12-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 214
allows the trunk to move traffic end-to-end through the network on the same VLAN. 12-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 215
Ports Note Native VLAN ID numbers must match on both ends of the trunk. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 12-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 216
which is enabled on all ports by default, will have a very big STP topology, which can result in problems during STP convergence. When you remove VLAN1, all data traffic for VLAN1 on this port is blocked, but mode. 12-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 217
disables port channeling on this interface. Note Apply this command only to end stations. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 12-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 218
802.1Q Encapsulation" section on page 12-2 for information about encapsulation.) Note Cisco NX-OS supports only 802.1Q encapsulation. To configure a trunk port, perform this task: Step 1 Step configuration mode. 12-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 219
terminal switch(config)# interface ethernet 3/1 switch(config-if)# switchport trunk allow vlan 15-20 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 12-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 220
configuration Displays information for all Ethernet interfaces, including access and trunk interfaces. Displays interface configuration information. 12-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 221
the MAC Table, page 13-2 • Clearing Dynamic Addresses from the MAC Table, page 13-3 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 13-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 222
. Note You can also configure MAC aging time in interface configuration mode or VLAN configuration mode. 13-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 223
Age Port 1 0018.b967.3cd0 dynamic 10 Eth1/3 1 001c.b05a.5380 dynamic 200 Eth1/3 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 13-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 224
time: switch# show mac-address-table aging-time Vlan Aging Time 1 300 13 300 42 300 13-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 225
membership reports. The IGMP snooping software responds to topology change notifications. Note IGMP snooping is supported on all Ethernet interfaces. The term snooping is used because Layer 3 control plane packets . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 14-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 226
IGMP Snooping Querier, page 14-3 • IGMP Forwarding, page 14-3 IGMPv1 and IGMPv2 Both IGMPv1 and IGMPv2 support membership report suppression, which means that if two hosts on the same subnet want to receive multicast data Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 227
reports from a VLAN, it removes the group for the VLAN from its IGMP cache. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 14-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 228
all VLANs are treated as disabled, whether they are enabled or not. Enters VLAN configuration mode. 14-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 229
individual hosts for each port on a per-VLAN basis. The default is enabled on all VLANs. Supports IGMPv2 hosts that cannot be explicitly tracked because of the host report suppression mechanism of the IGMPv2 switch# OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 14-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 230
tracking enabled Fast leave disabled Report suppression enabled Router port detection using PIM Hellos, IGMP Queries 14-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 231
port detection using PIM Hellos, IGMP Queries Number of router-ports: 1 Number of groups: 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 14-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 232
Verifying IGMP Snooping Configuration Chapter 14 Configuring IGMP Snooping Send feedback to [email protected] 14-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 233
and T5. During those intervals, the amount of broadcast traffic exceeded the configured threshold. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 15-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 234
level can be from 0 to 100. - The optional fraction of a level can be from 0 to 99. 15-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 235
the counters the Cisco Nexus 5000 Series switch maintains for traffic storm control activity. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 15-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 236
. Table 15-1 Default Traffic Storm Control Parameters Parameters Traffic storm control Threshold percentage Default Disabled 100 15-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 237
Send feedback to [email protected] PART 3 Switch Security Features - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 238
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 239
Services, page 16-1 • Benefits of Using AAA, page 16-2 • Remote AAA Services, page 16-2 • AAA Server Groups, page 16-3 • AAA Service Nexus 5000 Series switches. The Nexus 5000 Series switches support Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access Control device Plus - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 240
services: • Authentication-Identifies users, including login and password dialog, challenge and response, messaging support provided by attributes that are downloaded from AAA servers. Remote security use this information to generate reports for troubleshooting and auditing purposes. You can store - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 241
Service Configuration Options On Nexus 5000 Series for the following services: • User Telnet service configuration option. . Table 16-1 AAA Service Configuration Commands AAA Service for the AAA services: • RADIUS services. OL-16597-01 Cisco Nexus 5000 Series Switch CLI - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 242
16-2 AAA Authentication Methods for AAA Services AAA Service Console login authentication User login authentication User is RADIUS, then user roles specified in the cisco-av-pair attribute are downloaded with an authentication response. b. If the AAA server protocol is TACACS+, Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 243
is configured on the Nexus 5000 Series switch and on the remote AAA servers. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 16-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 244
page 17-13 and the "Manually Monitoring TACACS+ Servers or Groups" section on page 18-12). AAA Guidelines and Limitations The Nexus 5000 Series switches do not support all numeric usernames, whether created : 16-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 245
radius switch(config)# exit switch# show aaa authentication switch# copy running-config startup-config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 16-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 246
. Remote AAA servers unreachable; local authentication failed. To enable login authentication failure messages, perform this task: 16-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 247
) Displays the MS-CHAP configuration. (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 16-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 248
[email protected] Configuring AAA Accounting Default Methods The Nexus 5000 Series switch supports TACACS+ and RADIUS methods for accounting. The switches report user activity to TACACS+ configuration. 16-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 249
. If a value contains any white spaces, put it within double quotation marks. The following attributes are supported by the Nexus 5000 Series switches: • roles-Lists all the roles assigned to the user. The value ..." OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 16-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 250
to configure AAA: aaa authentication login default group radius aaa authentication login console group radius 16-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 251
accounting method Accounting log display length Default local local Disabled Disabled local 250 KB OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 16-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 252
Default Settings Chapter 16 Configuring AAA Send feedback to [email protected] 16-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 253
A P T E R Configuring RADIUS This chapter describes how to configure Remote Access Dial-In User Service (RADIUS) protocol on the Nexus 5000 Series switch. This chapter includes the following sections: • Information -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 254
supporting services, indicating the service provider (ISP) might use a freeware-based version of the RADIUS access control and accounting software to meet special security and billing needs. • Networks that support different service-level • Services that SLIP), or EXEC services. • Connection parameters - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 255
vendor-specific option using the format recommended in the specification. The Cisco vendor ID is 9, and the supported option is vendor type 1, which is named cisco-av-pair. The value is a string with the VSAs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 256
any white spaces, you should enclose the value within double quotation marks. The Nexus 5000 Series switch supports the following attributes: • roles-Lists all the roles to which the user belongs. The value field -12. 17-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 257
Periodic RADIUS Server Monitoring, page 17-11 • Configuring the Dead-Time Interval, page 17-12 • Manually Monitoring RADIUS Servers or Groups, page 17-13 Configuring RADIUS Server Hosts You must configure the IPv4 . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 258
preshared keys, obtain the preshared key values for the remote RADIUS servers and perform this task: 17-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 259
time but they only take effect when you apply them to an AAA service. For information on AAA services, see the "Remote AAA Services" section on page 16-2. To configure radius server groups, perform this characters. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 260
username@hostname, where hostname is the name of a configured RADIUS server. User specified logins are only supported for Telnet sessions. To allow users to specify a RADIUS server at login, perform this task: Step . 17-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 261
. To configure RADIUS transmission retry count and timeout interval for a server, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 262
it to be used only for accounting purposes. The default is both accounting and authentication. 17-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 263
is 0 minutes, the Nexus 5000 Series switch does not perform periodic RADIUS server monitoring. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 264
dead-time interval. The default value is 0 minutes. The range is from 1 to 1440 minutes. 17-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 265
test message to a RADIUS server group to password confirm availability. The following example shows how to manually send a test message to a RADIUS server: switch# test aaa server radius 10.10.1.1 user1 Ur2Gd2BH OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 17-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 266
monitoring username Periodic server monitoring password Default Authentication and accounting 0 minutes 1 5 seconds 0 minutes test test 17-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 267
provides centralized validation of users attempting to gain access to a Nexus 5000 Series switch. TACACS+ services are maintained in a database on a TACACS+ daemon typically running on a UNIX or Windows NT page 18-3 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 268
from the TACACS+ daemon: • ACCEPT-User authentication succeeds and service begins. If the Nexus 5000 Series switch requires user authorization, EXEC or NETWORK session for that user and determines the services that the user can access. Services include the following: • Telnet, rlogin, Point-to-Point - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 269
TACACS+ server monitoring is performed by sending a test authentication request to the TACACS+ server. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 270
Periodic TACACS+ Server Monitoring, page 18-11 • Configuring the Dead-Time Interval, page 18-12 • Manually Monitoring TACACS+ Servers or Groups, page 18-12 • Disabling TACACS+, page 18-12 TACACS+ Server page 18-5. 18-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 271
on page 18-7). Before you configure TACACS+ server hosts, you should do the following: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 272
command to display the encrypted preshared keys. (Optional) Copies the running configuration to the startup configuration. 18-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 273
which you configure them. You can configure these server groups at any time but they only take effect when you apply them to an AAA service. For information on AAA services, see the "Remote AAA Services" section on page 16-2. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 274
this option, the user can log in as username@hostname, where hostname is the name of a configured RADIUS server. Note User specified logins are only supported for Telnet sessions. 18-8 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 275
Nexus 5000 Series switch waits for responses from a TACACS+ server before declaring a timeout failure. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 276
.10.1.1 port 2 switch(config)# exit switch# show tacacs-server switch# copy running-config startup-config 18-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 277
-time 5 switch(config)# exit switch# show tacacs-server switch# copy running-config startup-config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 278
message to a TACACS+ server group to password confirm availability. The following example shows how to manually issue a test message: switch# test aaa server tacacs+ 10.10.1.1 user1 Ur2Gd2BH switch# discarded. 18-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 279
.10.2.2 key 7 "ShMoMhTl" aaa group server tacacs+ TacServer server 10.10.2.2 use-vrf management OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 280
Periodic server monitoring username Periodic server monitoring password Default Disabled 0 minutes 5 seconds 0 minutes test test 18-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 281
. The SSH server in the Nexus 5000 Series switch will interoperate with publicly and commercially available SSH clients. The user authentication mechanisms supported for SSH are RADIUS, TACACS+, and the use of locally stored user names and passwords. OL-16597-01 Cisco Nexus 5000 Series - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 282
key using 1024 bits. Caution If you delete all of the SSH keys, you cannot start the SSH services. Telnet Server The Telnet protocol enables TCP/IP connections to a host. Telnet allows a user at one interface. 19-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 283
Limitations SSH has the following configuration guidelines and limitations: • The Nexus 5000 Series switch supports only SSH version 2 (SSHv2). Configuring SSH This section includes the following sections: • -config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 19-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 284
key in IETF SCHSH format, and perform this task: Step 1 Command switch# copy server-file bootflash:filename Step 2 switch# configure terminal Purpose Downloads the file containing the SSH key in IETF SECSH format from a server. The server can be FTP, SCP, SFTP, or TFTP. Enters configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 285
switch# configure terminal switch# show user-account Step 4 switch# copy running-config startup-config Purpose Downloads the file containing the SSH key in PEM-formatted Public Key Certificate form from a server. The -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 19-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 286
argument can be an IPv4 address, an IPv6 address, or a device name. Clearing SSH Hosts When you download a file from a server using SCP or SFTP, you establish a trusted SSH relationship with that server. To -3). 19-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 287
server disable Purpose Enters configuration mode. Disables the Telnet server. The default is enabled. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 19-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 288
users switch(config)# clear line vty-line Purpose Displays user session information. Clears a user Telnet session. 19-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 289
+XVn+NjnI1B7ihvpVh7dLddMOXwOnXHYshXmSiH3UD/vKyziEh5S4Tplx8= Step 5 Save the configuration. switch(config)# copy running-config startup-config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 19-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 290
bits for generation Telnet server Default Enabled RSA key generated with 1024 bits 1024 Enabled 19-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 291
includes the following topics: • IP ACL Types and Applications, page 20-1 • Rules, page 20-2 IP ACL Types and Applications The Cisco Nexus 5000 Series switch supports IPv4, IPv6 and MAC ACLs for security traffic filtering. The switch allows you to use IP ACLs as port ACLs and VLAN ACLs, as shown - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 292
to associate the ACL with an action, and then apply the map to a VLAN. Types of ACLs Supported IPv4 ACLs IPv6 ACLs MAC ACLs IPv4 ACLs IPv6 ACLs MAC ACLs Application Order When the switch processes a packet by name. 20-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 293
additional options. IPv4 ACLs support the following additional filtering options: • Layer 4 protocol • TCP and UDP ports • ICMP types and codes • IGMP types • Precedence level • Differentiated Services Code Point (DSCP) -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 294
, page 20-8 • Verifying IP ACL Configurations, page 20-8 • Displaying and Clearing IP ACL Statistics, page 20-9 20-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 295
sequence-number argument can be a whole number between 1 and 4294967295. The permit and deny commands support many ways of identifying traffic. For more information, see the Cisco Nexus 5000 Series Command Reference. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 296
sequence-number argument can be a whole number between 1 and 4294967295. The permit and deny commands support many ways of identifying traffic. For more information, see the Cisco Nexus 5000 Series Command Reference. 20-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 297
interface configuration mode for the specified interface. Enters interface configuration mode for a port channel. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 298
port access-list. Applies an IPv4 ACL to the interface or port channel. Only inbound filtering is supported with port ACLs. You can apply one port ACL to an interface. (Optional) Displays ACL configuration Reference. 20-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 299
ACL Configurations, page 20-13 • Displaying and Clearing MAC ACL Statistics, page 20-13 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 300
and enters ACL configuration mode. Creates a rule in the MAC ACL. The permit and deny options support many ways of identifying traffic. For more information, see the Cisco Nexus 5000 Series Command Reference. name. 20-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 301
. Without a sequence number, the rule is added to the end of the rules. The permit and deny commands support many ways of identifying traffic. Step 4 switch(config-mac-acl)# no {sequence-number | {permit|deny} source -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 302
more information about configuring MAC ACLs, see the "Configuring IP ACLs" section on page 20-4. 20-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 303
statistics about a MAC ACL, including the number of packets that have matched each rule. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 304
traffic to the destination determined by normal operation of the switch. • Drop-Drops the traffic. 20-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 305
is applied. Note The Cisco Nexus 5000 Series switch does not support interface-level VACL statistics. For each VLAN access map that you needed to monitor traffic filtered by a VACL or to help troubleshoot VLAN access-map configuration. For information about displaying VACL statistics, Guide 20-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 306
apply a VACL to a VLAN. The VACL drop-down list appears in the Advanced Settings section. 20-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 307
acl-ip-01 action forward vlan filter acl-ip-map vlan-list 50-82 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 308
default. Implicit rules apply to all ACLs. See the "Implicit Rules" section on page 20-3. 20-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 309
Send feedback to [email protected] PART 4 System Management - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 310
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 311
manual configuration at each switch in the network can be a tedious and error-prone process. Cisco Fabric Services in all CFS capable switches. Cisco Nexus 5000 Series switches support CFS message distribution over Fibre Channel, IPv4 or IPv6 networks. CLI Software Configuration Guide 21-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 312
Chapter 21 Using Cisco Fabric Services Send feedback to nx5000-docfeedback : The distribution spans the entire IP network. The following features are supported for CFS distribution over Fibre Channel SANs: • Three scopes of distribution 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 313
Chapter 21 Using Cisco Fabric Services CFS Distribution Send feedback to [email protected] Uncoordinated Distribution Uncoordinated distributions are used to (default) CFS distribution on the switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 21-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 314
21 Using Cisco Fabric Services Send feedback to nx5000-docfeedback : ff15::efff:4653 CFS Distribution over IP CFS distribution over IP supports the following features: • Physical distribution over an entirely IP network. Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 315
layer resides on top of the FC2 layer. CFS uses the FC2 transport services to send information to other switches. CFS uses a proprietary SW_ILS (0x77434653 applicable only within a VSAN. Note Logical scope is not supported for FCS distribution over IP. • Physical topology level (physical Guide 21-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 316
for Applications Chapter 21 Using Cisco Fabric Services Send feedback to [email protected] CFS Merge Support CFS Merge is supported for CFS distribution over Fibre Channel. An application database). 21-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 317
Using Cisco Fabric Services CFS Support for Applications CFS. Conditional services that use CFS do not appear in the output unless these services are running CFS, merge capability (if it has registered with CFS for merge support), and lastly the distribution scope. switch# show cfs application name - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 318
CFS Support for Applications Chapter 21 Using Cisco Fabric Services Send feedback to [email protected] Locking the Network When you configure (first time configuration) a the lock for all switches. 21-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 319
Chapter 21 Using Cisco Fabric Services CFS Regions Send feedback to nx5000-docfeedback@cisco. locks in the network. Both the abort and commit functions are only supported from the switch from which the network lock is acquired. You can 5000 Series Switch CLI Software Configuration Guide 21-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 320
CFS Regions Chapter 21 Using Cisco Fabric Services Send feedback to [email protected] • Managing CFS Regions, page 21-10 About CFS Regions A CFS region is page 21-11 • Deleting CFS Regions, page 21-12 21-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 321
Chapter 21 Using Cisco Fabric Services CFS Regions Send feedback to [email protected] Creating CFS Regions To create a CFS region, perform this task: Removes application(s) that belong to the region. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 21-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 322
Configuring CFS over IP Chapter 21 Using Cisco Fabric Services Send feedback to [email protected] Deleting CFS Regions Deleting a region is nullifying the region default) CFS over IPv6 on the switch. 21-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 323
Chapter 21 Using Cisco Fabric Services Configuring CFS over IP Send feedback to [email protected] Verifying the CFS Over IP Configuration To verify the CFS address for CFS over IP is ff15::efff:4653. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 21-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 324
Displaying CFS Distribution Information Chapter 21 Using Cisco Fabric Services Send feedback to [email protected] Verifying IP Multicast Address Configuration for CFS ntp Physical Merge Status: Failed 21-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 325
Chapter 21 Using Cisco Fabric Services Displaying CFS Distribution Information Send feedback to [email protected] Local Fabric Switch WWN IP Address 20: 22.92.215 Total number of entries = 2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 21-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 326
Default Settings Chapter 21 Using Cisco Fabric Services Send feedback to [email protected] Default Settings Table 21-1 lists the default settings for CFS . 239.255.70.83. ff15::efff:4653. 21-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 327
, gopher, ftp, nobody, nscd, mailnull, rpc, rpcuser, xfs, gdm, mtsuser, ftpuser, man, and sys. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 22-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 328
passwords are not displayed in the configuration files. Caution The Nexus 5000 Series switch does not support all numeric usernames, whether created with TACACS+ or RADIUS, or created locally. Local users . 22-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 329
if they are not listed in the user role policies associated with that user. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 22-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 330
option format is YYYY-MM-DD. The default is no expiry date. Exits global configuration mode. 22-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 331
-name argument is a case-sensitive, alphanumeric character string with a maximum length of 16 characters. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 22-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 332
commands switch(config-role)# exit switch(config)# show role switch(config)# copy running-config startup-config 22-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 333
)# copy running-config (Optional) Copies the running configuration to the startup-config startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 22-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 334
as many VSANs as needed. switch(config-role-vsan)# exit Exits role VSAN policy configuration mode. 22-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 335
name Security-features feature radius feature tacacs feature aaa feature acl feature access-list OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 22-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 336
interfaces are accessible. All VLANs are accessible. All VFCs are accessible. All VETHs are accessible. 22-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 337
. You can also save a configuration session. Configuration Guidelines and Limitations Session Manager has the following configuration guidelines and limitations: • Session Manager supports only the ACL feature. • You can create up to 32 configuration sessions. • You can configure a maximum of 20,000 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 338
group to the interface. switch# show configuration session [name] (Optional) Displays the contents of the session. 23-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 339
(config-s-ip)# exit switch(config-s)# verify switch(config-s)# exit switch# show configuration session test2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 23-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 340
configuration session. Displays the status of the configuration session. Displays a summary of all the configuration sessions. 23-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 341
Module Diagnostics, page 24-3 Online Diagnostics Overview Cisco Nexus 5000 Series switches support bootup diagnostics and runtime diagnostics. Bootup diagnostics include disruptive tests and nondisruptive tests . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 24-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 342
. Monitors the power supply health state. Monitors temperature sensor readings. Monitors fan speed and fan control. 24-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 343
. Expansion Module Diagnostics During switch bootup or reset, the bootup diagnostics include tests for the in-service expansion modules in the switch. When you insert an expansion module into a running switch, a set 16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 24-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 344
of the diagnostics tests. Default Settings Table 24-6 lists the default settings for online diagnostics parameters. 24-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 345
Chapter 24 Configuring Online Diagnostics Default Settings Send feedback to [email protected] Table 24-6 Default Online Diagnostics Parameters Parameters Bootup diagnostics level Default complete OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 24-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 346
Default Settings Chapter 24 Configuring Online Diagnostics Send feedback to [email protected] 24-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 347
unusable Immediate action needed Critical condition Error condition Warning condition Normal but significant condition OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 25-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 348
Servers" section on page 25-5. To support the same configuration of syslog servers on all switches in a fabric, you can use the Cisco Fabric Services (CFS) to distribute the syslog server , perform this task: 25-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 349
25-8. To configure the switch to log system messages to a file, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 25-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 350
specified, the default of 5 is used. Disables module log messages. (Optional) Displays the module logging configuration. 25-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 351
following line to the /etc/syslog.conf file: facility.level action OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 25-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 352
host. (Optional) Displays the syslog server configuration. (Optional) Copies the running configuration to the startup configuration. 25-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 353
distribute the syslog server configuration to other switches in the network by using the Cisco Fabric Services (CFS) infrastructure. For more information about CFS, see the "Information About CFS" section on . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 25-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 354
1 15:10:0 switch# show logging nvram last 10 switch# clear logging logfile switch# clear logging nvram 25-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 355
logging server 172.28.254.254 5 local3 logging commit copy running-config startup-config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 25-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 356
2 Enabled to log:messages at severity level 5 Enabled at severity level 5 Enabled; Seconds Disabled Disabled 25-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 357
You can use this feature to page a network support engineer, e-mail a Network Operations Center, or use Cisco Smart Call Home services to automatically generate a case with the Technical Assistance Center page 26-2). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 358
formats. Call Home Alert Groups An alert group is a predefined subset of Call Home alerts that are supported in all Nexus 5000 Series switches. Alert groups allow you to select the set of Call Home alerts in a 26-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 359
the destination profile (see the "Call Home Message Levels" section on page 26-4). Table 26-1 lists supported alert groups and the default CLI command output included in Call Home messages generated for the alert group. -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 360
commands only to full text and XML destination profiles. Short text destination profiles do not support additional show commands because they only allow 128 bytes of text. Call Home Message Levels Call messages. 26-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 361
problem resolution. • Secure message transport directly from your device or through a downloadable Transport Gateway (TG) aggregation point. You can use a TG aggregation point in cases that require support Smart Call Home, you need an active service contract for the device that you are Guide 26-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 362
-contact switch(config)# callhome Purpose Enters configuration mode. Configures the SNMP sysContact. Enters callhome configuration mode. 26-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 363
255 alphanumeric characters in free format. (Optional) Configures the customer number for this device from the service agreement. The customer number can be up to 255 alphanumeric characters in free format. Step 9 Step -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 364
1 Step 2 Command switch# configuration terminal switch(config)# callhome Purpose Enters configuration mode. Enters callhome configuration mode. 26-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 365
. (Optional) Displays information about one or more destination profiles. (Optional) Saves this configuration change. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 366
2 Command switch# configuration terminal switch(config)# callhome Purpose Enters configuration mode. Enters callhome configuration mode. 26-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 367
configure the switch to periodically send a message with an inventory of all software services currently enabled and running on the device along with hardware inventory information. The switch interval 20 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 368
Purpose Commits Call Home configuration changes and distributes the changes to call CFS-enabled devices. 26-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 369
test message to all configured destinations. callhome test and callhome test inventory commands are supported. Verifying Call Home Configuration To display Call Home configuration information, perform one of groups. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 370
| callhome-all] show startup-config callhome show startup-config callhome show tech-support callhome Purpose Displays the running configuration for Call Home. Displays the startup configuration for level. 0 (zero) 26-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 371
page 26-18 • Sample syslog Alert Notification in XML Format, page 26-19 Message Formats Call Home supports the following message formats: • Short Text Message Format • Common Fields for All Full Text and XML source OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 372
field used for Cisco-supplied site /aml/ header/siteId ID or other data meaningful to alternate support service. If the message is generated from the device, this is the unique /aml/header/serverId chassis/partNo 26-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 373
software version. XML Tag (XML Only) /aml/body/chassis/hwVersion /aml/body/chassis/swVersion OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 374
syslog_facility:PORT start chassis information: Affected Chassis:WS-C6509 Affected Chassis Serial Number:FG@07120011 26-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 375
="http://www.w3.org/2003/05/soap-envelope/role/next"> http://tools.example.com/services/DDCEService http://www.example.com/appliance/uri OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-19 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 376
:01: %SYS-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure console debugging output. 26-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 377
:00:09: DaughterBoard (Distributed Forwarding Card 3) Firmware compiled 11-Apr-08 03:34 by integ Build [100] Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26-21 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 378
> 26-22 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 379
managed device that maintains the data for the device and reports these data, as needed, to managing systems. The Cisco Nexus 5000 Series switch supports the agent and MIB. To enable the SNMP agent, you must define the relationship between the manager and the agent. • A managed information base (MIB - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 380
in RFCs 3411 to 34180. Note Cisco NX-OS does not support SNMP sets for Ethernet MIBs. The Cisco Nexus 5000 Series switch supports SNMPv1, SNMPv2c and SNMPv3. Both SNMPv1 and SNMPv2c use a community or encryption. 27-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 381
SNMPv3 User-Based Security Model (USM) refers to SNMP message-level security and offers the following services: • Message integrity-Ensures that messages have not been altered or destroyed in an unauthorized manner and -16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 27-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 382
This centralized user management allows the SNMP agent in Cisco NX-OS to leverage the user authentication service of the AAA server. Once user authentication is verified, the SNMP PDUs are processed further. roles. 27-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 383
and Limitations SNMP has the following configuration guidelines and limitations: • Cisco NX-OS supports read-only access to Ethernet MIBs. Configuring SNMP This section includes the following topics: authNoPriv. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 27-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 384
Notification Receivers You can configure Cisco NX-OS to generate SNMP notifications to multiple host receivers. 27-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 385
configured in the Cisco Nexus 5000 Series switch to authenticate and decrypt the informs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 27-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 386
-FSPF-MIB snmp-server enable traps fspf CISCO-PSM-MIB snmp-server enable traps port-security 27-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 387
addition to the varbinds defined in the IF-MIB. This is the default setting. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 27-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 388
-session [auth] Purpose Enables a one-time authentication for SNMP over a TCP session. Default is disabled. 27-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 389
.0.2.1 informs version 3 auth NMS snmp-server host 192.0.2.1 snmp-server enable traps link cisco OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 27-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 390
27-3 Default SNMP Parameters Parameters license notifications linkUp/Down notification type Default enabled ietf-extended 27-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 391
various network agents and console systems to exchange network monitoring data. The Cisco NX-OS supports RMON alarms, events and logs to monitor Cisco Nexus 5000 Series switches An RMON alarm ifOutOctets.17). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 28-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 392
threshold. RMON Events You can associate a particular event to each RMON alarm. RMON supports the following event types: • SNMP notification-Sends an SNMP risingAlarm or fallingAlarm notification when integer. 28-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 393
event 1 Falling threshold is 0, assigned to event 0 On startup enable rising or falling alarm OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 28-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 394
terminal rmon alarm 1 1.3.6.1.2.1.2.2.1.17.83886080 5 delta rising-threshold 5 1 falling-threshold 0 owner test rmon event 1 trap public 28-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 395
parameters. Table 28-1 Default RMON Parameters Parameters Alarms Events Default None configured. None configured. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 28-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 396
Default Settings Chapter 28 Configuring RMON Send feedback to [email protected] 28-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 397
Send feedback to [email protected] PART 5 Fibre Channel over Ethernet - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 398
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 399
29-8 Information About FCoE In Cisco Nexus 5000 Series switches, FCoE is supported on all 10-Gigabit Ethernet interfaces. To use FCoE, the switch must be 5000 Series switches, FCoE capability is included in the Storage Protocol Services License. Before using FCoE capabilities, ensure that: • The - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 400
to distribute the configuration data to all the connected adapters. DCBX Capabilities The DCBX capabilities supported by Cisco Nexus 5000 Series switches are described in the following topics: • FCoE, page page 31-3. 29-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 401
service, does not support the manual configuration override for each parameter negotiated using DCBX. The override takes effect if the adapter does not support DCBX, or if the adapter does not support support the following capabilities: • FCoE If the adapter supports the adapter supports PFC, the - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 402
the capability remains disabled. • If the adapter does not support the DCBX capability, the capability remains disabled. • If the Note The Cisco Nexus 5000 Series switch provides CLI commands to manually override the results of the negotiation with the adapter. On Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 403
the setting with the connected adapter. FCoE will not be enabled on the interface if the adapter does not support FCoE. If the mode is set it to on, the negotiation result is ignored and FCoE is set this interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 29-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 404
includes the following topics: • Configuring Global LLDP Commands, page 29-7 • Configuring Interface LLDP Commands, page 29-7 29-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 405
receive. The following example shows how to set an interface to transmit LLDP packets: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 29-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 406
msg_tx_interval 30 seconds The following example shows how to display LLDP counters: switch# show lldp traffic 29-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 407
Interfaces Cisco Nexus 5000 Series switches support Fibre Channel over Ethernet (FCoE), which bound to an FCoE-enabled Ethernet interface. FCoE is supported on 10-Gigabit Ethernet interfaces. • Each virtual FCoE is not supported on private VLANs. OL-16597-01 Cisco Nexus 5000 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 408
Enters configuration mode. Enters VLAN configuration mode. VLAN number is in the range of 1 to 4096. 30-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 409
Channel interface: switch# configure terminal switch(config)# no interface vfc 4 switch(config-if)# exit OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 30-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 410
sfpIsAbsen -- -- 1500 -- Interface Status IP Address Speed MTU mgmt0 up 172.16.24.41 100 1500 30-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 411
Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) vfc 1 1 F -- down -- -- -- OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 30-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 412
Verifying Virtual Interface Information Chapter 30 Configuring Virtual Interfaces Send feedback to [email protected] 30-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 413
Send feedback to [email protected] PART 6 Quality of Service - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 414
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 415
C H A P T E R Configuring QoS This chapter describes how to configure the quality of service (QoS) features on the Cisco Nexus 5000 Series switch. This chapter includes the following sections: • Policies, page 31-5 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 31-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 416
The following QoS parameters can be specified for a system class: • Drop No drop specifies lossless service for the system class. Drop specifies that tail drop is used when a queue for this system configurable. 31-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 417
and FCoE control and data traffic is automatically classified into the FCoE system class, which provides no-drop service. This class is created automatically when the system starts up (the class is named class-fcoe in OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 31-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 418
IEEE 802.1p CoS value to identify the classes that require lossless service. In the switch, each system class has an associated IEEE 802.1p • The switch sends the MTU configuration to network adapters that support DCBXP. Trust Boundaries The trust boundary is enforced by the Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 419
the adapter does not support DCBX protocol (or the Each Ethernet interface supports up to eight is serviced before This traffic is serviced by one multicast all six queues to service the multicast traffic (all Optimized multicast is supported on the BF is supported on all versions of the - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 420
drop classes and the link-level pause feature is never enabled on an interface with PFC. 31-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 421
note the following guidelines: • Service policies configured on port channel interfaces are applied to all members of the to become operational. Configuring PFC and LLC Cisco Nexus 5000 Series switches support PFC and LLC on Ethernet interfaces. The Ethernet interface can operate Guide 31-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 422
interface: switch# configure terminal switch(config)# interface ethernet 1/2 switch(config-if)# flowcontrol receive on transmit on 31-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 423
page 31-9 • Configuring Policy Maps, page 31-10 • Creating the System Service Policy, page 31-11 • System Class Example, page 31-11 • criteria for classifying the packets. For system classes, the only match criteria supported is match cos. If a system class is configured with no-drop Guide 31-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 424
classes. The switch provides two default system classes: a no-drop class for lossless service and a drop class for best-effort service. You can define up to four additional system classes for Ethernet traffic. You need 10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 425
[email protected] Note Policy maps can also be configured for interface service policies. However, different parameters are supported in these policy maps. See the "Configuring QoS on Interfaces" section -drop OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 31-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 426
)# system qos switch(config-system)# service-policy jumbo Note The system jumbomtu command defines the maximum MTU size for the switch. However, jumbo MTU is only supported for system classes that have mtu font): 31-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 427
31-13 • Configuring Egress Policies, page 31-14 Configuring Ingress Policies An ingress policy is a service policy applied to incoming traffic on an Ethernet interface. The ingress policy is applied in the class. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 31-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 428
switch(config)# interface ethernet 1/1 switch(config-if)# service-policy input policy1 Configuring Egress Policies An egress policy is a service policy applied to the outgoing traffic on an Ethernet queue. 31-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 429
The service policy on a port channel overrides any service policy configuration on individual member interfaces. switch(config-if)# service-policy output 20 switch(config)# interface ethernet 1/1 switch(config-if)# service-policy output policy1-egress OL-16597-01 Cisco Nexus 5000 Series - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 430
Configuring QoS on Interfaces Chapter 31 Configuring QoS Send feedback to [email protected] 31-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 431
Send feedback to [email protected] PART 7 SAN Switching - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 432
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 433
switches, Fibre Channel capability is included in the Storage Protocol Services license. Ensure that you have the correct license installed (N5010SS can configure virtual Fibre Channel interfaces without a Storage Protocol Services license, but these interfaces will not become operational until the - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 434
server) or as an uplink (connected to the data center SAN network). The Fibre Channel interfaces support the following modes: F, NP, E, TE, and SD. Virtual Fibre Channel Interfaces Fibre Channel over in F mode. 32-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 435
between switches for configuration and fabric management. They serve as a conduit between switches for frames destined to remote N ports. E ports support class 3 and class F service. An E port connected to another switch may also be configured to form a SAN port channel (see Chapter 36, "Configuring - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 436
operating as an N port. An F port can be attached to only one N port. F ports support class 3 service. NP Port When the switch is operating in NPV mode, the interfaces that connect the switch to the core . 32-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 437
down, you disable the interface. No traffic is received or transmitted. See Table 32-4. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 438
isolated because the switch is already configured with the maximum number of active SAN port channels. 32-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 439
Channel interfaces provide flow control based on capabilities of the underlying physical Ethernet interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 440
). If the interface's operational state is up, it is also assigned a Fibre Channel ID (FC ID). 32-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 441
-id} Purpose Enters configuration mode. Selects a Fibre Channel interface and enters interface configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 442
-if)# switchport mode E | F | SD | auto Purpose For a virtual Fibre Channel, only the F port mode is supported. For a Fibre Channel interface, you can set the mode to E, F, or SD port mode. Set the mode to auto 32-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 443
traffic. The bit errors can occur for the following reasons: • Faulty or bad cable. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 444
slot/port Purpose Enters configuration mode. Selects a Fibre Channel interface and enters interface configuration mode. 32-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 445
port attributes, perform this task: Step 1 Command switch# configuration terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 446
multiple N port identifiers. Note All of the N port identifiers are allocated in the same VSAN. 32-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 447
the show interface fc slot/port transceiver command display both values for Cisco supported SFPs. Verifying Interface Information The show interface command displays interface configurations. If ... vfc 1 is up ... OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 448
The following example shows the interface display when showing the running configuration for a specific interface: 32-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 449
Interface speed Administrative state Trunk mode Default Auto n/a Shutdown (unless changed during initial setup) n/a OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 450
(continued) Parameters Trunk-allowed VSANs Interface VSAN EISL encapsulation Data field size Default n/a Default VSAN (1) n/a n/a 32-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 451
restart a new principal switch selection phase. See Figure 33-1 for an example fcdomain configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 452
-5 • About Incoming RCFs, page 33-5 • Rejecting Incoming RCFs, page 33-6 • About Autoreconfiguring Merged Fabrics, page 33-6 33-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 453
resolve a domain ID conflict, you must manually assign domain IDs. A disruptive restart is required to apply most configuration changes, including manually assigned domain IDs. Nondisruptive domain restarts are . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 454
in the specified VSAN. Reverts the priority to the factory default (128) in the specified VSAN. 33-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 455
option on virtual Fibre Channel interfaces, because these interfaces operate only in F port mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 456
different domain IDs in different VSANs. The domain ID is part of the overall FC ID. 33-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 457
assigns the requested domain ID if available. Otherwise, it assigns another available domain ID. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 458
fcdomain restart command if you want to apply the configured domain changes to the runtime domain. 33-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 459
you in the future if you need to implement IVR without the NAT feature. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 460
all Cisco SAN switches in the fabric using the Cisco Fabric Services (CFS) infrastructure. This feature allows you to synchronize the For more information about CFS, see Chapter 21, "Using Cisco Fabric Services." Enabling Distribution CFS distribution of allowed domain ID lists is disabled - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 461
abort vsan vsan-id Purpose Enters configuration mode. Discards the pending domain configuration changes. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 462
or unallowed domain IDs: 1-9,24,100,231-239. [User] configured allowed domain IDs: 10-230. 33-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 463
request is granted and the WWN with the initial FC ID association is released. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 464
or disk) is plugged into a port interface. Note If you connect to the switch from an AIX or HP-UX host, be sure to enable the persistent FC ID feature in the VSAN that connects these hosts. Note specified VSAN. 33-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 465
default, all added entries are static. Persistent FC IDs are configured on a per-VSAN basis. When manually configuring a persistent FC ID, follow these requirements: • Ensure that the persistent FC ID feature is enabled 16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 466
, the HBA port's area can be anything other than 77. The HBA port's FC ID must be manually configured to be different from the storage port's FC ID. Cisco Nexus 5000 Series switches facilitate this requirement vsan 1 33-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 467
use In use Not in use Action Not deleted Not deleted Not deleted Deleted OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 468
the unused option to view only persistent FC IDs that are still not in use. 33-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 469
rcf-reject Disabled Persistent FC ID Enabled Allowed domain ID list configuration distribution Disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33-19 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 470
Default Settings Chapter 33 Configuring Domain Parameters Send feedback to [email protected] 33-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 471
features. In fabric mode, each switch that joins a SAN is assigned a domain ID. Each SAN (or VSAN) supports a maximum of 239 domain IDs, so the SAN has a limit of 239 switches. In a SAN topology with a capabilities. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 34-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 472
to the entire switch. In NPV mode, a subset of fabric mode CLI commands and functionality is supported. For example, commands related to fabric login and name server registration are not required on the edge . 34-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 473
state change number (BB_SCN) of internal FLOGIs on an NP port is always set to zero. The BB_SCN is supported by the F port on the edge switch. We do not recommend using fWWN-based zoning on the edge switch zones. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 34-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 474
select the new NP uplink. Traffic Maps In Release 4.0(1a)N2(1) and later software releases, NPV supports traffic maps. A traffic map allows you to specify the NP uplinks that a server interface can use is moved. 34-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 475
If disruptive load balancing is not enabled, you can manually reinitialize some or all of the server interfaces to switch in the configuration commands. • Port tracking is not supported in NPV mode. • Port security is supported on the core switch for devices logged in through the NPV Guide 34-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 476
NP uplink. • If a server interface goes down and then returns to service, the interface is not guaranteed to be assigned to the same NP uplink. • NPV supports NPIV-capable module servers. This capability is called nested NPIV. • Only F, NP, and SD ports are supported in NPV Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 477
to an NP uplink, you should include this mapping in the traffic map configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 34-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 478
, perform the following task: Command switch# show npv flogi-table [all] Purpose Displays the NPV configuration. 34-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 479
NPV traffic map, enter the show npv traffic-map command. NPV Traffic Map Information: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 34-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 480
enabled disruptive load balancing is enabled External Interfaces Interface: fc2/1, VSAN: 2, FCID: 0x1c0000, State: Up ... 34-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 481
same physical link, using enhanced ISL (EISL) frame format (see Figure 35-1). VSAN trunking is supported on native Fibre Channel interfaces, but not on virtual Fibre Channel interfaces. Figure 35-1 VSAN Trunking OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 35-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 482
are not affected: the TE port continues to function in trunk mode, but only supports traffic in VSANs that it negotiated with previously (when the trunking protocol was enabled). Other trunking protocol. 35-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 483
Port Mode Trunking (EISL) TE port No trunking (ISL) E port No trunking (ISL) E port OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 35-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 484
allowed-active VSANs at the ends of the ISL become operational as shown in Figure 35-4. 35-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 485
VSAN 1, 2, and 5. Consequently, VSAN 2 can only be routed from switch 1 through switch 3 to switch 2. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 35-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 486
the switch. The following example shows how to display the trunk mode of a Fibre Channel interface: 35-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 487
Allowed VSAN list Trunking protocol Default On 1 to 4093 user-defined VSAN IDs Enabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 35-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 488
Default Settings Chapter 35 Configuring VSAN Trunking Send feedback to [email protected] 35-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 489
is diminished. The routing tables are not affected by link failure. Cisco Nexus 5000 Series switches support a maximum of four SAN port channels (with eight interfaces per port channel). A port channel number OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 36-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 490
link is selected for the first exchange of the flow is used for all subsequent exchanges. 36-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 491
, link 2 is chosen by the hash algorithm. Now all frames in exchange 2 use link 2. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 36-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 492
20 Channel Group 10 Channel Group 20 1 1 1 1 2 Switch A 3 2 Switch B 3 2 Switch A 3 2 Switch B 3 4 4 4 4 187235 Channel Group 1 Channel Group 2 36-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 493
message, the port channel's physical links are disabled because an error has been detected. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 36-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 494
group mode of the peer port. If the peer port, while configured in a channel group, does not support the port channel protocol, or responds with a nonnegotiable status, it will default to the On mode behavior. end. 36-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 495
is going down (see the "Setting the Interface Administrative State" section on page 32-9). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 36-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 496
a SAN Port Channel, page 36-10 • Deleting an Interface from a SAN Port Channel, page 36-11 36-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 497
the channel group does not exist, it is created. The port is shut down. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 36-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 498
you use the Active mode, then the port channel ports automatically recover from the deletion. 36-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 499
detection and synchronization capabilities. You can manually configure channel groups, or they can channel group. Cisco SAN switches support a protocol to exchange port channel switches. It uses the exchange peer parameters (EPP) services to communicate across peer ports in an ISL. Each Guide 36-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 500
If channel group autocreation is enabled, ISLs can be configured automatically into channel groups without manual intervention. Figure 36-7 shows an example of channel group autocreation. The first ISL comes . 36-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 501
channel is not persistent through a reboot. An autocreated SAN port channel can be manually configured to appear the same as a persistent SAN port channel. Once the SAN or before configuring the interface in a manually configured channel group. OL-16597-01 Cisco Nexus 5000 Series - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 502
persistence, be sure to enable it at both ends of the SAN port channel. Converting to Manually Configured Channel Groups You can convert autocreated channel group to a user-configured channel group using the . 36-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 503
76 , 80 - 256 Autocreated SAN port channels are indicated explicitly to help differentiate them from the manually created SAN port channels. The following example shows how to display an autocreated port channel: switch# show 01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 36-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 504
Default port channel mode Autocreation Default FSPF is enabled by default. Administratively up. On. Disabled. 36-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 505
instance of a VSAN runs all required protocols such as FSPF, domain manager, and zoning. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 37-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 506
virtual Fibre Channel interfaces. A VSAN can include a mixture of Fibre Channel and virtual Fibre Channel interfaces. 37-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 507
the needs of a particular department or application. VSAN Advantages VSANs offer the following advantages: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 37-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 508
VSAN layers increases the scalability of the SAN. • Per VSAN fabric services-Replication of fabric services on a per VSAN basis provides increased scalability and availability. • Redundancy-Several defined in VSAN 7. 37-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 509
state of a VSAN indicates that the VSAN is configured and enabled. By enabling a VSAN, you activate the services for that VSAN. - The suspended state of a VSAN indicates that the VSAN is configured but not enabled. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 37-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 510
selected VSAN. Negates the suspend command issued in the previous step. Returns you to EXEC mode. 37-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 511
method is referred to as dynamic port VSAN membership (DPVM). Cisco Nexus 5000 Series switches do not support DPVM. VSAN trunking ports have an associated list of VSANs that are part of an allowed list fc2/3 fc2/4 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 37-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 512
VSAN Membership The show vsan 4094 membership command displays all ports associated with the isolated VSAN. 37-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 513
in the system, then a command request to move a port to VSAN 10 is rejected. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 37-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 514
VSAN. Negates the suspend command entered in the previous step. Returns you to EXEC mode. 37-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 515
[email protected] About Interop Mode Interoperability enables the products of multiple vendors to connect with each other. Fibre Channel standards guide vendors to create common external Fibre Channel interfaces. For additional information, see the "Switch Interoperability" section on page 43 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 516
Default Settings Chapter 37 Configuring and Managing VSANs Send feedback to [email protected] 37-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 517
field. Advanced zoning capabilities specified in the FC-GS-4 and FC-SW-3 standards are supported. You can use either the existing basic zoning capabilities or the advanced, standards-compliant Guidelines, page 38-4 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 518
, the FC ID of the N port, or the fabric pWWN of the virtual Fibre Channel interface. 38-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 519
to only H2 and S2 in zone 3, and to H1 and S1 in zone 1. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 520
Zone 3 S2 79536 H3 Zone 2 S3 Zone Implementation Cisco Nexus 5000 Series switches automatically support the following basic zone features (no additional configuration is required): • Zones are contained in : 38-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 521
a new zone set. Figure 38-3 shows a zone being added to an activated zone set. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 522
E Zone set Z3 Zone A Zone C Zone D Full zone set 79948 After activating Zone set Z1 again 38-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 523
Configures a zone in the specified VSAN. Note All alphanumeric characters or one of the following symbols are supported. Configures a member for the specified zone based on the type (pWWN, fabric pWWN, FC ID, :ab OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 524
-11 • Creating Zone Sets and Adding Member Zones, page 38-12 • Zone Enforcement, page 38-13 38-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 525
Purpose Enters configuration mode. Activates the specified zone set. Deactivates the specified zone set. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 526
:67:89:ab). • FC ID-The N port ID is in 0xhhhhhh format (for example, 0xce00d1). 38-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 527
switch, enter the remote switch WWN (sWWN) or the domain ID in the particular VSAN. Tip The switch supports a maximum of 2048 aliases per VSAN. Creating FC Aliases To create an alias, perform this task: Step 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 528
to copy the running configuration to the startup configuration to explicitly store full zone sets. 38-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 529
before enabling them. See Chapter 39, "Distributing Device Alias Services" for details and requirements about device alias modes. Zone Enforcement frame, and prevents unauthorized access. Cisco Nexus 5000 Series switches support both hard and soft zoning. Zone Set Distribution You can Guide 38-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 530
full zone set information to the startup configuration. Note The one-time distribution of the full zone set is supported in interop 2 and interop 3 modes, and not in interop 1 mode. Use the show zone status vsan : 38-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 531
current active zone set (see Figure 38-5). • Export the current database to the neighboring switch. • Manually resolve the conflict by editing the full zone set, activating the corrected zone set, and then bringing up OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 532
zone-attribute-group, perform this task: Step 1 Command switch# configuration terminal Purpose Enters configuration mode. 38-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 533
Clearing a zone set only erases the full zone database, not the active zone database. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 534
The zoning feature complies with the FC-GS-4 and FC-SW-3 standards. Both standards support the basic zoning functionalities explained in the previous section and the enhanced zoning functionalities described 38-20 38-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 535
zone setting. Fabric-wide policy enforcement reduces troubleshooting time. To retrieve the results of nature of the problem from each remote eases the troubleshooting switch. process To fWWN-based zone membership is only supported in Cisco interop mode. Supports fWWN-based membership in The - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 536
, the enhanced zoning feature is disabled in all switches in the Cisco Nexus 5000 Series. 38-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 537
clear zone lock vsan command on the remote switches. switch# clear zone lock vsan 2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-21 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 538
. b. If the setting is allow, then the merge rules are used to perform the merge. 38-22 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 539
present on the switch, the system default zone commands have no effect on VSAN 1. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-23 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 540
delete excess zones and compact the zone database for the VSAN. Note A merge failure occurs when a switch supports more than 2000 zones per VSAN but its neighbor does not. Also, zone set activation can fail if the 38-24 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 541
zoning Default Denied to all members. The full zone set(s) is not distributed. Disabled. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38-25 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 542
Default Settings Chapter 38 Configuring and Managing Zones Send feedback to [email protected] 38-26 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 543
E R Distributing Device Alias Services Switches in the Cisco Nexus 5000 Series support Distributed Device Alias Services (device aliases) on a inaccurate device name may cause unexpected results. You can circumvent this problem if you define a user-friendly name for a pWWN and use Guide 39-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 544
fabric-wide distribution scope (see Chapter 21, "Using Cisco Fabric Services"). • Basic and enhanced modes. See the "Device Alias Modes use any zone member type to specify the end Only pWWNs are supported. devices. Configuration is contained within the zone server database and Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 545
Chapter 39 Distributing Device Alias Services Device Alias Databases Send feedback to [email protected] • Pending database-Your subsequent device alias configuration changes pwwn 21:01:00:e0:8b:2e:80:93 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 39-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 546
Device Alias Databases Chapter 39 Distributing Device Alias Services Send feedback to [email protected] Device Alias Modes You can specify that aliases operate zoning based on the new HBA's pWWN. 39-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 547
39 Distributing Device Alias Services Device Alias Databases Send feedback to the switches in the fabric. The same changes would have to be performed manually on all switches in the fabric to keep the device alias database up-to-date 5000 Series Switch CLI Software Configuration Guide 39-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 548
Device Alias Databases Chapter 39 Distributing Device Alias Services Send feedback to [email protected] • A copy of the effective database is obtained and this switch Operation: Abort Status: Success 39-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 549
Chapter 39 Distributing Device Alias Services Device Alias Databases Send feedback to [email protected] Fabric Lock Override You can use locking operations (clear CFS operation issued from this switch: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 39-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 550
39 Distributing Device Alias Services Send feedback to If the combined number of device entries in both databases exceeds the supported configuration limit, then the merge will fail. For example, if database "CFS Merge Support" section on page 21-6. 39-8 Cisco Nexus 5000 Series - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 551
Chapter 39 Distributing Device Alias Services Verifying Device Alias Configuration Send feedback to [email protected] Verifying Device Alias Configuration To or a zone-specific member pwwn command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 39-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 552
Default Settings Chapter 39 Distributing Device Alias Services Send feedback to [email protected] Default Settings Table 39-2 lists the default settings for Locked with the first device alias task. 39-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 553
Channel Routing Services and Protocols configure any FSPF services. FSPF automatically of a given path. FSPF supports multiple paths and automatically computes on Fibre Channel routing services and protocols. It following characteristics and features: • Supports multipath routing. • Bases path - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 554
Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to nx5000- Figure 40-2 shows this arrangement. Because switches in the Cisco Nexus 5000 Series support port channels, each pair of physical links can appear to the FSPF protocol Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 555
Chapter 40 Configuring Fibre Channel Routing Services and Protocols FSPF Global Configuration Send feedback to [email protected] Figure 40-2 Fault Tolerant Fabric with Redundant Links switch CPU time. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 556
FSPF Global Configuration Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] About Link State Records Each time a new and specifies the region ID. 40-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 557
Chapter 40 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Send feedback to [email protected] Resetting FSPF to the 40-7 • Configuring Dead Time Intervals, page 40-7 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 558
FSPF Interface Configuration Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] • About Retransmitting Intervals, page 40-7 Enters configuration mode. 40-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 559
Chapter 40 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Send feedback to [email protected] Step 2 Command switch(config)# interface both ends of the interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 560
FSPF Interface Configuration Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] Configuring Retransmitting Intervals To interface as passive. 40-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 561
Chapter 40 Configuring Fibre Channel Routing Services and Protocols FSPF Routes Send feedback to [email protected] Clearing FSPF Counters for an Interface Domain ID 3 Domain ID 7 79944 FC ID 111211 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 562
-Order Delivery Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to nx5000-docfeedback@cisco. the same order in which they were received. Use IOD only if your environment cannot support out-of-order frame delivery. Tip If you enable the in-order delivery feature, - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 563
Chapter 40 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery Send feedback to [email protected] This section includes the following topics: • one path to another faster path. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 564
In-Order Delivery Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] Figure 40-5 Switch 1 Link Congestion Delivery Frame Enters configuration mode. 40-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 565
Chapter 40 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery Send feedback to [email protected] Step 2 Command switch(config)# in- VSAN in a network, or for the entire switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 566
Flow Statistics Configuration Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] To configure the network and the switch Flow Statistics, page 40-16 40-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 567
Chapter 40 Configuring Fibre Channel Routing Services and Protocols Flow Statistics Configuration Send feedback to [email protected] About Flow Statistics If you switch# clear fcflow stats index 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 568
Default Settings Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] Displaying Flow Statistics Use the show equal cost paths to a given destination. 40-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 569
Chapter 40 Configuring Fibre Channel Routing Services and Protocols Default Settings Send feedback to [email protected] Table 40-2 Default FSPF Settings (continued switch to compute the multicast tree. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 40-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 570
Default Settings Chapter 40 Configuring Fibre Channel Routing Services and Protocols Send feedback to [email protected] 40-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 571
:00:1b:21:06:58:bc 10:00:00:1b:21:06:58:bc OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 41-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 572
to log in to the fabric and replace the first device in the name server database. 41-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 573
display the name server database details for all VSANs: switch# show fcns database detail OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 41-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 574
fcns statistics FDMI Cisco Nexus 5000 Series switches provide support for the Fabric-Device Management Interface (FDMI) functionality, Registered State Change Notification (RSCN) is a Fibre Channel service that informs hosts about changes in the fabric. Hosts can Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 575
generated to host H, and the RSCN payload lists the affected port IDs (in this case, both D1 and D2). Note Some Nx ports may not support multi-pid RSCN payloads. If so, disable the RSCN multi-pid option. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 576
to determine what changed. Domain format SW-RSCNs can cause problems with some non-Cisco SAN switches. For additional information, see the http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/interoperability/guide/intopgd.html To suppress the transmission of these SW-RSCNs over - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 577
for VSAN 10: switch# show rscn event-tov vsan 10 Event TOV : 1000 ms OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 41-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 578
the timeout value for each switch is configured manually, a misconfiguration occurs when different switches time out For additional information, see Chapter 21, "Using Cisco Fabric Services." RSCN supports two modes, distributed and nondistributed. In distributed mode, RSCN Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 579
for RSCN configuration distribution: switch# show cfs application name rscn Enabled Timeout : Yes : 5s OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 41-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 580
RSCN timer value RSCN timer configuration distribution Default 2000 milliseconds for Fibre Channel VSANs Disabled 41-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 581
the name server database and that are registered as FC4 Type = SCSI_FCP are discovered. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 42-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 582
the specified entry to the custom list. Deletes the specified domain ID from the custom list. 42-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 583
each operating system (Windows, AIX, Solaris, Linux, or HPUX): switch# show scsi-target pwwn OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 42-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 584
Displaying SCSI LUN Information Chapter 42 Discovering SCSI Targets Send feedback to [email protected] 42-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 585
protocol-related timer values for the switch by configuring the following timeout values (TOVs): • Distributed services TOV (D_S_TOV)-The valid range is from 5,000 to 10,000 milliseconds. The default is , page 43-4 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 586
specified VSAN. Suspends the VSAN temporarily. You have the option to end this command, if required. 43-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 587
store or commit the commands based on your configuration. See Chapter 21, "Using Cisco Fabric Services," for more information on the CFS application. Enabling or Disabling fctimer Distribution To enable or database. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 588
merge protocol is not implemented for distribution of the fctimer values. You must manually merge the fctimer values when a fabric is merged. - The per-VSAN before performing any more operations. See the "CFS Merge Support" section on page 21-6 for additional information. 43-4 Cisco - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 589
selection and the allocation of domain IDs rely on the WWN. Cisco Nexus 5000 Series switches support three network address authority (NAA) address formats (see Table 43-1). Table 43-1 Standardized NAA , page 43-6 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 590
on new MACs. Are you sure? (yes/no) no You entered: no. Secondary MAC NOT programmed 43-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 591
mode. By default, the interop FC ID allocation is set to auto, unless changed. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 592
view or obtain the company IDs in a specific WWN by entering the show fcid-allocation company-id-from-wwn command. Some WWN formats do not support company IDs. In these cases, you many need to configure the FC ID persistent entry. 43-8 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 593
to interwork with each other. Fibre Channel standards guide vendors towards common external Fibre Channel interfaces. Not Verifying Interoperating Status, page 43-12 About Interop Mode Cisco NX-OS software supports the following four interop modes: • Mode 1- Standards-based interop mode that - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 594
Time Out Value timers match exactly. Verify that the Distributed Services Time Out Value timers match exactly. Verify that the Resource Allocation Time Out Value timers match exactly. Trunking is not supported between two different vendor's switches. This feature may be disabled on Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 595
3 Change the Fibre Channel timers (if they have been changed from the system defaults). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 596
1 Verify the software version. switch# show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2008, Cisco Systems, Inc. All rights reserved. Hardware 43-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 597
Nov 26 18:12:23 2008 Reason: Reset Requested by CLI command reload System version: 4.0(1a)N1(1) Service: plugin Core Plugin, Ethernet Plugin Step 2 Verify if the interface states are as required by your 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 598
:00:51:1f [Local] 0x65(101) 10:00:00:60:69:22:32:91 [Principal] 43-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 599
Number of frame sent by the fcping feature 5 frames Remote capture connection protocol TCP OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 600
ID allocation mode Loop monitoring Interop mode Default Passive 10 frames Auto mode Disabled Disabled 43-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 601
could accidentally do so, resulting in Inter-Switch Link (ISL) isolation and link disruption. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 44-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 602
and DHCHAP Send feedback to [email protected] Cisco Nexus 5000 Series switches support authentication features to address physical security (see Figure 44-1). Figure 44-1 Switch and in this chapter. 44-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 603
@cisco.com DHCHAP DHCHAP is a mandatory password-based, key-exchange authentication protocol that supports both switch-to-switch and host-to-switch authentication. DHCHAP negotiates hash algorithms and DH DHCHAP. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 44-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 604
if the connecting device initiates DHCHAP authentication. • Off-The switch does not support DHCHAP authentication. Authentication messages sent to ports in this mode return error messages is performed. 44-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 605
(default). Note The reauthorization interval configuration is the same as setting it to zero (0). About the DHCHAP Hash Algorithm Cisco SAN switches support a default hash algorithm priority list of MD5 followed by SHA-1 for DHCHAP authentication. OL-16597-01 Cisco Nexus 5000 Series Switch CLI - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 606
followed by the SHA-1 hash algorithm. About the DHCHAP Group Settings All Cisco Nexus 5000 Series switches support all DHCHAP groups specified in the standard: 0 (null DH group, which does not perform the Diffie -6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 607
to 64 characters and can be specified in clear text (0) or in encrypted text (7). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 44-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 608
to the specified value. The unit is seconds. Reverts to the factory default of 30 seconds. 44-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 609
int fc 1/6 int fc 4/5 Password sent by MDS-9509 to NX5000 MDS-9509 187234 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 44-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 610
)# fcsp on MDS-9509# show fcsp dhchap database DHCHAP Local Password: Non-device specific password:******* 44-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 611
of MD5 followed by SHA-1 for DHCHAP authentication Auto-passive 0, 4, 1, 2, and 3, respectively 30 seconds OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 44-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 612
Default Settings Chapter 44 Configuring FC-SP and DHCHAP Send feedback to [email protected] 44-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 613
Port security is supported on virtual Fibre Auto-Learning, page 45-7 • Port Security Manual Configuration, page 45-10 • Port Security any SAN switch port and access SAN services based on zone membership. Port security features requires the Storage Protocol Services license. For additional - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 614
database to enforce authorization. About Auto-Learning You can instruct the switch to automatically learn (auto-learn) the port activate the port security feature for the first time as it saves tedious manual configuration for each port. You must configure auto-learning on a per Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 615
Port Security with Auto-Learning without CFS, page 45-4 • Configuring Port Security with Manual Database Configuration, page 45-5 Configuring Port Security with Auto-Learning and CFS Distribution To fabric. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 616
configuration database to the startup configuration. Repeat Step 1 through Step 6 for all switches in the fabric. 45-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 617
Send feedback to [email protected] Configuring Port Security with Manual Database Configuration To configure port security and manually configure the port security database, perform this task: Step 45-7 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 618
mode. Forces the port security database to activate for the specified VSAN even if conflicts occur. 45-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 619
Auto-Learning, page 45-8 • Auto-Learning Device Authorization, page 45-8 • Authorization Scenario, page 45-9 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 620
more switch 2 ports Requests Connection to Authorization A configured switch port Permitted Any other switch port Denied 45-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 621
F1. Denied 2 N1 is only allowed on F2. Permitted 1 No conflict. Permitted 1 No conflict. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 622
45-10 • Adding Authorized Port Pairs, page 45-11 WWN Identification Guidelines If you decide to manually configure port security, note the following guidelines: • Identify switch ports by the interface or by F port. 45-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 623
Chapter 45 Configuring Port Security Port Security Manual Configuration Send feedback to [email protected] • If an N port's nWWN is bound to an F port WWN, then the specified interface in any switch: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 624
, and enforce the port security policies throughout the fabric (see Chapter 21, "Using Cisco Fabric Services"). This section contains the following topics: • Enabling Distribution, page 45-12 • Locking the Fabric . 45-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 625
commit, the active database on all switches are identical and learning can be disabled. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 626
the configuration database and static (unlearned) entries in the active database. See the "CFS Merge Support" section on page 21-6 for detailed concepts. When merging the database between two fabrics, follow these 45-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 627
showing the active database and the configuration database status based on port security configurations. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 628
> Copying active database to config database 99301 45-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 629
, you need to commit the changes to the configuration databases in all the switches. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-17 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 630
in the VSAN from any switch in the VSAN. switch# clear port-security session vsan 5 45-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 631
enabled. Disabled. Disabled. Note Enabling distribution enables it on all VSANs in the switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45-19 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 632
Default Settings Chapter 45 Configuring Port Security Send feedback to [email protected] 45-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 633
Versus Fabric Binding, page 46-2 • Fabric Binding Enforcement, page 46-2 Licensing Requirements Fabric Binding requires the Storage Protocol Services license. For additional information, see Chapter 4, "Managing Licenses." OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 634
that are logging in if learning mode is enabled. Cannot be distributed by CFS and must be configured manually on each switch in the fabric. Can be distributed by CFS. Port-level checking for xE ports is database. 46-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 635
mode. Enables fabric binding on that switch. Disables (default) fabric binding on that switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 46-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 636
may be denied login by the config database. You can choose to forcefully override these situations. 46-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 637
command can be used when resolving conflicts. switch# fabric-binding database diff active vsan 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 46-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 638
-binding database active vsan 4 The following example displays fabric binding violations: switch# show fabric-binding violations 46-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 639
fabric binding feature. Table 46-2 Default Fabric Binding Settings Parameters Fabric binding Default Disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 46-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 640
Default Settings Chapter 46 Configuring Fabric Binding Send feedback to [email protected] 46-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 641
a fabric may consist of multiple VSANs. One instance of the FCS is present per VSAN. FCS supports the discovery of virtual devices. The fcs virtual-device-add command, entered in FCS configuration submode, allows S2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 47-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 642
the FCS management information base (MIB) to start discovery and obtain information about the fabric topology. • Support TE ports in addition to the standard F and E ports. • Can maintain a group of nodes platforms. 47-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 643
following example shows how to display the FCS local database: switch# show fcs database OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 47-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 644
-1 Default FCS Settings Parameters Global checking of the platform name Platform node type Default Disabled Unknown 47-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 645
ISL 2 fails between the two switches, recovery depends on TOVs, RSCNs, and other factors. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 48-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 646
Linked Ports, page 48-3 • Operationally Binding a Tracked Port, page 48-3 • About Tracking Multiple Ports, page 48-4 48-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 647
configure the tracked ports. Note This link symbolizes the direct link (1) in Figure 48-1. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 48-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 648
Port Tracking Port Channel FC 2/4 2 WAN or X MAN 1 X FC 3/2 FC FC X3 WAN or MAN 187237 48-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 649
port. The SAN interface san-port-channel 1 vsan 2 port channel link remains in effect. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 48-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 650
state forces the traffic to flow through the redundant path until the primary tracked port problems are resolved. When the problems are resolved and the tracked port is back up, you can explicitly enable the 2 48-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 651
Tracking Parameters Parameters Port tracking Operational binding Default Disabled Enabled along with port tracking OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 48-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 652
Default Port Tracking Settings Chapter 48 Configuring Port Tracking Send feedback to [email protected] 48-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 653
Send feedback to [email protected] PART 8 Troubleshooting - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 654
Send feedback to [email protected] - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 655
a monitored port, is a switched interface that you monitor for network traffic analysis. The switch supports any number of ingress source ports (up to the maximum number of available ports on the switch port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 49-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 656
all active ports in the source VLAN or VSAN are included as source ports. • The switch supports a maximum of two egress SPAN source ports. SPAN Destinations SPAN destinations refer to the interfaces that page 49-3 49-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 657
: • Configuring an Ethernet Destination Port, page 49-4 • Configuring Fibre Channel Destination Port, page 49-4 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 49-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 658
. Reverts to global configuration mode. Enters the monitor configuration mode. Configures the Fibre Channel destination port. 49-4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 659
direction can only be ingress and applies to all physical ports in the group. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 49-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 660
session: switch# configure terminal switch(config)# monitor session 2 switch(config-monitor)# description monitoring ports fc2/2-fc2/4 49-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 661
Purpose Suspends the specified SPAN session or all sessions. Note The Cisco Nexus 5000 Series switch supports two active SPAN sessions. When you configure more than two SPAN sessions, the first two sessions 2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 49-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 662
intf : rx : fc3/1 tx : fc3/1 both : fc3/1 source VLANs : rx : source VSANs : rx : 1 destination ports : Eth3/1 49-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 663
• Recovering a Lost Password, page 50-1 • Using Ethanalyzer, page 50-3 • Troubleshooting Fibre Channel, page 50-5 • show tech-support Command, page 50-8 • Default Settings, page 50-16 Recovering a Lost Password date OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 664
Recovering a Lost Password Chapter 50 Troubleshooting Send feedback to [email protected] Step 2 Step 3 roles:network-admin network-operator Assign a new . switch login: admin Password: 50-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 665
a command-line version of Wireshark that captures and decodes packets. You can use Ethanalyzer to troubleshoot your network and analyze the control-plane traffic. To configure Ethanalyzer, use one or more OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 666
Chapter 50 Troubleshooting Send feedback Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 667
on Wireshark, see the following URL: http://www.wireshark.org/docs/ Troubleshooting Fibre Channel This section describes troubleshooting methods to resolve issues with Fibre Channel. This section includes the OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 668
Fibre Channel Chapter 50 Troubleshooting Send feedback to [email protected] To perform the fctrace operation, perform one of these tasks: Command using the device alias of the destination N port. 50-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 669
Chapter 50 Troubleshooting Troubleshooting Fibre Channel Send feedback to [email protected] fcping The fcping feature verifies reachability of a node You can verify connectivity to a destination switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 670
troubleshooting purposes. The output of this command can be provided to technical support representatives when reporting a problem. The show tech-support command to 0 (zero) to disable auto-scrolling and enable manual scrolling. Use the show terminal command to view the configured Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 671
Chapter 50 Troubleshooting show tech-support Command Send feedback to [email protected] The default output of the show tech-support command includes the output of the following commands: • show nvram OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 672
brief command is useful when collecting information about the switch for troubleshooting purposes. The output of this command can be provided to technical support representatives when reporting a problem. Tip You can save the output of this command to a file by appending > (left arrow) and the - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 673
Chapter 50 Troubleshooting show tech-support Command Send feedback to [email protected] System Image IP Address/Mask Switch WWN No /34 sfpIsAbsen -- -- 1500 -- Ethernet1/35 up -- 10000 1500 -- OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 674
show tech-support Command Chapter 50 Troubleshooting Send feedback to [email protected] Ethernet1/36 Ethernet1/37 Ethernet1/38 Ethernet1/39 Ethernet1/40 sfpIsAbsen -sfpIsAbsen - internal event-history 50-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 675
50 Troubleshooting show tech-support Command Send feedback to [email protected] • show fcns internal event-log • show fcroute unicast • show fcs database • show fcs ie • show fctimer • show flogi database • show flogi internal info • show fspf • show fspf database • show tech-support - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 676
show tech-support Command Chapter 50 Troubleshooting Send feedback to [email protected] • show zone internal vsan 1-4093 • show zone internal change event- • show platform hardware fwm info vlan all 50-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 677
Chapter 50 Troubleshooting show tech-support Command Send feedback to [email protected] • show platform hardware fwm info pif all • show platform hardware • show platform afm info attachment brief OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50-15 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 678
default settings for the features included in this chapter. Table 50-1 Default Settings for Troubleshooting Features Parameters Default Timeout period to invoke fctrace 5 seconds Number of frame sent by mode 50-16 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 679
Series Switch have maximum configuration limits. For some of the features, we have verified configurations that support limits less that the maximum. Table 51-1 lists the Cisco verified limits and maximum limits 000 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 51-1 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 680
SPAN sessions; 1024 entries for VACL; 576 entries for PACL; 64 entries for QoS. 9. Each ASIC supports 256 counters to be shared among policers (ACL accounting, Fibre Channel Flow, etc.) Each counter can be enforced. 51-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 681
groups description 16-3 AAA servers specifying SNMPv3 parameters 16-10, 16-11 specifying user roles 16-11 specifying user roles in VSAs 16-10 AAA services configuration options 16-3 remote 16-2 security 16-1 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 682
notifications full-txt format for syslog 26-18 XML format for syslog 26-19 CDP configuring 5-7 IN-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 683
alias conversion 39-8 device IDs call home format 26-16 DHCHAP AAA authentication 44-8 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-3 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 684
38-23 enabling 38-20 merging databases 38-22 modifying database 38-21 E port mode classes of service 32-3 description 32-3 E ports configuring 32-9 fabric binding checking 46-2 FCS support 47-1 FSPF topologies 40-1 isolation 32-7 IN-4 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 685
-10, 33-13 default settings 33-19 description 33-1 disabling 33-5 displaying information 33-18, 33-19 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-5 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 686
+ 18-13 FLOGI description 41-1 displaying details 41-1 flow statistics clearing 40-15 counting 40-15 IN-6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 687
com description 40-14 displaying 40-15 forward-delay time MSTP 9-21 F port mode classes of service 32-4 description 32-3 F ports configuring 32-9 description 32-3 See also Fx ports frame encapsulation hello time MSTP 9-21 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-7 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 688
system ID 11-5 license key files description 4-2 installing key files 4-4 updating 4-4 licenses backing up 4-5 claim certificates 4-1 IN-8 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 689
identifying features in use 4-6 incremental 4-2 installation options 4-2 installing key files 4-4 installing manually 4-3 missing 4-2 node-locked 4-1 obtaining factory-installed 4-3 obtaining key files 4-4 PAK 9-22 MST region 9-13 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-9 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 690
NPIV description 32-13 enabling 32-14 NP links 34-2 N port identifier virtualization. See NPIV N ports FCS support 47-1 fctrace 50-5 hard zoning 38-13 zone enforcement 38-13 zone membership 38-2 See also Nx ports NP IN-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 691
description 36-6 PortChannel Protocol converting autocreated groups to manually configured 36-14 port channel Protocol autocreation 36-12 36-14 PortChannels default settings 36-16 show tech-support port-channel command 50-14 verifying configurations 36-15, Software Configuration Guide IN-11 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 692
to config (procedure) 45-7 deleting 45-18 displaying configuration 45-19 interactions 45-15 manual configuration guidelines 45-4 merge guidelines 45-14 reactivating 45-6 scenarios 45-15 port speeds configuring 12 IN-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 693
feedback to [email protected] displaying statistics 17-13 example configurations 17-14 manually monitoring 17-12 monitoring 17-2 verifying configuration 17-13 Rapid Spanning Tree Protocol diagnostics information 24-2 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-13 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 694
49-1 sources for monitoring 49-1 SPAN destination port mode. See SD port mode SPAN sources IN-14 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 695
17-14, 18-7, 18-13 configuring TCP ports 18-10 configuring timeout interval 18-9 displaying statistics 18-13 field descriptions 18-13 manually monitoring 18-12 monitoring 18-3 verifying configuration 18-13 TCP ports TACACS+ servers 18-10 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 696
TE port mode classes of service 32-4 description 32-4 TE ports fabric binding checking 46-2 FCS support 47-1, 47-2 fctrace 50-5 27-2 troubleshooting collecting output for technical support 50-8 fcping 50-6 fctrace 50-5 show tech-support command 50 Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 697
displaying usage 37-11 domain ID automatic reconfiguration 33-6 FC IDs 37-1 FCS support 47-1 OL-16597-01 features 37-1 flow statistics 40-14 FSPF 40-4 trunking ports 37-7 VSAs format 16-11 protocol options 16-11, 17-3 support description 16-11 VTP domains VLANs 6-3 W world wide names. See WWNs - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 698
membership using pWWNs 37-4 merge failures 32-7 renaming 38-16 restoring (procedure) 38-16 show tech-support zone command 50-12 viewing information 38-18 See also default zones See also enhanced zones See also -3 IN-18 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 699
Index Send feedback to [email protected] implementation 38-4 See also zones;zone sets 38-1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-19 - HP Cisco MDS 9020 | Cisco Nexus 5000 Series Switch CLI Software Configuration Gu - Page 700
Index Send feedback to [email protected] IN-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01
Send feedback to [email protected]
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Cisco Nexus 5000 Series Switch CLI
Software Configuration Guide
Software Release 4.0(1a)N1
January 2009
Text Part Number: OL-16597-01