HP Cisco Nexus 5000 Cisco Nexus 5000 Series Switch CLI Software Configuration
HP Cisco Nexus 5000 - Converged Network Switches Manual
View all HP Cisco Nexus 5000 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP Cisco Nexus 5000 manual content summary:
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 1
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide First Published: 07/17/2009 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 2
DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco StackPower, Cisco - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 3
Channel Interfaces 5 Management Interfaces 5 Cisco Nexus 5000 Series Switch Software 5 Ethernet Switching 5 FCoE and Fibre Channel Switching 5 QoS 6 Virtual Port Channels 6 Serviceability 6 Switched Port Analyzer 6 Ethanalyzer 6 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide iii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 4
Commands 18 Configuration Mode Commands 20 Using Commands 22 Listing Commands and Syntax 22 Entering Command Sequences 22 Undoing or Reverting to Default Values or Conditions 22 Using Keyboard Shortcuts 23 Using CLI Variables 24 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide iv OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 5
41 Adjusting for Daylight Saving Time or Summer Time 42 NTP Configuration 43 About NTP 43 NTP Configuration Guidelines 43 Configuring NTP 44 NTP CFS Distribution 45 Enabling NTP Distribution 45 Committing NTP Configuration Changes 45 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide v - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 6
55 Obtaining a Factory-Installed License 55 Performing a Manual Installation 56 Obtaining the License Key File 56 Installing the License Key File 56 Backing Up License Files 57 Identifying License Features in Use 58 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide vi OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 7
Interface Information 74 Default Physical Ethernet Settings 77 Configuring VLANs 79 Configuring VLANs 79 Information About VLANs 79 Understanding VLANs 79 Understanding VLAN Ranges 80 Creating, Deleting, and Modifying VLANs 81 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide vii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 8
Trunk Interfaces 101 Understanding IEEE 802.1Q Encapsulation 102 Understanding Access VLANs 103 Understanding the Native VLAN ID for Trunk Ports 104 Understanding Allowed VLANs 104 Understanding Native 802.1Q VLANs 104 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide viii OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 9
Priority 121 Verifying EtherChannel Configuration 122 Configuring Virtual Port Channels 123 Information About vPCs 123 vPC Overview 123 Terminology 125 vPC Terminology 125 Fabric Extender Terminology 125 Supported vPC Topologies 126 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide ix - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 10
the vPC Configuration 144 vPC Example Configurations 145 Dual Homed Fabric Extender vPC Configuration Example 145 Single Homed Fabric Extender vPC Configuration Example 146 vPC Default Settings 148 Configuring Rapid PVST+ 149 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide x OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 11
Spanning Port Cost 163 Port Priority 164 Rapid PVST+ and IEEE 802.1Q Trunks 164 Rapid PVST+ Interoperation with Legacy 802.1D STP 164 Rapid PVST+ Interoperation with 802.1s MST 165 Configuring Rapid PVST+ 165 Enabling Rapid PVST+ 165 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 12
PVST+: Understanding PVST Simulation 183 Configuring MST 183 MST Configuration Guidelines 183 Enabling MST 183 Entering MST Configuration Mode 184 Specifying the MST Name 185 Specifying the MST Configuration Revision Number 185 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xii OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 13
Guidelines 203 Configuring Spanning Tree Port Types Globally 203 Configuring Spanning Tree Edge Ports on Specified Interfaces 204 Configuring Spanning Tree Network Ports on Specified Interfaces 205 Enabling BPDU Guard Globally 206 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xiii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 14
Settings 224 Switch Security Features 225 Configuring Authentication, Authorization, and Accounting 227 Information About AAA 227 AAA Security Services 227 Benefits of Using AAA 228 Remote AAA Services 228 AAA Server Groups 229 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xiv OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 15
Keys 245 Configuring RADIUS Server Preshared Keys 246 Configuring RADIUS Server Groups 247 Allowing Users to Specify a RADIUS Server at Login 248 Configuring the Global RADIUS Transmission Retry Count and Timeout Interval 248 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xv - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 16
263 Configuring TCP Ports 263 Configuring Periodic TACACS+ Server Monitoring 264 Configuring the Dead-Time Interval 265 Manually Monitoring TACACS+ Servers or Groups 266 Disabling TACACS+ 266 Displaying TACACS+ Statistics 267 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xvi - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 17
Sessions 274 SSH Example Configuration 275 Configuring Telnet 276 Enabling Configuration 277 Default SSH Settings 277 Configuring Access Control Lists 279 Information About ACLs 279 IP ACL Types and Applications 279 Application Order 280 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 18
Statistics 292 Configuring VACLs 292 Creating or Changing a VACL 292 Removing a VACL 293 Applying a VACL to a VLAN 293 Verifying VACL Configuration 294 Displaying and Clearing VACL Statistics 294 Example Configuration for VACL 295 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xviii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 19
307 Example Scenario 307 Managing CFS Regions 307 Creating CFS Regions 307 Assigning Applications to CFS Regions 308 Moving an Application to a Different CFS Region 308 Removing an Application from a Region 309 Deleting CFS Regions 309 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 20
Session Manager 325 Configuring Session Manager 325 Information About Session Manager 325 Configuration Guidelines and Limitations 325 Configuring Session Manager 326 Creating a Session 326 Configuring ACLs in a Session 326 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xx OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 21
Configuration 345 Default System Message Logging Settings 346 Configuring Smart Call Home 349 Configuring Smart Call Home 349 Information About Call Home 349 Call Home Overview 349 Destination Profiles 350 Call Home Alert Groups 350 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 22
User-Based Security Model 377 CLI and SNMP User Synchronization 378 Group-Based SNMP Access 379 Configuration Guidelines and Limitations 379 Configuring SNMP 379 Configuring SNMP Users 379 Enforcing SNMP Message Encryption 379 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxii OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 23
FIP Virtual Link Instantiation 394 FCoE Frame Format 394 VLAN Tagging for FCoE Frames 394 FIP Ethernet Frame Format 395 Pre-FIP Virtual Link Instantiation 395 Information About DCBX 395 Data Center Bridging Exchange Protocol 395 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxiii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 24
413 Associating a Virtual Fibre Channel Interface to a VSAN 414 Verifying the Virtual Interface 414 Mapping VSANs to VLANs Example Configuration 416 Quality of Service 419 Configuring QoS 421 Information About QoS 421 MQC 422 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxiv OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 25
442 Enabling the Jumbo MTU 444 Verifying the Jumbo MTU 444 Configuring QoS on Interfaces 445 Configuring Untagged CoS 445 Configuring Interface Service Policy 446 Configuring Priority Flow Control and Link-Level Flow Control 447 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxv - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 26
468 Setting the Interface Administrative State 468 Configuring Interface Modes 469 Configuring the Interface Description 469 Configuring Port Speeds 470 Autosensing 470 Configuring SD Port Frame Encapsulation 470 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxvi OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 27
IDs 484 About Domain IDs 484 Specifying Static or Preferred Domain IDs 486 About Allowed Domain ID Lists 487 Configuring Allowed Domain ID Lists 487 About CFS Distribution of Allowed Domain ID Lists 488 Enabling Distribution 488 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxvii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 28
495 Default Fibre Channel Domain Settings 496 Configuring N Port Virtualization 497 Configuring N Port Virtualization 497 Information About NPV 497 NPV Overview Guidelines and Limitations 501 Configuring NPV 502 xxviii Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 29
SAN Port Channels 518 SAN Port Channel Configuration Guidelines 519 Creating a SAN Port Channel 520 SAN Port Channel Configuration Guidelines 520 About SAN Port Channel Deletion 521 Configuring Active Mode SAN Port Channel 521 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxix - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 30
538 About the Isolated VSAN 538 Displaying Isolated VSAN Membership 538 Operational State of a VSAN 538 About Static VSAN Deletion 539 Deleting Static VSANs 539 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxx OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 31
557 Copying Zone Sets 557 Renaming Zones, Zone Sets, and Aliases 558 Cloning Zones, Zone Sets, FC Aliases, and Zone Attribute Groups 558 Clearing the Zone Server Database 559 Verifying Zone Information 559 Enhanced Zoning 560 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxxi - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 32
572 Disabling and Enabling Device Alias Distribution 573 About Legacy Zone Alias Configuration 573 Importing a Zone Alias 574 Device Alias Database Merge Guidelines 574 Verifying Device Alias Configuration 574 xxxii Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 33
Routes 585 In-Order Delivery 586 About Reordering Network Frames 586 About Reordering SAN Port Channel Frames 587 About Enabling In-Order Delivery 587 Enabling In-Order Delivery Globally 588 Enabling In-Order Delivery for a VSAN 588 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 34
598 Verifying the RSCN Timer Configuration 598 RSCN Timer Configuration Distribution 599 Enabling RSCN Timer Configuration Distribution 599 Locking the Fabric 599 Committing the RSCN Timer Configuration Changes 599 xxxiv Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 35
Address 612 FC ID Allocation for HBAs 612 Default Company ID List 613 Verifying the Company ID Configuration 614 Switch Interoperability 614 About Interop Mode 615 Configuring Interop Mode 1 617 Verifying Interoperating Status 618 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxxv - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 36
637 Configuring Port Security with Auto-Learning and CFS Distribution 637 Configuring Port Security with Auto-Learning without CFS 638 Configuring Port Security with Manual Database Configuration 638 Enabling Port Security 638 xxxvi Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 37
Binding 653 Configuring Fabric Binding 653 Information About Fabric Binding 653 Licensing Requirements for Fabric Binding 653 Port Security Versus Fabric Binding 653 Fabric Binding Enforcement 654 Configuring Fabric Binding 654 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xxxvii - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 38
in a VSAN 668 Monitoring Ports in a VSAN 669 About Forceful Shutdown 669 Forcefully Shutting Down a Tracked Port 669 Displaying Port Tracking Information 670 Default Port Tracking Settings 670 Troubleshooting 671 xxxviii Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 39
Connectivity 688 show tech-support Command 689 show tech-support brief Command 691 show tech-support fc Command 693 show tech-support platform Command 695 Default Settings for Troubleshooting Features 697 Appendix 699 Configuration Limits 699 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 40
Contents Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xl OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 41
on the Cisco Nexus 5000 Series is T11-compliant. Fibre Channel over Ethernet, page 391 vPC Added the configuration 4.1(3)N1(1) Configuring Virtual Port of virtual Port Channels Channels, page 123 (vPC). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 41 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 42
New and Changed Information for the Cisco Nexus 5000 Series Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 42 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 43
switch configuration. Describes how to configure Ethernet interfaces, VLANs, STP, EtherChannels, trunks, the MAC address table, and IGMP snooping. Describes how to configure AAA, RADIUS, TACACS+, SSH/Telnet, and ACLs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 44
Channel capabilities including NPV, SAN port channels, zones, DDAS, FSPF, and security features. Describes how to perform basic troubleshooting. Presents the configuration limits of the Cisco Nexus 5000 Series and optionally any attached Cisco Nexus 2000 Series Fabric Extender. Document Conventions - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 45
Switch CLI Software Configuration Guide , Cisco NX-OS Release 4.1 Cisco Nexus 5000 Series Command Reference, Cisco NX-OS Release 4.1 Cisco Nexus 5000 Series Hardware Installation Guide Cisco Nexus 5000 Series System Messages Reference Cisco Nexus 5000 Series and Cisco Nexus 2000 Series Release Notes - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 46
as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide xlvi OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 47
switch. Optional expansion modules provide Fibre Channel ports and additional Ethernet ports. New Technologies in the Cisco Nexus 5000 Series Fibre Channel over Ethernet Fibre Channel over Ethernet (FCoE) allows Fibre Channel traffic to be encapsulated over a physical Ethernet link. FCoE frames use - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 48
server, the connection terminates to a converged network adapter (CNA). The adapter presents two interfaces to the server's operating system (OS): one Ethernet NIC interface and one Fibre Channel host bus adapter (HBA) interface. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 2 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 49
-effort service is applied to all of the Ethernet traffic. You can configure different QoS levels for specific classes of Ethernet traffic. Virtual Interfaces When FCoE is enabled, a physical Ethernet cable carries traffic for a logical Fibre Channel connection. The Cisco Nexus 5000 Series switch - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 50
Installation Guide for details about the optional expansion modules. Fabric Extender The Cisco Nexus 5000 Series switch supports the optional Cisco Nexus 2000 Series Fabric Extender. The Fabric Extender is a fixed configuration chassis designed to deliver additional connectivity and is configured - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 51
(to the servers) and native Fibre Channel interfaces (to the SAN). FCoE and Fibre Channel switching includes the following features: • Cisco fabric services • N-port virtualization • VSANs and VSAN trunking • Zoning OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 5 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 52
Channel and FCoE traffic. QoS can be configured to provide additional classes of service for Ethernet traffic. Virtual Port Channels A virtual port channel (vPC) allows links that are physically connected to two different Cisco Nexus 5000 Series switches or Cisco Nexus 2000 Series Fabric Extenders - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 53
You can configure Cisco Nexus 5000 Series switches using the command-line interface (CLI), the XML management interface over SSH, or SNMP as follows: • CLI -You can configure switches using the CLI from an SSH session, a Telnet session, or the console port. SSH provides a secure connection to the - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 54
blade switches that support 10-Gigabit Ethernet uplinks to the Cisco Nexus 5000 Series switch. The blade switches do not support FCoE, so there is no FCoE traffic and no Fibre Channel ports on the Cisco Nexus 5000 Series switch. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 55
, so the server ports are connected using 10-Gigabit Ethernet NICs. The servers are connected to the data center SAN through MDS 9134 SAN switches. The server Fibre Channel ports require standard Fibre Channel HBAs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 9 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 56
on the parent Cisco Nexus 5000 Series switch. All device configurations are managed on the Cisco Nexus 5000 Series switch and configuration information is downloaded using inband communication to the Fabric Extender. See the Cisco Nexus 2000 Series Fabric Extender Software Configuration Guide for an - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 57
be multiple Fibre Channel ports connected to each MDS 9000 Family switch, configured as SAN port channels. Supported Standards The following table lists the standards supported by the Cisco Nexus 5000 Series switches. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 11 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 58
.3ae 802.1Q 802.1p Overview Description MAC Bridges Multiple Spanning Tree Protocol Rapid Spanning Tree Protocol Link aggregation with LACP 10-Gigabit Ethernet VLAN Tagging Class of Service Tagging for Ethernet frames Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 12 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 59
I P A R T Configuration Fundamentals • Using the Command-Line Interface, page 15 • Initial Switch Configuration, page 29 • Managing Licenses, page 53 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 60
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 61
Cisco Nexus 5000 Series switch. Before You Begin Correctly set the console port parameters. Procedure Step 1 Make a Telnet connection from your host to the switch that you want to access. host$ telnet {hostname | ip-addr} OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 62
99:4b:c9:08:ac:c1:b6:05:71:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.13.42' (RSA) to the list of known hosts. switch Login: admin Password: password ... switch# exit Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 16 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 63
switch backs out of the current level and returns you to the previous level. When you type end, the switch backs out to the user EXEC level. You can also press Ctrl-Z in configuration mode as an alternative to typing end. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 64
a session on the switch, you begin in EXEC mode. From EXEC mode, you can enter configuration mode. Most of the EXEC commands are one-time commands, such as show commands, which display the current configuration status. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 18 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 65
Debugging functions (See also debug) unmount compact flash disk or usb drive Update license shows the cli context you are in Write current configuration xml agent Execute Zone Server commands Execute zoneset commands OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 19 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 66
Once you are in configuration mode, you can enter interface configuration mode, zone configuration mode, and a variety of protocol-specific modes. Configuration mode is the starting point for all configuration commands. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 20 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 67
-tree Spanning Tree Subsystem ssh Configure SSH parameters switchname Configure system's host name system system config command system System management commands tacacs+ Enable tacacs+ telnet Enable telnet OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 21 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 68
vrf vsan wwn xml zone zoneset Object tracking configuration commands Configure Switch wide trunk protocol Configure user information. Vlan commands Configure VRF parameters Enter the vsan configuration entered command. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 22 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 69
search backwards Note The difference between Tab completion and Alt-P or Alt-N is that pressing Tab completes the current word, while Alt-P and Alt-N completes a previously entered command. History search forwards OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 23 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 70
5000 Series CLI parser supports the definition and use of variables in CLI commands. CLI variables can be used as follows: • Entered directly on the command line. • Passed to the child script initiated using the run-script command. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 71
-24-21.29.33" testinterface="fc 1/1" Use the cli no var name command to remove user-defined CLI session variables. The following example removes a user-defined CLI session variable: switch# cli no var name testinterface OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 25 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 72
-script command executes the commands specified in a file. To use this command, be sure to create the file and specify commands in the required order. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 26 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 73
SFP is short wave laser w/o OFC (SN) Port WWN is 20:81:00:0d:ec:6b:cd:c0 Peer port WWN is 20:01:00:0d:ec:0d:d0:00 Admin port mode is auto, trunk mode is on snmp link state traps are enabled Port mode is TE Port . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 27 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 74
then waits for 10 seconds before executing the show scsi-target disk command. switch# show file bootflash:test-script discover scsi-target remote sleep 10 show scsi-target disk switch# run-script bootflash:test-script Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 28 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 75
, system, and upgradeable BIOS images. Starting the Switch A Cisco Nexus 5000 Series switch starts its boot process as soon as its power cord is connected to an A/C source. The switch does not have a power switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 29 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 76
, the BIOS image retains control and prints a message to the console at 9600 baud every 30 seconds that indicates a failure. The following figure shows the normal and recovery boot sequence. Figure 5: Boot Sequence Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 30 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 77
release notes for the related image file. Select and download the kickstart and system software files to a local server. Ensure that the required space is available in the bootflash: directory for the image file(s) to be copied. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 78
the specified images and saves the configuration to the startup configuration file. Step 10 After the switch completes the installation, log in and verify that the switch is running the required software version. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 32 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 79
of before you downgrade the switch software to a 4.0(0)-based release. See the Cisco Nexus 5000 Series and Cisco Nexus 2000 Series Release Notes for details. To downgrade the software on the switch, follow these steps: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 33 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 80
and saves the configuration to the startup configuration file. Step 3 After the switch completes the installation, log in and verify that the switch is running the required software version. Example: switch# show version Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 34 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 81
hardware installation. These tasks must be completed before you can configure the switch. Before you can configure a switch, follow these steps: Procedure Step 1 Verify the following physical connections for the new Cisco Nexus 5000 Series switch: • The console port is physically connected to - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 82
switch. Note Press Ctrl-C at any prompt to skip the remaining configuration options and proceed with what you have configured up to that point. Entering the new password for the administrator is a requirement and cannot be skipped. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 83
setup, you can create an additional user account (in the network-admin role) besides the administrator's account. a) Enter the user login ID. Example: Enter the user login ID: user_name b) Enter the user password. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 37 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 84
Enter the number of key bits within the specified range. Example: Enter the number of key bits? (768 to 2048): 768 Step 12 Enter yes (no is the default) to configure the NTP server and enter the IPv4 address for the NTP server. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 38 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 85
ssh system default switchport shutdown san system default switchport trunk mode on system default zone default-zone permit system default zone distribute full Would you like to edit the configuration? (yes/no) [n]: no OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 39 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 86
After the initial configuration, you can access the switch in a number of ways: • Serial console access-You can use a serial port connection to access the CLI. • Out-of-band access-You can use Telnet or SSH to access a Cisco Nexus 5000 Series switch or use the Cisco Data Center Network Manager - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 87
Configuring the Switch Configuring Date and Time Note This guide refers to a switch in the Cisco Nexus 5000 Series switch as switch , and it uses the switch# prompt. To change the name of the switch, perform this task: Procedure Step 1 Step 2 Command or Action switch# configure terminal - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 88
The daylight offset ranges from 1 through 1440 minutes, which are added to the start time and deleted time from the end time. switch(config)# no clock summer-time Disables the daylight saving time adjustment feature. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 42 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 89
, GPS clocks, or other radio clocks and are typically not directly connected to the network. Stratum 1 devices are directly attached to a Stratum 0 device as well as to the network and are referred to as time servers. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 43 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 90
10.10.10.9 switch(config)# ntp peer 10.10.10.1 Configuring NTP You can configure NTP using either IPv4 addresses, IPv6 addresses, or Domain Name Services (DNS) names. To configure NTP associations, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 44 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 91
When you commit the NTP configuration changes, the effective database is overwritten by the configuration changes in the pending database and all the switches in the fabric receive the same configuration. When you OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 45 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 92
limit of 64. NTP Session Status Verification To verify the status of the NTP session, use the show ntp session-status command. switch# show ntp session-status last-action : Distribution Enable Result : Success Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 46 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 93
management configuration mode. Step 7 Configure the IP address (IPv4 or IPv6) for the next hop: a) switch(config-vrf)# ip route ipv4-prefix[/ length] ipv4-nexthop-address Configures the IPv4 address of the next hop. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 47 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 94
the Switch Configuration You can view the ASCII form of the configuration file when required. To view the current configuration tree from the EXEC prompt, enter the show running-config command. If the running configuration is different Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 95
cd mystorage Displaying the Current Directory The pwd command displays the current directory location. This example changes the directory and displays the current directory: switch# cd bootflash: switch# pwd bootflash: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 49 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 96
directory, that file is overwritten by the moved file. This example moves the file called samplefile from the root directory to the mystorage directory: switch# move bootflash:samplefile bootflash:mystorage/samplefile Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 50 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 97
interface configuration to Samplefile which is a file created at the same directory level. At the EXEC mode switch prompt, enter a dir command to view all files in this directory, including the recently saved Samplefile. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 98
file that was compressed in the previous example: switch# gunzip Samplefile switch# dir 1525859 Jul 04 00:51:03 2003 Samplefile Usage for volatile:// 1527808 bytes used 19443712 bytes free 20971520 bytes total Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 52 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 99
object, or a legal contract. This permission is limited to the number of users, number of instances, time span, and the implemented switch. • Licensed application-A software feature that requires a license to be used. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 53 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 100
Package in the table). Table 6: Feature-Based Licenses Feature License Base Services Package Features This package is included with the switch hardware at no additional charge. It includes all available Ethernet Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 54 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 101
licenses for a new Cisco Nexus 5000 Series switch. To obtain a factory-installed license, perform this task: Procedure Step 1 Step 2 Step 3 Contact your reseller or Cisco representative and request this service. Note If you purchased Cisco support through a Cisco reseller, contact the reseller - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 102
the bootflash or the volatile directory. Related Topics • Backing Up License Files, page 57 • Grace Period Alerts, page 60 Installing the License Key File To install a license key file in any switch, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 56 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 103
save your license file to one of two locations; bootflash: or volatile:. The following example saves all licenses to a file named Enterprise.tar: switch# copy licenses bootflash:/Enterprise.tar Backing up license done OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 57 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 104
. Removing an evaluation license immediately triggers a grace period without service disruption. Caution Disable related features before uninstalling a license. The delete procedure fails if the license is in use. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 58 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 105
for your switch. The host ID is also referred to as the switch serial number. b) Obtain either your claim certificate or your proof of purchase document. This document accompanies every Cisco Nexus 5000 Series switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 59 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 106
the proof of purchase document. e) Access the specified URL that applies to your switch and enter the switch serial number and the PAK. The license key file is sent to you by e-mail. package. To suspend the grace period Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 60 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 107
www.cisco.com/warp/public/687/Directory/DirTAC.shtml Verifying the License Configuration To display the license configuration information, perform one of the following tasks: Procedure Step 1 switch# show license [brief] OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 108
license file. Step 3 switch# show license host-id Displays the host ID for the physical switch. Step 4 switch# show license usage Displays the usage information for installed licenses. Verifying the License Configuration Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 62 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 109
II PA R T LAN Switching • Configuring Ethernet Interfaces, page 65 • Configuring VLANs, page 79 • Configuring Private VLANs, page 87 • Configuring Access and Trunk Interfaces, page 101 • Configuring EtherChannels, page 111 • Configuring Virtual Port Channels, page 123 • Configuring Rapid PVST+, page - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 110
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 111
the ports on the lower expansion module (if populated). • Port number ◦ Port number within the group. The interface numbering convention is extended to support use with a Cisco Nexus 2000 Series Fabric Extender as follows: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 112
must support UDLD in order for the protocol to successfully identify and disable unidirectional links. Note By default, UDLD is locally disabled on copper LAN ports to avoid sending unnecessary control traffic on this type of media. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 113
port transitions to the forwarding state (with default spanning tree parameters). When you enable the UDLD aggressive mode, the following occurs: • One side of a link has a port stuck (both transmission and receive) OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 114
port debounce time is the amount of time that an interface waits to notify the supervisor of a link going down. During this time, the interface waits to see if the link comes back up. The wait period is a time when traffic is stopped. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 115
MTU Configuration The Cisco Nexus 5000 Series switch is a Layer 2 device. This means it does not fragment frames. As a result, the switch cannot have two ports in the same Layer 2 domain with different maximum transmission units (MTUs). A per-physical Ethernet interface MTU is not supported. Instead - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 116
type slot/port Enters interface configuration mode for the specified interface. This interface must have a 1-Gigabit Ethernet SFP transceiver inserted into it. switch(config-if)# speed speed Sets the speed on the interface. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 70 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 117
10 to 255 seconds; the default is 180 seconds. Use the no form of the command to return to its default setting. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 71 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 118
the timer by specifying a debounce time of 0. You can show the debounce times for all of the Ethernet ports by using the show interface debounce command. To enable or disable the debounce timer, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 72 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 119
all of the interface functions and marks the interface as being down on all monitoring displays. This information is communicated to other OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 73 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 120
of all interfaces. switch# show interface debounce Displays the debounce status of all interfaces. switch# show interface flowcontrol Displays the detailed listing of the flow control settings on all interfaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 74 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 121
: rx-(off/on),tx-(off/on) Rate mode: none QOS scheduling: rx-(6q1t),tx-(1p6q0t) CoS rewrite: no ToS rewrite: no SPAN: yes UDLD: yes Link Debounce: yes Link Debounce Time: yes MDIX: no FEX Fabric: yes OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 75 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 122
-BA Eth1/5 Note From Cisco NX-OS Release 4.0(1a)N1(1), the default value of the device ID field for CDP advertisement has been changed from the chassis serial number to the hostname and serial number, as in the example above. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 76 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 123
Duplex Auto (full-duplex) Encapsulation MTU2 ARPA 1500 bytes Port Mode Access Speed Auto (10000) 2 MTU cannot be changed per-physical Ethernet interface. You modify MTU by selecting maps of QoS classes. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 77 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 124
Default Physical Ethernet Settings Displaying Interface Information Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 78 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 125
VLANs on the Cisco Nexus 5000 Series switch. It contains the following sections: • Configuring VLANs, page 79 Configuring VLANs You can use virtual LANs (VLANs) to divide the network into separate logical areas. VLANs can also be considered as broadcast domains. Any switch port can belong to - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 126
slightly differently. The switch is physically limited in the number of VLANs it can support. The hardware also shares this available range with its VSANs The following table describes the details of the VLAN ranges. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 80 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 127
unused until ports are assigned to the specific VLAN. All the ports are assigned to VLAN1 by default. Depending on the range of the VLAN, you can configure the following parameters for VLANs (except the default VLAN): OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 81 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 128
} from the VLAN configuration submode. You cannot delete VLAN1 or the internally allocated VLANs. This example shows how to create a range of VLANs from 15 to 20: switch# configure terminal switch(config)# vlan 15-20 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 82 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 129
This example shows how to configure optional parameters for VLAN 5: switch# configure terminal switch(config)# vlan 5 switch(config-vlan)# name accounting switch(config-vlan)# state active switch(config-vlan)# no shutdown OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 130
shows all VLANs defined in the range of 1 to 21. switch# show running-config vlan 1-21 version 4.0(1a)N1(1) vlan 1 vlan 5 The following example shows the VLANs created on the switch and their status: switch# show vlan Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 84 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 131
Primary Secondary Type Ports The following example shows the VLAN settings summary: switch# show vlan summary Number of existing VLANs :2 Number of existing user VLANs :2 Number of existing extended VLANs : 0 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 85 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 132
Verifying VLAN Configuration Configuring VLANs Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 86 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 133
Configuration, page 100 Information About Private VLANs A private VLAN partitions the Ethernet broadcast domain of a VLAN into subdomains, allowing you to isolate the ports on the switch communicate with the associated OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 87 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 134
port but not with ports in other community VLANs. Figure 9: Private VLAN Domain Note ports in other community VLANs or in any isolated VLANs at the Layer 2 level. Private VLAN Ports The three types of private VLAN ports are as follows: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 135
can configure multiple community VLANs in a private VLAN domain. The ports within one community can communicate, but these ports cannot communicate with ports in any other community or isolated VLAN in the private VLAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 89 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 136
ports. With a promiscuous port, you can connect a wide range of devices as access points to a private VLAN. For example, you can use a promiscuous port ports (community and isolated ports) in the secondary VLAN are brought down. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 90 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 137
an isolated VLAN and a promiscuous port on the Fabric Extender. However as its host interfaces are not intended to be connected to another switch or router, you cannot enable a promiscuous port on Fabric Extender. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 91 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 138
• Mapping Secondary VLANs to Same MSTI as Primary VLANs for Private VLANs, page 188 Configuring a Private VLAN Enabling Private VLANs You must enable private VLANs on the switch to use the private VLAN functionality. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 92 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 139
} Removes the private VLAN configuration from the specified VLAN(s) and returns it to normal VLAN mode. If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 93 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 140
VLAN and configure it as the previous secondary VLAN. Before You Begin Ensure that the private VLAN feature is enabled. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 94 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 141
private-vlan Associates the port with the primary and secondary host-association {primary-vlan-id} VLANs of a private VLAN. The secondary VLAN {secondary-vlan-id} can be either an isolated or community VLAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 95 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 142
5 and secondary isolated VLAN 200: switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# switchport mode private-vlan promiscuous switch(config-if)# switchport private-vlan mapping 5 200 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 96 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 143
two steps. First, you define the port as an isolated trunk port and then you configure the association between the isolated and primary VLANs. Multiple isolated VLANs can be enabled by configuring multiple associations. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 97 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 144
ports can carry traffic from regular VLANs along with private VLANs. Before You Begin Ensure that the private VLAN feature is enabled. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 145
This port can be on a Fabric Extender (identified by the chassis option). switch(config-if)# switchport private-vlan Sets the native VLAN ID for the private VLAN trunk native {vlan vlan-id} trunk. The default is VLAN 1. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 146
features (some of the output has been removed for brevity): switch# show feature Feature Name fcsp ... interface-vlan private-vlan udld ... Instance -------1 1 1 1 State -------enabled enabled enabled disabled Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 100 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 147
of multiple VLANs over a single link and allow you to extend VLANs across the network. Note Cisco NX-OS supports only IEEE 802.1Q-type VLAN trunk encapsulation. This chapter describes the configuration of access or trunk ports on Cisco Nexus 5000 Series switches. It includes the following sections - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 148
.1Q Encapsulation A trunk is a point-to-point link between the device and another networking device. Trunks carry the traffic of multiple VLANs over a single link and allow you to extend VLANs across an entire network. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 102 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 149
. Note If you assign an access VLAN that is also a primary VLAN for a private VLAN, all access ports with that access VLAN will also receive all the broadcast traffic for the primary VLAN in the private VLAN mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 103 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 150
on all the directly connected Ethernet and EtherChannel interfaces of the Cisco Nexus 5000 Series switch. It is also supported on all the host interface ports of any attached Cisco Nexus 2000 Series Fabric Extender. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 104 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 151
) like an edge port and immediately moves to the forwarding state without passing through the blocking and learning states. Configuring an interface as an access host port also disables EtherChannel on that interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 105 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 152
can carry traffic for all VLANs. To specify that only certain VLANs are allowed on the specified trunk, use the switchport trunk allowed vlan command. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 106 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 153
4094. VLANs 3968 to 4047 are the default VLANs {vlan-list}]} reserved for internal use by default; this group of VLANs is OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 107 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 154
tag (Optional) native Disables dot1q (IEEE 802.1Q) tagging for all native VLANs on all trunked ports on the switch. switch# show vlan dot1q tag native (Optional) Displays the status of tagging on the native VLANs. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 108 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 155
configuration switch# show interface switchport Displays information for all Ethernet interfaces, including access and trunk interfaces. switch# show interface brief Displays interface configuration information. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 156
Configuring Native 802.1Q VLANs Verifying Interface Configuration Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 110 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 157
up to 16 ports into a static EtherChannel or you can enable the Link Aggregation Control Protocol (LACP). Configuring EtherChannels with LACP requires slightly different steps than configuring static EtherChannels. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 111 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 158
• MTU The Cisco Nexus 5000 Series switch only supports system level MTU. This attribute cannot be changed on an individual port basis. • Broadcast/Unicast/Multicast Storm Control setting • Priority-Flow-Control • Untagged CoS Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 112 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 159
configuration uses the following criteria to select the link: • For a Layer 2 frame, it uses the source and destination MAC addresses. • For a Layer 3 frame and destination IP address • Destination TCP/UDP port number OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 113 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 160
same link in that EtherChannel; using source addresses or IP addresses might result in better load balancing. Understanding LACP LACP Overview Note You must enable the LACP feature before you can configure and use LACP functions. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 161
-group number on each port configured to use LACP. The administrative key defines the ability of a port to aggregate with other ports. A port's ability to aggregate with other ports is determined by these factors: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 115 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 162
when you do not know whether the remote system, or partner, supports LACP. Ports can form an LACP EtherChannel when they are in different LACP modes as long as the modes are compatible as in the following examples: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 116 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 163
an EtherChannel You can create an EtherChannel before creating a channel group. Cisco NX-OS automatically creates the associated channel group. Note If you want LACP-based EtherChannels, you need to enable LACP. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 117 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 164
does not already exist. This is called implicit EtherChannel creation. switch(config-if)# no channel-group (Optional) Removes the port from the channel group. The port reverts to its original configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 118 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 165
of Cisco NX-OS, the source-dest-ip, source-dest-mac, and source-dest-port keywords were source-destination-ip, source-destination-mac, and source-destination-port, respectively. Related Topics • Enabling LACP, page 120 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 119 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 166
passive} After LACP is enabled, you configure each link or the entire channel as active or passive. When you run EtherChannels with no associated protocol, the channel mode is always on. The default channel mode is on. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 120 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 167
each link in the LACP EtherChannel for the port priority. Before You Begin Ensure that you have enabled the LACP feature. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 168
channel numbers. switch# show port-channel database Displays information on current running of the EtherChannel feature. switch# show port-channel load-balance Displays information about load-balancing using EtherChannels. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 122 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 169
the vPC Configuration, page 144 • vPC Example Configurations, page 145 • vPC Default Settings, page 148 Information About vPCs vPC Overview A virtual port channel (vPC) allows links that are physically connected to two different Cisco Nexus 5000 Series switches or Cisco Nexus 2000 Series Fabric - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 170
peer link, and all of the EtherChannels in the vPC domain connected to the downstream device. You can have only one vPC domain ID on each vPC peer device. Note Always attach all vPC devices using EtherChannels to both vPC peer devices. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 171
switches. • vPC peer-keepalive link-The peer-keepalive link monitors the vitality of a vPC peer Cisco Nexus 5000 Series device. The peer-keepalive link sends configurable, periodic keepalive messages between vPC peer devices. No data or synchronization traffic moves over the vPC peer-keepalive link - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 172
as a Link Aggregation Control Protocol (LACP) or non-LACP EtherChannel. For further information about the Fabric Extender, refer to the Cisco Nexus 2000 Series Fabric Extender Software Configuration Guide. Supported vPC Topologies Cisco Nexus 5000 Series Switch vPC Topology You can connect a pair - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 173
number of single homed servers. The topology shown in the following figure provides the vPC functionality to singly connected servers with 1-Gigabit Ethernet uplink interfaces. Figure 17: Dual Homed Fabric Extender vPC Topology OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 174
About vPCs vPC Domain The Cisco Nexus 5000 Series switch can support up to 12 configured dual homed Fabric Extenders with this topology. A maximum of 480 single homed servers can be connected to this configuration. You can use the vPC domain ID to identify the vPC peer links and the ports that - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 175
peer-keepalive link. Note We recommend that you configure the vPC peer-keepalive link on the Cisco Nexus 5000 Series switch to run in the management VRF using the mgmt 0 interfaces. If you configure the default VRF, ensure that the vPC peer link is not used to carry the vPC peer-keepalive messages - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 176
a VLAN interface configured for the same VLAN on both ends and they must be in the same administrative and operational mode. Those VLANs configured on only one switch of the peer link do not pass traffic using the vPC or peer Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 130 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 177
critical parameters. vPC peer switches have separate control planes. After configuring the vPC peer link, you should display the configuration on each vPC peer switch to ensure that the configurations are compatible. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 131 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 178
Assurance is enabled on all vPC peer links We recommend that you configure Rapid PVST+ so that the primary device is the root for all VLANs and configure MST so that the primary device is the root for all instances. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 132 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 179
vPC peer link interfaces to the STP network port type so that Bridge Assurance is automatically enabled on all vPC peer links. We also recommend that you do not enable any of the STP enhancement features on VPC peer links. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 180
guidelines and limitations: • You must enable the vPC feature before you can configure vPC peer-link and vPC interfaces. • You must configure the peer-keepalive link before the system can form the vPC peer link. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 134 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 181
Copies the running configuration to the startup configuration. This example shows how to enable the vPC feature: switch# configure terminal switch(config)# feature vpc Disabling vPCs You can disable the vPC feature. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 135 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 182
domain-id ; the range is from 1 to 1000. Note You can also use the vpc domain command to enter the vpc-domain configuration mode for an existing vPC domain. (Optional) Displays brief information about each vPC domain. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 136 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 183
vpc peer-keepalive (Optional) Displays information about the configuration for the keepalive messages. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 184
all vPC interfaces. Parameter Default Setting switch# show vpc consistency-parameters {global Displays the status of those parameters that must be | interface port-channel channel-number} consistent across all vPC interfaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 138 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 185
Note See the Cisco Nexus 2000 Series Fabric Extender Software Configuration Guide for information on attaching a Fabric Extender to a Cisco Nexus 5000 Series switch. Before You Begin Ensure that you have enabled the vPC feature. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 186
terminal Enters configuration mode. switch(config)# interface Selects the EtherChannel that you want to put into the vPC to port-channel channel-number connect to the downstream switch, and enters the interface configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 140 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 187
configuration. This example shows how to configure an EtherChannel that will connect to the downstream device: switch# configure terminal switch(config)# interface port-channel 20 switch(config-if)# vpc 5 Manually Configuring a vPC Domain MAC Address You create the vPC peer link by designating - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 188
priority that you want for the specified vPC domain. The range of values is from 1 to 65535. The default value is 32667. (Optional) Displays information about each vPC, including information about the vPC peer link. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 142 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 189
(Optional) Displays information about each vPC, including information about the vPC peer link. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 143 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 190
vPCs. Note This command displays the vPC statistics only for the vPC peer device that you are working on. For detailed information about the fields in the output from these commands, see the Cisco Nexus 5000 Series Command Reference. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 191
port-channel 20 NX-5000-1(config-if)# vpc peer-link NX-5000-1(config-if)# exit Step 4 Configure the Fabric Extender NX-2000-100. NX-5000-1(config)# fex 100 NX-5000-1(config-fex)# pinning max-links 1 NX-5000-1(fex)# exit OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 192
Note The following example only shows the configuration of NX-5000-1 which is connected to the Fabric Extender NX-2000-100. You must repeat these steps on its vPC peer, NX-5000-2, which is connected to the Fabric Extender NX-2000-101. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 193
4 Note VLAN 900 must not be trunked across the vPC peer-link because it carries the vPC peer-keepalive messages. There must be an alternative path between switches NX-5000-1 and NX-5000-2 for the vPC peer-keepalive messages. Configure the vPC peer link as a two port Etherchannel. NX-5000-1(config - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 194
vPC Parameters Parameters vPC system priority Default 32667 vPC peer-keepalive message Disabled vPC peer-keepalive interval 1 second vPC peer-keepalive timeout 5 seconds vPC peer-keepalive UDP port 3200 vPC Default Settings Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 195
convergence. Related Topics • Rapid PVST+ and IEEE 802.1Q Trunks, page 164 • Rapid PVST+ Interoperation with Legacy 802.1D STP, page 164 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 149 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 196
port for each switched segment. Understanding the Bridge ID Each VLAN on each switch has a unique 64-bit bridge ID consisting of a bridge priority value, an extended system ID (IEEE 802.1t), and an STP MAC address allocation. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 197
a switch bridge ID (used by the spanning tree algorithm to determine the identity of the root bridge, the lowest being preferred) as a multiple of 4096. Only the following values are possible: •0 • 4096 • 8192 • 12288 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 151 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 198
forward the frame but instead uses the information in the frame to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission. A BPDU exchange results in the following: • One switch is elected as the root bridge. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 152 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 199
When the spanning tree topology is calculated based on default parameters, the path between source and destination end stations in a switched network might not be ideal. For instance, connecting higher-speed links OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 153 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 200
. Note We recommend that you configure all ports connected to a host as edge ports. • Root ports-If Rapid PVST+ selects a new root port, it blocks the old root port and immediately transitions the new root port to the forwarding state. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 201
switch is interacting with switches that are running legacy 802.1D STP. The proposal and agreement sequence then quickly propagates toward the edge of the network and quickly restores connectivity after a topology change. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 202
bits of the flag byte to add the role and state of the port that originates the BPDU, and the proposal and agreement handshake. The the switch to detect connected legacy (802.1D) bridges. The BPDU for 802.1D is version 0. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 156 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 203
command. This proposal/agreement handshake is initiated only when a non-edge port moves from the blocking to the forwarding state. The handshaking process then proliferates step-by-step throughout the topology. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 157 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 204
point-to-point link or when a switch has two or more connections to a shared LAN segment. A backup port provides another path in the topology to the switch. • Disabled port-Has no role within the operation of the spanning tree. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 158 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 205
in frame forwarding. • Learning-The LAN port prepares to participate in frame forwarding. • Forwarding-The LAN port forwards frames. • Disabled-The LAN port does not participate in STP and is not forwarding frames. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 159 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 206
in the forwarding state forwards frames. The LAN port enters the forwarding state from the learning state. A LAN port in the forwarding state performs as follows: • Forwards frames received from the attached segment. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 160 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 207
ports are synchronized. An individual port on the switch is synchronized if either of the following applies: • That port is in the blocking state. • It is an edge port (a port configured to be at the edge of the network). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 208
information (such as a higher switch ID or higher path cost) that is inferior to what is currently stored for the port. If a designated port receives an inferior BPDU, it immediately replies with its own information. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 162 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 209
Table 17: Default Port Cost Bandwidth 10 Mbps Short Path-cost Method of Port Cost 100 Long Path-cost Method of Port Cost 2,000,000 100 Mbps 19 200,000 1 Gigabit Ethernet 4 20,000 10 Gigabit Ethernet 2 2,000 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 163 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 210
bit set. However, if the TC-while timer (the same as the TC timer in 802.1D) is active on a root port connected to an 802.1D switch and a configuration BPDU with the TCA set is received, the TC-while timer is reset. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 164 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 211
disrupts traffic because all spanning tree instances are stopped for the previous mode and started for the new mode. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 165 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 212
topology of the network. Do not disable spanning tree in a VLAN without ensuring that there are no physical loops present in the VLAN. Spanning tree serves as a safeguard against misconfigurations and cabling errors. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 166 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 213
a software switch as the primary root bridge. The vlan-range value can be 2 through 4094 (except reserved VLAN values.) The dia default is 7. The hello-time can be from 1 to 10 seconds, and the default value is 2 seconds. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 214
number in the forwarding state and blocks other LAN ports. The software uses the port priority value when the LAN port is configured as an access port and uses VLAN port priority values when the LAN port is configured as a trunk port. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 215
| auto] value, depending on the pathcost calculation method, can be as follows: • short-1 to 65535 • long-1 to 200000000 Note You configure this parameter per interface on access ports and per VLAN on trunk ports. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 169 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 216
You can configure the Rapid PVST+ hello time for a VLAN. Note Be careful when using this configuration. For most situations, we recommend that you configure the primary root and secondary root to modify the hello time. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 170 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 217
time value can be from 6 to 40 seconds, and the default is 20 seconds. This example shows how to configure the maximum aging time for a VLAN: switch# configure terminal switch(config)# spanning-tree vlan 5 max-age 36 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 171 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 218
PVST+ on an Ethernet interface: switch# clear spanning-tree detected-protocol interface ethernet 1/8 Verifying Rapid PVST+ Configurations To display Rapid PVST+ configuration information, perform one of these tasks: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 172 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 219
.7841 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type Eth1/3 Root FWD 2 128.131 P2p Peer(STP) veth1/1 Desg FWD 2 128.129 Edge P2p OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 173 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 220
Restarting the Protocol Verifying Rapid PVST+ Configurations Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 174 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 221
number of STP instances required to support a large number of VLANs. MST improves the fault tolerance of the network because a failure in one instance (forwarding path) does not affect other instances (forwarding paths). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 222
other Rapid PVST+ regions and 802.1D spanning tree protocols. Note We recommend that you do not partition the network into a large number of regions. MST BPDUs Each region has only all M-records are encapsulated in Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 176 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 223
CST IST, CIST, and CST Overview Unlike Rapid PVST+, in which all the STP instances are independent, MST establishes and maintains IST, CIST, and CST spanning trees, as follows: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 177 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 224
a network, MST establishes and maintains the CST, which includes all MST regions and all 802.1w and 802.1D STP switches in the network. The MSTIs combine with the IST at the boundary of the region to become the CST. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 178 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 225
parameters are used only within an MST region, compared to external parameters that are used throughout the whole network. Because the CIST is the only spanning tree instance that spans the whole network, only the CIST OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 179 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 226
bridge. A designated port knows that it is on the boundary if it detects an STP bridge or receives an agreement proposal from an MST bridge with a different configuration or a Rapid PVST+ bridge. This definition allows two ports Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 180 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 227
B is the designated, not root port. As a result, switch A blocks (or keeps blocking) its port, which prevents the bridging loop. The block is shown as an STP dispute. Figure 30: Detecting a Unidirectional Link Failure OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 181 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 228
a single spanning tree switch or a switch with a different MST configuration. Note MST interoperates with the Cisco prestandard MSTP whenever it receives prestandard MSTP on an MST port; no explicit configuration is necessary. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 182 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 229
Enabling MST You must enable MST; Rapid PVST+ is the default. Caution Changing the spanning tree mode disrupts traffic because all spanning tree instances are stopped for the previous mode and started for the new mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 183 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 230
in the MST configuration mode to assign the MST configuration parameters, as follows: • MST name • Instance-to-VLAN mapping • MST revision number • Synchronize primary and secondary VLANs in private VLANs Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 184 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 231
Configuration Revision Number You configure the revision number on the bridge. For two or more bridges to be in the same MST region, they must have the identical MST name, VLAN-to-instance mapping, and MST revision number. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 232
1 vlan 1-63 command to map VLANs 1 through 63 to MST instance 1. To specify a VLAN series, enter a comma; for example, enter the instance 1 vlan 10, 20, 30 command to map VLANs 10, 20, and 30 to MST instance 1. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 186 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 233
-MSTI mapping, the system restarts MST. Note You cannot disable an MSTI. For two or more bridges to be in the same MST region, they must have the identical MST name, VLAN-to-instance mapping, and MST revision number. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 187 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 234
-mst)# private-vlan synchronize Purpose Enters configuration mode. Enters MST configuration submode. Automatically maps all secondary VLANs to the same MSTI and their associated primary VLAN for all private VLANs. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 188 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 235
bridge. The range is from 1 to 10 seconds; the default is 2 seconds. Step 3 switch(config)# no spanning-tree (Optional) mst instance-id root Returns the switch priority, diameter, and hello time to default values. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 189 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 236
, MST puts the interface with the lowest interface number in the forwarding state and blocks the other interfaces. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 190 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 237
the path cost when selecting an interface to place into the forwarding state. A lower path cost represents higher-speed transmission as follows: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 191 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 238
, 57344, and 61440. The system rejects all other values. This example shows how to configure the priority of the bridge to 4096 for MSTI 5: switch# configure terminal switch(config)# spanning-tree mst 5 priority 4096 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 192 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 239
is from 4 to 30, and the default is 15 seconds. This example shows how to configure the forward-delay time of the switch to 10 seconds: switch# configure terminal switch(config)# spanning-tree mst forward-time 10 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 193 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 240
Globally You can block this automatic feature either globally or per port. You can enter the global command, and change the PVST simulation setting for the entire switch while you are in interface command mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 194 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 241
. switch(config-if)# no spanning-tree Sets the interface to the switch-wide MST and Rapid mst simulate pvst PVST+ interoperation that you configured using the spanning-tree mst simulate pvst global command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 195 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 242
on specified interfaces. Procedure Step 1 Command or Action switch# clear spanning-tree detected-protocol [interface interface [interface-num | port-channel]] Purpose Restarts MST on entire switch or specified interfaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 196 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 243
MST configuration: switch# show spanning-tree mst configuration % Switch is not in mst mode Name [mist-attempt] Revision 1 Instances configured 2 Instance Vlans mapped 0 1-12,14-41,43-4094 1 13,42 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 197 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 244
Restarting the Protocol Verifying MST Configurations Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 198 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 245
or learning states. (This immediate transition was previously configured as the Cisco-proprietary feature PortFast.) Interfaces that are connected to hosts should not receive STP Bridge Protocol Data Units (BPDUs). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 199 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 246
shuts down all spanning tree edge ports when they receive a BPDU. BPDU Guard provides a secure response to invalid configurations, because you must manually put the LAN interface back in service after an invalid configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 200 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 247
port state and BPDU Filtering is disabled. Default Enable Disable Disable Default Disable Not applicable Disable Disable Not applicable Not applicable Disable Enable Not applicable Not applicable Enable OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 248
STP state. In this way, Root Guard enforces the position of the root bridge. You cannot configure Root Guard globally. Note You can enable Root Guard on all spanning tree port types: normal, edge, and network ports. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 202 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 249
ports. This port type network default assumes all ports are connected to switches and bridges. If you enable Bridge Assurance, it automatically runs on network ports. By default, spanning tree ports are normal port types. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 250
-tree port type disable command. Before You Begin Ensure that STP is configured. Ensure that the interface is connected to hosts. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 204 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 251
terminal switch(config)# interface type slot/port Purpose Enters configuration mode. Specifies the interface to configure, and enters the interface configuration mode. The interface can be a physical Ethernet port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 205 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 252
Guard on specified interfaces as follows: • spanning-tree bpduguard enable-Unconditionally enables BPDU Guard on the interface. • spanning-tree bpduguard disable-Unconditionally disables BPDU Guard on the interface. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 206 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 253
they effectively filter outbound BPDUs. If a BPDU is received on an edge port, it immediately loses its operational edge port status and BPDU Filtering is disabled. Before You Begin Ensure that STP is configured. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 207 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 254
prevents the device from receiving or sending BPDUs on this port. Before You Begin Ensure that STP is configured. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 208 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 255
ports. By default, global Loop Guard is disabled. This example shows how to enable Loop Guard on all spanning tree normal or network ports: switch# configure terminal switch(config)# spanning-tree loopguard default OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 256
show running-config spanning-tree [all] Displays the current status of spanning tree on the switch switch# show spanning-tree [options] Displays selected detailed information for the current spanning tree configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 210 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 257
a specified number of seconds, it is removed from the address table. Configuring MAC Addresses Configuring a Static MAC Address You can configure MAC addresses for the switch. These addresses are static MAC addresses. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 211 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 258
1000000; the default is 300 seconds. Entering the value 0 disables the MAC aging. If a VLAN is not specified, the aging specification applies to all VLANs. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 212 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 259
Eth1/3 1 001c.b05a.5380 dynamic 200 Eth1/3 Total MAC Addresses: 2 This example shows how to display the current aging time: switch# show mac-address-table aging-time Vlan Aging Time 1 300 13 300 42 300 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 213 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 260
Clearing Dynamic Addresses from the MAC Table Verifying the MAC Address Configuration Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 214 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 261
IGMPv1, and IGMPv3 supports IGMPv2. Although not all features of an earlier version of IGMP are supported, the features related to membership query and membership report messages are supported for all IGMP versions. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 215 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 262
that want to receive multicast data for a particular group. Note Cisco NX-OS ignores the configuration of last member query interval when you enable the fast leave feature because it does not check for remaining hosts. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 216 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 263
message, specifying the IP multicast group to join. Alternatively, when the switch receives a general query from a connected router, it forwards the query to all interfaces, physical and virtual from its IGMP cache. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 217 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 264
to the router must be in the selected VLAN. Static group Configures an interface belonging to a VLAN as a static member of a multicast group. You can disable IGMP snooping either globally or for a specific VLAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 218 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 265
Configures an interface belonging to a VLAN as a static snooping static-group member of a multicast group. You can specify the interface group-ip-addr [source by type and number. source-ip-addr] interface interface OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 266
enabled, address 172.16.24.1, currently running Explicit tracking enabled Fast leave enabled Report suppression enabled Router port detection using PIM Hellos, IGMP Queries Number of router-ports: 1 Number of groups: 1 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 220 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 267
the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 221 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 268
level. Traffic Storm Guidelines and Limitations When configuring the traffic storm control level, follow these guidelines and limitations: • You can configure traffic storm control on a port-channel interface. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 222 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 269
channel number] counters storm-control Displays the traffic storm control configuration for the interfaces. Note Traffic storm control uses a 10-microsecond interval that can affect the operation of traffic storm control. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 270
configuration. Traffic Storm Control Example Configuration The following example shows how to configure traffic storm control: switch# configure terminal switch(config)# interface ethernet 1/4 switch percentage 100 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 224 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 271
III PA R T Switch Security Features • Configuring Authentication, Authorization, and Accounting, page 227 • Configuring RADIUS, page 241 • Configuring TACACS+, page 255 • Configuring SSH and Telnet, page 269 • Configuring Access Control Lists, page 279 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 272
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 273
key provides security for communication between the switch and AAA servers. You can configure a common secret key for all AAA servers or for only a specific AAA server. AAA security provides the following services: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 227 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 274
session used to access the Cisco Nexus 5000 Series switches. You can use this information to generate reports for troubleshooting and auditing purposes. You can store accounting logs locally or send them to remote AAA servers. Note The Cisco NX-OS software supports authentication, authorization, and - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 275
are the servers that can be selectively configured in a RADIUS server group on the Nexus 5000 Series switches. The following table describes the AAA authentication methods that you can configure for the AAA services. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 229 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 276
Service Console login authentication AAA Methods Server groups, local, and none User login authentication Server groups, local, and none User management session accounting Server groups and local Note the shell. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 230 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 277
for Remote AAA Remote AAA servers have the following prerequisites: • At least one RADIUS or TACACS+ server must be IP reachable. • The Cisco Nexus 5000 Series switch is configured as a client of the AAA servers. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 231 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 278
to create a named group of servers. Before you configure console login authentication methods, configure RADIUS or TACACS+ server groups as needed. To configure console login authentication methods, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 232 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 279
only The default method is local. Before you configure default login authentication methods, configure RADIUS or TACACS+ server groups as needed. To configure default login authentication methods, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 233 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 280
login authentication failure messages. error-enable The default is disabled. switch(config)# exit Exits configuration mode. switch# show aaa authentication (Optional) Displays the login failure message configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 234 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 281
# configure terminal Purpose Enters configuration mode. switch(config)# aaa authentication login Enables MS-CHAP authentication. The default mschap enable is disabled. switch(config)# exit Exits configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 282
the running configuration to the startup configuration. Related Topics • About VSAs, page 237 Configuring AAA Accounting Default Methods The Cisco Nexus 5000 Series switch supports TACACS+ and RADIUS methods for accounting. The switches report user activity to TACACS+ or RADIUS security servers in - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 283
following attributes are supported by the Cisco Nexus 5000 Series switches: • roles-Lists all the roles assigned to the user. The value field is a string that stores the list of group names delimited by white space. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 237 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 284
a start time for the log output. switch# clear accounting log (Optional) Clears the accounting log contents. Verifying AAA Configuration To display AAA configuration information, perform one of the following tasks: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 238 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 285
method Default local Default authentication method local Login authentication failure messages Disabled MSCHAP authentication Disabled Default accounting method local Accounting log display length 250 KB OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 239 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 286
Specifying Switch User Roles and SMNPv3 Parameters on AAA Servers Default AAA Settings Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 240 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 287
packets, bytes, and so on) used during the session. An Internet service provider (ISP) might use a freeware-based version of the RADIUS access control and accounting software to meet special security and billing needs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 241 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 288
), or EXEC services. • Connection parameters, including the host or client IPv4 or IPv6 address, access list, and user timeouts. RADIUS Server Monitoring An unresponsive RADIUS server can cause delay in processing of AAA requests. You can configure the Cisco Nexus 5000 Series switch to periodically - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 289
. • Accounting- Used in accounting-request packets. If a value contains any white spaces, you should enclose the value within double quotation marks. The Nexus 5000 Series switch supports the following attributes: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 243 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 290
of 64 RADIUS servers on the Cisco Nexus 5000 Series switch. Configuring RADIUS Servers To configure RADIUS servers, perform this task: Procedure Step 1 Step 2 Step 3 Step 4 Establish the RADIUS server connections to the Cisco Nexus 5000 Series switch. Configure the preshared secret keys for the - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 291
specify a clear text ( 0 ) or encrypted ( 7 ) preshared key. The default format is clear text. The maximum length is 63 characters. By default, no preshared key is configured. Exits configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 245 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 292
. Note The preshared keys are saved in encrypted form in the running configuration. Use the show running-config command to display the encrypted preshared keys. (Optional) Copies the running configuration to the startup configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 293
-server (Optional) group [group-name] Displays the RADIUS server group configuration. switch(config)# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 247 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 294
# configure terminal switch(config)# radius-server retransmit count Purpose Enters configuration mode. Specifies the retransmission count for all RADIUS servers. The default retransmission count is 1 and the range is from 0 to 5. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 248 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 295
configuration mode. switch# show radius-server (Optional) Displays the RADIUS server configuration. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 296
Exits configuration mode. switch(config)# show radius-server (Optional) Displays the RADIUS server configuration. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 297
unresponsive. The default value is 0 minutes. The valid range is 1 to 1440 minutes. switch(config)# exit Exits configuration mode. switch# show radius-server (Optional) Displays the RADIUS server configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 251 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 298
. (Optional) Copies the running configuration to the startup configuration. Manually Monitoring RADIUS Servers or Groups To manually send a test message to a RADIUS server or to a server group, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 252 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 299
# show radius-server statistics {hostname | ipv4-address | ipv6-address} Purpose Displays the RADIUS statistics. The following example shows how to display statistics: switch# show radius-server statistics 10.10.1.1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 253 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 300
count Retransmission timer interval Idle timer interval Periodic server monitoring username Periodic server monitoring password Default Authentication and accounting 0 minutes 1 5 seconds 0 minutes test test Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 254 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 301
reliable transfers with a connection-oriented protocol. • Encrypts the entire protocol payload between the switch and the AAA server to ensure higher data confidentiality. The RADIUS protocol only encrypts passwords. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 255 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 302
for all TACACS+ server configurations on the Cisco Nexus 5000 Series switch to use. You can override the global preshared key assignment by explicitly using the key option when configuring an individual TACACS+ server. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 256 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 303
Protocol (SNMP) trap is generated and the Cisco Nexus 5000 Series switch displays an error message that a failure is taking place before it can impact performance. Figure 35: TACACS+ Server States Note The monitoring interval for alive servers and dead servers are different and can be configured by - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 304
the Cisco Nexus 5000 Series switch. Configuring TACACS+ TACACS+ Server Configuration Process To configure TACACS+ servers, perform this task: Procedure Step 1 Step 2 Step 3 Step 4 Step 5 Enable TACACS+. Establish the TACACS+ server connections to the Cisco Nexus 5000 Series switch. Configure the - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 305
the preshared key values for the remote TACACS+ servers. To configure global preshared keys, perform this task: Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 259 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 306
is 63 characters. This preshared key is used instead of the global preshared key. switch(config)# exit Exits configuration mode. switch# show tacacs-server (Optional) Displays the TACACS+ server configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 260 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 307
is 0 minutes. The range is from 0 through 1440. Note If the dead-time interval for a TACACS+ server group is greater than zero (0), that value takes precedence over the global dead-time value. Exits configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 261 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 308
Nexus 5000 Series switch waits for responses from all TACACS+ servers before declaring a timeout failure. The timeout interval determines how long the switch waits for responses from TACACS+ servers before declaring a timeout failure. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 309
. Configuring TCP Ports You can configure another TCP port for the TACACS+ servers if there are conflicts with another application. By default, Cisco Nexus 5000 Series switches use port 49 for all TACACS+ requests. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 263 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 310
TACACS+ server monitoring is not performed. To configure periodic TACACS+ server monitoring, perform this task: Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 264 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 311
# configure terminal Purpose Enters configuration mode. switch(config)# tacacs-server deadtime Configures the global dead-time interval. The minutes default value is 0 minutes. The range is from 1 to 1440 minutes. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 265 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 312
tacacs+ switch(config)# exit switch# copy running-config startup-config Purpose Enters configuration mode. Disables TACACS+. Exits configuration mode. (Optional) Copies the running configuration to the startup configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 266 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 313
)# aaa group server tacacs+ TacServer switch(config-tacacs+)# server 10.10.2.2 switch(config-tacacs+)# use-vrf management Default TACACS+ Settings The following table lists the default settings for TACACS+ parameters. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 267 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 314
+ Dead timer interval Timeout interval Idle timer interval Periodic server monitoring username Periodic server monitoring password Default Disabled 0 minutes 5 seconds 0 minutes test test About Configuring TACACS+ Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 268 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 315
SSH and Telnet, page 269 Configuring SSH and Telnet Information About SSH and Telnet SSH Server The Secure Shell Protocol (SSH) server feature enables a SSH client to make a secure, encrypted connection to a Cisco Nexus 5000 Series switch. SSH uses strong encryption for authentication - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 316
the SSH server key. | rsa [bits [force]]} The bits argument is the number of bits used to generate the key. The range is 768 to 2048 and the default value is 1024. Use the force keyword to replace an existing key. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 270 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 317
mode. Configures the SSH public key in SSH format. Exits global configuration mode. (Optional) Displays the user account configuration. (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 271 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 318
switch(config)# exit switch# show user-account switch# copy running-config startup-config Note The username command example generate an SSH public key in PEM-Formatted Public Key Certificate form and perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 272 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 319
this task: Procedure Step 1 Command or Action switch# clear ssh hosts Purpose Clears the SSH host sessions. Disabling the SSH Server By default, the SSH server is enabled on the Cisco Nexus 5000 Series switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 273 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 320
# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. Clearing SSH Sessions To clear SSH sessions from the Cisco Nexus 5000 Series switch, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 274 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 321
+DQBsDQH6rZt0KR+2Da8hJD4Z XIeccWk0gS1DQUNZ300xstQsYZUtqnx1bvm5Ninn0McNinn0Mc= Step 5 Save the configuration. switch(config)# copy running-config startup-config OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 275 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 322
5000 Series switch, perform this task: Procedure Step 1 Command or Action switch# telnet hostname Purpose Creates a Telnet session to a remote device. The hostname argument can be an IPv4 address, an IPv6 address, or a device name. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 323
SSH server Default Enabled SSH server key RSA key generated with 1024 bits RSA key bits for generation 1024 Telnet server Enabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 277 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 324
Default SSH Settings Configuring SSH and Telnet Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 278 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 325
and Applications The Cisco Nexus 5000 Series switch supports IPv4, IPv6, and MAC ACLs for security traffic filtering. The switch allows you to use IP ACLs as port ACLs and VLAN ACLs, as shown in the following table. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 279 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 326
(L2TP) traffic. Implicit Rules IP ACLs have implicit rules, which means that although these rules do not appear in the running configuration, the switch applies them to traffic when no other rules in an ACL match. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 280 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 327
The switch supports sequence numbers for rules. Every rule that you enter receives a sequence number, either assigned by you or assigned automatically by the switch. Sequence numbers simplify the following ACL tasks: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 281 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 328
a "gt 10" couple to a destination port, both couples would also be stored in half an LOU, resulting in the use of one whole LOU. Any additional rules using a "gt 10" couple would not result in further LOU usage. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 282 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 329
can remove it and recreate it with the desired changes. If you need to add more rules between existing rules than the current sequence numbering allows, you can use the resequence command to reassign sequence numbers. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 283 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 330
. Removing an ACL does not affect the configuration of interfaces where you have applied the ACL. Instead, the switch considers the removed ACL to be empty. To remove an IP ACL from the switch, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 284 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 331
to the startup configuration. Applying an IP ACL as a Port ACL You can apply an IPv4 or IPv6 ACL to a physical Ethernet interface or a EtherChannel. ACLs applied to these interface types are considered port ACLs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 285 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 332
about an IP ACL, including the number of packets that have matched each rule. For detailed information about the fields in the output from this command, refer to the Cisco Nexus 5000 Series Command Reference. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 286 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 333
in the ACL. switch# show mac access-lists name (Optional) Displays the MAC ACL configuration. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 287 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 334
for the ACL. switch# show mac access-lists name (Optional) Displays the MAC ACL configuration. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 288 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 335
receives a number larger than the preceding rule. The difference in numbers is determined by the increment number that you specify. switch# show mac access-lists name (Optional) Displays the MAC ACL configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 289 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 336
the running configuration to the startup configuration. Related Topics • Creating an IP ACL, page 283 Verifying MAC ACL Configurations To display MAC ACL configuration information, perform one of the following tasks: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 290 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 337
VACLs are not defined by direction (ingress or egress). VACLs and Access Maps VACLs use access maps to link an IP ACL or a MAC ACL to an action. The switch takes the configured action on packets permitted by the VACL. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 291 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 338
(hits) on all the interfaces on which that VACL is applied. Note The Cisco Nexus 5000 Series switch does not support interface-level VACL statistics. For each VLAN access map that you configure, you can specify whether the switch maintains statistics for that VACL. This allows you to turn VACL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 339
. The no option unapplies the VACL. The vlan-list command can specify a list of up to 32 VLANs, but multiple vlan-list commands can be configured to cover more than 32 VLANs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 293 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 340
If the VLAN access-map includes the statistics command, then the show vlan access-list command output includes the number of packets that have matched each rule. Clears statistics for all VACLs or for a specific VACL. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 294 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 341
Example Configuration for VACL This example shows how to configure a VACL to forward traffic permitted by an IP ACL named acl-ip-01 and how to apply the VACL to VLANs 50 through 82: switch# configure terminal switch . OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 295 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 342
Displaying and Clearing VACL Statistics Default ACL Settings Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 296 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 343
Management • Using Cisco Fabric Services, page 299 • Configuring User Accounts and RBAC, page 315 • Configuring Session Manager, page 325 • Configuring Online Diagnostics, page 329 • Configuring System Message Logging, page 335 • Configuring Smart Call Home, page 349 • Configuring SNMP, page 375 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 344
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 345
. Cisco Nexus 5000 Series switches support CFS message distribution over Fibre Channel, IPv4 or IPv6 networks. If the switch is provisioned with Fibre Channel ports, CFS over Fibre Channel is enabled by default. CFS over IP must be explicitly enabled. CFS provides the following features: • Peer-to - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 346
Cisco Fabric Services scope: The distribution spans the entire IP network. The following features are supported for CFS distribution over from a peer. Parallel configuration is distributed and committed. • The network lock is released. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 347
and distributed from multiple switches, for example, the port security configuration. Unrestricted Uncoordinated Distributions the distribution reaching all switches that are reachable over either Fibre Channel or IP. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 301 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 348
node D the distribution list for IP. Node C does not forward to node D because node D is already in the distribution list from node B. Figure 37: Network Example 2 with Fibre Channel and IP Connections Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 302 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 349
. If a fabric with M application peers merges with another fabric with N application peers, and if an application triggers a merge action on every notification, a link-up event results in M×N merges in the fabric. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 303 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 350
application is enabled or disabled for distribution (enabled or disabled). The last column indicates the scope of distribution for the application (logical, physical, or both). Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 304 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 351
of the lock holder. switch# show cfs lock Application: ntp Scope : Physical Switch WWN IP Address User Name User Type 20:00:00:05:30:00:6b:9e 10.76.100.167 admin CLI/SNMP v3 Total number of entries = 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 305 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 352
changes in the pending database overwrite the configuration in the effective database when you commit the changes. Caution If you do not commit the changes, they are not saved to the running configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 306 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 353
the configuration for a given feature. Once you assign a feature to a CFS region, its configuration cannot be distributed within another CFS region. Managing CFS Regions Creating CFS Regions You can create a CFS region. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 354
. Indicates application(s) to be moved from one region into another. Note If you try moving an application to the same region more than once, you see the error message, "Application already present in the same region." Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 308 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 355
in the region will be moved to the default region." Configuring CFS over IP Enabling CFS over IPv4 You can enable or disable CFS over IPv4. Note CFS cannot distribute over both IPv4 and IPv6 from the same switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 309 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 356
distributions, such as the keepalive mechanism for detecting network topology changes, use the IP multicast address to send and receive information. Note CFS distributions for application data use directed unicast. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 310 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 357
for CFS over IP, use the show cfs status command: switch# show cfs status Fabric distribution Enabled IP distribution Enabled mode ipv4 IPv4 multicast address : 10.1.10.100 IPv6 multicast address : ff13::e244:4754 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 311 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 358
.100.169 [Merge Master] The show cfs peers command output displays all the switches in the physical network in terms of the switch WWN and the IP address. The local switch is indicated as Local. switch# show cfs peers Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 312 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 359
Total number of entries = 2 Scope : Logical [VSAN 3] Domain Switch WWN IP Address 224 20:00:00:44:22:00:4a:9e 172.22.92.27 [Local] 151 20:00:00:05:30:01:1b:c2 172.22.92.215 Total number of entries = 2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 313 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 360
multicast address ff15::efff:4653. The CISCO-CFS-MIB contains SNMP configuration information for any CFS-related functions. Refer to the Cisco Nexus 5000 Series MIB Quick Reference for more information on this MIB. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 314 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 361
mtsuser, ftpuser, man, and sys. Note User passwords are not displayed in the configuration files. Caution The Cisco Nexus 5000 Series switch does not support all numeric usernames, whether created with not logged in. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 315 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 362
• Contains numbers The following are examples of strong passwords: • If2CoM18 • 2009AsdfLkj30 • Cb1955S21 Note Clear text Cisco Nexus 5000 Series switch. • network-operator-Complete read access to the Cisco Nexus 5000 Series switch. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 363
User Role Interface Policies, page 320 Guidelines and Limitations for User Accounts User account and RBAC have the following configuration guidelines and limitations: • You can add up to 256 rules to a user role. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 317 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 364
default is no expiry date. switch# show user-account (Optional) Displays the role configuration. switch# copy running-config startup-config (Optional) Copies the running configuration to the startup configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 318 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 365
to display a list of feature groups. Repeat this command for as many rules as needed. switch(config-role)# description text (Optional) Configures the role description. You can include spaces in the description. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 319 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 366
Role Interface Policies You can change a user role interface policy to limit the interfaces that the user can access. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 320 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 367
enters role configuration mode. switch(config-role)# vlan policy deny Enters role VLAN policy configuration mode. switch(config-role-vlan)# permit vlan Specifies a range of VLANs that the role can vlan-list access. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 321 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 368
tasks: Command Purpose switch# show role Displays the user role configuration switch# show role feature Displays the feature list. switch# show role feature-group Displays the feature group configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 322 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 369
All interfaces are accessible. VLAN policy All VLANs are accessible. VFC policy All VFCs are accessible. VETH policy All VETHs are accessible. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 323 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 370
Default User Account and RBAC Settings Configuring User Accounts and RBAC Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 324 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 371
. Configuration Guidelines and Limitations Session Manager has the following configuration guidelines and limitations: • Session Manager supports only the ACL feature. • You can create up to 32 configuration sessions. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 325 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 372
Enters interface configuration mode. number switch(config-s-if)# ip port access-group Adds a port access group to the interface. name in switch# show configuration session [name] (Optional) Displays the contents of the session. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 326 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 373
)# exit switch(config-s)# verify switch(config-s)# exit switch# show configuration session test2 Verifying Session Manager Configuration To verify Session Manager configuration information, use the following commands: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 327 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 374
of the configuration session. switch# show configuration session status [name] Displays the status of the configuration session. switch# show configuration session summary Displays a summary of all the configuration sessions. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 328 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 375
the supervisor and the ASICs. The following table describes the diagnostics that are run only during switch bootup or reset. Table 34: Bootup Diagnostics Diagnostic PCIe Description Tests PCI express (PCIe) access. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 329 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 376
Bootup Diagnostics Tests Diagnostic SPROM Description Verifies the integrity of backplane and supervisor SPROMs. Fabric engine Tests the switch fabric ASICs. Fabric port Tests the ports on the switch fabric ASIC. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 330 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 377
diagnostics for expansion modules. Table 38: Expansion Module Health Monitoring Diagnostics Diagnostic LED Description Monitors port and system status LEDs. Temperature Sensor Monitors temperature sensor readings. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 331 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 378
diagnostic result module slot Displays the results of the diagnostics tests. Default GOLD Settings The following table lists the default settings for online diagnostics parameters. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 332 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 379
Default GOLD Settings Expansion Module Diagnostics Table 39: Default Online Diagnostics Parameters Parameters Bootup diagnostics level Default complete OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 333 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 380
Expansion Module Diagnostics Default GOLD Settings Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 334 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 381
40: System Message Severity Levels Level 0 - emergency Description System unusable 1 - alert Immediate action needed 2 - critical Critical condition 3 - error Error condition 4 - warning Warning condition OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 335 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 382
. switch# configure terminal Enters configuration mode. switch(config)# logging console Enables the switch to log messages to the console session [severity-level] based on a specified severity level or higher (a lower number Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 336 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 383
logging messages to telnet and SSH sessions. switch# show logging console (Optional) Displays the console logging configuration. switch# show logging monitor (Optional) Displays the monitor logging configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 337 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 384
can optionally specify a maximum file size. The default severity level is 5 and the file size is 4194304. Severity levels range from 0 to 7: • 0 - emergency • 1 - alert • 2 - critical • 3 - error Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 338 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 385
... Related Topics • Displaying and Clearing Log Files, page 345 Configuring Module and Facility Messages Logging You can configure the severity level and time-stamp units of messages logged by modules and facilities. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 339 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 386
severity-level] Resets the logging severity level for the specified facility to its default level. If you do not specify a facility and severity level, the switch resets all facilities to their default levels. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 340 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 387
example shows how to configure the time-stamp units of messages: switch# configure terminal switch(config)# logging timestamp milliseconds switch(config)# exit switch# show logging timestamp Logging timestamp: Milliseconds OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 388
the running configuration to the startup configuration. The following example shows how to configure a syslog server: switch# configure terminal switch(config)# logging server 172.28.254.254 5 use-vrf VRFname facility local3 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 342 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 389
~cat /etc/syslog.pid~ Configuring syslog Server Configuration Distribution You can distribute the syslog server configuration to other switches in the network by using the Cisco Fabric Services (CFS) infrastructure. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 343 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 390
information about the current state of syslog server distribution and the last action taken. switch# copy running-config (Optional) startup-config Copies the running configuration to the startup configuration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 344 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 391
info Displays the logging configuration. switch# show logging internal info Displays the syslog distribution information. switch# show logging last number-lines Displays the last number of lines of the log file. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 345 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 392
at severity level 2 Log file logging Enabled to log:messages at severity level 5 Module logging Enabled at severity level 5 Facility logging Enabled; Time-stamp units Seconds syslog server logging Disabled Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 346 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 393
Default System Message Logging Settings Parameters syslog server configuration distribution Displaying and Clearing Log Files Default Disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 347 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 394
Displaying and Clearing Log Files Default System Message Logging Settings Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 348 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 395
that uses the Extensible Markup Language (XML) and the Adaptive Messaging Language (AML) XML schema definition (XSD). The XML format enables communication with the Cisco Systems Technical Assistance Center (Cisco-TAC). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 349 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 396
configure a destination profile to allow periodic inventory update messages by using the inventory alert group that will send out periodic messages daily, weekly, or monthly. Cisco Nexus 5000 Series switches support Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 350 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 397
Call Home severity level for syslog port group messages You can customize predefined alert groups to execute additional CLI show commands when specific events occur and send that show output with the Call Home message. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 351 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 398
Warning conditions. 2 Notification Notice (5) Basic notification and informational messages. Possibly independently insignificant. 1 Normal Information (6) Normal event signifying return to normal state. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 352 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 399
to determine the origin of messages received. • Your switch must have IP connectivity to an e-mail server. • If you use Smart Call Home, you need an active service contract for the device that you are configuring. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 353 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 400
e-mail address for the primary person responsible for the switch. Up to 255 alphanumeric characters are accepted in e-mail address format. Note You can use any valid e-mail address. The address cannot contain spaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 354 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 401
-callhome)# street-address 123 Anystreet St., Anycity, Anywhere Creating a Destination Profile You must create a user-defined destination profile and configure the message format for that new destination profile. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 355 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 402
for this destination profile. • Message size-The allowed length of a Call Home message sent to the e-mail addresses in this destination profile. Note You cannot modify or delete the CiscoTAC-1 destination profile. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 356 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 403
highest severity level. switch(config-callhome)# destination-profile {name | full-txt-destination | short-txt-destination} message-size number Configures the maximum message size for this destination this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 357 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 404
You cannot add user-defined CLI show commands to the CiscoTAC-1 destination profile. switch# show callhome user-def-cmds (Optional) Displays information about all user-defined show commands added to alert groups. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 358 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 405
Home messages. switch# show callhome transport-email (Optional) Displays information about the e-mail configuration for Call Home. switch# copy running-config startup-config (Optional) Saves this configuration change. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 406
duplicate message throttling for Call Home. throttle Enabled by default. Enabling or Disabling Call Home Once you have configured the contact information, you can enable the Call Home function in callhome configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 360 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 407
Call Home test message to all configured destinations. switch(config-callhome)# callhome test Sends a test message to all configured destinations. callhome test and callhome test inventory commands are supported. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 361 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 408
Home parameters. Table 45: Default Call Home Parameters Parameters Default Destination message size for a message sent in full 4000000 text format. Destination message size for a message sent in XML 4000000 format. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 362 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 409
isolation message Plain English description of triggering event Alarm urgency level Error level such as that applied to system message The following table describes the common event message format for full text or XML. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 410
that generated the message. This field should be empty if the message is nonspecific to a device. The format is type@Sid@serial: • type is the product model number from backplane IDPROM. Configuring Smart Call Home Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 364 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 411
ID or other data meaningful to alternate support service. /aml/ header/siteID Server ID If the message is generated from the device, this is the unique device identifier (UDI) of the device. /aml/header/serverID OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 365 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 412
E-mail address of /aml/body/sysContactEmail person identified as the contact for this unit. Contact phone number Phone number of /aml/body/sysContactPhoneNumber the person identified Configuring Smart Call Home Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 366 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 413
/atachment/mime encoding type. Command output text Output of command /aml/atachments/atachment/atdata automatically executed. The following table describes the reactive event message format for full text or XML. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 367 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 414
FRU slot Slot number of the FRU. /aml/body/fru/slot FRU hardware version Hardware version of the FRU. /aml/body/fru/hwVersion FRU software version Software version(s) that is running /aml/body/fru/swVersion on the FRU. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 368 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 415
shows the XML format for a syslog port alert-group notification: From: example Sent: Wednesday, April 25, 2007 7:20 AM To: User (user) Subject: System Notification From Router - syslog - 2007-04-25 14:19:55 GMT+00:00 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 369 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 416
://tools.example.com/services/DDCEService http://www.example.com/ C9F9E20C 0 true Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 370 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 417
it prevents returning to ROMMON when break is issued. 00:03:18: %SYS-SP-5-RESTART: System restarted -Cisco IOS Software, s72033_sp Software (s72033_sp-ADVENTERPRISEK9_DBG-VM), Experimental Version 12.2(20070421:012711) OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 371 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 418
-DFC8-3-BADCARD: /bootflash:: The flash card seems to be corrupted 00:00:31: %SYS-DFC8-5-RESTART: System restarted -Cisco DCOS Software, c6lc2 Software (c6lc2-SPDBG-VM), Experimental Version 4.0(20080421:012711) Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 372 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 419
SPAN-SP-6-SPAN_EGRESS_REPLICATION_MODE_CHANGE: Span Message not sent to slot 4/0 (4) because of IPC error Data> OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 420
Sample syslog Alert Notification in XML Format Configuring Smart Call Home Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 374 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 421
you must define the relationship between the manager and the agent. • A managed information base (MIB)-The collection of managed objects on the SNMP agent Note Cisco NX-OS does not support SNMP sets for Ethernet MIBs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 375 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 422
and encryption. Three security models are available: SNMPv1, SNMPv2c, and SNMPv3. The security model combined with the security level determine the security mechanism applied when the SNMP message is processed. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 376 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 423
following services: • Message integrity-Ensures that messages have not been altered or destroyed in an unauthorized manner and that data sequences have not been altered to an extent greater than can occur non-maliciously. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 424
deleted for both SNMP and the CLI. • User-role mapping changes are synchronized in SNMP and the CLI. Note When you configure passphrase/password in localized key/encrypted format, Cisco NX-OS does not synchronize the password. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 378 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 425
messages without authentication and encryption. When you enforce privacy, Cisco NX-OS responds with an authorization Error for any SNMPv3 PDU request using securityLevel parameter of either noAuthNoPriv or authNoPriv. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 426
[udp_port number] community can be any alphanumeric string up to 255 characters. The UDP port number range is from 0 to 65535. You can configure a host receiver for SNMPv2c traps or informs in a global configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 380 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 427
. The UDP port number range is from 0 to 65535. Note The SNMP manager must know the user credentials (authKey/PrivKey) based on the SNMP engineID of the Cisco Nexus 5000 Series switch to authenticate and decrypt the SNMPv3 messages. The following example shows how to configure a host receiver - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 428
traps fcs discovery-complete snmp-server enable traps fcs request-reject CISCO-FDMI-MIB snmp-server enable traps fdmi CISCO-FSPF-MIB snmp-server enable traps fspf CISCO-PSM-MIB snmp-server enable traps port-security Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 382 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 429
for that interface. • IETF-Cisco NX-OS sends only the IETF-defined notifications (linkUp, linkDown in IF-MIB) with only the defined varbinds, if ifLinkUpDownTrapEnable (defined in IF-MIB) is enabled for that interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 383 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 430
can enable a one-time authentication for SNMP over a TCP session. Command Purpose switch(config)# snmp-server tcp-session [auth] Enables a one-time authentication for SNMP over a TCP session. Default is disabled. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 384 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 431
to 32 characters. Note Do not enter an instance, VRF, or topology to delete a context mapping. If you use the instance, vrf, or topology keywords, you configure a mapping between the context and a zero-length string. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 385 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 432
. Default SNMP Settings The following table lists the default settings for SNMP parameters. Table 53: Default SNMP Parameters Parameters license notifications Default enabled linkUp/Down notification type ietf-extended Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 386 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 433
console systems to exchange network monitoring data. The Cisco NX-OS supports RMON alarms, events and logs to monitor Cisco Nexus 5000 Series switches An RMON alarm monitors a and calculate the difference between them. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 387 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 434
Alarms You can configure RMON alarms on any integer-based SNMP MIB object. You can optionally specify the following parameters: • The event-number to trigger if the rising or falling threshold exceeds the specified limit. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 388 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 435
the same event with multiple RMON alarms. Ensure you have configured an SNMP user and enabled SNMP notifications. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 389 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 436
about RMON logs. Default RMON Settings The following table lists the default settings for RMON parameters. Table 54: Default RMON Parameters Parameters Alarms Default None configured. Events None configured. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 390 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 437
V P A R T Fibre Channel over Ethernet • Configuring FCoE, page 393 • Configuring FCoE VLANs and Virtual Interfaces, page 411 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 438
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 439
The FCoE Initialization Protocol (FIP) allows the switch to discover and initialize FCoE-capable entities that are connected to an Ethernet LAN. Two versions of FIP are supported by the Cisco Nexus 5000 Series switch: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 393 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 440
tag for the FCoE VLAN. Frames that are not correctly tagged are discarded. The switch expects frames from a pre-FIP CNA to be priority tagged with the FCoE CoS value. The switch will still accept untagged frames from the CNA. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 394 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 441
, parameters are coded in a type-length-value (TLV) format. The Cisco Nexus 5000 Series switch supports two versions of DCBX: • CEE-DCBX-The Converged Enhanced Ethernet DCBX is supported on all T11-compliant Gen-2 CNAs OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 395 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 442
disabled. Note The Cisco Nexus 5000 Series switch provides CLI commands to manually override the results of the PFC negotiation with the adapter. On a per-interface basis, you can force capabilities to be enabled or disabled. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 396 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 443
operating system. • FCoE software stack ◦ Runs on existing 10-Gigabit Ethernet adapters. Two generations of CNAs are supported by the Cisco Nexus 5000 Series switch: • A FIP adapter uses the FIP to exchange information about its available capabilities and to negotiate the configurable values with - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 444
limitations. Because the Cisco Nexus 5000 Series FCF cannot perform the transit FCoE function, you must design your network topology so that the active STP path of FCoE VLANs is always over the directly connected links Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 398 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 445
your network topology so that the active STP path of FCoE VLANs is always over the directly connected links between the CNA and the FCF. Make sure that you configure the FCoE VLAN on the directly connected links only. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 399 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 446
for VF_Port trunking and VSAN management for the virtual Fibre Channel interfaces. Note A unified fabric link carries both Ethernet and FCoE traffic. 3 You must configure the UF links as spanning-tree edge ports. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 400 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 447
of the STP for the FCoE VLANs is limited to UF links only. 6 You must use separate FCoE VLANs for FCoE in SAN-A and SAN-B. Note All Gen-1 (pre-FIP) and Gen-2 (FIP) CNAs are supported in a directly connected topology. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 401 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 448
links as trunk ports. Do not configure the FCoE VLAN as a native VLAN. You must configure all FCoE VLANs as members of the UF links to allow extensions for VF_Port trunking and VSAN management for the virtual Fibre Channel interfaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 449
Requirements for FCoE Enabling FCoE Note A unified fabric link carries both Ethernet and FCoE traffic. 3 You must configure the CNAs and the blade switches as spanning-tree edge ports. 4 A blade switch must connect to exactly one Cisco Nexus 5000 Series converged access switch, preferably over - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 450
# configure terminal switch(config)# no feature fcoe Purpose Enters configuration mode. Disables the FCoE capability. This example shows how to disable FCoE on the switch: switch# configure terminal switch(config)# no feature fcoe Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 451
)# no fcoe fcmap fabric-map (Optional) Resets the global FC-Map to the default value of 0E.FC.00. This example shows how to configure the global FC-Map: switch# configure terminal switch(config)# fcoe fcmap 0e.fc.2a OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 405 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 452
interval for the fabric to its default value of 8 seconds. This example shows how to configure the advertisement interval for the fabric: switch# configure terminal switch(config)# fcoe fka-adv-period 42 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 406 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 453
slot/port Selects the interface to change. switch(config-if)# [no] lldp {receive | transmit} Sets the selected interface to either receive or transmit. The no form of the command disables the LLDP transmit or receive. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 454
:76 This example shows how to display the FCoE settings for an interface. switch# show interface ethernet 1/37 fcoe Ethernet1/37 is FCoE UP vfc3 is Up FCID is 0x490100 PWWN is 21:00:00:1b:32:0a:e7:b8 MAC addr is 00:c0:dd:0e:5f:76 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 408 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 455
counters: switch# show lldp traffic LLDP traffic statistics: Total frames out: 8464 Total Entries aged: 6 Total frames in: 6342 Total frames received in error: 2 Total frames discarded: 2 Total TLVs unrecognized: 0 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 409 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 456
Configuring Interface LLDP Commands Verifying FCoE Configuration Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 410 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 457
address of a remotely connected adapter. FCoE is supported on 10-Gigabit Ethernet interfaces. The Ethernet or EtherChannel interface that you bind the virtual Fibre Channel interface to must be configured as follows: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 411 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 458
converged access switch to carry traffic for each Virtual Fabric (VSAN) in the SAN (for example, VLAN 1002 for VSAN 1, VLAN 1003 for VSAN 2, and so on). If MST is enabled, a separate MST instance must be used for FCoE VLANs. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 412 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 459
-number} | mac-address MAC-address} (Optional) Unbinds the virtual Fibre Channel interface from the specified interface. switch(config)# no interface vfc vfc-id (Optional) Deletes a virtual Fibre Channel interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 460
: switch# configure terminal switch(config)# vsan database switch(config-vsan)# vsan 2 interface vfc 4 Verifying the Virtual Interface To display configuration information about virtual interfaces, perform one of the following tasks: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 461
is 901 1 minute input rate 0 bits/sec, 0 bytes/sec, 0 frames/sec 1 minute output rate 0 bits/sec, 0 bytes/sec, 0 frames/sec 0 frames input, 0 bytes 0 discards, 0 errors 0 frames output, 0 bytes 0 discards, 0 errors OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 415 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 462
# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# spanning-tree port type edge trunk switch(config-if)# switchport mode trunk switch(config-if)# switchport trunk allowed vlan 1,200 switch(config-if)# exit Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 463
-vlan)# fcoe vsan 2 switch(config-vlan)# exit Step 4 Associate the virtual Fibre Channel interface to the VSAN. switch(config)# vsan database switch(config-vsan)# vsan 2 interface vfc 4 switch(config-vsan)# exit OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 417 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 464
Associating a Virtual Fibre Channel Interface to a VSAN Mapping VSANs to VLANs Example Configuration Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 418 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 465
VI PA R T Quality of Service • Configuring QoS, page 421 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 466
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 467
Fibre Channel requires a reliable transport system that guarantees the delivery of every packet. To properly support FCoE, Ethernet has been enhanced with a priority flow control (PFC) mechanism to prevent congestion. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 421 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 468
overriding service-policy configuration. The system qos policies are used to define system classes, the classes of traffic across the entire switch, and their attributes. To ensure QoS consistency (and for ease of configuration), Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 422 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 469
. Note The optional N5K-M1404 or N5K-M1008 expansion modules provide native 1/2/4-Gigabit Fibre Channel ports. Policy Types The Cisco Nexus 5000 Series switch supports a number of matched by its associated qos-group. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 423 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 470
classes. Note Some configuration parameters when applied to an EtherChannel are not reflected on the configuration of the member ports. ◦ system class can be configured for priority in a given queuing policy. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 424 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 471
on a link instead of all the traffic on the link. PFC applies pause functionality based on the IEEE 802.1p CoS value. When the switch enables PFC, it communicates to the adapter which CoS values to apply the pause. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 425 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 472
the MTU configuration to network adapters that support DCBX. Note MTU is not supported in Converged Enhanced Ethernet (CEE) mode for DCBX. Trust Boundaries The trust boundary is enforced by the incoming interface as follows: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 426 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 473
Ethernet traffic in the default drop system class is assigned a queue. This queue uses WRR scheduling with 50 percent of the bandwidth. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 427 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 474
for multicast frames. If optimized multicast is enabled for the default drop system class, the system will use all six queues to service the multicast A queue to serve all data traffic and low-priority control traffic. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 428 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 475
the class map, you specify a set of match criteria for classifying the packets. You can then reference class maps in policy maps. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 429 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 476
on the acl-name. The permit and deny ACL keywords are ignored in the matching. Note You can only define a single ACL in a class map. You cannot add any other match criteria to a class with a match access-group defined. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 430 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 477
class. This example shows how to classify traffic by matching packets based on a defined CoS value: switch# configure terminal switch(config)# class-map type qos class_cos switch(config-cmap-qos)# match cos 4, 5-6 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 431 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 478
value class-map configuration: switch# show class-map class_cos Configuring DSCP Classification You can classify traffic based on the Differentiated Services Code Point ( precedence 5) dscp (101000)-decimal value 40 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 432 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 479
. UDP communications use an even port and the next higher odd port is used for RTP Control Protocol (RTCP) communications. You can classify based on UDP port ranges, which are likely to target applications using RTP. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 433 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 480
port-number Removes the match from the traffic class. This example shows how to classify traffic by matching packets based on UDP port ranges that are typically used by RTP applications: switch# configure terminal switch (7) Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 434 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 481
Arguments Argument arp Description Address Resolution Protocol (ARP) clns_es CLNS End Systems clns_is CLNS Intermediate System dhcp Dynamic Host Configuration (DHCP) ldp Label Distribution Protocol (LDP) OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 435 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 482
qos-group-value Configures the traffic class by matching packets based on a list of QoS group values. Values can range from 0 to 5. QoS group 0 is equivalent to class-default and QoS group 1 is equivalent to class-fcoe. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 436 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 483
set of traffic classes. The switch provides two default system classes: a no-drop class for lossless service (class-fcoe) and a drop class for best-effort service (class-default). You can define be up to 40 characters. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 437 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 484
to the entire switch for a particular class. Procedure Step 1 Step 2 Command or Action switch# configure terminal Purpose Enters configuration mode. switch(config)# policy-map , and can be up to 40 characters. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 438 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 485
bytes Disables the queue limit specification in this class. switch(config-pmap-c-nq)# set cos Specifies a 802.1Q CoS value which is used to mark packets cos-value on this interface. The value range is from 0 to 7. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 439 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 486
specification from this class. switch(config-pmap-c-que)# priority Specifies that traffic in this class is mapped to a strict priority queue. Note Only one class in each policy map can have strict priority set on it. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 440 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 487
This example shows how to define a type qos policy map: switch# configure terminal switch(config)# policy-map type qos policy-s1 switch(config-pmap-qos)# class type qos class-s1 switch(config-pmap-c-qos)# set qos-group 2 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 488
attached new policies to the system qos configuration, you must reapply the default policies to restore the system. Procedure Step 1 Command or Action switch# configure terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 442 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 489
class-default bandwidth percent 50 Type network-qos policy-maps policy-map type network-qos default-nq-policy class type network-qos class-fcoe pause no-drop mtu 2240 class type network-qos class-default mtu 1538 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 443 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 490
0 Broadcast Packets 1301767362 Jumbo Packets 33690 Storm Suppression Packets 7181776513802 Bytes Tx 1186564478 Output Packets 7060 Multicast Packets 0 Broadcast Packets 997813205 Jumbo Packets 4813632103603 Bytes ... Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 444 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 491
/port | port-channel channel-number} switch(config-if)# untagged cos cos-value Purpose Enters configuration mode. Enters configuration mode for the specified interface or port channel. Configures the untagged CoS value. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 492
interface or EtherChannel. This example shows how to apply a policy to an Ethernet interface: switch# configure terminal switch(config)# interface ethernet 1/1 switch(config-if)# service-policy type qos input policy1 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 446 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 493
Priority Flow Control Configuring Priority Flow Control and Link-Level Flow Control Cisco Nexus 5000 Series switches support priority flow control (PFC) and Link-Level Flow Control (LLC) on Ethernet interfaces. The Ethernet interface can operate in two different modes: FCoE mode or standard - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 494
only. switch# show queuing interface [interface number] Displays the queue configuration and statistics. You can clear the QoS policy statistics. Command switch# clear qos statistics Purpose Clears the policy statistics. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 448 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 495
Verifying QoS Configuration Configuring Link-Level Flow Control This example shows how to display the class maps defined on the switch: switch# show class-map class-map type network-qos class-fcoe match qos-group 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 449 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 496
-qos class-fcoe pause no-drop mtu 2240 class type network-qos class-default mtu 1538 This example shows how to display the policy maps attached on the system qos: switch# show policy-map system Type network-qos policy-maps Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 450 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 497
how to display the policy maps attached to an interface: switch# show policy-map interface ethernet 1/1 Global statistics status : disabled Ethernet1/1 Service-policy (qos) input: p2 policy statistics status: disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 451 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 498
Configuring Link-Level Flow Control Class ): class-fcoe (match-any) Match: cos 3 set qos-group 1 Class-map (qos): class-default (match-any) Match: any set qos-group 0 Service-policy ( 20 Verifying QoS Configuration Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 452 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 499
to the cross-bar Mcast pkts sent to the cross-bar Ucast pkts received from the cross-bar Pkts sent to the port Pkts discarded on ingress Per-priority-pause status :0 :0 :0 :0 :0 : 0 (0) : Rx (Inactive), Tx (Inactive) OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 453 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 500
Pkts sent to the port Pkts discarded on Example QoS Configurations QoS Example 1 This example shows how to configure traffic in the entire system matching an access control list to have the frame CoS fields rewritten to the value 5. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 501
-qos pmap-nq-acl (config-sys-qos)# exit QoS Example 2 This example shows how to use an access control list to apply 50% bandwidth to traffic on Ethernet interface 1/3 that matches traffic on Ethernet interface 1/1. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 455 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 502
service- fcoe (config-pmap-c-que)# bandwidth percent 40 (config-pmap-c-que)# exit (config-pmap-que)# class type queuing cmap-que-bandwidth (config-pmap-c-que)# bandwidth percent 50 (config-pmap-c-que)# exit (config-pmap-que)# exit Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 503
system qos to the system. (config-sys-qos)# service-policy type network-qos pmap-nq-bandwidth (config-sys-qos)# exit QoS Example 3 This example shows how to attach a 802.1p tag with mode on (config-if)# exit OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 457 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 504
QoS Example 3 Example QoS Configurations Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 458 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 505
Configuring N Port Virtualization, page 497 • Configuring VSAN Trunking, page 507 • Configuring SAN Port Channel, page 515 • Configuring and Managing VSANs, page 531 • Configuring and Managing Zones, page 543 • Distributing Device Alias Services, page 567 • Configuring Fibre Channel Routing Services - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 506
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 507
. Each Fibre Channel port can be used as a downlink (connected to a server) or as an uplink (connected to the data center SAN network). The Fibre Channel interfaces support the following modes: F, NP, E, TE, and SD. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 461 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 508
during interface initialization. In NPV mode, Fibre Channel interfaces may operate in NP mode, F mode or SD mode. Virtual Fibre Channel interfaces can only be configured in F mode. Figure 43: Switch Port Modes Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 462 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 509
the VSAN ID to multiplex traffic from one or more VSANs across the same physical link. This feature is referred to as VSAN trunking in the Cisco Nexus 5000 Series switch. TE ports support class 3 and class F service. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 463 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 510
Operational State Up Description Interface is transmitting or receiving traffic as desired. To be in this state, an interface must be administratively up, the interface link layer state must Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 464 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 511
(SFP) hardware is not plugged in. Initializing The physical layer link is All operational and the protocol initialization is in progress. Reconfigure fabric in progress The fabric is currently being reconfigured. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 512
Isolation due to the other side of The E port at the other end of the the link E port isolated link is isolated. Isolation due to invalid fabric reconfiguration The port is isolated due to fabric reconfiguration. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 466 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 513
of the underlying physical Ethernet interface. The receive BB_credit value (fcrxbbcredit) may be configured for each Fibre Channel interface. In most cases, you do not need to modify the default configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 467 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 514
-id [ , vfc and enters interface configuration mode. vfc-id - vfc-id ] } Setting the Interface Administrative State To gracefully shut down an interface, perform this task: To enable traffic flow, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 468 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 515
Channel interface and enters vfc-id} interface configuration mode. switch(config-if)# switchport description Configures the description of the interface. The cisco-HBA2 string can be up to 80 characters long. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 469 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 516
encap eisl command is disabled by default. If you enable encapsulation, all outgoing frames are encapsulated, and you will see a new line (Encapsulation is eisl) in the show interface SD_port_interface command output. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 470 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 517
syslog message when bit error threshold events are detected, even if the interface is configured not to be disabled by bit-error threshold events. To disable the bit error threshold for an interface, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 471 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 518
along with other pertinent interface information for this interface. Note The BB_credit values are correct at the time the registers are read. They are useful to verify situations when the data traffic is slow. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 472 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 519
N port to use different identifiers and allows access control, zoning, and port security to be implemented at the application level. The following figure shows an example application using NPIV. Figure 44: NPIV Example OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 473 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 520
(a range of interfaces or multiple, specified interfaces) to display interface information. You can specify a range of interfaces by entering a command with the following example format: interface fc2/1 - 4 , fc3/2 - 3 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 474 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 521
the running configuration for all interfaces: switch# show running configuration ... interface fc3/5 switchport speed 2000 ... interface fc3/5 switchport mode E ... interface fc3/5 channel-group 11 force no shutdown OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 475 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 522
Disabled Data field size 2112 bytes The following table lists the default settings for virtual Fibre Channel interface parameters. Table 64: Default Virtual Fibre Channel Interface Parameters Parameters Interface mode Default Auto Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 523
Trunk mode Trunk-allowed VSANs Interface VSAN EISL encapsulation Data field size Default Fibre Channel Interface Settings Default n/a Shutdown (unless changed during initial setup) n/a n/a Default VSAN (1) n/a n/a OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 477 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 524
Default Fibre Channel Interface Settings Configuring Fibre Channel Interfaces Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 478 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 525
to the corresponding switch in the fabric. • Fabric reconfiguration-This phase guarantees a resynchronization of all switches in the fabric to ensure they simultaneously restart a new principal switch selection phase. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 479 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 526
domain ID after the next restart, either disruptive or nondisruptive. If a VSAN is in interop mode, you cannot disruptively restart the fcdomain for that VSAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 480 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 527
fcdomain optimize fast-restart vsan vsan-id - vsan-id Purpose Enters configuration mode. Enables domain manager fast restart in the specified VSAN. Enables domain manager fast restart in the specified range of VSANs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 481 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 528
: Procedure Step 1 Step 2 Command or Action switch# configuration terminal Purpose Enters configuration mode. switch(config)# no fcdomain vsan vsan-id Disables the fcdomain configuration in the - vsan-id specified VSAN range. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 529
mode. switch(config)# interface fc slot/port Configures the specified interface. switch(config-if)# fcdomain rcf-reject vsan Enables the RCF filter on the specified interface vsan-id in the specified VSAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 483 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 530
VSANs. The domain ID is part of the overall FC ID. About Domain IDs The configured domain ID can be preferred or static. By default, the configured domain ID is 0 (zero) and the configured type is preferred. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 484 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 531
switch. In specific situations, the changes are as follows: • When the received domain ID is not within the allowed list, the requested domain ID becomes the runtime domain ID and all interfaces on that VSAN are isolated. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 532
preferred), you may experience link isolation. To specify a static or preferred domain ID, perform this task: Procedure Step 1 Command or Action switch# configuration terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 486 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 533
Action switch# configuration terminal switch(config)# fcdomain allowed domain-id range vsan vsan-id Purpose Enters configuration mode. Configures the list to allow switches with the domain ID range in the specified VSAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 534
the active configuration. Subsequent modifications are made to the pending configuration and remain there until you commit the changes to the active configuration (and other switches in the fabric) or discard them. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 488 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 535
vsan 10 Displaying CFS Distribution Status You can display the status of CFS distribution for allowed domain ID lists using the show fcdomain status command. switch# show fcdomain status CFS distribution is enabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 489 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 536
Procedure Step 1 Step 2 Command or Action switch# configuration terminal Purpose Enters configuration mode. switch(config)# fcdomain Enables the contiguous allocation option in the contiguous-allocation vsan vsan-id - specified VSAN range. vsan-id Cisco Nexus 5000 Series Switch CLI Software - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 537
changed after a reboot. FC IDs are enabled by default, but can be disabled for each VSAN. A persistent FC ID assigned to an F port can be moved across interfaces and can continue to maintain the same persistent FC ID. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 491 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 538
:df) wwn 33:e8:00:05:30:00:16:df fcid fcid with the FC ID 0x070128 in the specified VSAN. Note To avoid assigning a duplicate FC ID, use the show fcdomain address-allocation vsan command to display the FC IDs in use. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 492 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 539
connected to the same switch. For example, if the storage port FC ID is 0x6f7704, the area for this port is 77. In this case, the HBA port's area can be anything other than 77. The HBA port's FC ID must be manually configured to be different from the storage port's FC ID. Cisco Nexus 5000 Series - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 540
Static Persistent Usage State In use Action Not deleted Static Not in use Not deleted Dynamic In use Not deleted Dynamic Not in use Deleted Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 494 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 541
example shows how to display all existing, persistent FC IDs for a specified VSAN. You can also specify the unused option to view only persistent FC IDs that are still not in use. switch# show fcdomain fcid persistent vsan 1000 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 542
Allowed list 1 to 239 Fabric name 20:01:00:05:30:00:28:df rcf-reject Disabled Persistent FC ID Enabled Allowed domain ID list configuration distribution Disabled Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 496 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 543
(such as login and port security) and all the Fibre Channel switching capabilities. The edge switch appears as a Fibre Channel host to the core switch and as a regular Fibre Channel switch to its connected devices. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 497 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 544
be physical or virtual Fibre Channel interfaces. Related Topics • About N Port Identifier Virtualization, page 473 NP Uplinks All interfaces from the edge switch to the core switch are configured as proxy N ports (NP ports). Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 498 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 545
not enforced at the edge switch (rather, it is enforced on the core switch). • Multiple devices attached to an edge switch log in through the same F port on the core, so they cannot be separated into different zones. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 499 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 546
the server interfaces have been redistributed. If disruptive load balancing is not enabled, you can manually reinitialize some or all of the server interfaces to distribute server traffic to new NP uplink interfaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 500 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 547
If a server interface goes down and then returns to service, the interface is not guaranteed to be assigned to the same NP uplink. • The server interface is only operational when its assigned NP uplink is operational. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 501 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 548
this task: Procedure Step 1 Step 2 Command or Action switch# configure terminal switch(config)# interface fc slot/port Purpose Enters configuration mode. Selects an interface that will be connected to the core NPV switch. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 502 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 549
uplink interfaces. Enabling Disruptive Load Balancing If you configure additional NP uplinks, you can enable the disruptive load-balancing feature to distribute the server traffic load evenly among all the NP uplinks. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 503 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 550
FCID: 0x1c0000, State: Up Interface: fc2/2, VSAN: 1, FCID: 0x040000, State: Up Interface: fc2/3, VSAN: 1, FCID: 0x260000, State: Up Interface: fc2/4, VSAN: 1, FCID: 0x1a0000, State: Up Number of External Interfaces: 4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 504 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 551
load-balancing status, enter the show npv status command: switch# show npv status npiv is enabled disruptive load balancing is enabled External Interfaces Interface: fc2/1, VSAN: 2, FCID: 0x1c0000, State: Up ... OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 505 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 552
Verifying NPV Traffic Management Configuring N Port Virtualization Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 506 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 553
to determine the allowed-active VSANs in which frames can be received or transmitted. • If a trunking-enabled E port is connected to a third-party switch, the trunking protocol ensures seamless operation as an E port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 507 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 554
). Other switches that are directly connected to this switch are similarly affected on the connected interfaces. If you need to merge traffic from different port VSANs across a nontrunking ISL, disable the trunking protocol. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 508 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 555
and Port Mode Trunk Mode Configuration Switch 1 Switch 2 Trunking State On Auto or on Trunking (EISL) Port Mode TE port Off Auto, on, or off No trunking (ISL) E port Auto Auto No trunking (ISL) E port OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 509 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 556
on the Cisco Nexus 5000 Series switches is that one side of the trunk is set to auto and the other is set to on. Note When connected to a third-party switch, the trunk mode configuration has no effect. The ISL is always in a trunking disabled state. Configuring Trunk Mode To configure trunk mode - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 557
be as follows: • The ISL between switch 1 and switch 2 includes VSAN 1 and VSAN 3. • The ISL between switch 2 and switch 3 includes VSAN 1 and VSAN 2. • The ISL between switch 3 and switch 1 includes VSAN 1, 2, and 5. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 511 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 558
id allowed list. switch(config-if)# no switchport trunk allowed Deletes the specified VSAN range. vsan vsan-id - vsan-id switch(config-if)# no switchport trunk allowed Deletes the expanded allowed list. vsan add vsan-id Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 512 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 559
the default settings for trunking parameters. Table 69: Default Trunk Configuration Parameters Parameters Switch port trunk mode Allowed VSAN list Trunking protocol Default On 1 to 4093 user-defined VSAN IDs Enabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 513 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 560
Default Trunk Configuration Settings Configuring VSAN Trunking Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 514 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 561
associated with each channel group. This number ranges from 1 to 256. Understanding Port Channels and VSAN Trunking Switches in the Cisco Nexus 5000 Series implement VSAN trunking and port channels as follows: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 515 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 562
then subsequent frames in the exchange follow the same link. However, subsequent exchanges can use a different link. This method provides finer granularity for load balancing while preserving the order of frames for each exchange. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 516 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 563
following figure illustrates how exchange-based load balancing works. When the first frame in an exchange is received for forwarding on an interface, link 1 is chosen by a hash algorithm. All remaining frames in that OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 517 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 564
values. You can change the default configuration just as any other physical interface. The following figure provides examples of valid SAN port channel configurations. Figure 57: Valid SAN Port Channel Configurations Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 518 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 565
channel cannot be changed after the port channel is configured. If you change the links after the port channel is configured, be sure to reconnect the links to interfaces within the port channel and reenable the links. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 519 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 566
peer ports. Moves interfaces to the suspended state if its operational values are incompatible with the SAN port channel. Moves interfaces to the isolated state if its operational values are incompatible with the SAN port channel. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 567
Purpose Enters configuration mode. switch(config)# interface san-port-channel Configures the specified port channel using the channel-number default On mode. The SAN port channel number is in the range of 1 to 256. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 521 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 568
part of a SAN port channel. The compatibility check is performed before a port is added to the SAN port channel. The check ensures that the following parameters and settings match at both ends of a SAN port channel: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 522 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 569
those ports again. • If you use the Active mode, then the port channel ports automatically recover from the addition. Note When SAN port channels are created from within an interface, the force option cannot be used. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 523 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 570
cases, the channel groups have the same capability and configurational parameters. Any change in configuration applied to the associated SAN port channel interface is propagated to all members of the channel group. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 524 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 571
number may change across reboots for the same set of port channels depending on the initialization order of the ports. The following table identifies the differences between user-configured and auto-configured channel groups. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 572
, all member ports are removed from the autocreated SAN port channel. • Once the last member is removed from an autocreated SAN port channel, the channel is automatically deleted and the number is released for reuse. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 526 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 573
properties of the manually configured channel group, and channel group autocreation is implicitly disabled for all the member ports. If you enable persistence, be sure to enable it at both ends of the SAN port channel. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 527 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 574
consistent The following example shows how to display details of the used and unused port channel numbers: switch# show san-port-channel usage Totally 3 port-channel numbers used Used : 77 - 79 Unused: 1 - 76 , 80 - 256 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 528 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 575
channels. Table 72: Default SAN Port Channel Parameters Parameters Port channels Default FSPF is enabled by default. Create port channel Administratively up. Default port channel mode On. Autocreation Disabled. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 529 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 576
Default Settings for SAN Port Channels Configuring SAN Port Channels Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 530 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 577
. • Fabric-related configurations in one VSAN do not affect the associated traffic in another VSAN. • Events causing traffic disruptions in one VSAN are contained within that VSAN and are not propagated to other VSANs. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 531 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 578
The application servers or storage arrays can be connected to the switch using Fibre Channel or virtual Fibre Channel interfaces. A VSAN can include a mixture of Fibre Channel and virtual Fibre Channel interfaces. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 532 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 579
: ◦ Different customers in storage provider data centers ◦ Production or test in an enterprise network ◦ Low and high security requirements ◦ Backup traffic on separate VSANs ◦ Replicating data from user traffic OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 533 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 580
the source and port, and destination port. destination ports. VSANs are defined for larger environments (storage Zones are defined for a set of initiators and targets service providers). not visible outside the zone. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 534 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 581
a VSAN without losing the VSAN's configuration. All ports in a suspended VSAN are disabled. By suspending a VSAN, you can preconfigure all the VSAN parameters for the whole fabric and activate the VSAN immediately. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 535 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 582
VSAN membership on the switch is assigned on a port-by-port basis. By default each port belongs to the default VSAN. You can assign VSAN membership to ports using one of two methods: • Statically-Assigning VSANs to ports. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 536 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 583
is not displayed if interfaces are not configured on this VSAN. The following example displays membership information for all VSANs: switch # show vsan membership vsan 1 interfaces: fc2/1 fc2/2 fc2/3 fc2/4 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 537 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 584
VSAN. Operational State of a VSAN A VSAN is in the operational state if the VSAN is active and at least one port is up. This state indicates that traffic can pass through this VSAN. This state cannot be configured. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 538 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 585
in the system, then a command request to move a port to VSAN 10 is rejected. Related Topics • Configuring VSAN Trunking, page 507 Deleting Static VSANs To delete a VSAN and its various attributes, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 539 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 586
db)# vsan vsan-id Suspends the selected VSAN. suspend switch(config-vsan-db)# no vsan vsan-id Negates the suspend command entered in the suspend previous step. switch(config-vsan-db)# end Returns you to EXEC mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 540 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 587
Parameters Default VSAN State Name Load-balancing attribute Default VSAN 1. Active state. Concatenation of VSAN and a four-digit string representing the VSAN ID. For example, VSAN 3 is VSAN0003. OX ID (src-dst-ox-id). OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 541 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 588
Default VSAN Settings Configuring and Managing VSANs Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 542 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 589
all VSANs in the fabric. • A zone set consists of one or more zones. ◦ A zone set can be activated or deactivated as a single entity across all switches in the fabric. ◦ Only one zone set can be activated at any time. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 543 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 590
up to 8000 zones per VSAN and a maximum of 8000 zones for all VSANs on the switch. Note Interface-based zoning only works with Cisco SAN switches. Interface-based zoning does not work for VSANs configured in interop mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 544 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 591
65: Fabric with Three Zones Zone Implementation Cisco Nexus 5000 Series switches automatically support the following basic zone features (no additional configuration is required): • Zones are contained in a VSAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 545 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 592
. Modifications take effect during zone set activation. • An FC ID or Nx port that is not part of the active zone set belongs to the default zone and the default zone information is not distributed to other switches. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 546 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 593
one zone set is active and you activate another zone set, the currently active zone set is automatically deactivated. You do not need to explicitly deactivate the currently active zone set before activating a new zone set. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 594
Active and Full Zone Set Configuration Guidelines Configuring and Managing Zones The following figure shows a zone being added to an activated zone set. Figure 66: Active and Full Zone Sets Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 548 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 595
Remote sWWN interface pWWN member fcid fcid member fwwn fwwn-id member interface type slot/port member interface type slot/port domain-id domain-id member interface type slot/port swwn swwn-id member pwwn pwwn-id OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 549 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 596
interface fc 2/1 domain-id 25 Zone Sets In the following figure, two separate sets are created, each with its own membership hierarchy and zone members. Figure 67: Hierarchy of Zone Sets, Zones, and Zone Members Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 550 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 597
in the fabric. If you change the default zone policy on one switch in a fabric, be sure to change it on all the other switches in the fabric. Note The default settings for default zone configurations can be changed. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 551 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 598
. Tip The switch supports a maximum of 2048 aliases per VSAN. Creating FC Aliases To create an alias, perform this task: Procedure Step 1 Command or Action switch# configuration terminal Purpose Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 552 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 599
interface fc 2/1 Remote sWWN interface example: switch(config-fcalias)# member interface fc 2/1 swwn 20:00:00:05:30:00:4a:de Domain ID interface example: switch(config-fcalias)# member interface fc2/1 domain-id 25 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 553 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 600
the hardware on each frame sent by an N port. As frames enter the switch, source-destination IDs are compared with permitted combinations to allow the frame at wire speed. Hard zoning is applied to all forms of zoning. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 554 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 601
Configuring and Managing Zones Zone Set Distribution Note Hard zoning enforces zoning restrictions on every frame, and prevents unauthorized access. Cisco Nexus 5000 Series switches support both hard and soft zoning. Zone Set Distribution You can distribute full zone sets using one of two methods - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 602
database to the neighboring switch. • Manually resolve the conflict by editing the full zone set, activating the corrected zone set, and then bringing up the link. Figure 68: Importing and Exporting the Database Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 556 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 603
zone set, perform this task: Procedure Step 1 Command or Action Purpose switch# zone copy active-zoneset full-zoneset Makes a copy of the active zone set in the vsan vsan-id specified VSAN to the full zone set. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 557 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 604
number switch(config)# fcalias clone oldname newname Clones a fcalias in the specified VSAN. vsan vsan-id switch(config)# zone-attribute-group clone Clones a zone attribute group in the oldname newname vsan vsan-id specified VSAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 605
active zone set: switch# show zoneset active The following example shows how to display the active zones: switch# show zone active The following example shows how to display the zone status: switch# show zone status OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 559 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 606
a Unique vendor type. types (symbolic node name, and vendor-specific type value to other types) may be used by other uniquely identify a member type. non-Cisco switches. During a merge, the Cisco-specific types can Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 560 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 607
with this procedure. If you do not delete the existing configuration, the switch software automatically removes them. Set the operation mode to basic zoning mode. Enabling Enhanced Zoning By default, the enhanced zoning feature is disabled in all switches in the Cisco Nexus 5000 Series. To enable - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 608
To release the session lock on the zoning database on the switches in a VSAN, use the no zone commit vsan command from the switch where the database was initially locked. switch# configuration terminal switch(config)# no zone commit vsan 2 Cisco Nexus 5000 Series Switch CLI Software Configuration - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 609
setting. ◦ If the setting is restrict, the active zone set and the full zone set should be identical. Otherwise, the link is isolated. ◦ If the setting is allow, then the merge rules are used to perform the merge. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 563 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 610
this task: Procedure Step 1 Step 2 Command or Action switch# configuration terminal switch(config)# system default zone default-zone permit Purpose Enters configuration mode. Configures permit as the default zoning policy for new VSANs on the switch. Cisco Nexus 5000 Series Switch CLI Software - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 611
the zone ID released when a zone was deleted. Zone and Zone Set Analysis To better manage the zones and zone sets on your switch, you can display zone and zone set information using the show zone analysis command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 565 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 612
for basic zone parameters. Table 80: Default Basic Zone Parameters Parameters Default zone policy Default Denied to all members. Full zone set distribute The full zone set(s) is not distributed. Enhanced zoning Disabled. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 566 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 613
Cisco Nexus 5000 Series support Distributed Device Alias Services (device aliases) on a fabric-wide basis. Information About Device Aliases When the port WWN (pWWN) of a device must be specified to configure features (for example, zoning, DPVM, or port security) in a Cisco Nexus 5000 Series switch - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 614
to zoning. Device alias configuration is available to the FCNS, zone, fcping, and traceroute applications. Device Alias Databases The device alias feature uses two databases to accept and implement device alias configurations. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 568 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 615
new HBA, for example, that change is not reflected in the zone server. Users must configuration and distributed in its native device alias format. So applications such as zone server, PSM or DPVM can automatically keep OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 616
Enters configuration mode. switch(config)# device-alias mode enhanced Assigns the device alias to operate in enhanced mode. switch(config)# no device-alias mode enhance Assigns the device alias to operate in basic mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 570 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 617
the effective database on those switches is overwritten with the new changes. • The pending database is emptied of its contents. • The fabric lock is released for this feature. To commit the changes, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 571 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 618
and may be discarded if the switch is restarted. To use administrative privileges and release a locked device alias session, use the clear device-alias session command in EXEC mode. switch# clear device-alias session Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 572 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 619
: Disable Fabric Distribution Status: Success About Legacy Zone Alias Configuration You can import legacy zone alias configurations to use this feature without losing data if they satisfy the following restrictions: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 573 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 620
will also fail if there is a device alias mode mismatch. Related Topics • CFS Merge Support, page 303 Verifying Device Alias Configuration To display device alias information, perform one of the following tasks: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 574 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 621
Services Default Device Alias Settings Procedure Step 1 Step 2 Step 3 Step 4 Step 5 Command or Action switch# show zoneset [active] Purpose Displays the device aliases in the zone set information. switch Basic. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 575 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 622
Settings Parameters Database in use Database to accept changes Device alias fabric lock state Distributing Device Alias Services Default Effective database. Pending database. Locked with the first device alias task. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 576 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 623
on the domain ID. • Runs only on E ports or TE ports and provides a loop free topology. • Runs on a per VSAN basis. Connectivity in a given VSAN in a fabric is guaranteed only for the switches configured in that VSAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 577 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 624
and the frequency of link updates. Once physical links are aggregated, failures are not attached to a single link but to the entire SAN port channel. This configuration also improves the resiliency of the network. The Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 578 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 625
Each time a new switch enters the fabric, a link state record (LSR) is sent to the neighboring switches, and then flooded throughout the fabric. The following table displays the default settings for switch responses. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 579 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 626
the autonomous region for this VSAN and region-id specifies the region ID. Resetting FSPF to the Default Configuration To return the FSPF VSAN global configuration to its factory default, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 580 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 627
with an interface can be administratively changed to implement the FSPF route selection. The integer value to specify cost can range from 1 to 65,535. The default cost for 1 Gbps is 1000 and for 2 Gbps is 500. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 581 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 628
dead time interval to specify the maximum interval for which a hello message must be received before the neighbor is considered lost and removed from the database. The integer value can range from 1 to 65,535 seconds. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 582 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 629
# configuration terminal Purpose Enters configuration mode. switch(config)# interface fc slot/port Configures the specified interface, or if already configured, enters configuration mode for the specified interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 583 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 630
, perform this task: Procedure Step 1 Command or Action switch# clear fspf counters vsan vsan-id interface fc slot/port Purpose Clears the FSPF statistics counters for the specified interface in the specified VSAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 584 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 631
for a specific FC ID and next fc slot/port domain domain-id metric hop domain ID and also assigns the cost of the route. value vsan vsan-id If the remote destination option is not specified, the default is direct. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 585 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 632
path from Switch 1 to Switch 4 is faster. In this scenario, Frame 3 and Frame 4 may be delivered before Frame 1 and Frame 2. If the in-order guarantee feature is enabled, the frames within the network are delivered as follows: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 586 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 633
in-order delivery feature is enabled, the recovery will be delayed because of an intentional pausing of fabric forwarding to purge the fabric of resident frames that could potentially be forwarded out-of-order. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 587 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 634
Enables in-order delivery in the specified VSAN. vsan-id switch(config)# no in-order-guarantee vsan vsan-id Reverts the switch to the factory defaults and disables the in-order delivery feature in the specified VSAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 588 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 635
milliseconds VSAN specific network latency settings vsan 1 network latency:5000 milliseconds vsan 2 network latency:2000 milliseconds vsan 103 network latency:2000 milliseconds vsan 460 network latency:500 milliseconds OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 589 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 636
the destination ID are specified in FC ID hex format (for example, 0x123aff). The mask can be one of 0xff0000 or 0xffffff. switch(config)# no fcflow stats aggregated Disables the flow counter. index value vsan vsan-id Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 590 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 637
E ports and TE ports. SPF computation Dynamic. SPF hold time 0. Backbone region 0. Acknowledgment interval (RxmtInterval) 5 seconds. Refresh time (LSRefreshTime) 30 minutes. Maximum age (MaxAge) 60 minutes. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 591 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 638
. Disabled. If the cost (metric) of the route is not specified, the default is 10. If the remote destination switch is not specified, the default is direct. Uses the principal switch to compute the multicast tree. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 592 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 639
vfc1/1 1 0x870000 20:00:00:1b:21:06:58:bc 10:00:00:1b:21:06:58:bc Total number of flogi = 1. The following example shows how to verify the storage devices associated with VSAN 1: switch# show flogi database vsan 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 593 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 640
Purpose Enters configuration mode. Logs out devices when they log into the fabric if the pWWNs already exist. Overwrites the first device's entry in the name server database with the new device having the same pWWN (default). Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 594 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 641
about attached HBAs and host operating systems without installing proprietary host agents: • Manufacturer, model, and serial number • Node name and node symbolic name • Hardware, driver, and firmware versions OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 595 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 642
affected port IDs together in a single RSCN. By enabling this option, you can reduce the number of RSCNs. For example, you have two disks (D1, D2) and a host (H) connected to switch 1. Host H is registered to receive RSCNs. D1, Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 596 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 643
. For example, you can keep track of how many RSCNs or SW-RSCNs are generated on a particular event (such as ONLINE or OFFLINE events). You can use these statistics to monitor responses for each event in the VSAN. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 644
You verify the RSCN timer configuration using the show rscn event-tov vsan command. The following example shows how to clear the RSCN statistics for VSAN 10: switch# show rscn event-tov vsan 10 Event TOV : 1000 ms Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 598 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 645
is committed to all the switches in the fabric. On a successful commit, the configuration change is applied throughout the fabric and the lock is released. To commit RSCN timer configuration changes, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 599 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 646
Note A merge failure results when the RSCN timer values are different on the merging fabrics. The following example shows how to display the set of configuration commands that would take effect when you commit the configuration: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 647
The following table lists the default settings for RSCN. Table 85: Default RSCN Settings Parameters RSCN timer value RSCN timer configuration distribution Default 2000 milliseconds for Fibre Channel VSANs Disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 601 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 648
Default RSCN Settings Managing FLOGI, Name Server, FDMI, and RSCN Databases Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 602 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 649
capacity, serial number, and ports that are present in the name server database and that are registered as FC4 Type = SCSI_FCP are discovered. Starting SCSI LUN Discovery To start SCSI LUN discovery, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 650
number from 0 to 255 in decimal or a number from 0x0 to 0xFF in hex. Initiating Customized Discovery To initiate a customized discovery, perform this task: Procedure Step 1 Step 2 Command or Action Purpose switch Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 604 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 651
on all operating systems: switch# show scsi-target lun os all The following example displays the port WWN that is assigned to each operating system (Windows, AIX, Solaris, Linux, or HPUX): switch# show scsi-target pwwn OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 605 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 652
Displaying SCSI LUN Information Discovering SCSI Targets Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 606 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 653
Across All VSANs You can modify Fibre Channel protocol related timer values for the switch. Caution The D_S_TOV, E_D_TOV, and R_A_ TOV values cannot be globally changed unless all VSANs in the switch are suspended. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 607 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 654
updating the timer value This configuration would impact whole fabric. Do you want to continue? (y/n) y Since this configuration is not propagated to other switches, please configure the same value in all the switches Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 608 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 655
Purpose Enters configuration mode. Distributes the fctimer configuration changes to all switches in the fabric and releases the lock. Overwrites the effective database with the changes made to the pending database. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 609 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 656
The number of pending fctimer configuration operations cannot be more than 15. After 15 operations, you must commit or abort the pending configurations before performing any more operations. Related Topics • CFS Merge Support, page 303 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 657
: 24 bits VSID: 36 bits Caution Changes to the world-wide names should be made by an administrator or individual who is completely familiar with switch operations. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 611 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 658
Fibre Channel standards require a unique FC ID to be allocated to an N port attached to an F port in any switch. To conserve the number of FC IDs used, Cisco Nexus 5000 Series switches use a special allocation scheme. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 612 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 659
-config command to view the currently allocated mode. • When you enter a write erase, the list inherits the default list of company IDs shipped with a relevant release. To allocate company IDs, perform this task: OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 613 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 660
of these modes. Each vendor has a regular mode and an equivalent interoperability mode, which specifically turns off advanced or proprietary features and provides the product with a standards-compliant implementation. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 614 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 661
and Concepts About Interop Mode Note For more information on configuring interoperability for Cisco Nexus 5000 Series switches, see the Cisco MDS 9000 Family Switch-to-Switch Interoperability Configuration Guide About Interop Mode Cisco NX-OS software supports the following four interop modes - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 662
and SAN port channels can still be used to connect a Cisco switch to other Cisco SAN switches even when in interop mode. The routing of frames within the fabric is not changed by the introduction of interop mode. The switch Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 616 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 663
which Cisco Nexus 5000 Series switches or McData switches do not understand. Rejecting these frames causes the common E ports to become isolated. To configure interop mode 1 in any switch in the Cisco Nexus 5000 Series, perform this task: Procedure Step 1 Place the VSAN of the E ports that connect - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 664
interoperability command in any switch in the Cisco Nexus 5000 Series, perform this task: Procedure Step 1 Verify the software version. Example: switch# show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2008, Cisco Systems, Inc. All - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 665
sfpAbsent -- -- -- fc3/8 1 auto auto sfpAbsent -- -- -- Step 3 Verify if you are running the desired configuration. Example: switch# show running-config Building Configuration... interface fc2/1 no shutdown OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 619 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 666
mode is active. Example: switch# show vsan 1 vsan 1 information name:VSAN0001 state:active interoperability mode:yes verify mode loadbalancing:src-id/dst-id/oxid operational state:up Step 5 Verify the domain ID. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 620 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 667
fc2/4 Upstream Disabled Step 6 Verify the local principal switch status. Example: switch# show fcdomain domain-list vsan 1 Number of domains: 5 Domain ID WWN 0x61(97) 10 60:69:22:32:91 [Principal] OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 621 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 668
00:00:20:37:a7:c7:df (Seagate) scsi-fcp 0x651500 N 10:00:00:e0:69:f0:43:9f (JNI) Total number of entries = 12 Note The Cisco switch name server shows both local and remote entries, and does not time out the entries. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 622 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 669
5 frames Remote capture connection protocol TCP Remote capture connection mode Passive Local capture frame limits 10 frames FC ID allocation mode Auto mode Loop monitoring Disabled Interop mode Disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 623 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 670
Default Settings for Advanced Features Advanced Fibre Channel Features and Concepts Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 624 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 671
environment with geographically distributed switches, someone could maliciously interconnect incompatible switches or you could accidentally do so, resulting in Inter-Switch Link (ISL) isolation and link disruption. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 625 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 672
DHCHAP Configuring FC-SP and DHCHAP Cisco Nexus 5000 Series switches support authentication features to address physical security (see the following figure). Figure 74: Switch and Host Authentication Note Fibre Channel Host Bus Adapters (HBAs) with appropriate firmware and drivers are required - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 673
or Action switch# configuration terminal switch(config)# fcsp enable switch(config)# no fcsp enable Purpose Enters configuration mode. Enables the DHCHAP in this switch. Disables (default) the DHCHAP in this switch. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 627 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 674
not performed. Configuring the DHCHAP Mode To configure the DHCHAP mode for a particular interface, perform this task: Procedure Step 1 Command or Action Purpose switch# configuration terminal Enters configuration mode. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 628 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 675
DHCHAP authentication. Configuring the DHCHAP Hash Algorithm To configure the hash algorithm, perform this task: Procedure Step 1 Command or Action switch# configuration terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 629 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 676
fabric must be generated and configured in each switch. Even if one switch is compromised, the password of other switches are still protected. This configuration requires considerable password maintenance by the user. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 630 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 677
the fabric that is identified by the switch WWN device name. switch(config)# no fcsp dhchap devicename Removes the password entry for this switch from switch-wwn password password the local authentication database. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 631 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 678
The following example shows how to display the DHCHAP local password database: switch# show fcsp dhchap database Use the ASCII representation of the device WWN to configure the switch information on RADIUS and TACACS+ servers. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 632 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 679
is performed. Step 6 Example: switch(config)# interface fc2/4 switch(config-if)# fcsp on Verify the protocol security information configured in this switch by displaying the DHCHAP local password database. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 633 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 680
MD5 followed by SHA-1 for DHCHAP authentication DHCHAP authentication mode Auto-passive DHCHAP group default priority exchange order 0, 4, 1, 2, and 3, respectively DHCHAP timeout value 30 seconds Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 634 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 681
sections: • Configuring Port Security, page 635 Configuring Port Security Cisco Nexus 5000 Series switches provide port security features that reject intrusion attempts and report these intrusions to the administrator. Note Port security is supported on virtual Fibre Channel ports and physical - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 682
the port security active database. The software uses this active database to enforce authorization. About Auto-Learning You can instruct the switch to automatically learn (auto-learn) the port security configurations over a specified period. This feature allows any Cisco Nexus 5000 Series switch to - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 683
Security, page 639 • Committing the Changes, page 646 • Copying the Port Security Database, page 651 • Disabling Auto-Learning, page 641 • Enabling Port Security, page 638 • Enabling Port Security Distribution, page 645 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 684
. Repeat the above steps for all switches in the fabric. Enabling Port Security By default, the port security feature is disabled in Cisco Nexus 5000 Series switches. To enable port security, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 638 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 685
listed in the previous section, you may decide to proceed by forcing the port security activation. Forcing Port Security Activation If the port security activation request is rejected, you can force the activation. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 639 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 686
to the configured database. Re-enters configuration mode. switch(config)# port-security activate Activates the port security database for the vsan vsan-id specified VSAN, and automatically enables auto-learning. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 640 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 687
the switch. Enforces the database contents based on the devices learned up to this point. Auto-Learning Device Authorization The following table summarizes the authorized connection conditions for device requests. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 641 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 688
table summarizes the port security authorization results for this active database. Table 92: Authorization Results for Scenario Device Connection Request P1, N2, F1 Authorization Permitted Condition 1 Reason No conflict. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 642 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 689
Configuring Port Security Device Connection Request P2, N2, F1 Authorization Permitted P3, N2, F1 Denied P1, N3, F1 Permitted P1, N1, No conflict. Wildcard ( * ) match for F3 and N3. Wildcard ( * ) match for N3. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 643 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 690
Port Security Manual Configuration Configuring Port Security Port Security Manual Configuration To configure port security on a Cisco Nexus 5000 Series switch, perform this task: Procedure Step 1 Step 2 Step 3 Step 4 Identify the WWN of the ports that need to be secured. Secure the fWWN to an - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 691
Note Port activation or deactivation and auto-learning enable or disable do not take effect until after a CFS commit if CFS distribution is enabled. Always follow any one of these operations with a CFS commit to ensure proper configuration. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 692
task: Procedure Step 1 Step 2 Command or Action switch# configuration terminal Purpose Enters configuration mode. switch(config)# port-security commit vsan Commits the port security changes in the vsan-id specified VSAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 646 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 693
{A,B, E} database. active database = {A,B, C*, D*} configuration database = {A,B} active database = {null} pending database = {A,B, E + activation to be enabled} 3 The * (asterisk) indicates learned entries. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 647 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 694
-learning disabled. pending database = empty Port Security Database Merge Guidelines A database merge refers to a union of the configuration database and static (unlearned) entries in activation states in the fabric. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 648 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 695
the active database using the port-security database copy vsan command. The port-security database diff active vsan command in EXEC mode lists the differences between the active database and the configuration database. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 649 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 696
Port Security Database Scenarios the follwowing figure illustrates various scenarios showing the active database and the configuration database status based on port security configurations. Figure 76: Port Security Database Scenarios Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 697
database auto-learn and clear port-security statistics commands are only relevant to the local switch and do not acquire locks. Also, learned entries are only local to the switch and do not participate in distribution. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 651 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 698
Table 95: Default Security Settings Parameters Auto-learn Default Enabled if port security is enabled. Port security Disabled. Distribution Disabled. Note Enabling distribution enables it on all VSANs in the switch. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 652 OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 699
in the Allows a preconfigured set of Fibre Channel devices fabric binding database to participate in the fabric. to logically connect to a SAN port. The switch port, identified by a WWN or interface number, connects OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 653 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 700
enabled between specified switches in the fabric binding configuration. Fabric binding is configured on a per-VSAN basis. Configuring Fabric Binding To configure fabric binding in each switch in the fabric, perform this task: Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 654 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 701
Switch WWN List To configure a list of sWWNs and optional domain IDs for a Fibre Channel VSAN, perform this task: Procedure Step 1 Command or Action switch# configuration terminal Purpose Enters configuration mode. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 702
-binding activate vsan Activates the fabric binding database for the vsan-id specified VSAN. switch(config)# no fabric-binding activate Deactivates the fabric binding database for the vsan vsan-id specified VSAN. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 656 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 703
this task: Procedure Step 1 Step 2 Step 3 Command or Action switch# configuration terminal Purpose Enters configuration mode. switch(config)# fabric a specified VSAN. switch# clear fabric-binding statistics vsan 1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 657 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 704
Note In VSAN 3, the sWWN was not found in the list. In VSAN 2, the sWWN was found in the list, but has a domain ID mismatch. The following example displays EFMD Statistics for VSAN 4: switch# show fabric-binding efmd statistics vsan 4 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 705
following table lists the default settings for the fabric binding feature. Table 97: Default Fabric Binding Settings Parameters Fabric binding Default Disabled OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 659 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 706
Default Fabric Binding Settings Configuring Fabric Binding Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 660 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 707
port VSAN ID 1, and Management Application 2 (M2) is connected through an F port with port VSAN ID 2. M1 can query the FCS information of switches S1 and S3, and M2 can query switches S3 and S4. Switch S2 information is OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 708
Support network management including the following: ◦ N port management application can query and obtain information about fabric elements. ◦ SNMP • SNMP manager can query FCSs for all IEs, ports, and platforms in the fabric. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 662 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 709
the default FCS settings. Table 98: Default FCS Settings Parameters Global checking of the platform name Platform node type Default Disabled Unknown OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 663 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 710
Default FCS Settings Configuring Fabric Configuration Servers Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 664 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 711
665 Configuring Port Tracking Cisco Nexus 5000 Series switches offer the port tracking feature on physical Fibre Channel interfaces (but not on virtual Fibre Channel interfaces). This feature uses information about the operational state of the link to initiate a failure in the link that connects the - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 712
, consider the following guidelines: • Verify that the tracked ports and the linked ports are on the same Cisco switch. • Be aware that the linked port is automatically brought down when the tracked port goes down. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 666 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 713
port goes down, the linked port is also brought down. switch(config-if)# no port-track interface Removes the port tracking configuration that is fc slot/port | san-port-channel port currently applied to the interface. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 714
. In such cases, the port VSAN of the linked port can be monitored on the set of operational VSANs on the tracked port. If you configure this feature, the linked port is up only when the VSAN is up on the tracked port. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 668 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 715
now configure tracked ports. switch(config-if)# port-track force-shut Forcefully shuts down the tracked port. switch(config-if)# no port-track force-shut Removes the port shutdown configuration for the tracked port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 669 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 716
The following table lists the default settings for port tracking parameters. Table 99: Default Port Tracking Parameters Parameters Port tracking Default Disabled Operational binding Enabled along with port tracking Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 670 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 717
VIII P A R T Troubleshooting • Configuring SPAN, page 673 • Troubleshooting, page 681 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 718
- HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 719
. A source port has these characteristics: • Can be of any port type: Ethernet, Fibre Channel, virtual Fibre Channel, port channel, SAN port channel, VLAN, and VSAN. • Cannot be monitored in multiple SPAN sessions. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 673 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 720
that monitors source ports. The Cisco Nexus 5000 Series switch supports Ethernet and Fibre Channel interfaces as SPAN destinations. Source SPAN Dest SPAN Ethernet Ethernet Fibre Channel Fibre Channel Fibre Channel Ethernet (FCoE) Virtual Fibre Channel Fibre Channel Virtual Fibre Channel - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 721
global configuration mode. switch(config)# monitor session session-number switch(config-monitor)# destination interface ethernet slot/port Enters the monitor configuration mode. Configures the Ethernet destination port. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 722
session 2 switch(config-monitor)# destination interface fc 2/4 Configuring Source Ports You can configure the source ports for a SPAN session. The source ports can be Ethernet, Fibre Channel, or virtual Fibre Channel ports. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 676 OL - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 723
following example shows configuring a VSAN SPAN source: switch(config-monitor)# source vsan 1 Configuring the Description of a SPAN Session You can provide a descriptive name of the SPAN session for ease of reference. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 677 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 724
session-number} shut Purpose Suspends the specified SPAN session or all sessions. The following example shows suspending a SPAN session: switch(config)# monitor session 3 shut Note The Cisco Nexus 5000 Series switch supports two active SPAN sessions. When you configure more than two SPAN sessions - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 725
details: switch# show monitor session 2 session 2 type : local state : up source intf : rx : fc3/1 tx : fc3/1 both : fc3/1 source VLANs : rx : source VSANs : rx :1 destination ports : Eth3/1 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 679 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 726
Displaying SPAN Information Configuring SPAN Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 680 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 727
into, the switch with a username that has network-admin privileges, follow these steps: Procedure Step 1 Verify that your username has network-admin privileges. Step 2 Example: switch# show network-admin privileges. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 681 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 728
password. Step 4 Example: switch(boot)# configure terminal switch(boot-config)# admin-password switch(boot-config)# exit Display the bootflash: contents to locate the Cisco NX-OS software image file. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 682 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 729
-low (Inbound low-priority interface), or mgmt (management interface). Captures packets sent or received by the supervisor and provides a summary of protocol information. Limits the number of frames to capture. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 683 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 730
64129 Len=0 2005-01-25 07:18:09.166830 10.193.24.42 -> 10.200.0.103 TELNET Telnet Data ... 2005-01-25 07:18:09.376250 10.200.0.103 -> 10.193.24.42 TCP 1235 > telnet [ACK] Seq=0 Ack=99 Win=64049 Len=0 4 packets captured Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 684 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 731
example shows detailed captured data for one HSRP packet: switch(config)# ethanalyzer local interface mgmt capture-filter "tcp port 23" limit-captured-frames 1 Capturing on eth0 Frame : http://www.wireshark.org/docs/. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 685 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 732
:d9:1d vsan 1 timeout 5 Route present for : 21:00:00:e0:8b:06:d9:1d 20:00:00:0b:46:00:02:82(0xfffcd5) Timestamp Invalid. 20:00:00:05:30:00:18:db(0xfffcd7) Timestamp Invalid. 20:00:00:05:30:00:18:db(0xfffcd7) Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 686 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 733
invoking fcping with a timeout value: switch# fcping fcid 0xd500b4 vsan 1 timeout 10 28 bytes from 0xd500b4 time = 1345 usec ... 5 frames sent, 5 frames received, 0 timeouts Round-trip min/avg/max = 340/581/1345 usec OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 687 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 734
28 bytes from 0xFFFCDA time = 292 usec 5 frames sent, 5 frames received, 0 timeouts Round-trip min/avg/max = 260/288/298 usec Verifies reachability of the destination switch by checking its end-to-end connectivity. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 688 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 735
• show diagnostic result all • show logging log • show module • show environment • show sprom backplane • show clock • show callhome • show cfs application • show cfs lock • show snmp OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 689 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 736
topology • show kernel internal aipc • show tech-support acl • show vlan • show vlan access-map • show mac-address-table • show spanning-tree summary • show spanning-tree active • show interface trunk Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 690 Troubleshooting OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 737
can be provided to technical support representatives when reporting a problem. You can save the output of this command to a file by appending > (left arrow) and the filename to the show tech-support brief command. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 691 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 738
support brief Command Troubleshooting This example shows how to display a condensed view of the switch configurations: switch# show tech-support brief Switch Name : switch Switch Status IP Address Speed MTU Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 692 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 739
• show fcns internal info vsan 1-4093 • show fcns internal event-history • show fcns internal event-log • show fcroute unicast • show fcs database OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 693 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 740
• show tech-support rscn • show zone pending active vsan 1-4093 • show fcalias pending vsan 1-4093 • show zone policy pending vsan 1-4093 • show zone pending-diff vsan 1-4093 • show zone analysis active vsan 1-4093 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 694 Troubleshooting - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 741
fwm info lif all verbose • show platform fwm info vlan all verbose • show platform fwm info error stats • show platform fwm info error history • show platform fwm info stm-stats • show platform fwm info pc all verbose OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 695 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 742
internal event-history errors • show system internal liod liod_db • show system internal liod queues • show system internal liod state • show system internal liod time_db • show system internal rib domain Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 696 Troubleshooting OL-16597 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 743
5 seconds Number of frame sent by the fcping feature 5 frames Remote capture connection protocol TCP Remote capture connection mode Passive Local capture frame limits 10 frames FC ID allocation mode Auto mode OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 697 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 744
Default Settings for Troubleshooting Features Troubleshooting Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 698 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 745
interfaces per EtherChannel 16 4 The 3600 logical interfaces apply to both PVRST and MST. If MST is used, the scale applies to the maximum number of MST instances (64). 5 There can be a maximum of 50 ACEs per PACL. OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 699 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 746
the scale is not currently implemented. 12 Each ISL instance can support up to 32 VSAN instances. 13 The switch is capable of supporting 480 virtual Fibre Channel interfaces but the scale is not currently implemented. Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 700 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 747
Cisco Nexus 5000 Series switch pair Maximum number of hosts connected to Fabric Extenders connected to Cisco Nexus 5000 Series switches 480 hosts16 MAC Table Size 16,000 entries17 Event Traps - forward via Email 4 destinations18 QoS System Classes 5 all user-configurable classes Port - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 748
Configuration Limits Appendix Cisco Nexus 5000 Series Switch CLI Software Configuration Guide 702 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 749
469 auto port mode description 464 autosensing speed 470 B BB_credits description 467 displaying information 476 reason codes 467 bit error thresholds configuring 471 description 471 bit errors reasons 471 blocking state, STP 160 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-1 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 750
security information 632 enabling 627 group settings 630 hash algorithms 629 passwords for local switches 630 sample configuration 633 diagnostics configuring 331 default settings 332 expansion modules 331 health monitoring 330 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 751
653 disabling 655 EFMD 653 enabling 655 enforcement 654 forceful activation 657 forceful deactivation 657 initiation process 654 licensing requirements 653 port security comparison 653 saving to config database 657 OL-16597-01 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-3 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 752
over Ethernet 1 Fibre Channel Security Protocol 625 FLOGI description 593 flow statistics clearing 591 counting 590 description 590 displaying 591 frame encapsulation configuring 470 FSCN displaying databases 604 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-4 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 753
VSANs 536 chassis ID 65 configuring descriptions 469 configuring fcalias members 552 configuring receive data field size 471 displaying SFP information 474 isolated states 523 options 65 SFP types 474 suspended states 523 UDLD 66 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-5 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 754
178 IEEE 802.1s terminology 178 IST 177, 178 operations within a region 177 mapping VLANs to MST instance 186 MST region CIST 177 described 175 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-6 OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 755
accesses 635 port security auto-learning description 636 device authorization 641 disabling 641 distributing configuration 645 enabling 641 guidelines for configuring with CFS 637 guidelines for configuring without CFS 638 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-7 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 756
325 example configuration 325 guidelines 325 high availability 325 implementing a rollback 325 limitations 325 reverting to checkpoint file 325 verifying configuration 327 root guard 202 route costs computing 581 RSCN default settings 601 description 596 Cisco Nexus 5000 Series Switch CLI Software - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 757
contact name 353 user synchronization with CLI 378 Version 3 security features 376 SNMP (Simple Network Management Protocol) versions 376 SNMPv3 assigning multiple roles 380 security features 376 specifying AAA parameters 236 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN-9 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 758
ranges 607 tracked ports binding operationally 667 traffic isolation VSANs 534 trap notifications 376 troubleshooting collecting output for technical support 689 fcping 687 fctrace 686 show tech-support command 689 IN-10 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01 - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 759
FSPF connectivity 577 interop mode 615 isolated 538 load balancing 540 load balancing attributes 535 mismatches 465 multiple zones 546 name server 594 names 535 operational states 538 port membership 536 states 535 TE port mode 463 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide IN - HP Cisco Nexus 5000 | Cisco Nexus 5000 Series Switch CLI Software Configuration - Page 760
databases 557 membership using pWWNs 534 merge failures 465 renaming 558 restoring (procedure) 557 show tech-support zone command 691 viewing information 559 zoning description 543 example 545 implementation 545 IN-12 Cisco Nexus 5000 Series Switch CLI Software Configuration Guide OL-16597-01
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
First Published:
07/17/2009
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-16597-01