I would like to know if I can connect 4 sets of NX5596 (each NX 5596 will have 5 NX2K attached) to one set of NX7010 (each NX7K has 4 X N7K-F248XP-25 modules) and using 16-way port-channel for each set? I did some digging on the Cisco website and noticed on some of the old document stated that the NX7K only support up to 8 active vPC ports between both vPC peers.
View 8 Replies
I am working on two Nexus 7010 with 5.1.5 NX-OS version. I configure HSRP traditionnaly, Nexus 1 with a priority of 200 and Nexus 2 with a priority of 100 for all vlan.
When I change the priority of a vlan to 200 to 50 for example, Nexus 2 become active and Nexus 1 standby. The problem is that when I do a traceroute from a PC the packet take the Nexus 1 as defaut gateway all the time.....
For information I have a peer link between the 2 Nexus for vPC.
Normally when we do HSRP with vPC on N7K the device will be Active/Standby in control plane but it will be Active/Active in data plane. In this case any traffic reach to standby device it can forward traffic directly to uplink which is not my desire. My goal is all traffic should pass through active (control plane) device in every case unless active device totally dead. So Is it possible for Nexus 7000 to be HSRP Active/Standby in Data Plane ?
View 4 Replies View Relatedwe have several uplink ports on a verity of cisco switches connecting to the nexus 7000, recording CRC errors.most are trunked ports with the following configuration. [code]
View 2 Replies View RelatedI am trying to setup up a LAG with LACP between the switch and a Sinology DS1511+. Every time I enable LACP on the LAG I cannot get the ports to become Active Members.
View 1 Replies View RelatedWe are expanding out LAN network with more 2960 access switches. All the access switches are suppose to be connected to core switch (4507R) but i have less port on the core switch.
On the core switch we have two supervisor engines (WS-X4515 ---description : "Supervisor IV with 2 1000BaseX GBIC ports"). I can see that on each supervisor engine i have two 1 GB SFP ports available and if i calculate for two supervioser engine i will have 4 1GB ports.
But at particular time only one supervisor engine is active and other is in standby mode (redundancy mode used is SSO between two SUP engines).
Can i used all 4 SFP ports for connecting 4 uplinks to the 4 access switch?Will all the 4 SFP ports active at one time or only 2 SFP ports will be active that is for only active supervisor engine.
I use one cisco 6506-e switch with modules (including two sup720-3B,one 6148-GE-TX,one 6724-SFP), and Thomson ViSE EM1000 encoder connect to 6148-GE-TX module with its two Gigibit RJ45 ports,Video picture can appear,but it isn't active.If connect to 6724-SFP module with GLC-T transceiver,It is OK. configure speed 1000 on the 6148 interface? configure full-duplex on the 6148 interface?
View 2 Replies View RelatedI have a pair of ASA 5520s operating in failover pair as active/standby, having two contexts on them. I am planning to share the load and make it active/active making first context active on the primary unit and second context active on the secondary unit. My question is if this will disrupt any connectivity thru these firewalls when I do "no failover" on the active/standby and assign the contexts to different failover groups and enable the failover back.
View 6 Replies View RelatedI am looking at deploying a pair of 5585X's in an active/active multiple context state. I am creating Mulitple contexts that need to be able to route to each other. I was going to deploy a type of Gateway context that has a shared interface to all of the other contexts, instead of sharing interfaces directly between the contexts, i beleive this will work as basically i am just cascadng the contexts and sharing interfaces.
The main problem i have come across, is that if i deploy active/active across two appliances using 2 failover groups i can not see a way to route between them, for example.
I have Context 1, Context 2 and Context GW A including the shared interfaces of Con1 and Con2 in failover group 1 on appliance A with the respective standbys on Appliance 2. I have Context 2, Context 4 and Context GW B including the shared interfaces of Con 3 and Con 4 in failover group 2 on appliance B with the respective standbys on Appliance 1.
I need to be able to route traffic between Context GW A and GW B so that the contexts can communicate in normal operation and in failover. I do not beleive that I can share an interface between contexts in two separate failover groups and to be honest without adding a L3 device between the appliances i am not sure if this is possible.
I have two ASA 5510s running in Active/Active mode. I need to make config changes on them. How do I go about it? Do I power off the secondary ASA and make the config changes on the primary and then power on the secondary ASA ? Or this another way to do this?
View 3 Replies View RelatedI have an ASA5520 in location A with an ISP connection and a matching ASA5520 in location B with a separate ISP connection. We have fiber connecting the two locations and vlans passing back and forth so I will be able to configure the failover via a vlan as well as extend the ISP's to each location via vlans. The Active/Active configuration with the multiple security contexts does not seem to be an issue but how is a redundant ISP configured in this mode?We want to have context A using the ASA in location A with ISP1 as the primary and failing over to ISP 2 in locaiton B We also want to have context B using the ASA in location B with ISP 2 as the primary and failing over to ISP1 in location A Would route tracking provide the desired result? Is there a better option?
View 1 Replies View RelatedThe 6509 Series Switches support the scenario VSS Active-Active Chassis, I would like to setup both switch's as one virtual switch but working at the same time, not with Active - Stand By Chassis.
My plans it to create PortChannel accross both Switches 6509 in order to have 2 links one connected to one slot/switch and the other connected to slot/switch in the second 6509 for servers redundancy.
I am working on a network which has two ISP connections (Active/Active) terminating on router (ASR1000). From the LAN side (6500 switch) all the traffic need to be route on ISP1 but some of the specific subnets like 10.250.0.0/16 need to be route on ISP2 connection.
I am planning to use PBR and NAT with route maps. any documents or refrences are provided.
(access switches)---------(core switch)----------(routers)----------------(ISP1)
----------------------(ISP2)
I faced one problem in our core switch 4507 R . Active sup lost connection and standby came active. We got lot of errors/alerts on console shown below. [Code] Also when I reloaded the switch with reload command only both sups got reloaded but I want to reload all the modules but reload command do not gives any options for that.
View 2 Replies View RelatedI have 2 asa 5520 firewalls including and 1 AIP-SSM-10 module in each of them. the configuration is set using active/active failover and context mode.
Both of them run individualy the IPS module. The IPS is configured using inline mode and fail-open option. However when one of the module fails and the state is changing from up to init or anything else making the IPS to fail then failover is detected and ASA consider it as failover and bounce context to the other unit.
IPS soft is 6.0(4) and ASA soft is 8.0(3)
I have checked cisco doc and it is confusing to me. it says: "The AIP-SSM does not participate in stateful failover if stateful failover is configured on the ASA failover pair." but it really does participate. Running is not really an option because of production network impact matter..
We have an Active/Active ASA 5520 setup, as i know in Active/Active setup there is no remote VPN access, So i could overcome this limitations?I have a solution but i dont know if it is ablecable or not? we have a spare ASA 5510, so i can use it behind Active/Active Firewalls and assign a public static NAT IP address to it and open all IPSEC and VPN ports and let the remote users to connect to it, is this ablecable setup or not?
View 1 Replies View Relatedits possible to set up active/active failover using etherchannel on 5585s?
View 1 Replies View RelatedHow to Configure ASA5520 for Active/Active
View 8 Replies View Relatedour application team is mandating, that the solution we should come up with for SLB, should support Active/Active mode of SLB operation.
My question, is this mode of operation supported/accredited by Cisco, and what is the draw back from the traditional active/standby.
We have an ASA 5505. 5505 comes with two default vlans 1&2 with each of them marked as inside & outside respectively.My query is , if i do not want to use vlans on 5505 and only want to use the Ethernet ports as pure physical layer 3 ports, is it possible?i.e. i want to assign a layer 3 ip address on eth0/0 and eth0/1 and make them as the inside & outside interfaces rather than vlans. is it possible to do away with vlans in 5505 & will it work otherwise?
View 3 Replies View RelatedIs there a way to associate spare firewall ports with another port that is being used..For example...int gi 0/2 is being used currently for my web dmz. Its ip is 192.168.10.1..Is there a way for me to associate gi 0/3 with the same layer 2 as gi 0/2 ?
In my webdmz I use 2 ACE 4710 proxys in FT mode. I used a layer 2 switch to connect firewall and proxys together.
I would like to eliminate this switch if possible..and connect both 4710's (layer 2) direct to firewall.If I could make gi0/2 - 4 part of the same vlan, then I would be good to go.
How many of the 881 switch interface ports can be used as router ports, have used the 877 etc where i can use 2 but need a low cost router that supports 3 for routing. (needs to be physical ports)
View 2 Replies View RelatedOne of techs accidentally connected two access ports from different switches together. Since then, LMS is alerting them as being Link ports down. I tried to default the config and set them to access ports without any success. what I should do in LMS to recognize them as access ports?
View 2 Replies View Relatedi wanted to know if i can and when i will be able to run the nexus 7000 as a Fully MPLS PE router (L2VPN, L3VPN etc..) ?
the interfeces need to be 10Gbps so i need to use the 8 ports & the 32 ports M1 modules.
Something seemingly so simple is not working. A router and a Nexus are not seeing each other via CDP. I have a 2921 router connected to a Nexus 7000. Everything works fine, except for some mysterious reason CDP does not establish. Yes, it is enabled on both devices and not disabled on the relevant interfaces. The Nexus says this over and over again when debugging cdp errors:
[code]....
I just bought 2 Nexus 7000 to upgrade my primary/Production Data Center from 6509/MSFC. I'll keep the 6509E/SUP720 for the DR Data Center. I have ordered two 10Gig Wan Pipes between the Production and DR. In other words between the Nexus 7000 and the 6509E.
My problem is that i do not know the best way to do the routing between the 2 Data Centers. Currently I have MPLS with a provider connecting the 2 Data Centers using BGP on the CEs and I'm running eigrp in locally in the Cores. After the 10Gig comes to life, the MPLS will go away.
My QUESTION: Should i run ibgp between the 2 Nexus and ibgp between the 2 6509E/sup 720 AND THEN run ebgp between the Nexus and the 6509/sup 720 over the 10Gig WAN? OR should i collapse everything into one eigrp domain/AS and just run Eigrp between the Nexus and 6509E/Sup 720 over the 10Gig Wan?
I work in an organization where we recently upgraded our core switches to Nexus 7000. Everything is set up well but we still keep getting this annoying message when we log in the switch. Also the time taken to login into the switch (ssh and telnet) is longer than normal. It is not affecting the network in any way but my concern is somewhere something is wrong and it will give us trouble in the future. How to troubleshoot the cause of this error message. [code]
View 3 Replies View Relatedis the LMS 4.1 supports Nexus 7000 baundle ?
View 2 Replies View RelatedI have such input data:
2xN7K-C7010 - Nexus7000 C7010 (10 Slot) Chassis
2xN7K-M132XP-12 - 32x10Gbps
NX-OS version 6.1(1)
I have enable (by default) QoS feature on them:
N7k# show policy-map interface brief
Interface/VLAN [Status]:INP QOS OUT QOS INP QUE OUT QUE
================================================================================
port-channel1 [Active]: default-in-po default-out-p
port-channel2 [Active]: default-in-po default-out-p
port-channel10 [Active]: default-in-po default-out-p
Ethernet1/1 [Active]: default-in-po default-out-p
[code]....
I am working on a DataCenter architecture where we would like to implement Nexus 7000, For the time being, there only one "context" but we may take the opportunity to implement VDC in a later future, I was not able to find a clear answer on the following :
Can we add the VDC licence & configure a new VDC on a Nexus 7000 running without VDC ? I suppose this is possible. but does it need to have the whole configuration changed or adding a VDC can be done without any interruption on the current environnement ?
We have Nexus 7000s configured for sampled netflow. We have tools that should reconstruct the sampled flow records for management displays. Most tools require the flow record, option and template to be sent in order to reconstruct the sampled flow record. We have captured some of this traffic and noticed that the template contains "SamplerMode": Unknown (1) [See Nexus 1-1.png]. Is this usual or have we not include commands required for proper operation? [code]
View 2 Replies View RelatedI am new to Cisco Nexus 7000 Series NX-OS System of appliances.I am looking for type of log events that are getting generated by CISCO Nexus 7000 switches. Need some documents which give me this references & some documents which have a log line explained.
View 2 Replies View RelatedI config LMS to manage many network devices with the same credential. However, only the Nexus 7000 fail to be archive configuration. LMS log said during telnet, the authentication fail 3 times. (I didn't use any authen server. The username and password are local. and in DCR page, i only configure " Primary Credential"l, nothing in "Auto Update Credential")Then i do a CAD check and fail also. I open the RME/CAD log, comparing with those successful log, there is one line different:[ Mon Mar 05 16:04:27 SGT 2012 ],WARN ,[main], com.cisco.nm.rmeng.inventory.cda.CdaFacade,getCdaHandlerIf, 163,CdaAG is not implemented for the device145.240.152.1 What does it mean "CdaAG is not implemented for the device?
View 1 Replies View Related
