Cisco :: Port Diagnostic On Nexus (5000)?
Aug 15, 2012I think I may have a bad port on a 5548, does the NX-OS has any sort of self-diagnostic test on its port?
View 6 RepliesI think I may have a bad port on a 5548, does the NX-OS has any sort of self-diagnostic test on its port?
View 6 RepliesI'm unable to assign port E2/1 to port channel. I get following error:
NEXUS5K(config)# int e2/1
NEXUS5K(config-if)# switchport mode trunk
NEXUS5K(config-if)# channel-group 14 mode active
[Code].....
So I took a laptop with wireshark and plugged it into a nexus 5000 port that is configured as a trunk with 3 vlans allowed on it. The laptop was seeing all kinds of traffic on the wire, most of it was not involving my laptop.
For example: Server A VLAN 10= 10.10.10.1 Server B VLAN 20= 10.20.20.1 and wireshark laptop is plugged into a trunk port which is allowing those vlan's. The vlan's are routable.
10.10.10.3 is seeing the entire conversation when 10.10.10.1 backs up 10.20.20.1 even though it has no reason to see it. It is as if the trunk is spanning traffic to the laptop port. No span is setup however. It's really weird. This is not just broadcast traffic, but actual tcp taffic between Server A and B. Why would a trunk port see traffic between 2 other servers talking to each other on the vlan.
Trunk port configuration below:
Interface Ethernet 141/1/3
switchport mode trunk
switchport trunk allowed vlan 10, 20
I'm trying to change a vlan on a port-channel but I am getting this error when I apply the change:" error: command is not mutually exclusive",I have done this in the past but I cannot remember exactly what I should type to apply the change.
View 2 Replies View RelatedI'm in the middle of a Nexus 5000 project and recognized today while configuring port-channels, that some of the interface numbers are reserved for internal use.
Is it possible to change or configure which port-channel interface numbers are allocated for internal use by NX-OS?
Unfortunatly I wasn't able to find a solution for this issue in the offical Nexus documentation, the search function of this forum or Google. If I did miss something or didn't look careful enough at the Nexus docs, I'm also happy with RTFM (... fine manual) responses and links to the info :-)
Additional info:
Nexus5k(config)# interface port-channel 128 ignored port-channel128: internally used, configuration not allowed
Port-Channels 111, 113, 115, 119, 121, 200, 211, 222 were created manually, but 127 - 129 were not.
Nexus5k# show port-channel usage
Total 11 port-channel numbers used
============================================
Used : 111 , 113 , 115 , 119 , 121 , 127 - 129 , 200 , 211 , 222
Unused: 1 - 110 , 112 , 114 , 116 - 118 , 120 , 122 - 126 , 130 - 199
201 - 210 , 212 - 221 , 223 - 4096
[Code]......
Struggle to find the SNMP MIBS of the Nexus 5000 FEX tranceivers.
View 3 Replies View RelatedWe run 6509 core routers as NTP servers to other IOS routers/switches & servers of several OS flavours.All good. Recently added some Nexus 5000s and cannot get them to lock.No firewalls or ACLs in the path
6509 (1 of 4) state:
LNPSQ01CORR01>sh ntp ***
address ref clock st when poll reach delay offset disp+ 10.0.1.2 131.188.3.220 2 223 1024 377 0.5 -6.23 0.7+~130.149.17.21 .PPS. 1 885 1024 377 33.7 -0.26 0.8*~138.96.64.10 .GPS. 1 680 1024 377 22.7 -2.15 1.0+~129.6.15.29 .ACTS. 1 720 1024 377 84.9 -3.37 0.6+~129.6.15.28 .ACTS. 1 855 1024 377 84.8 -3.30 2.3 * master (synced), # master (unsynced), + selected, - candidate, ~ configured
[code]....
Are we missing some NTP or managment vrf setup in the Nexus 5Ks?
I am looking how to see the mac table on a Nexus 5000 switch running NX-OS and confirm the mac address on a certain port. Similar to the Sh mac-address-table in IOS and sh cam in Cat-os.
I am sure this is simple I just cannot find the command.
Is it possible to disable mac learning on a specific vlan in the nexus 5000?
View 4 Replies View Relatedi have a use-case in which we need to firewall some of the security-sensitive-vlans to the ASA. In other words, there are few vlans that have their SVIs on the N5k (Layer-3 enabled) which talk to each other and there are some which have the layer-3 on the ASA. The ASA has sub-interfaces for those vlans. The N5k-sw and the ASA are interconnected on the same 1 physical link with a sub-interface on both ( /30) and the ASA is injecting default route to it in OSPF. They are advertising all of their networks in OSPF. I see all the routes in them. (Attached pic),My issue is: I am unable to ping the other sub-interface on the ASA from the N5k. (If you check the attached diagram, i cannot ping 20.1.1.1 from the N5k, although i can reach my next-hop 10.1.1.2) I have made the security-level to 100 for the subinterfaces and the physical interface on the ASA, also have allowed ip,icmps in the ACLs on the sub-interfaces of vlan 10 and 20 in both directions.
View 5 Replies View RelatedWe are using almost 10 Nexus 5k in our DC currently we are getting same error logs in all Nexus 5k." ntpd[4746]: ntp:time reset +0.279670 s " ,Is it major error or just for reset time?
View 1 Replies View Relatedtried to read the NEXUS 5000 cpu load: cseSysCPUUtilization 1.3.6.1.4.1.9.9.305.1.1.1 but there is a timeout: Timeout: No Response from 10.100.224.16 Other MIB values readout, like the system value, is ok.We use snmpv3.
View 4 Replies View RelatedAm new to Nexus switching, i have a Nexus box that i need to link with IBM servers with 10GB Network Cards.
how to set up fiber channel on this machine
I have a little problem. My customer is using TACP-PLUS ALPHA (F4.0.3.alpha.v9). Well, the same user than have access to another Cisco equipment, with user test1 by sample, can configure anything in the equipment. But in the nexus 5000, el command "show user-account" indicate just the "network-operator" role. Well, I patch this situation with the next commands:
aaa authorization config-commands default group TACSERVER local
aaa authorization commands default group TACSERVER local
Well, when I do a telnet into the nexus, I can shut the interfaces, config and anything. But, when I ingress by console, I can not to configure the interfaces.I understand that the Nexus 5000 the Tacacs configuration is global for VTY and Console (different in the Cisco equipment Routers by sample).
I have the following configured on my Nexus switches and works with success.
The problem I have is Once I switch of the ACS server I can log on to the Nexus as I have a admin user configured locally on the Nexus and the ACS server unfortunately can not run commands as it tries to point to the ACS server for auhtorization and the ACS server is turned off is it possible for the Nexus to ignore the authorization command if it can not see the ACS server ?
Feature tacacs+
ip tacacs source-interface vlan 705
tacacs-server host x.x.x.x key 7 "xxxxxx"
aaa group server tacacs+ Test-switch (Test-switch is a group configured on ACS 5.2)
[Code]...
Any opinion on what could cause loops on nexus 5000 ports that are connected to esx hosts ?
View 3 Replies View RelatedI'm planning to upgrade N5K from 5.1(3)N2(1b) to 5.2(1)N1(4)."sh install all impact kickstart bootflash:n5000-uk9-kickstart.5.2.1.N1.4.bin system bootflash:n5000-uk9.5.2.1.N1.4.bin"reports:
...
Compatibility check is done:
Module bootable Impact Install-type Reason
------ -------- -------------- ------------ ------
1 yes non-disruptive reset
...
Is the upgrade really non-disruptive?
I ma trying to query "CISCO-PORT-CHANNEL" mib on Nexus 7000 for portChannel table and I am not getting any info.
Nexus OS versions : Nexus 7000 - System version: 5.1(5)
Nuxus 5000 - System version: 5.0(3)N1(1a)
Any pointers or other alternatives to query through MIB ?
The diagram below is the configuration we are looking to deploy, that way because we do not have VSS on the 6500 switches so we can not create only one Etherchannel to the 6500s.Our blades inserted on the UCS chassis have INTEL dual port cards, so they do not support full failover.
Questions I have are.
- Is this my best deployment choice?
- vPC highly depend on the management interface on the Nexus 5000 for the keep alive peer monitoring, so what is going to happen if the vPC brakes due to:
- one of the 6500 goes down
- STP?
- What is going to happend with the Etherchannels on the remaining 6500?
- the Management interface goes down for any other reason
- which one is going to be the primary NEXUS?
Below is the list of devices involved and the configuration for the Nexus 5000 and 65000.
Devices
· 2 Cisco Catalyst with two WS-SUP720-3B each (no VSS)
· 2 Cisco Nexus 5010
· 2 Cisco UCS 6120xp
· 2 UCS Chassis
- 4 Cisco B200-M1 blades (2 each chassis)
- Dual 10Gb Intel card (1 per blade)
vPC Configuration on Nexus 5000
TACSWN01
TACSWN02
feature vpc
vpc domain 5
reload restore
reload restore delay 300
[code]...
Iam having some issue trying to configure snmp-server context vrf XXX.From some reason even if i put my VRF name i cant see anything about this vrfthis is the command i add:
snmp-server context def vrf datacenter
I m trying to setup a Tacacs config onto my new NEXUS 5000 series.Nevertheless the authentication doesn't work.Actually I followed the config guide but something is not working or missing.I have setup everything through VMWARE with ACS installed on a Windows server.
View 20 Replies View Relatedon some of our ports on Nexu 5000 and on the connected FEX we can see a lot of Jumbo Packets though there is not enableed any JumboFrame on the Switch, all Interface and system MTU is set to 1500.
DBE-LINZ-XX41# sh int Eth113/1/27
Ethernet113/1/27 is up
Hardware: 100/1000 Ethernet, address: d0d0.fd1b.b69c (bia d0d0.fd1b.b69c)
[Code]....
I have 2 nexus 5000 switches configured with a trunk linking the two how can i do the follwoing
BOX 2
vrf context management
ip route 0.0.0.0/0 192.162.88.9
BOX 2
vrf context management
ip route 0.0.0.0/0 192.168.88.10
1. ping between the two boxes, i set up static route's but when i ping i get the error "NO ROUTE TO DESTINATION"
2. routing between the two
We have a requirement to send span traffic to a destination port for monitoring purposes on two 5000s with some 2000 fex boxes attached.
Some of the servers are making use of frames larger than 1500. we have not changed any mtu configuration on the 5000 since installation, and I can see the policy maps is still on 1500.
My first assumption would be that frames larger than 1500 will not be dropped, but it seemingly not (see below). is there a reason why the switch would forward jumbo frames? Also, is there a limitation on MTU for span traffic? There is a MTU command under the span session, but the maximum is 1518. From what I can read the frame will be truncated if it exceeds this. Does that mean the fragments will be dropped?
RX
7495685816 unicast packets 249 multicast packets 147899 broadcast packets
7495833963 input packets 1426823388087 bytes
1608134 jumbo packets 0 storm suppression bytes
[Code]....
May I know how to monitor temperature status of below device by SNMP.How to find the exact oid of those devices? I can only find the mib file of Nexus 5000 at url...Cisco Nexus 5010PCisco UCS 6120XP Cisco ASR 1002F
View 1 Replies View RelatedI can't seem to find any information on the Nexus 5000 support of netflow. I assume that means it doesn't do netflow.
View 5 Replies View Relatedis it possible to connect one Cisco Nexus 2000 fabric extender to two Cisco Nexus 5000 and use one link on the first side and two links on the other side?
View 3 Replies View RelatedWhat is the correct way to create an SNMP user on a Nexus 5k Switches and limit the read/write access to some OIDs?I have been searching for hours for configuration examples or guides, but i had no luck.I guess a role has to be created, containing rules for some feature, but the list of features doesn't contain anything about snmp.This is my configuration on catalyst switches and i'd like to achieve the same result on the Nexus 5k:
conf term
access-list 10 permit host x.x.x.x
access-list 10 deny any
snmp-server view myview ccCopyTable included
snmp-server group mygroup v3 priv read myview write myview access 10
snmp-server user myuser mygroup v3 auth md5 xxxxxx priv aes 256 xxxxxx
end
we do not have an out-of-band management network and setting one up at this point is not being planned. We are mainly a swtiched environment and the only devices that are using L3 are the core switch for WAN purposes and the lab because it is mimicking the production environment. I have two Nexus switches that are sitting on the other side of a 3750 switch which is currently acting as a L3 device because this is a pre-production environment for a new project. We had an issue with management of the devices before but our workaround was to put them on the management vlan direcltly off of the core, allowing only management traffic to pass by means of mgmt0 on each device. The problem I'm having now is that I've now setup the mgmt0 interfaces on both for the keepalive link for vpc only (vpc traffic is going accross 2x10gb connections and the link to the 3750 is 1gb each trunked) and have lost my ability to use the mgmt0 connections for management. How to connect my management connection through either the 3750 or directly off the core switch (as that's what will happen once it's put into production)
View 3 Replies View Relatedwhen will be the command "default interface x/x" on the Nexus 5000 platform available? Even with latest software version (5.1.3.N2.1a) it is not possible. For Nexus7000 it's working fine with 5.2 train.Is there a feature request for it? If not here it is!!It's horrible to deconfigure many interfaces especially in N5k environments with many FEXes.
View 3 Replies View RelatedMy network consist of that network device. cisco catalyst 3750 with stackwise, 2xnexsus 5000 series and servers.servers connected to nexsus switch. nexsus connect to 3750.
Each server have two link, one of them connect nexsus1 and other connect to nexsus2 switch.(same traffic) each nexsus have one link to 3750. At 3750 the nexsus link configurate etherchannel. but the flapping occur at 3750.
i understand that at 2 nexsus link have the same server source mac address so the flapping occur at 3750. how i solve this problem?
What is the purpose of these default configuration lines? What do they mean? I can't find an explanation of them anywhere. I believe some are written to the config when FCoE is enabled..
I would like to know exactly what they are doing.
class-map type qos class-fcoe
class-map type queuing class-fcoe
match qos-group 1
[Code].....
I am just wondering on how mismatched MTU sizes are handled in Layer-2 networks and also inside a particular switches internal architecture.Layer 2 devices do not do fragmentation in the even of MTU mismatch. is this because Layer 2 devices do not re-write header information (like inserting destination IP and next hop MAC into the newly created frame.) i believe this is what they call per-hop behaviour? if this not the reason, then...? assuming this is the reason, let me proceed to my next question. When we set MTU on an interface , there is no mention of direction (ingress or egress), so i take this as means in both directions. so if a jumbo frame comes in on an interface which is set to recieve jumbo frames and forwarding decision is made and the frame is scheduled to egress via an interface whose MTU is not set for Jumbo frames, will the switch drope the frame at the egress buffer? if not, this implies MTU is an ingress property(only for incoming packets). But, again if it drops the packet, then MTU shoud have been system wide or global configuration as opposed to interface level configuration (just like nexus 5000).
View 2 Replies View Related