Cisco Switching/Routing :: Nexus 5010 - Capture From Source To Destination Port On Same Switch
May 19, 2013
Basically I am trying to use Wireshark to do a packet capture on a Nexus 5010. I want to do a monitor session on on the switch so I can capture from a source port to a destination port on the same switch. I can configure the source port but when I go to configure the destination port I get "ERROR: Eth102/1/4: Configuration not allowed on fex interface". I have tried to reconfigure this port as a switchport but "switchport mode access" command does not take. I don't want to make any changes to any other ports but this one.
View 1 Replies
ADVERTISEMENT
Nov 5, 2012
i would like to monitor traffic between multiple source ports to multiple destination ports on a nexus 7k. i lknow when you set up monitor session is between source and destination (laptop or traffic analyser) but is there a way i can set up between source and multiple destination ports and capture that traffic ?
View 3 Replies
View Related
Aug 9, 2012
I'm trying to get ERSPAN working with an ERSPAN source on a Nexus 5548 and the ERSPAN destination on a Catalyst 6500.
The configuration on the Nexus is as follows:
[...]
interface loopback0
ip address 192.168.2.133/32
[Code].....
If I do a netdr capture I can see ERSPAN traffic sourced from the Nexus reaching the C6500, but there doesn't appear to be anything sent out the ERSPAN destination inerface (Gi4/6) and there's nothing being received by the probe connected to that interface. I know the traffic seen with netdr is definitely the ERSPAN traffic sourced from the Nexus as I've changed the TTL and DSCP values within the monitor session on the Nexus and can see those changes reflected on the C6500 netdr capture. The attached is a screen grab of the show netdr capture started with debug netdr capture soure-ip-address 192.168.2.133.
When I look at the interface I see it shown as up/down (monitoring), but no output or counters clocking up. If I run a local SPAN session on the C6500 it works fine.
I've tried changing the destination IP address from that assigned to the C6500 Loopback interface to an IP address assigned to a physical interface, but that still doens't work.
The hardware in the C6500 is WS-SUP720-BASE Hw version 3.2 with WS-F6K-PFC3B Hw version 2.4. The IOS version is 12.2(33)SXI6.
View 2 Replies
View Related
Feb 20, 2012
Here is an example of what each switch logs when a server drops offline. Sample logs taken between 5:32am and 5:35am on Feb 20. This particular one was having problems all weekend. Switch #1 encountered over 2000 interface resets. The corresponding VPC port on Switch #2 only had 13 resets.
NEXUS SWITCH #1
2012 Feb 20 05:32:09 q91-sw01-5010 %ETH_PORT_CHANNEL-5-FOP_CHANGED: port-channel10: first operational port changed
from Ethernet1/10 to none
2012 Feb 20 05:32:09 q91-sw01-5010 %ETH_PORT_CHANNEL-5-PORT_DOWN: port-channel10: Ethernet1/10 is down
2012 Feb 20 05:32:09 q91-sw01-5010 %ETH_PORT_CHANNEL-5-PORT_DOWN: port-channel10: port-channel10 is down
2012 Feb 20 05:32:09 q91-sw01-5010 %ETHPORT-5-IF_DOWN_PORT_CHANNEL_MEMBERS_DOWN: Interface port-channel10 is down (
No operational members)
[code].....
View 1 Replies
View Related
Nov 22, 2011
I attempted to enable jumbo frames on a Nexus 5010 (NX-OS version 4.2(1)N1(1)). I created the policy map below and lost access to the switch.
policy-map type network-qos jumbo
class type network-qos class-default
mtu 9216
After recovery I see from the logs that all vlans and interface were suspended. I've attempted to look for reasons for a compatibility issue but I am unable to find what is checked and what could have been incompatible. The other troubling thing is the adjacent switch suspended its interfaces too but no change was done there. What I need to look out for so that this does not happen again?
2011 Nov 22 23:43:09 phx-ipcg1dwfcma %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 1,10,601 on Interface port-channel1 are being suspen
ded. (Reason: QoSMgr Network QoS configuration incompatible)
2011 Nov 22 23:43:09 phx-ipcg1dwfcma %ETHPORT-5-IF_TRUNK_DOWN: Interface port-channel1, vlan 1,10,601 down
2011 Nov 22 23:43:09 phx-ipcg1dwfcma %ETHPORT-3-IF_ERROR_VLANS_SUSPENDED: VLANs 10 on Interface port-channel508 are being suspended.
[code]....
View 9 Replies
View Related
Dec 2, 2012
I want to know if there is way to tag traffic with DCSP tags without having to do all the other requirments of QOS setup. All i want to do is just tag traffic at different DCSP values via source and destination IPs. We do not have a need to be priortizing traffic on out internal switches. We just want to tag the traffic so our MPLS provider can distinguish the different types of traffic.
Our environments is primarily 3750s in all offices.
View 6 Replies
View Related
Feb 20, 2012
We have 2 6513 switches with SUP720/PFC3A and various POE modules and a 6748-GE-TX facing our servers. Additionally, we have a 4Gbps portchannel trunk interconnecting the switches. We have approximately 300 Nortel IP 1140e phones in use between the two switches.For the purpose of call recording, we've attempted to mirror the voice vlan using various approaches and have been met with limited success. We mirrored the VLAN using tx, rx, and both. When using both we appear to get duplicate packets at the destination interface.We seem to lose packets completely going in one direction or another for a given call. Packets are lost before they get to the destination interface?
View 2 Replies
View Related
Aug 12, 2012
I currenty have a Nexus 5010 connected to a core 3750X switch stack in a VPC trunk using 2 1Gbps links. I want to move this link to 2 10Gbps links without losing connectivity. So I want remove a 1G link and move it to 10G and then once that's up move the other 1G link to 10G hopefully without losing connectivity. So the question is, can I have a 1G and 10G link between the Nexus and 3750s in the same virtual port channel without causing problems?
View 3 Replies
View Related
Feb 9, 2013
Our Data Center Switch (5010) rebooted itself today, underneath the captured screen
NX5010-1(config-vlan)#
Broadcast message from root (console) (Sun Feb 10 14:22:41 2013):
The system is going down for reboot NOW!
NX5010-1# sh system reset-reason
----- reset reason for Supervisor-module 1 (from Supervisor in slot 1) ---
1) At 740938 usecs after Sun Feb 10 14:22:41 2013
Reason: Reset triggered due to HA policy of Reset
Service: nohms hap reset
Version: 5.0(2)N1(1)
[code]....
View 2 Replies
View Related
Nov 23, 2012
we have a old Nexus 5010 running version 5.0(3)N1(1)it is in a franckenblock(like frankenstein) ie . we bought the parts and create our own system design before VCE was created. He have since bought VCE V block for our production sites. we use the franc ken block to test before we migrate to the production v block 300 FIX the issue we have is the 5010 will only see two 1 Gb/s SFP fiber modules in the first 12 slots. All these slots are dual 1g/10G. If we add more than two, it claims not to see them. We tried swapping the sfp and using both sfg-GE-MM and GLC-SX-MM moduels, no difference at all 1g sfp are in the first 5 slots. only the first two slots are up.the others say "Link not connected" or "SFP not inserted"all five links are the same SFP and are plugged in other switches.the green link lights are on plugged in SFP, even when the CLI states they are not plugged uni tried both two types of 1 Gb/s SFP. sfg-GE-MM and GLC-SX-MM ,i move the sfp between slot 1,2 and 3,4,5. nothing changed,From "sh int brief" you can see that it can see the sfp ie they are all 1Gfrom "sh int status " it sees 1g but why does it say type 10G?why when i go to the "int e 1/5" and try switch port mode now, it can't mode and trunk at now there (;also how to i stop or clear EU51 %SYSMGR-2-TMP_DIR_FULL: System temporary directory usage is unexpectedly high at 87%.i put as much info in the attached file as i could.
View 1 Replies
View Related
Dec 11, 2011
We are looking for some latency in our net and I am trying to check if our STP implementations is running correctly - we have a simple flat network here and no blocked ports here - just two nx 5010 which are interconnected with two uplinks.A remote site - mirrored setup - with 2 10G dark fiber connections - one for each nx5010 - is connection a DR site. I have split the two sites in two stp domains by enabling bpdu-filter on the vpc between the two sites.
I have been running wireshark on the local segment for some time and see the STP RST ROOT announcement every 2. seconds - this is probably normal ? I was looking for some alternate root negotiation packets which would cause the mac tables to be flushed.
View 2 Replies
View Related
Jan 10, 2012
Can nexus 5010 supports inter v lan routing , as there is no core switch and router available in current network.
View 2 Replies
View Related
Jun 23, 2012
I am not able to create more than 256 VLAN in Cisco Nexus 5010 switch. While creating I am getting "No VLAN resources available for VLAN creation" Details below -
Switch model - 5010
Software : NX OS 4.0 (1a)
Error Message:
Nexus_5010(config)# vlan 417
ERROR: No VLAN resource available for VLAN creation.
View 5 Replies
View Related
Aug 7, 2012
I'm trying to create a vpc between a Nexus 5010 and Nexus 5020 switch. I recently upgraded the software so they are running the same version. I connect get a vpc link. Is there something wrong with my setup? Is a vpc between a 5010 and 5020 even possible? They are connected using a pair of Intel X520's in 802.3AD teaming mode. [code]
View 2 Replies
View Related
Jul 20, 2010
My monitoring tool is reporting alerts for high cpu utilization on Nexus 5010.Image is 4.1(3)N1(1) Only command supported on this code is sh proc cpu.The output of which does not really tell what is the current cpu utilization.How do i troubleshoot the cause of high cpu on nexus switches.
View 12 Replies
View Related
Oct 14, 2012
if I can use the encrypted port as unencrypted ethernet ports? url.. Each individual port on the Cisco Nexus 5010 switch is numbered, and groups of ports are numbered based on their function. The ports are numbered top to bottom and left to right.There are 20 to 28 ports on the Cisco Nexus 5010 switch, depending on which GEM is installed.
The 20 fixed ports form group 1 and are named 1/port_number. Ports 1 through 16 are unencrypted Ethernet ports. Of these, ports 1 through 8 are 10-Gigabit Ethernet and 1-Gigabit Ethernet-capable ports. Ports 17 through 20 are encryption-capable Ethernet ports.
View 1 Replies
View Related
Dec 6, 2011
I am trying to configure get the QLogic 8240 card to work properly in ESXi 5.0. I want to be able to send the iSCSI traffic down the iSCSI portion of the card and use the ethernet portion of the card to do NFS.
Here are my vlans I am working with..
vlan 420 = fcoe
vlan 500 = NFS
vlan 1000 = iSCSI
I have my interface currenly set as the following on the Nexus 5000.
interface Ethernet1/17
[Code]...
View 5 Replies
View Related
Nov 23, 2011
I found intermittent link down(20~40 seconds average) occurred about 1~10 times every month. SAP reported a lot of active connections are disconnected and I used a batch to ping and found "requested time out" about 30 seconds.And Windows, SQL server, Nexus 5010 do not show any errors. We run cluster and cluster does not fail over.And I don't know which cables or nics cause this issue. When it happened, almost all servers are unreachable. For example, SQL server 1 -> SQL server 2, IBM HS22-1 -> SQL server 1. However, some connections are not dropped sometimes. It varies each time.PS: I run this topology last year without any problems but it started intermittent link down from 2011/1/7. Because there is no errors in Nexus 5010, it is difficult to troubleshoot. Cisco TAC recommended us to implement virtual port channel yesterday. Could I use "errdisable detect cause" to detect what caused the intermittent link down? Is there any error logs or switch parameters/status can use to troubleshoot?
View 18 Replies
View Related
Feb 9, 2011
I'm not sure if I'm missing something basic here however i though that I'd ask the question. I recieved a request from a client who is trying to seperate traffic out of a IBM P780 - one set of VIO servers/clients (Prod) is tagged with vlan x going out LAG 1 and another set of VIO server/clients (Test) is tagged with vlan y and z going out LAG 2. The problem is that the management subnet for these devices is on one subnet.
The infrastructure is the host device is trunked via LACP etherchannel to Nexus 2148TP(5010) which than connects to the distribution layer being a Catalyst 6504 VSS. I have tried many things today, however I feel that the correct solution to get this working is to use an Isolated trunk (as the host device does not have private vlan functionality) even though there is no requirement for hosts to be segregated. I have configured:
1. Private vlan mapping on the SVI;
2. Primary vlan and association, and isolated vlan on Distribution (6504 VSS) and Access Layer (5010/2148)
3. All Vlans are trunked between switches
4. Private vlan isolated trunk and host mappings on the port-channel interface to the host (P780).
I haven't had any luck. What I am seeing is as soon as I configure the Primary vlan on the Nexus 5010 (v5.2) (vlan y | private-vlan primary), this vlan (y) does not forward on any trunk on the Nexus 5010 switch, even without any other private vlan configuration. I believe this may be the cause to most of the issues I am having. Has any one else experienced this behaviour. Also, I haven't had a lot of experience with Private Vlans so I might be missing some fundamentals with this configuration.
View 3 Replies
View Related
Sep 29, 2012
I have a 5010 that simply won't load any system image. Loads the kickstart image just fine, but once at the Switch(boot)# prompt just give me garbage when I enter "load bootflash:n5000-uk9.5.1.3.N2.1b.bin Restarting system.
Loader Version pr-1.3
loader> dirbootflash: lost+found n5000-uk9-kickstart.5.2.1.N1.1b.bin n5000-uk9.5.2.1.N1.1b.bin n5000-uk9-kickstart.5.1.3.N2.1b.bin n5000-uk9.5.1.3.N2.1b.bin
[Code]....
View 1 Replies
View Related
Jul 9, 2012
I've Nexus 7010 switch installed in my DC. I've conncected Cisco router to one of the Ports. On the same port I'm getting following error message and hence, unable to form EIGRP neighborship.
DR-CORE-SW-S01-NEXUS7K %MODULE-2-MOD_SOMEPORTS_FAILED:
Module 1 (serial: JAF*******NGK) reported failure on ports 1/2-1/2 (Ethernet) due
to R2D2 : Speed patch failed - no frames transmitted in device 143 (error 0xc8f0
1273)
View 1 Replies
View Related
Feb 14, 2013
Can i configure access ports into port channel on Nexus 7K switch.If possible then provide the complete configuration.....
View 2 Replies
View Related
Aug 20, 2012
I have configured the ip telnet source-interface Loopback 0 command on a Nexus7010, but when I telnet to another device and do a show users, the ip address is of the closest interface to the device I telnet to, not the ip address of the Loopback. All interfaces are in vrf default. I am running 5.1(6) NXOS.
View 6 Replies
View Related
Jul 26, 2012
I have always done my port monitoring (SPAN) on Cisco layer 3 switches with no issues. This time I am trying to do this on a Cisco 2901 router:
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
System image file is "flash0:c2900-universalk9-mz.SPA.151-4.M2.bin
I need to have the source port gig0/0 and destination port gig0/1. There is something about the gig port enumeration (slot/port#) that makes the command rejected. It is self explanatory:
#sh ip int brie
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 xxx.xxx.xxx.xxx YES NVRAM up up
GigabitEthernet0/1 unassigned YES NVRAM up up
Serial0/0/0:0 unassigned YES unset up up
[code]....
It doesn't matter what slot or port number I use, it is always rejected. The command is rejected for Both destination and source gig interfaces. I tried a wide variety of slot/port numbers. To my best understanding the complete port names are: GigabitEthernet0/0 and GigabitEthernet0/1, so why does it think there has to be another digit after 0/0 or 0/1? Does it have anything to do with the Embedded-Service-Engine0/0 being administratively down?
View 4 Replies
View Related
Jun 18, 2012
I have configured SPAN in cisco 3750 switch as below mentioned. but the destination port protocol is down.switch(config)#monitor session 1 source interface gigabitethernet1/0/1switch(config)#monitor session 1 destination interface gigabitethernet1/0/11 ingress vlan 1
View 8 Replies
View Related
Jun 8, 2012
i have configured SPAN over cisco 2960 to monitor source port traffic but after configuration i dont able to get response from destination port as my NMS is attached on destination port so i lost its web interface.
Configuration is as under.
monitor session 1 source interface gigabitEthernet0/5 (Source Port on Vlan 100) monitor session 1 destination interface gigabitEthernet0/1 (Destination Port on Vlan 200)
View 2 Replies
View Related
Jan 16, 2012
In s SPAN session , normally the destination prt is used for monitoring purpose only. But could destination port be used to access the equipement or PC connected to that port , for a 2960 LAN BASE image switch .
View 2 Replies
View Related
Dec 7, 2011
I am facing switch reboot issue when power of switch restore from RPS to AC.
View 1 Replies
View Related
Nov 11, 2012
is it possible, to use a Catalyst Switch (in my case a 3560E) as a source for a console session to another Catalyst? In principle to use it as a console terminal server.
View 1 Replies
View Related
Oct 31, 2012
i have a stack of 3750x, with minimal configuration. there are two vlans, and two vlan interfaces with IP addresses. when i ping out from this switch to another host, it picks vlan1's ip address as the source automatically. i tested this by doing two pings with extended options using each vlan's interface as the source, and got different results. how the switch decided to use the first vlan's ip address as a source.
View 11 Replies
View Related
Jul 24, 2011
I have a situation which requires some non best practice stuff to be done. There is a box behind an ASA that has a lot of code that references public DNS names and therefore needs access to itself and a number of other boxes on the same subnet via the public DNS names (that obviously resolve to public IPs). This traffic is dropped on some pretty fundamental ASA characteristics.I know this isn't really ideal, and it should be handled by DNS nstead, but I'm in somewhat of a bind and need to know if the ASA can allow this traffic.I figure I could match the traffic and exempt it from state-checking and that would probably work, but it's not a very graceful solution.
View 2 Replies
View Related
May 20, 2013
I have cisco 2651. It contains two FastEthernet interfaces: Fa0/0, Fa0/1.Fa0/1 has an ip address. Fa0/0 hasn't an ip address.I need to create monitor session from source Fa0/1 to destination Fa0/0. Then i want to connect my notebook to Fa0/0 to analyze some traffic from port Fa0/1
View 2 Replies
View Related
Jan 23, 2013
I have 2 nexus 5000 switches configured with a trunk linking the two how can i do the follwoing
BOX 2
vrf context management
ip route 0.0.0.0/0 192.162.88.9
BOX 2
vrf context management
ip route 0.0.0.0/0 192.168.88.10
1. ping between the two boxes, i set up static route's but when i ping i get the error "NO ROUTE TO DESTINATION"
2. routing between the two
View 1 Replies
View Related