When I read Nexus 5K install guide , I found the follow :The Cisco Nexus 5596UP switch has the following features: # •48 fixed 1- and 10-Gigabit Ethernet server connection ports on the back of the switch AND The 48 fixed ports support 8-, 4-, 2-, or 1-Gbps Fibre Channel transceivers and 1- or 10-Gigabit Ethernet transceivers. Does these is a conflict ?The 48 fixed port on this switch support only 1- and 10-Gigabit Ethernet or 8-, 4-, 2-, or 1-Gbps Fibre Channel and 1- or 10-Gigabit simultaneously ?
I have two Nexus 5596UP that will be connected together via VPC-Peerlink. From there I want to connect both 5596UP's to a 6509-VSS via VPC.The Nexus 5596UP's will be essentially layer 2 switches, all routing will be done the 6509-VSS's.
We have two Nexus switches in our network, one of them is Nexus5020 other Nexus5596UP. System image is identical on both switches 5.2(1)N1(4). When we try to setup VPC between these switches we see that all configured vlans on VPC peer link between Nexus switches are blocked by spanning tree protocol with message "Bridge Assurance Inconsistent, VPC Peer-link Inconsistent". We still can't solve this problem.
Topology:
NEXUS_5020---Peer_link(Po2)---NEXUS_5596UP
/
/
Member_link (Po100) Member_link (Po100)
/
/
SERVER
Configuration:
NEXUS_5020: speed 1000 interface Vlan2000 no shutdown description VPC_keepalive_link vrf member VPC_kepalive ip address 10.55.55.2/30
I'm trying to get the VFC up in B22-FEX blade in Dell which is connecting to Nexus 5596UP.
The message I get is
# sh int vfc1033 vfc1033 is down (Error Disabled - VLAN L2 down on Eth interface) Bound interface is port-channel3 Hardware is Ethernet Port WWN is 24:08:00:2a:6a:0d:db:3f Admin port mode is F, trunk mode is on
if I can use the encrypted port as unencrypted ethernet ports? url.. Each individual port on the Cisco Nexus 5010 switch is numbered, and groups of ports are numbered based on their function. The ports are numbered top to bottom and left to right.There are 20 to 28 ports on the Cisco Nexus 5010 switch, depending on which GEM is installed.
The 20 fixed ports form group 1 and are named 1/port_number. Ports 1 through 16 are unencrypted Ethernet ports. Of these, ports 1 through 8 are 10-Gigabit Ethernet and 1-Gigabit Ethernet-capable ports. Ports 17 through 20 are encryption-capable Ethernet ports.
I would like to make a design with 4 Nexus 5596UP. 2 of them equipped with Layer 3 Expansion Module so they can serve as core layer and the other 2 Nexus used as Layer 2 for aggregation server layer.The 2 Nexus in the core layer will run HSRP and will peer with ISP via BGP for Internet connection The 2 Nexus in the aggregation layer will be configured as layer 2 device and have FEX and switches connected to them.What I am ensure of is how the vpc and port-channel configuration should look like between the 4 nexus. What I was thinking is to run vpc between the 2 Nexus in the aggregation layer and between the 2 Nexus in the core layer. Than I was thinking of connecting each Nexus in the aggragtion layer to both Nexus in the core layer using port-channel and vice-versa.
1. We would like to pre-provision a 2248TP FEX on my 5596UP (NEXUS 5596 running 5.1(3)N2(1a)). Problem is that I can't choose this FEX model. I have the choice of a 2248T or a 2248TP-E, but no 2248TP. [code]
2. on pair of NEXUS 5596 running 5.1(3)N2(1a) with a Layer-3 module installed in both.When doing Enhanced vPC - connecting all FEXs dual-homed to both 5596 - how many FEXs can I have in total ?
Any "best practices" or recommendations on how to migrate from a fixed router (3745) to vlan routing on Catalyst 4507 switches in order to minimize the disruption to the network.
We are running nexus 5018 in our DC.What is the difference betwen "channel-group 214 mode active" and " channel-group 216" Any difference?.. because i have problem with this config we are going build a server config?
We have problem with porth channel down.
5K# sh int po71 port-channel71 is down (No operational members) vPC Status: Down, vPC number: 71 [packets forwarded via vPC peer-link]
I have one cisco Nexus 7000 with version 6.1(2).I created 3 VDC
ADMINCOREsecurity
I have configured 1 - 45 ports for Core and 46 - 48 ports for Security.Now I am not using the VDC Security and I tried to move the assigned ports 46 - 48 from Security to ADMIN.Switch accepted the command .But the ports are not visible on ADMIN VDC.Now it is not showing on Security VDC also. I need this ports in ADMIN VDC
nyone know if "vpc-orphan-port suspend" works if i put on N2k interface. not the fex link. example i have fex 101 and i put on eth 101/1/10 will it suspend the port on N2K connected to secondary N5K when peer link is down?
I'm setting up a montitor session on a NEXUS 7K as below.we are receiving in 150M of data and 0 data going out port 9/25.but port 4/24 shows 300M to the span port?
I am trying to create a port channel between HP servers (4 nic) and two nexus 2k. The server side its a single team with 803.2ad fault taulerence and on the nexus side it have created two port channel (port channel 1 for nexus 2k1 and port channel 2 for nexus 2k2) and made them ACTIVE (channel group mode active)
But when i add a another server on different ports and port channel them the same way as the above server on nexus 2k1 and nexus 2k2, the first server stops pinging. so i have to sht down the first port channel and reopen them - then it works, however it says NO NETWORK ACCESS on the servers (running windows 2008). the only way is to reboot the server i cant be doing this on a production network.
I need to create several VLans on my switch.After reading the admin guide pdf, i still don't understand how to create any simple VLan.some tutorial or steps (with IE or Mozilla browser) how to create and use VLan, and to connect one VLan to another.For example,i need to create 3 VLans.
First Vlan consist of 5 ports (Vlan Name = Red) Second Vlan consist of 15 ports (Vlan Name = Green) Last Vlan consist of the rest of the ports (VLan Name = White)
So I took a laptop with wireshark and plugged it into a nexus 5000 port that is configured as a trunk with 3 vlans allowed on it. The laptop was seeing all kinds of traffic on the wire, most of it was not involving my laptop.
For example: Server A VLAN 10= 10.10.10.1 Server B VLAN 20= 10.20.20.1 and wireshark laptop is plugged into a trunk port which is allowing those vlan's. The vlan's are routable.
10.10.10.3 is seeing the entire conversation when 10.10.10.1 backs up 10.20.20.1 even though it has no reason to see it. It is as if the trunk is spanning traffic to the laptop port. No span is setup however. It's really weird. This is not just broadcast traffic, but actual tcp taffic between Server A and B. Why would a trunk port see traffic between 2 other servers talking to each other on the vlan.
I am having hard time in understanding the hardware port channel resource concept in Nexus 5Ks. Which scenario is considered as a hardware port channel and which is not. According to Cisco documentation, 5548UP switch with layer 3 daughter card only supports 8 hardware port channels, does this mean we can connect only 8 dual homed Fex to those 5Ks.Will a dual homed fex consumes a hardware port channel?
I am a bit confused by the output of 'show run' and 'show run switch-profile' that pertains to a port-channel interface configured in a switch-profile. My main gaol is to find out how can I add/remove the allowed vlans the port-channel (configured as trunk) carries. The setup is like this. I have 2 N5k in vPC domain and Etherner1/11 on both switches is configured as trunk vPC that connects to a core switch. When I issue ‘show run’ for the port-channel and physical interface I get the following output. [code] From above it seems the switch-profile configuration is missing the 'switchport trunk allowed vlan' in the port-channel interface. If want I to remove vlan 30 from the allowed vlan, should I go under the switch-profile mode and remove vlan 30 from the allowed list even though the switch-profile configuration seems to be missing this.
We have a couple of IBM blade chassis with Nexus 4000I 10G blade switch in it. Four 10G ports from each Nexus 4000I switch are bundled into a port channel and connected to Nexus 7K. On the 4k end, one port in the port channel is doing down and coming up as an idividual port. After few minutes it is going down again and coming up as a port-channel member port. It is happening quite offen. [code]
I'm trying to change a vlan on a port-channel but I am getting this error when I apply the change:" error: command is not mutually exclusive",I have done this in the past but I cannot remember exactly what I should type to apply the change.
I have a dual-homed fabric (Nexus 2248 dual attached to two Nexus 5020's via vPC). On this Nexus 2248 is a server that has a four port LACP etherchannel. The ports do not appear to be load balancing correctly. The output below shows the four ports in use and it clearly shows port e138/1/10 as getting the most use. When I use the "show port-channel load-balance forwarding-path..." command on either of the vPC switches for various source and destination IP's that use this link, it shows them correctly load-balancing across the four ports. But we do not see this when looking at stats on both the server side and the switch side.
**************** Config info below. This is a vPC pair and the port configs are identical on both switches so I'm only showing the configs for one switch to keep it simple.
dc5020-3g# sh port-channel load-balance Port Channel Load-Balancing Configuration: System: source-dest-ip Port Channel Load-Balancing Addresses Used Per-Protocol: Non-IP: source-dest-mac IP: source-dest-ip source-dest-mac
I'm running a couple of nexus 7000 to aggregate a building full of 3750Xs.In the past few weeks I have noticed that the vlans I added to the port-profile never got propagated.So I looked at port-profile sync information and here is what comes up: [code] Why the commands are getting cached?
Nexus 5500 support auto negotiation on 1gig sfp port? There is an end device that only support auto negotiation and cannot be manually set speed/duplex.
I am trying to limit the incoming and outgoing traffic on a l2 port to 8mbps for a ip subnet within the nexus 7000. The port is connected to my ISP router which has a bandwidth of 20mbps.Policing won't work on a l2 Port and shaping cannot be applied on a port level. url...I have been reading thru the qos guide for nexus release v6 and have problems understanding the different queues.
I've Nexus 7010 switch installed in my DC. I've conncected Cisco router to one of the Ports. On the same port I'm getting following error message and hence, unable to form EIGRP neighborship.
DR-CORE-SW-S01-NEXUS7K %MODULE-2-MOD_SOMEPORTS_FAILED: Module 1 (serial: JAF*******NGK) reported failure on ports 1/2-1/2 (Ethernet) due to R2D2 : Speed patch failed - no frames transmitted in device 143 (error 0xc8f0 1273)
I'm in the middle of a Nexus 5000 project and recognized today while configuring port-channels, that some of the interface numbers are reserved for internal use.
Is it possible to change or configure which port-channel interface numbers are allocated for internal use by NX-OS?
Unfortunatly I wasn't able to find a solution for this issue in the offical Nexus documentation, the search function of this forum or Google. If I did miss something or didn't look careful enough at the Nexus docs, I'm also happy with RTFM (... fine manual) responses and links to the info :-)
Basically I am trying to use Wireshark to do a packet capture on a Nexus 5010. I want to do a monitor session on on the switch so I can capture from a source port to a destination port on the same switch. I can configure the source port but when I go to configure the destination port I get "ERROR: Eth102/1/4: Configuration not allowed on fex interface". I have tried to reconfigure this port as a switchport but "switchport mode access" command does not take. I don't want to make any changes to any other ports but this one.
Here is an example of what each switch logs when a server drops offline. Sample logs taken between 5:32am and 5:35am on Feb 20. This particular one was having problems all weekend. Switch #1 encountered over 2000 interface resets. The corresponding VPC port on Switch #2 only had 13 resets.
NEXUS SWITCH #1 2012 Feb 20 05:32:09 q91-sw01-5010 %ETH_PORT_CHANNEL-5-FOP_CHANGED: port-channel10: first operational port changed from Ethernet1/10 to none 2012 Feb 20 05:32:09 q91-sw01-5010 %ETH_PORT_CHANNEL-5-PORT_DOWN: port-channel10: Ethernet1/10 is down 2012 Feb 20 05:32:09 q91-sw01-5010 %ETH_PORT_CHANNEL-5-PORT_DOWN: port-channel10: port-channel10 is down 2012 Feb 20 05:32:09 q91-sw01-5010 %ETHPORT-5-IF_DOWN_PORT_CHANNEL_MEMBERS_DOWN: Interface port-channel10 is down ( No operational members)
I have a router on which I would like to create a port channel that spans two different Nexus 2248TP switches, and then create a couple subinterfaces on the router's po interface. I've done this successfully on my primary router, but the config doesn't seem to work on the backup router. The primary is running IOS 15, while the backup is running 12.4.25d advanced IP. I do see the trunk come up from the switch side, and my router subinterfaces and po interface show up, however I'm not able to get anywhere from the router. It's not even able to reach other hosts on the same network. As soon as I remove the port channel config and use the physical interface and assign the same address used on the port channel interface, everything works as expected and I have connectivity.
interface Port-channel21 no ip address hold-queue 150 in ! interface Port-channel21.248 encapsulation dot1Q 248 native ip address 100.100.100.1 255.255.255.0
We are planning to implement the following policy map for egress traffic on an Nexus 7000:
policy-map type queuing dd-1p3q1t-8e-out-10G class type queuing 1p3q1t-8e-out-pq1 priority level 1 shape percent 10 class type queuing 1p3q1t-8e-out-q2 bandwidth remaining percent 5 class type queuing 1p3q1t-8e-out-q3 bandwidth remaining percent 5 class type queuing 1p3q1t-8e-out-q-default bandwidth remaining percent 90
We are using two N7K's to which is one N5K connected through a vPC. From the N5k we use a port-channel with 4 * 10G. Two of this four ports are connected to on N7K and the other two are connected to the other N7K. On the n/K's we are using vPC.
My question now are:
1. Where i have to connect the policy map? To the port-channel or on each physical interface?
2. When i have to connect this policy to the port-channel, how does i have to set the shape percent, when i would like to reserve 10% from the 40G? Does i have to set the shape value to 5% on each N7K because vPC?
