Cisco Switching/Routing :: Possibility For Nexus 7000 To Be HSRP Active Standby In Data

Nov 20, 2012

Normally when we do HSRP with vPC on N7K the device will be Active/Standby in control plane but it will be Active/Active in data plane. In this case any traffic reach to standby device it can forward traffic directly to uplink which is not my desire. My goal is all traffic should pass through active (control plane) device in every case unless active device totally dead. So Is it possible for Nexus 7000 to be HSRP Active/Standby in Data Plane ?

View 4 Replies


ADVERTISEMENT

Cisco Switching/Routing :: Nexus 7000 - HSRP Active / Standby?

Dec 16, 2011

I am working on two Nexus 7010 with 5.1.5 NX-OS version. I configure HSRP traditionnaly, Nexus 1 with a priority of 200 and Nexus 2 with a priority of 100 for all vlan.

When I change the priority of a vlan to 200 to 50 for example, Nexus 2 become active and Nexus 1 standby. The problem is that when I do a traceroute from a PC the packet take the Nexus 1 as defaut gateway all the time.....

For information I have a peer link between the 2 Nexus for vPC.

View 9 Replies View Related

Cisco Switching/Routing :: 4506 HSRP Active To Standby And ARP Impact

Mar 4, 2013

I am running HSRP on three 4506 switches..S1(active) S2( standby) and S3(listen)..S1 is active for all the vlansRight now, I wanted to  make S3 active for two vlans: vlan 10 and 19What would be the impact to the end hosts?Also, can you tell me why the arp is not syncing for all the three devices? [code]

View 4 Replies View Related

Cisco Switching/Routing :: Nexus 7000 / How To Have Multicast Data Across OTV Extensions

Nov 5, 2012

have multicast data across OTV extensions?  We run OTV between two pairs of Nexus 7000 in different datacenters with mcast underlying encapsulation. We stretch 10 or so vlans between the sites. We have encountered multiple bugs over the last two years and had to upgrade code and have rarely been clear for any period of time.
 
We've had an ongoing Tac case where IGMP requests are not getting across the OTV VLAN extension to the PIM forwarder on another site. You can see OTV IGMP snooping on the AED VDC is picking up the request on the local site but it does not get to the remote site that is the PIM forwarder so no multicast gets onto the VLAN. For a while we had a hack where we would get a local server to the PIM forwarder router to request the same groups and then this would somehow get across to the other site. Since clearing the overlay interfaces to try and fix the original problem the hack no longer works and I can't get multicast to the receiver at all.

View 1 Replies View Related

Cisco Switching/Routing :: ACL Behaviour On HSRP 6500 Standby SVI

Jan 19, 2012

I have been reading several posts in this forum to try to understand ACL  behaviour on a standby HSRP 6500, I would be glad to get this cleared.I have two 6509 running HSRP for all Vlans...I created VLAN 100 with standby ip address 192.168.1.129 255.255.255.128
 
Active 6509 (SW01) ip is 192.168.1.130/25, priority 120
Standby 6509 (SW02) ip is 192.168.1.131/25
 
I have created a DHCP server on the standby 6509 only on the same VLAN 100 with a defaul router of 192.168.1.129 (i.e. the hsrp vip). I connected a pc directly to the ethernet port on the standby 6509 and put it under VLAN 100 and it obtained its ip 192.168.1.200 from the ios dhcp.Now I want to restrict this PC (and any other on its subnet) to access only a remote server 172.168.10.10 and nothing else. I have created the following access list, allowing traffic to the remote server, ospf and hsrp updates,ios dhcp...
 
Extended IP access list SWRES
10 permit ospf any any log (172 matches)
20 permit ip any host 172.168.10.10
30 permit ip any host 224.0.0.2
40 permit udp any host 255.255.255.255 eq bootpc
50 deny ip any any log (52 matches)
 
I have applied this ACL on both the 6509s under interface VLAN 100 ip access-group SWRES in  
 
1. When I ping different subnets on the 6509s from the PC, I still receive icmp replies although I expected the acl to pass traffic destined for the remote server only. I do get deny log messages on the Active 6509, but not on the standby 6509 where the PC is connected.
  
2. Is permitting bootpc in the acl enough for IOS  DHCP server and client operation? Do i need to explicitly permit access to the defaul-router configured in the DHCP, which happens to be the VLAN 100 gateway ip and hsrp vip as well (192.168.1.129)
  
3. I do get deny logs on both the 6509s from the PC trying to access the local VLAN 100 broadcast address on ports 137, 138.
 
 %SEC-6-IPACCESSLOGP: list SWRES denied udp 192.168.1.200(137) -> 192.168.1.255(137)

View 7 Replies View Related

Cisco Switching/Routing :: Nexus 7000 With Fabric Extenders Nexus 2000?

Mar 15, 2013

I have been tasked to replace the existing Cat 6500 and 3750 switches by Nexus 7000 and Nexus 2000.I was told initially my boss plans to get 2 x Nexus 7000 and then eventually blow up to 4 x Nexus 7000s.For Nexus, is there a list of tasks / points that i need to consider for building the initial design?
 
Can i just link the Nexus 7000 like the following?
 
N7k-A    =========   N7k-B
|                                   |           
lots of N2ks               lots of N2ks

View 12 Replies View Related

Cisco Switching/Routing :: 6509 - HSRP Standby Address Not Reachable

Jun 11, 2013

I have  my hsp setup where switch A and switch B share active/standby roles among several vlans. In the last few weeks, i have seen trouble tickets where connectivity is lost and upon investigation i discover that i can ping physical interface IP addresses for both standby and active devices but not the standby IP. I have also validated configurations and layer 2 paths and they haven't been broken.

What I end up doing is failover to the standby device and back and the problem clears, reachability is restored. My question is whether I am solving this the right way. If so, what is it that would cause the standby IP to not be reachable and how does my solution fix that? N/B the switches are catalyst 6509's.

View 2 Replies View Related

Cisco Switching/Routing :: 7000 / 3750 Stack - HSRP Between ISPs Router And L3 Switch

Dec 27, 2012

We have our WAN setup as explained in the attachment herewith. As of now, We have a IP 1 configured as HSRP IP in the LAN switch end at Site A and Site B. As per the HSRP priority, Site A's WAN router will preempt to be the Active WAN router. 1*1Gig link at both DCs connect to the respectve WAN router.
 
But with this setup, we experience a WAN outage whenever there is a link disconect at Site A - as HSRP fails over from Active to Standby(Site B) and again when the link at Site gets restored. To avoid this :
 
Is it possible to have the HSRP configured over a port channel at Site A and B (or atleast at Site A) ? In that case, will there be a need for the ISP to change their configuration except to configure a port channel ? The ISP has Cisco 7000 series router which connects to 3750 stack at DC lan.

View 2 Replies View Related

Cisco Switching/Routing :: 3550 - Unable To Ping Internet From HSRP Standby Switch

Nov 16, 2011

I have router connected to 2  3550 switches  directly. 3550A  and B  switches are running HSRP. OSPF is running between Router and 2 switches.
 
From Switch B  i can ping the Router Wan interface but not the internet sites. from Switch A  i can ping any sites?
  
Switch B 
3550SMIB#                          sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area       N1

[Code]......

View 7 Replies View Related

Cisco :: Nexus 7000 Netflow Missing Data

Jun 26, 2012

I've configured N7K to export layer 2 flows. Using 2 different flow collectors (open source and commercial), gaps/drops in the reported traffic are observed on a periodic basis.Problem doesn't seems to be with the exporters, hence I wondering if netflow configuration on N7K can be tweaked to address this symptom. Using the 'show exporter' command, no errors/drops are observed. [code]

View 2 Replies View Related

Cisco Switching/Routing :: 4948 E HSRP Connect Devices To Standby Unit That Do Not Require Redundancy

Jul 29, 2012

If I setup 4948E's in HSRP configuration.  And I connect devices to the Standby Unit that do not require redundancy.  Will there be any issues passing traffic?  I don't believe that standby unit blocks the traffic but wanted to confirm.

View 5 Replies View Related

Cisco Switching/Routing :: 6509 (HA) And FWSM (active / Standby) System Upgrade?

Sep 30, 2012

I have 2 6509 chasis with one SUP720-3B in each and current IOS is s72033-ipservicesk9_wan-mz.122-18.SXF4 and 2 FWSM with version is 3.3.1 I need to upgrade FWSM system software to 4.1, after checking FWSM 4.1 release notes, I thought of upgrading IOS to latest version  to 12.2(33)SXJ.I got new 2 CF of 512MB and downloaded the new IOS on them and need to upgrade 6509 IOS first to meet the requirement for FWSM upgrade.

View 1 Replies View Related

Cisco Switching/Routing :: 4500 Requirement For NSF / SSO Commands On Standby / Active Supervisor

Apr 22, 2012

I went through the configuration guide for 4500 series switches for NSF/SSO for failover between Sup's. I just wanted to know that that are we supposed to run the SSO command on both of the supervisors? Secondly, are we only supposed to run the nsf process under EIGRP on the secondary supervisor and routing peers and not on the primary supervisor?

View 2 Replies View Related

Cisco Switching/Routing :: 2690 - SFP Ports On Active And Standby Supervisor Engine

Oct 19, 2012

We are expanding out LAN network with more 2960 access switches. All the access switches are suppose to be connected to core switch (4507R) but i have less port on the core switch.
 
On the core switch we have two supervisor engines (WS-X4515 ---description : "Supervisor IV with 2 1000BaseX GBIC ports"). I can see that on each supervisor engine i have two 1 GB SFP ports available and if i calculate for two supervioser engine i will have 4 1GB ports.
 
But at particular time only one supervisor engine is active and other is in standby mode (redundancy mode used is SSO between two SUP engines).
 
Can i used all 4 SFP ports for connecting 4 uplinks to the 4 access switch?Will all the 4 SFP ports active at one time or only 2 SFP ports will be active that is for only active supervisor engine.

View 10 Replies View Related

Cisco Switching/Routing :: Copying IOS From Standby To Active Supervisor 4507 Switch

Jun 4, 2012

I was upgrading IOS on 4507 R with dual supervisor.I download the IOS on Active supervisior and did reboot.After reboot i login to switch then i got switch standby prompt.I found that after reboot active supervisior  became standby supervisior.
 
Now new IOS  is on standby supervisior.Need to confirm below..So this means that IOS  does not syn  within the  supervisiors as compared to config  right ?
 
-Which command i can use that will copy IOS from standby supe to Active supe??
 -Which command i can use that will show both active and standby supe with new IOS?
 -Is there any command that i can use to switchover from active to standby supe??

View 3 Replies View Related

Cisco Switching/Routing :: 6504 VSS Pair Shows Active / Standby On Led But Not In Config

Oct 30, 2012

After rebooting a pair of 6504's configured for vss, both switches show active on the sup modules. A show switch virtual redundancy however shows the pair working in an active/standby mode. We have 6509's in vss pairs and they show active on switch1 and standby on switch2 led's. For the 6504's switch 1 was booted first and then the second switch about 30 seconds later. Is there something different with the 6504's? [code]

View 4 Replies View Related

Cisco Switching/Routing :: 3560 - HSRP Setup / S2 Active And Route Traffic From Internet To Client?

Jan 14, 2012

i have a strange issue with an HSRP Setup. I  have two (S1+S2) 3560 as Core/Distribution Layer. Inter-vlan routing are  enabled on both Switches. S1 and S2 are connected with an ether channel  over four fibre ports. S3 -S5 are the (L2) access layer.
 
Gi0/1 on S1 and S2 are L3 ports, connect to a Linux Firewall.

HSRP is enabled, S1 is the active router and the STP root bridge.
 
But, my monitoring via cacti show me, that the Gi0/1 on S2 is active, too! But it should not be active? Only if S1 fails, should S2 the active switch.A client from the access ports on S3 - 5 gets traffic from the Internet via Gi0/1 from S2. Gi0/1 on S1 is active too, but will send mostly traffic to the Internet. Why is S2 active and why route it traffic from the Internet to the client?

View 15 Replies View Related

Cisco Switching/Routing :: Nexus 7000 Vrf Not Enabled?

Dec 9, 2012

Should I install any special license to enable vrf within Nexus 7000 VDC? I observed that vrf routing instance is not enabled in the VDC.

View 2 Replies View Related

Cisco Switching/Routing :: NTP Authentication On Nexus 7000?

Mar 3, 2013

I am configuring NTP on a new Cisco Nexus 7000 running version 6.1(2). NTP is working properly between the access switches and Nexus, however when configuring Authentication, NTP is not working anymore.
 
confguration:
 
Nexus 7K server
============= 
ntp server x.x.x.x
ntp peer q.q.q.q
ntp server e.e.e.e
ntp server r.r.r.r
ntp source-interface  Vlanx

[code]...
 
why NTP authentication is not working !!!!! on Nexus 7000

View 3 Replies View Related

Cisco Switching/Routing :: FIB Inconsistency On Nexus 7000

Aug 3, 2011

On a 7K (5.0(2)), I have a situation where the FIB and RIB are out of sync.  I'm not sure it's causing a problem, but it's been implicated in some weird packet loss issues.  It seems like it could cause network issues if you had two routes in the RIB, only one in the FIB, and then you lost the single path in the FIB. How the RIB/FIB gets out of sequence, how to proactively know about it (nothing in the logs here), and whether or not this is a big deal or a red herring?
 
Here's sample output that illustrates the RIB and FIB being out of sequence.
 
ROUTER1# show ip route 172.16.100.1
IP Route Table for VRF "default"
'*' denotes best ucast next-hop

[Code].....

View 2 Replies View Related

Cisco Switching/Routing :: 4510R L3 / Make Active Sup6 In Slot 6 Which Is Currently Standby Sup In Chassis

Mar 25, 2013

I have cisco 4510R L3 switch with installed 2 Sup on slot 5 and 6. the current active Sup is in Slot5 i want to make active Sup6 in slot 6 which is currently standby sup in chassis. Is there any way to make standby Sup to ACTIVE without reloading any of the Supervisor. however there is two way as per my understanding -

1. we can reload the active Sup so that standby Sup will take charge. - (redundancy reload shelf)

2. we can focefully switchover the state of Sup's by (redundancy forcefully swithover) but in above both cases reload will be performed by one of the supervisor. which i don't want.

View 2 Replies View Related

Cisco Switching/Routing :: HP C7000 / Nexus 5K - Locking Down HSRP ARP / MAC?

Mar 6, 2013

Had a Sev 1 issue today.  We have a bunch of Nexus 5ks connecting to some HP C7000 Chassis for the use of Virual environments.  Engineers build and tear down servers during the day, however today, an engineer configured a virtual machine accidently with its IP address as the default gateway.  Each pair of nexus switches has one physical SVI per vlan and a HSRP address for the vlan.  Of course this engineer configuring the server IP address as the HSRP address killed the vlan... which lead me onto think... are they are tried and tested techniques to protect this from happening on the switch.  Enforcing the ARP/MAC of the HSRP address and not allowing it to change or any other device to change it?

View 2 Replies View Related

Cisco Switching/Routing :: Nexus 5546 HSRP Not Formed

May 17, 2012

I have a paif of nexus 5548 configured VPC using the mgmt interface as heartbeat and 2x10G as peerlink. Peer-gateway is also configure on the vpc domain. I have 2 FEX straight thru connection to each Nexus'es. Created 2 VPC and both are up and no suspended vlans. Allowed VLANs in peerlink is 10,20,30,40 and 50. I configure SVI for VLAN 10 on both nexus 10.10.10.100/24 and 10.10.10.101/24 respectively. The problem is when I create HSRP on this VLAN 10 (vip 10.10.10.88), the hello packets are not heard by both nexus, thus both Nexus are acting as active with unknown standby. I can ping both vlan 10 from each Nexus. I tried deleting and putting back the config but no luck.I tried creating another SVI vlan 20 on both nexus and form hsrp, result is same as in vlan 10. I am running version 5.1 release on both nexus.

View 3 Replies View Related

Cisco Switching/Routing :: Vrf With Hsrp In Nexus 7010 Version 6.0

Nov 24, 2012

i have a big problem because i configure a vlans with vrf and HSRP but, when i do "show hsrp brief", dont show this interfaces and, i can ping virtual IP. it seems hsrp dont work.

SWSERVSCAMILO_N7010_A#
 interface Vlan405
  description smsc-fwatlas1
  no shutdown
[Code] ....

View 1 Replies View Related

Cisco Switching/Routing :: Support For FeX 2232TM In Nexus 7000?

Feb 2, 2012

We recently purchased a pair of 2232TM Fabric eXtenders just to find out that our Nexus 7000 does not support it. Will there be support for the 2232TM FeX in Nexus 7000 any time soon?

View 4 Replies View Related

Cisco Switching/Routing :: Nexus 7000 OTV With F1 Line Cards?

Jul 17, 2012

I have two data centres connected via a L2 DWDM, my manager wants to look into using OTV to get rid of the layer 2 broadcasting issues.
 
Problem is the DWDM is 1000BaseSX, which is only supported on the N7K-F132XP-15.   (and the N7K-M148GS-11 but that doesn't support FCOE, so many bloody caveats). From what I can gather OTV is not supported on the N7K-F132XP-15.
  
Is it possible to terminate the DWDM on the F1 card & loop another port from the F1 to a port on the N7K-M148GT-11 & run OTV on the M1????
  
Either using VDCs or just an isolated VLAN on the F1. Is there any better way to do this? Hardware has not yet been purchased.

View 0 Replies View Related

Cisco Switching/Routing :: Nexus 7000 Vdc Vlan Configuration?

Dec 9, 2012

I am seeing an issue that after deleting/recreating one of the VDC in Nexus 7K, VLAN is not been able to be configured within the VDC although it is not actually a reserved VLAN. Could it be anything missing in the license installation? the version of the image is NX-OS 6.1.2
  
StorageVDC(config)# vlan 100
^
invalid vlans (reserved values) at '^' marker.

View 2 Replies View Related

Cisco Switching/Routing :: Nexus 7000 Keep Alive Link For Vpc?

May 5, 2013

We setup two n7K as core switches in our network. We configure VPc peer link as well successfully. We are using mgmt interface of supervisors as a peer keep alive interface, so what happen when this keep alive gets down? Are we loss Vpc peer link between both nexus 7 K?

View 4 Replies View Related

Cisco Switching/Routing :: Nexus 7000 QoS Marking For Both DSCP And COS

Jan 29, 2012

I have a pair of Nexus 7K's running 5.1(3). I have a handful of edge devices that I need to mark ingress traffic, and need to mark both DSCP and CoS. Right now, I have a working config that marks DSCP appropriately.While that works dor DSCP, the MQC will not allow me to mark both DSCP and COS in the same class, and unlike IOS, it appears that Nexus does not have a default DSCP-to-COS mapping. My understanding is this can be solved using table maps, but I don't see how that can solve my problem in this specific scenario (it appears I can do marking or table-map mutation, but not both?). How I can accomplish both?

View 5 Replies View Related

Cisco Switching/Routing :: Nexus 7000 Cannot Get AAA Authentication To Work

Dec 5, 2011

I cannot get the AAA tacacs+ authentication to work on my Nexus 7000.

View 4 Replies View Related

Cisco Switching/Routing :: Nexus 7000 To Know Ambient Temperature

Nov 2, 2012

I need to know how is the ambient temperature for the Nexus 7000 switches to plan a new datacenter. In the datasheet I found the following information regarding this topic:"GR-63-CORE Network Equipment Building Standards (NEBS) specification published by Telcordia Technologies in Section 4.1.2". How are the specification for temperature in this standard?

View 1 Replies View Related

Cisco Switching/Routing :: QOS For VOIP Traffic On Nexus 7000

Mar 4, 2012

regarding QOS on Nexus 7000. Our Nexus 7000's form a collapsed distribution/core layer, our access layer switches are are a mixture of Cisco 3750 & Cisco 4507. 3750 switches will connect to Nexus switches via 1Gb uplink, 4507 switches will connect via 10Gb uplinks. Each Nexus will be connected via 20Gb port channel, all servers connect to the Nexus switches via 1Gb links. We're implementing a new telephone system soon which will be using VOIP so I need to configure the switches to perform QOS. The IP phones will mark the RTP traffic with DSCP value EF and call signaling traffic CS3. I'm fine configuring qos on the access layer switches, its just the Nexus switches which I'm not sure about.
 
Do I actually need to configure any QOS parameters on the Nexus switches so they will prioritise the VOIP traffic. If my understanding  the Nexus switches will trust the DSCP values and assign the traffic to the relevent queues?
 
Just for information VOIP is the only traffic I will be marking QOS values

View 3 Replies View Related

Cisco Switching/Routing :: Nexus 7000 Bandwidth Control

Oct 14, 2012

On Nexus 7000s I want to limit bandwidth of particular IP. I can do this using proper configuratio of IP ACL, policy map and class map. But what if I dont have information on interface?  Can I apply bandwidth control for particular IP without knowing the interface?

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved