Cisco Nexus 6000 Скачать руководство пользователя страница 51 | Manualshive

Страница: 51 / 232

background image

You can associate a secondary VLAN with only one primary VLAN.

Note

For an association to be operational, the following conditions must be met:

•

The primary VLAN must exist and be configured as a primary VLAN.

•

The secondary VLAN must exist and be configured as either an isolated or community VLAN.

Use the

show vlan private-vlan

command to verify that the association is operational. The switch does

not display an error message when the association is nonoperational.

Note

If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become
inactive. Use the

no private-vlan

command to return the VLAN to the normal mode. All primary and secondary

associations on that VLAN are suspended, but the interfaces remain in PVLAN mode. When you convert the
VLAN back to PVLAN mode, the original associations are reinstated.

If you enter the

no vlan

command for the primary VLAN, all PVLAN associations with that VLAN are

deleted. However, if you enter the

no vlan

command for a secondary VLAN, the PVLAN associations with

that VLAN are suspended and are restored when you recreate the specified VLAN and configure it as the
previous secondary VLAN.

In order to change the association between a secondary and primary VLAN, you must first remove the current
association and then add the desired association.

Private VLAN Promiscuous Trunks

A promiscuous trunk port can carry traffic for several primary VLANs. Multiple secondary VLANs under a
given primary VLAN can be mapped to a promiscuous trunk port. Traffic on the promiscuous port is received
and transmitted with a primary VLAN tag.

Private VLAN Isolated Trunks

An isolated trunk port can carry traffic for multiple isolated PVLANs. Traffic for a community VLAN is not
carried by isolated trunk ports. Traffic on isolated trunk ports is received and transmitted with an isolated
VLAN tag. Isolated trunk ports are intended to be connected to host servers.

To support isolated PVLAN ports on a Cisco Nexus Fabric Extender, the Cisco Nexus device must prevent
communication between the isolated ports on the FEX; all forwarding occurs through the switch.

You must disable all the FEX isolated trunk ports before configuring PVLANs on the FEX trunk ports.
If the FEX isolated trunk ports and the FEX trunk ports are both enabled, unwanted network traffic might
occur.

Caution

For unicast traffic, you can prevent such a communication without any side effects.

For multicast traffic, the FEX provides replication of the frames. To prevent communication between isolated
PVLAN ports on the FEX, the switch prevents multicast frames from being sent back through the fabric ports.

Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x

33

Configuring Private VLANs

Private VLAN Promiscuous Trunks

«
...
49
50
51
52
53
...
»

Содержание Nexus 6000

Страница 1: ...ng Configuration Guide Release 7 x First Published 2014 01 15 Last Modified 2016 01 28 Americas Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 ...

Страница 2: ... IMPLIED INCLUDING WITHOUT LIMITATION THOSE OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING USAGE OR TRADE PRACTICE IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT SPECIAL CONSEQUENTIAL OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE T...

Страница 3: ...and Changed Information 1 C H A P T E R 2 Overview 3 Layer 2 Ethernet Switching Overview 3 VLANs 3 Private VLANs 4 Spanning Tree 4 STP Overview 4 Rapid PVST 5 MST 5 STP Extensions 5 C H A P T E R 3 Configuring VLANs 7 Information About VLANs 7 Understanding VLANs 7 Understanding VLAN Ranges 8 Creating Deleting and Modifying VLANs 9 About the VLAN Trunking Protocol 10 Guidelines and Limitations for...

Страница 4: ...Ns 28 Associating Secondary VLANs with a Primary Private VLAN 29 Private VLAN Ports 30 Primary Isolated and Community Private VLANs 31 Associating Primary and Secondary VLANs 32 Private VLAN Promiscuous Trunks 33 Private VLAN Isolated Trunks 33 Broadcast Traffic in Private VLANs 34 Private VLAN Port Isolation 34 Configuring a Private VLAN 34 Enabling Private VLANs 34 Configuring a VLAN as a Privat...

Страница 5: ...T 48 Rapid PVST Overview 48 Rapid PVST BPDUs 49 Proposal and Agreement Handshake 50 Protocol Timers 51 Port Roles 51 Port States 52 Rapid PVST Port State Overview 52 Blocking State 53 Learning State 53 Forwarding State 53 Disabled State 54 Summary of Port States 54 Synchronization of Port Roles 54 Processing Superior BPDU Information 55 Processing Inferior BPDU Information 56 Spanning Tree Dispute...

Страница 6: ... Link Type 65 Restarting the Protocol 66 Verifying the Rapid PVST Configuration 66 C H A P T E R 6 Configuring Multiple Spanning Tree 69 Information About MST 69 MST Overview 69 MST Regions 70 MST BPDUs 70 MST Configuration Information 71 IST CIST and CST 71 IST CIST and CST Overview 71 Spanning Tree Operation Within an MST Region 72 Spanning Tree Operations Between MST Regions 72 MST Terminology ...

Страница 7: ...e 88 Configuring the Maximum Aging Time 88 Configuring the Maximum Hop Count 89 Configuring PVST Simulation Globally 89 Configuring PVST Simulation Per Port 90 Specifying the Link Type 91 Restarting the Protocol 92 Verifying the MST Configuration 92 C H A P T E R 7 Configuring STP Extensions 93 Overview 93 Information About STP Extensions 93 Understanding STP Port Types 93 Spanning Tree Edge Ports...

Страница 8: ...guration 106 C H A P T E R 8 Configuring LLDP 107 Configuring LLDP 107 Configuring Interface LLDP 108 C H A P T E R 9 Configuring MAC Address Tables 111 Information About MAC Addresses 111 RMAC Learning 111 Configuring MAC Addresses 112 Configuring Static MAC Addresses 112 Configuring the Aging Time for the MAC Table 112 Configuring MAC Move Loop Detection 113 Clearing Dynamic Addresses from the M...

Страница 9: ...ing VTP V3 133 VTP V3 Overview 133 Guidelines and Limitation 133 VTP V3 Modes 134 VTP V3 Pruning 135 VTP V3 Per Interface 135 VTP V3 Pruning and Spanning Tree Protocol 135 Default VTP Settings 135 Configuring VTP V3 136 Configuring VTP V3 Pruning 138 C H A P T E R 1 3 Configuring Traffic Storm Control 141 Information About Traffic Storm Control 141 Guidelines and Limitations for Traffic Storm Cont...

Страница 10: ... Connection Model 157 Static Pinning Fabric Interface Connection 158 Port Channel Fabric Interface Connection 159 Port Numbering Convention 160 Fabric Extender Image Management 160 Fabric Extender Hardware 160 Chassis 161 Ethernet Interfaces 161 Speed and Duplex Mode 162 Example Configuring the Interface Speed Parameters 164 Associating a Fabric Extender to a Fabric Interface 165 Associating a Fab...

Страница 11: ...Load balancing queues at the FEX global level 184 C H A P T E R 1 5 Configuring VM FEX 185 Information About VM FEX 185 VM FEX Overview 185 VM FEX Components 185 VM FEX Terminology 186 Licensing Requirements for VM FEX 187 Default Settings for VM FEX 187 Configuring VM FEX 188 Overview of the VM FEX Configuration Steps 188 Enabling Features Required for VM FEX 189 Configuring the Fixed Static Inte...

Страница 12: ...ration 201 C H A P T E R 1 7 Configuring VN Segment 203 Information About VN Segment 203 Guidelines and Limitations for VN Segment 205 Enabling VN Segment 205 Configuring VN Segment for a VLAN 206 Configuring VN Segment for VLAN in Configure Sync 207 Configuring VN Segment in Transit Mode 207 Configuring VN Segment in Non Transit Mode 208 Disabling VN Segment 208 Verifying VN Segment Configuration...

Страница 13: ...to meet our customers requirements we have modified the manner in which we document configuration tasks As a result of this you may find a deviation in the style used to describe these tasks with the newly included sections of the document following the new format Note Command descriptions use the following conventions Description Convention Bold text indicates the commands and keywords that you e...

Страница 14: ...lowing conventions Description Convention Terminal sessions and information the switch displays are in screen font screen font Information you must enter is in boldface screen font boldface screen font Arguments for which you supply values are in italic screen font italic screen font Nonprinting characters such as passwords are in angle brackets Default responses to system prompts are in square br...

Страница 15: ...us 6000 Series NX OS Fundamentals Configuration Guide Cisco Nexus 6000 Series NX OS Interfaces Configuration Guide Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Cisco Nexus 6000 Series NX OS Multicast Routing Configuration Guide Cisco Nexus 6000 Series NX OS Quality of Service Configuration Guide Cisco Nexus 6000 Series NX OS SAN Switching Configuration Guide Cisco Nexus 6000...

Страница 16: ... Cisco Nexus 6000 Series NX OS System Management Command Reference Cisco Nexus 6000 Series NX OS TrustSec Command Reference Cisco Nexus 6000 Series NX OS Unicast Routing Command Reference Cisco Nexus 6000 Series NX OS Virtual Port Channel Command Reference Technical References The Cisco Nexus 6000 Series NX OS MIB Reference is available at http www cisco com en US docs switches datacenter nexus600...

Страница 17: ...ring additional information see What s New in Cisco Product Documentation To receive new and revised Cisco technical content directly to your desktop you can subscribe to the What s New in Cisco Product Documentation RSS feed RSS feeds are a free service Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x xvii Preface Obtaining Documentation and Submitting a Service Req...

Страница 18: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x xviii Preface Obtaining Documentation and Submitting a Service Request ...

Страница 19: ...ovide an exhaustive list of all changes made to this guide or all new features in a particular release Chapter Topic Where Documented New Enhanced Features Platform Supported Cisco NX OS Release Number Configuring VLANs VLAN Translation Cisco Nexus 5500 5600 and 6000 Series Switches 7 1 0 N1 1 Configuring VLANs VLAN Long Name support Cisco Nexus 5500 5600 and 6000 Series Switches 7 3 0 N1 1 Cisco ...

Страница 20: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 2 New and Changed Information New and Changed Information ...

Страница 21: ... or transmit In full duplex mode which is configurable on these interfaces two stations can transmit and receive at the same time When packets can flow in both directions simultaneously the effective Ethernet bandwidth doubles 1 10 Gigabit Ethernet operates in full duplex only VLANs A VLAN is a switched network that is logically segmented by function project team or application without regard to t...

Страница 22: ...ted specifically STP Overview STP provides a loop free network at the Layer 2 level Layer 2 LAN ports send and receive STP frames which are called Bridge Protocol Data Units BPDUs at regular intervals Network devices do not forward these frames but use the frames to construct a loop free path 802 1D is the original standard for STP and many improvements have enhanced the basic loop free STP You ca...

Страница 23: ...send prestandard rather than standard MST messages using the command line interface STP Extensions The software supports the following Cisco proprietary features Spanning tree port types The default spanning tree port type is normal You can configure interfaces connected to Layer 2 hosts as edge ports and interfaces connected to Layer 2 switches or bridges as network ports Bridge Assurance Once yo...

Страница 24: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 6 Overview STP Extensions ...

Страница 25: ...he physical locations of the users VLANs have the same attributes as physical LANs but you can group end stations even if they are not physically located on the same LAN segment Any port can belong to a VLAN all unicast broadcast and multicast packets are forwarded and flooded only to end stations in that VLAN Each VLAN is considered a logical network If a packet destination address does not belon...

Страница 26: ...tate passing traffic or the suspended state in which the VLANs are not passing packets By default the VLANs are in the active state and pass traffic The VLAN Trunking Protocol VTP mode is OFF VTP BPDUs are dropped on all interfaces of the switch This process has the effect of partitioning VTP domains if other switches have VTP turned on Note Understanding VLAN Ranges The Cisco Nexus device support...

Страница 27: ...r internal use VLAN 4094 is also reserved for internal use by the switch You cannot use modify or delete any of the VLANs in the reserved group You can display the VLANs that are allocated internally and their associated use Creating Deleting and Modifying VLANs VLANs are numbered from 1 to 4094 All configured ports belong to the default VLAN when you first bring up the switch The default VLAN VLA...

Страница 28: ...the domain to provide configuration information Off mode Allows users to access the VLAN database VTP is enabled but does not participate in VTP Transparent mode Does not participate in VTP uses local configuration and relays VTP packets to other forward ports VLAN changes affect only the local switch A VTP transparent network switch does not advertise its VLAN configuration and does not synchroni...

Страница 29: ... object indicates whether the VTP feature is enabled or not About VLAN Translation In a data center there are often instances when you want to merge separate Layer 2 domains For example you might have two data centers that are connected via some form of Data Center Interconnect DCI such as Overlay Transport Virtualization OTV Both data centers might have an engineering group that has its own VLAN ...

Страница 30: ...AN Translation The first datacenter on the left has an engineering VLAN with number 100 and a marketing VLAN with number 200 The second datacenter on the right has an engineering VLAN with number 101 and a marketing VLAN with number 201 For the engineering machines in the second datacenter to see data from the engineering Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release ...

Страница 31: ... cannot create modify or delete any VLANs that are within the group of VLANs reserved for internal use VLAN1 is the default VLAN You cannot create modify or delete this VLAN VLANs 1006 to 4094 are always in the active state and are always enabled You cannot suspend the state or shut down these VLANs VLAN translation has the following guidelines and limitations A VLAN translation configuration is o...

Страница 32: ...anslation enabled To enable DHCP snooping on a port on which VLAN translation is enable the translated mapped local VLAN must be used Do not configure VLAN translation on a Peer Link Do not use VLAN translation on FabricPath core ports Global VLAN translation is not supported To enable IGMP snooping on a VLAN the VLAN interface must be capable of multicast routing If VLAN translation is enabled on...

Страница 33: ...iguration mode switch configure terminal Step 1 Creates a VLAN or a range of VLANs switch config vlan vlan id vlan range Step 2 If you enter a number that is already assigned to a VLAN the switch moves into the VLAN configuration submode for that VLAN If you enter a number that is assigned to an internally allocated VLAN the system returns an error message However if you enter a range of VLANs and...

Страница 34: ...ou know if the VLAN long name is enabled or disabled Note If you try to enable or disable the system vlan long name command when it is already enabled or disabled the system will throw error message We recommend you view the status of the VLAN long name knob before enabling or disabling this command Use the no form of this command to disable this feature Step 3 Optional copy running config startup...

Страница 35: ...28 characters switch system vlan long name switch config vlan 2 switch config vlan name 129Char123456789000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000987654321CiscoBangalore String exceeded max length of 128 at marker Switch config vlan exit The following example displays the error output if you try to configure VLAN name more than 32 characters without ...

Страница 36: ...eserved block Note Example switch config copy running config startup config Reloads the software and modifications to VLAN ranges become effective reload Example switch config reload Step 4 For more details about this command see the Cisco Nexus 7000 Series NX OS Fundamentals Configuration Guide Release 6 x Optional Displays the configured changes to the VLAN range show system vlan reserved Exampl...

Страница 37: ...ange Step 2 Names the VLAN You can enter up to 32 alphanumeric characters to name the VLAN You cannot change the name of switch config vlan name vlan name Step 3 VLAN1 or the internally allocated VLANs The default value is VLANxxxx where xxxx represents four numeric digits including leading zeroes equal to the VLAN ID number Sets the state of the VLAN to active or suspend While the VLAN state is s...

Страница 38: ...the specified VLAN switch config if switchport access vlan vlan id Step 3 This example shows how to configure an Ethernet interface to join VLAN 5 switch configure terminal switch config interface ethernet 1 13 switch config if switchport access vlan 5 Configuring VTP You can enable VTP and then configure the VTP mode server default client transparent or off If you enable VTP you must configure ei...

Страница 39: ...Optional Displays the list of VTP enabled interfaces switch show vtp interface Step 11 Optional Displays the password for the management VTP domain switch show vtp password Step 12 Optional Copies the running configuration to the startup configuration switch copy running config startup config Step 13 This example shows how to configure VTP in transparent mode for the device switch config t switch ...

Страница 40: ...n one of the VLAN maps configured on the FEX fabric interface Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Enters interface configuration mode switch config interface type port Step 2 Optional Enables VLAN translation on the switch port after VLAN translation is explicitly disabled VLAN translation is enabled by default switch config if no s...

Страница 41: ...pping Interface eth1 1 Original VLAN Translated VLAN 10 100 Configuring VLAN Translation with a FEX VLAN translation on a FEX operates on a per FEX basis The VLAN translation enable and mapping configurations must be applied to all the fabric interfaces for a FEX and take effect on all FEX host trunk ports You can configure VLAN translation between the ingress original VLAN and a translated local ...

Страница 42: ...sociate number Step 8 Exits the configuration submode switch config if exit Step 9 Specifies an Ethernet interface to configure switch config interface type port Step 10 Applies to the FEX trunk interfaces Note Configures the interface as a trunk port switch config if switchport mode trunk Step 11 Applies to the FEX trunk interfaces Note Configures the allowed VLANs for a virtual Ethernet interfac...

Страница 43: ...N s switch show vlan brief id vlan_id vlan_range name name summary Feature History for Configuring VLANs This table lists the release history for this feature The feature history table is added updated in this guide from Cisco Nexus Release 7 3 0 N1 1 onwards Note Table 2 Feature History for Configuring VLANs Feature Information Releases Feature Name You can configure VLAN long names of up to 128 ...

Страница 44: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 26 Configuring VLANs Feature History for Configuring VLANs ...

Страница 45: ...MST instance as the primary VLAN You must disable all the FEX isolated trunk ports before configuring FEX trunk ports The number of mappings on a PVLAN trunk port is limited to 128 You cannot connect a second switch to a promiscuous or isolated PVLAN trunk The promiscuous or isolated PVLAN trunk is supported only on host switch You cannot configure promiscuous ports and promiscuous trunk ports on ...

Страница 46: ...dary VLAN can either be isolated VLAN or community VLAN A host on an isolated VLAN can communicate only with the associated promiscuous port in its primary VLAN Hosts on community VLAN can communicate among themselves and with their associated promiscuous port but not with ports in other community VLANs Figure 4 Private VLAN Domain You must first create the VLAN before converting it to a PVLAN eit...

Страница 47: ...rts are ports on the FEX module 2 Associating Secondary VLANs with a Primary Private VLAN When you associate secondary VLANs with a primary VLAN follow these guidelines The secondary vlan list parameter cannot contain spaces It can contain multiple comma separated items Each item can be a single secondary VLAN ID or a hyphenated range of secondary VLAN IDs The secondary vlan list parameter can con...

Страница 48: ...fig vlan primary vlan id Step 2 Associates the secondary VLANs with the primary VLAN Use the remove keyword with a switch config vlan private vlan association add secondary vlan list remove secondary vlan list Step 3 secondary vlan list to clear the association between secondary VLANs and a primary VLAN Optional Removes all associations from the primary VLAN and returns it to normal VLAN mode swit...

Страница 49: ...main A community port must be configured as an access port A community VLAN must not be enabled on an isolated trunk port Because trunks can support VLANs that carry traffic between promiscuous isolated and community ports the isolated and community port traffic might enter or leave the switch through a trunk interface Note Primary Isolated and Community Private VLANs Primary VLANs and the two typ...

Страница 50: ...t a wide range of devices as access points to a PVLAN For example you can use a promiscuous port to monitor or back up all the PVLAN servers from an administration workstation In a switched environment you can assign an individual PVLAN and associated IP subnet to each individual or common group of end stations The end stations need to communicate only with a default gateway to communicate outside...

Страница 51: ...nd then add the desired association Private VLAN Promiscuous Trunks A promiscuous trunk port can carry traffic for several primary VLANs Multiple secondary VLANs under a given primary VLAN can be mapped to a promiscuous trunk port Traffic on the promiscuous port is received and transmitted with a primary VLAN tag Private VLAN Isolated Trunks An isolated trunk port can carry traffic for multiple is...

Страница 52: ...ated to the community port The broadcast packets are not distributed to any other communities within the primary VLAN or to any isolated ports Private VLAN Port Isolation You can use PVLANs to control access to end stations as follows Configure selected interfaces connected to end stations as isolated ports to prevent any communication For example if the end stations are servers this configuration...

Страница 53: ...y isolated or primary PVLAN In a PVLAN you must have one switch config vlan private vlan community isolated primary Step 3 primary VLAN You can have multiple community and isolated VLANs Optional Removes the PVLAN configuration from the specified VLAN s and returns it to normal VLAN mode If you switch config vlan no private vlan community isolated primary Step 4 delete either the primary or second...

Страница 54: ...slot port syntax is QSFP module port Note Configures the interface as a Layer 2 interface and deletes any configuration specific to Layer 3 on this interface switch config if switchport Step 3 Configures the port as a host port for a PVLAN switch config if switchport mode private vlan host Step 4 Associates the port with the primary and secondary VLANs of a PVLAN The secondary VLAN can be either a...

Страница 55: ... for a PVLAN You can enable promiscuous ports and promiscuous trunk switch config if switchport mode private vlan promiscuous Step 4 ports only on base board ports base board ports are the ports on the switch You cannot configure promiscuous ports on FEX HIF ports If you try to configure promiscuous ports on FEX HIF ports the device will display an error Note Configures the port as a promiscuous p...

Страница 56: ...on a FEX interface HIF interface switch config interface type slot port Step 2 If this is a 10G breakout port the slot port syntax is QSFP module port Note If this is a QSFP GEM or a breakout port the port syntax is QSFP module port Note Configures the interface as a Layer 2 interface and deletes any configuration specific to Layer 3 on this interface switch config if switchport Step 3 Configures ...

Страница 57: ...en you configure the association between the isolated and primary VLANs Multiple isolated VLANs can be enabled by configuring multiple associations Before You Begin Ensure that the PVLAN feature is enabled Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Selects the port to configure as a PVLAN isolated trunk port This port can be on a FEX ident...

Страница 58: ...rts Isolated trunk and promiscuous trunk ports can carry traffic from regular VLANs along with PVLANs Before You Begin Ensure that the PVLAN feature is enabled Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Selects the port to configure as a PVLAN host port This port can be on a FEX identified by the chassis option switch config interface type...

Страница 59: ...sulated with tags that identify the VLAN that the traffic belongs to Note Before You Begin Ensure that the PVLAN feature is enabled Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Selects the port to configure as a PVLAN host port This port can be on a FEX identified by the chassis option switch config interface type chassis slot port Step 2 If...

Страница 60: ...e vlan Primary Secondary Type Ports 5 100 community 5 101 community Eth1 12 Eth100 1 1 5 102 community 5 110 community 5 200 isolated Eth1 2 switch show vlan private vlan type Vlan Type 5 primary 100 community 101 community 102 community 110 community 200 isolated This example shows how to display enabled features some of the output has been removed for brevity switch show feature Feature Name Ins...

Страница 61: ...RSTP is an improvement on the original STP standard 802 1D which allows faster convergence Spanning tree is used to refer to IEEE 802 1w and IEEE 802 1s If the text is discussing the IEEE 802 1D Spanning Tree Protocol 802 1D is stated specifically Note Understanding STP STP Overview For an Ethernet network to function properly only one active path can exist between any two stations When you create...

Страница 62: ... system elects a designated switch for each LAN segment The system eliminates any loops in the switched network by placing redundant interfaces in a backup state all paths that are not needed to reach the root switch from anywhere in the switched network are placed in an STP blocked state The topology on an active switched network is determined by the following The unique switch identifier Media A...

Страница 63: ... MAC Address Allocation Extended system ID and MAC address reduction is always enabled on the software Note With MAC address reduction enabled on any switch you should also enable MAC address reduction on all other connected switches to avoid undesirable root bridge election and spanning tree topology issues When MAC address reduction is enabled the root bridge priority becomes a multiple of 4096 ...

Страница 64: ...smitting port Values for the hello forward delay and max age protocol timer Additional information for STP extension protocols When a switch transmits a Rapid PVST BPDU frame all switches connected to the VLAN on which the frame is transmitted receive the BPDU When a switch receives a BPDU it does not forward the frame but instead uses the information in the frame to calculate a BPDU and if the to...

Страница 65: ...as the root bridge because the bridge priority of all the switches is set to the default 32768 and Switch A has the lowest MAC address However due to traffic patterns the number of forwarding ports or link types Switch A might not be the ideal root bridge By increasing the priority lowering the numerical value of the ideal switch so that it becomes the root bridge you force an STP recalculation to...

Страница 66: ...recovery of connectivity following the failure of a network device a switch port or a LAN It provides rapid convergence for edge ports new root ports and ports connected through point to point links as follows Edge ports When you configure a port as an edge port on an RSTP switch the edge port immediately transitions to the forwarding state This immediate transition was previously a Cisco propriet...

Страница 67: ...nated ports if necessary Flushes the MAC addresses associated with all these ports The topology change notification floods quickly across the entire topology The system flushes dynamic entries immediately on a per port basis when it receives a topology change The TCA flag is used only when the switch is interacting with switches that are running legacy 802 1D STP Note The proposal and agreement se...

Страница 68: ...there is a point to point link between Switches A and B When Switch C connects to Switch B a similar set of handshaking messages are exchanged Switch C selects the port connected to Switch B as its root port and both ends of the link immediately transition to the forwarding state With each iteration of this handshaking process one more network device joins the active topology As the network conver...

Страница 69: ...signs one of these port roles to individual ports Root port Provides the best path lowest cost when the switch forwards packets to the root bridge Designated port Connects to the designated switch which incurs the lowest path cost when forwarding packets from that LAN to the root bridge The port through which the designated switch is attached to the LAN is called the designated port Alternate port...

Страница 70: ...nning tree topology to the forwarding state it can create temporary data loops Ports must wait for new topology information to propagate through the switched LAN before starting to forward frames Each LAN port on a software using Rapid PVST or MST exists in one of the following four states Blocking The LAN port does not participate in frame forwarding Learning The LAN port prepares to participate ...

Страница 71: ...atabase There is no learning on a blocking LAN port so there is no address database update Receives BPDUs and directs them to the system module Receives processes and transmits BPDUs received from the system module Receives and responds to network management messages Learning State A LAN port in the learning state prepares to participate in frame forwarding by learning the MAC addresses for the fr...

Страница 72: ...on into its address database There is no learning so there is no address database update Does not receive BPDUs from neighbors Does not receive BPDUs for transmission from the system module Summary of Port States The following table lists the possible operational and Rapid PVST states for ports and the corresponding inclusion in the active topology Table 5 Port State Active Topology Is Port Includ...

Страница 73: ...ents is shown in the following figure Figure 11 Sequence of Events During Rapid Convergence Processing Superior BPDU Information A superior BPDU is a BPDU with root information such as a lower switch ID or lower path cost that is superior to what is currently stored for the port If a port receives a superior BPDU Rapid PVST triggers a reconfiguration If the port is proposed and is selected as the ...

Страница 74: ...etect that Switch B does not react to the superior BPDUs it sends and that Switch B is the designated not root port As a result Switch A blocks or keeps blocking its port which prevents the bridging loop The block is shown as an STP dispute Figure 12 Detecting Unidirectional Link Failure Port Cost Rapid PVST uses the short 16 bit path cost method to calculate the cost by default With the short pat...

Страница 75: ... priority value when the LAN port is configured as an access port and uses the VLAN port priority values when the LAN port is configured as a trunk port Rapid PVST and IEEE 802 1Q Trunks In a network of Cisco switches connected through 802 1Q trunks the switches maintain one instance of STP for each VLAN allowed on the trunks However non Cisco 802 1Q switches maintain only one instance of STP for ...

Страница 76: ...s active the switch processes all BPDUs received on that port and ignores the protocol type If the switch receives an 802 1D BPDU after the port migration delay timer has expired it assumes that it is connected to an 802 1D switch and starts using only 802 1D BPDUs However if the 802 1w switch is using 802 1D BPDUs on a port and receives an 802 1w BPDU after the timer has expired it restarts the t...

Страница 77: ...pvst Because STP is enabled by default entering the show running config command to view the resulting configuration does not display the command that you entered to enable Rapid PVST Note Enabling Rapid PVST per VLAN You can enable or disable Rapid PVST on each VLAN Rapid PVST is enabled by default on the default VLAN and on all VLANs that you create Note Procedure Purpose Command or Action Enters...

Страница 78: ...e spanning tree vlan vlan_ID root command the switch checks the bridge priority of the current root bridges for each VLAN The switch sets the bridge priority for the specified VLANs to 24576 if this value will cause the switch to become the root for the specified VLANs If any root bridge for the specified VLANs has a bridge priority lower than 24576 the switch sets the bridge priority for the spec...

Страница 79: ... root bridge for the specified VLANs if the primary root bridge fails assuming the other switches in the network use the default bridge priority of 32768 STP sets the bridge priority to 28672 Enter the diameter keyword to specify the network diameter that is the maximum number of bridge hops between any two end stations in the network When you specify the network diameter the software automaticall...

Страница 80: ...r LAN ports The software uses the port priority value when the LAN port is configured as an access port and uses VLAN port priority values when the LAN port is configured as a trunk port Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Specifies the interface to configure and enters interface configuration mode switch config interface type slot ...

Страница 81: ...his is a 10G breakout port the slot port syntax is QSFP module port Note Configures the port cost for the LAN interface The cost value depending on the path cost calculation method can be as follows switch config if spanning tree vlan vlan id cost value auto Step 4 short 1 to 65535 long 1 to 200000000 You configure this parameter per interface on access ports and per VLAN on trunk ports Note The d...

Страница 82: ...e vlan 5 priority 8192 Configuring the Rapid PVST Hello Time for a VLAN You can configure the Rapid PVST hello time for a VLAN Be careful when using this configuration For most situations we recommend that you configure the primary root and secondary root to modify the hello time Note Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Configures t...

Страница 83: ...p 1 Configures the maximum aging time of a VLAN The maximum aging time value can be from 6 to 40 seconds and the default is 20 seconds switch config spanning tree vlan vlan range max age max age Step 2 This example shows how to configure the maximum aging time for a VLAN switch configure terminal switch config spanning tree vlan 5 max age 36 Specifying the Link Type Rapid connectivity 802 1w stand...

Страница 84: ...rnet 1 4 switch config if spanning tree link type point to point You can only apply this command to a physical Ethernet interface Restarting the Protocol A bridge running Rapid PVST can send 802 1D BPDUs on one of its ports when it is connected to a legacy bridge However the STP protocol migration cannot determine whether the legacy switch has been removed from the link unless the legacy switch is...

Страница 85: ...panning tree enabled protocol rstp Root ID Priority 32768 Address 001c b05a 5447 Cost 2 Port 131 Ethernet1 3 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 priority 32768 sys id ext 1 Address 000d ec6d 7841 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio Nbr Type Eth1 3 Root FWD 2 128 131 P2p Peer STP Cisco Nexus 6000 Series NX OS La...

Страница 86: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 68 Configuring Rapid PVST Verifying the Rapid PVST Configuration ...

Страница 87: ...and reduces the number of STP instances required to support a large number of VLANs MST provides rapid convergence through explicit handshaking as each MST instance uses the IEEE 802 1w standard which eliminates the 802 1D forwarding delay and quickly transitions root bridge ports and designated ports to the forwarding state MAC address reduction is always enabled while you are using MST You canno...

Страница 88: ...upport up to 65 MST instances MSTIs Instances are identified by any number in the range from 1 to 4094 The system reserves Instance 0 for a special instance which is the IST You can assign a VLAN to only one MST instance at a time The MST region appears as a single bridge to adjacent MST regions and to other Rapid PVST regions and 802 1D spanning tree protocols We recommend that you do not partiti...

Страница 89: ...s the MST bridge considers the BPDU to be from another MST region IST CIST and CST IST CIST and CST Overview Unlike Rapid PVST in which all the STP instances are independent MST establishes and maintains IST CIST and CST spanning trees as follows An IST is the spanning tree that runs in an MST region MST establishes and maintains additional spanning trees within each MST region these spanning tree...

Страница 90: ...to be the root for all of them If the switch receives superior MST root information lower switch ID lower path cost and so forth than the information that is currently stored for the port it relinquishes its claim as the CIST regional root During initialization an MST region might have many subregions each with its own CIST regional root As switches receive superior IST information from a neighbor...

Страница 91: ... to the spanning tree topology for example the switch priority the port VLAN cost and the port VLAN priority on both the CST instance and the MSTI MST switches use Version 3 BPDUs or 802 1D STP BPDUs to communicate with 802 1D only switches MST switches use MST BPDUs to communicate with MST switches MST Terminology MST naming conventions include identification of some internal or regional paramete...

Страница 92: ...ves the same result as the message age information triggers a reconfiguration The root bridge of the instance always sends a BPDU or M record with a cost of 0 and the hop count set to the maximum value When a switch receives this BPDU it decrements the received remaining hop count by one and propagates this value as the remaining hop count in the BPDUs that it generates When the count reaches zero...

Страница 93: ...detect unidirectional link failures that could cause bridging loops When a designated port detects a conflict it keeps its role but reverts to a discarding state because disrupting connectivity in case of inconsistency is preferable to opening a bridging loop The following figure shows a unidirectional link failure that typically creates a bridging loop Switch A is the root bridge and its BPDUs ar...

Страница 94: ...receives an 802 1D BPDU an MST BPDU Version 3 associated with a different region or an 802 1w BPDU Version 2 However the switch does not automatically revert to the MST mode if it no longer receives 802 1D BPDUs because it cannot detect whether the 802 1D switch has been removed from the link unless the 802 1D switch is the designated switch A switch might also continue to assign a boundary role t...

Страница 95: ...resumes the normal STP transition process Configuring MST MST Configuration Guidelines When configuring MST follow these guidelines When you work with private VLANs enter the private vlan synchronize command to map the secondary VLANs to the same MST instance as the primary VLAN When you are in the MST configuration mode the following guidelines apply Each command reference line creates its pendin...

Страница 96: ...nd MST revision number on the switch For two or more switches to be in the same MST region they must have the identical MST name VLAN to instance mapping and MST revision number Each command reference line creates its pending regional configuration in MST configuration mode In addition the pending region configuration starts with the current region configuration Note When you are working in MST co...

Страница 97: ...ou configure a region name on the bridge For two or more bridges to be in the same MST region they must have the identical MST name VLAN to instance mapping and MST revision number Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Enters MST configuration submode switch config spanning tree mst configuration Step 2 Specifies the name for MST regi...

Страница 98: ... switches to be in the same MST region they must have the same VLAN to instance mapping the same configuration revision number and the same MST name A region can have one member or multiple members with the same MST configuration each member must be capable of processing IEEE 802 1w RSTP BPDUs There is no limit to the number of MST regions in a network but each region can support only up to 65 MST...

Страница 99: ... the default VLAN to instance map enter the no instance instance id vlan vlan range MST configuration command To return to the default name enter the no name MST configuration command To return to the default revision number enter the no revision MST configuration command To reenable Rapid PVST enter the no spanning tree mode or the spanning tree mode rapid pvst global configuration command This e...

Страница 100: ...n For vlan range the range is from 1 to 4094 When you map VLANs to an MSTI the mapping is incremental and the VLANs specified in the command are added to or removed from the VLANs that were previously mapped Deletes the specified instance and returns the VLANs to the default MSTI which is the CIST switch config mst no instance instance id vlan vlan range Step 4 This example shows how to map VLAN 2...

Страница 101: ...h is available only for MSTI 0 or the IST to specify the network diameter that is the maximum number of hops between any two end stations in the network When you specify the network diameter the switch automatically sets an optimal hello time forward delay time and maximum age time for a network of that diameter which can significantly reduce the convergence time You can enter the hello keyword to...

Страница 102: ...itch to configure multiple backup root bridges Enter the same network diameter and hello time values that you used when you configured the primary root bridge with the spanning tree mst root primary configuration command Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Configures a switch as the secondary root bridge as follows switch config spa...

Страница 103: ...configure and enters interface configuration mode switch config interface type slot port port channel number Step 2 If this is a 10G breakout port the slot port syntax is QSFP module port Note Configures the port priority as follows switch config if spanning tree mst instance id port priority priority Step 3 For instance id you can specify a single MSTI a range of MSTIs separated by a hyphen or a ...

Страница 104: ...Note Configures the cost switch config if spanning tree mst instance id cost cost auto Step 3 If a loop occurs MST uses the path cost when selecting an interface to place into the forwarding state A lower path cost represents higher speed transmission as follows For instance id you can specify a single instance a range of instances separated by a hyphen or a series of instances separated by a comm...

Страница 105: ...6 49152 53248 57344 and 61440 The system rejects all other values This example shows how to configure the priority of the bridge to 4096 for MSTI 5 switch configure terminal switch config spanning tree mst 5 priority 4096 Configuring the Hello Time You can configure the interval between the generation of configuration messages by the root bridge for all instances on the switch by changing the hell...

Страница 106: ...tep 2 before changing from its spanning tree blocking and learning states to the forwarding state For seconds the range is from 4 to 30 and the default is 15 seconds This example shows how to configure the forward delay time of the switch to 10 seconds switch configure terminal switch config spanning tree mst forward time 10 Configuring the Maximum Aging Time The maximum aging timer is the number ...

Страница 107: ...in that region The hop count achieves the same result as the message age information triggers a reconfiguration Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Specifies the number of hops in a region before the BPDU is discarded and the information held for a port is aged switch config spanning tree mst max hops hop count Step 2 For hop count ...

Страница 108: ...nected to a Rapid PVST enabled port This port remains in the inconsistent state until the port stops receiving BPDUs and then the port resumes the normal STP transition process You can block this automatic feature either globally or per port Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Specifies an interface to configure and enters interface...

Страница 109: ...etting on the link type and enable rapid transitions If you set the link to shared STP reverts to 802 1D Procedure Purpose Command or Action Enters configuration mode switch configure terminal Step 1 Specifies the interface to configure and enters interface configuration mode switch config interface type slot port Step 2 If this is a 10G breakout port the slot port syntax is QSFP module port Note ...

Страница 110: ...interface interface interface num port channel Step 1 This example shows how to restart MST on the Ethernet interface on slot 2 port 8 switch clear spanning tree detected protocol interface ethernet 2 8 Verifying the MST Configuration Use the following commands to display MST configuration information Purpose Command Displays the current spanning tree configuration show running config spanning tre...

Страница 111: ...w and IEEE 802 1s If the text is discussing the IEEE 802 1D Spanning Tree Protocol 802 1D is stated specifically Note Information About STP Extensions Understanding STP Port Types You can configure a spanning tree port as an edge port a network port or a normal port A port can be in only one of these states at a given time The default spanning tree port type is normal Depending on the type of devi...

Страница 112: ...only by Rapid PVST and MST Legacy 802 1D spanning tree does not support Bridge Assurance Note Bridge Assurance is enabled by default and can only be disabled globally Also Bridge Assurance can be enabled only on spanning tree network ports that are point to point links Finally both ends of the link must have Bridge Assurance enabled With Bridge Assurance enabled BPDUs are sent out on all operation...

Страница 113: ...addition you can configure BPDU Filtering by the individual interface When you explicitly configure BPDU Filtering on a port that port does not send any BPDUs and drops all BPDUs that it receives You can effectively override the global BPDU Filtering setting on individual ports by configuring the specific interface This BPDU Filtering command on the interface applies to the entire interface whethe...

Страница 114: ...ed bridge cannot disappear unless it sends an inferior BPDU or brings the link down Loop Guard can be enabled only on network and normal spanning tree port types Note You can use Loop Guard to determine if a root port or an alternate backup root port receives BPDUs If the port does not receive BPDUs Loop Guard puts the port into an inconsistent state blocking until the port starts to receive BPDUs...

Страница 115: ...ng tree port types normal edge and network ports Note Configuring STP Extensions STP Extensions Configuration Guidelines When configuring STP extensions follow these guidelines Configure all access and trunk ports connected to hosts as edge ports Bridge Assurance runs only on point to point spanning tree network ports You must configure each side of the link for this feature Loop Guard does not ru...

Страница 116: ...e interfaces connected to hosts as network ports those ports automatically move into the blocking state Note This example shows how to configure all access and trunk ports connected to hosts as spanning tree edge ports switch configure terminal switch config spanning tree port type edge default This example shows how to configure all ports connected to switches or bridges as spanning tree network ...

Страница 117: ...p 2 If this is a 10G breakout port the slot port syntax is QSFP module port Note Configures the specified access interfaces to be spanning edge ports Edge ports immediately transition to the forwarding switch config if spanning tree port type edge Step 3 state without passing through the blocking or learning state at linkup By default spanning tree ports are normal port types This example shows ho...

Страница 118: ...e interface configuration mode The interface can be a physical Ethernet port switch config interface type slot port Step 2 If this is a 10G breakout port the slot port syntax is QSFP module port Note Configures the specified interfaces to be spanning network ports If you enable Bridge Assurance it automatically runs switch config if spanning tree port type network Step 3 on network ports By defaul...

Страница 119: ...U You can configure BPDU Guard on specified interfaces as follows spanning tree bpduguard enable Unconditionally enables BPDU Guard on the interface spanning tree bpduguard disable Unconditionally disables BPDU Guard on the interface no spanning tree bpduguard Enables BPDU Guard on the interface if it is an operational edge port and if the spanning tree port type edge bpduguard default command is ...

Страница 120: ...ally by default on spanning tree edge ports If an edge port with BPDU Filtering enabled receives a BPDU it loses its operation status and as edge port and resumes the regular STP transitions However this port maintains it configuration as an edge port Be careful when using this command using it incorrectly can cause bridging loops Caution When enabled globally BPDU Filtering is applied only on por...

Страница 121: ...e the port ignores any BPDU it receives and goes to forwarding Caution You can enter this command to override the port configuration on specified interfaces This command has three states spanning tree bpdufilter enable Unconditionally enables BPDU Filtering on the interface spanning tree bpdufilter disable Unconditionally disables BPDU Filtering on the interface no spanning tree bpdufilter Enables...

Страница 122: ...d Globally You can enable Loop Guard globally by default on all point to point spanning tree normal and network ports Loop Guard does not run on edge ports Loop Guard provides additional security in the bridge network Loop Guard prevents alternate or root ports from becoming the designated port because of a failure that could lead to a unidirectional link Entering the Loop Guard command for the sp...

Страница 123: ... configuration mode switch configure terminal Step 1 Specifies the interface to configure and enters the interface configuration mode switch config interface type slot port Step 2 If this is a 10G breakout port the slot port syntax is QSFP module port Note Enables or disables either Loop Guard or Root Guard for the specified interface By default Root Guard is disabled by default and Loop Guard on ...

Страница 124: ...rt BPDU is not sent Note The following examples show how to configure the number of seconds between generation of config BPDUs to 5 for VLAN 10 switch configure terminal switch config spanning tree vlan 10 fex hello time 5 Verifying the STP Extension Configuration Use the following commands to display the configuration information for the STP extensions Purpose Command Displays the current status ...

Страница 125: ...ault value is 120 seconds seconds tlv select dcbxp management address port description port vlan Use the reinit option to set the length of time 1 to 10 seconds to wait before performing LLDP initialization on any interface The default value is 2 seconds system capabilities system description system name Use the timer option to set the rate 5 to 254 seconds at which LLDP packets are sent The defau...

Страница 126: ...s switch configure terminal switch config lldp holdtime 200 switch config This example shows how to enable LLDP to send or receive the management address TLVs switch configure terminal switch config lldp tlv select management address switch config Configuring Interface LLDP Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Selects the interface t...

Страница 127: ...ength 2 LLDP TLV type LLDP Organizationally Specific LLDP TLV Length 55 LLDP TLV type LLDP Organizationally Specific LLDP TLV Length 5 LLDP TLV type END of LLDPDU LLDP TLV Length 0 Remote Peers Information on interface Eth1 34 Remote peer s MSAP length 12 Bytes 00 0d ec a3 27 40 00 0d ec a3 27 69 LLDP TLV s LLDP TLV type Chassis ID LLDP TLV Length 7 LLDP TLV type Port ID LLDP TLV Length 7 LLDP TLV...

Страница 128: ...shows how to display LLDP timer information switch show lldp timers LLDP Timers holdtime 120 seconds reinit 2 seconds msg_tx_interval 30 seconds This example shows how to display information about LLDP counters switch show lldp traffic LLDP traffic statistics Total frames out 8464 Total Entries aged 6 Total frames in 6342 Total frames received in error 2 Total frames discarded 2 Total TLVs unrecog...

Страница 129: ...he port that received the frame When the destination station replies the switch adds its relevant MAC source address and port ID to the address table The switch then forwards subsequent frames to a single LAN port without flooding all LAN ports You can also enter a MAC address which is termed a static MAC address into the table These static MAC entries are retained across a reboot of the switch RM...

Страница 130: ...ac_address vlan vlan id Step 3 Use the mac address table static command to assign a static MAC address to a virtual interface This example shows how to put a static entry in the MAC address table switch configure terminal switch config mac address table static 12ab 47dd ff89 vlan 3 interface ethernet 1 4 switch config Configuring the Aging Time for the MAC Table You can configure the amount of tim...

Страница 131: ... detect port down configuration is enabled the last port on which MAC loop is detected is err disabled Note Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Specifies the port down action for MAC move loop detection The no form of this command reverts to switch config no mac address table loop detect port down Step 2 the default action of disabl...

Страница 132: ...sables the RMAC learning feature switch config no mac address table router mac learn enable Step 2 You can use the clear mac address table dynamic command to clear the learned MAC addresses Verifying the MAC Address Configuration Use one of the following commands to verify the configuration Table 8 MAC Address Configuration Verification Commands Purpose Command Displays the MAC address aging time ...

Страница 133: ...configure terminal switch config no mac address table loop detect port down switch config show mac address table loop detect Port Down Action Mac Loop Detect disabled Verifying RMAC Learning Feature Use the show mac address table interface type slot port vlan vlan_id command to display the information about the MAC address table In the sample output given below RMAC is learned on Ethernet 1 33 swi...

Страница 134: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 116 Configuring MAC Address Tables Verifying RMAC Learning Feature ...

Страница 135: ...g the entire VLAN The IGMP snooping feature tracks which ports are attached to multicast capable routers to help it manage the forwarding of IGMP membership reports The IGMP snooping software responds to topology change notifications IGMP snooping is supported on all Ethernet interfaces The term snooping is used because Layer 3 control plane packets are intercepted and influence Layer 2 forwarding...

Страница 136: ...its report Membership report suppression occurs for hosts that share a port If no more than one host is attached to each VLAN switch port you can configure the fast leave feature in IGMPv2 The fast leave feature does not send last member query messages to hosts As soon as the software receives an IGMP leave message the software stops forwarding multicast data to that port IGMPv1 does not provide a...

Страница 137: ... not apply for Cisco Nexus devices and the snooped entries are programmed in the FIB tables and not in MAC table When a host connected to the switch wants to join an IP multicast group it sends an unsolicited IGMP join message specifying the IP multicast group to join Alternatively when the switch receives a general query from a connected router it forwards the query to all interfaces physical and...

Страница 138: ...s the interval that the software waits after sending an IGMP query to verify that no hosts that want to receive a particular multicast group remain on a network segment If no hosts respond before the last member query interval expires the software removes the group from the associated VLAN port Values range from 1 to 25 seconds The default is 1 second Last member query interval Configures a snoopi...

Страница 139: ...ch configure terminal Step 1 Globally enables IGMP snooping The default is enabled switch config ip igmp snooping Step 2 If the global setting is disabled all VLANs are treated as disabled whether they are enabled or not Note Enters VLAN configuration mode switch config vlan configuration vlan id Step 3 Enables IGMP snooping for the current VLAN The default is enabled switch config vlan ip igmp sn...

Страница 140: ...outer port and the multicast packet is sent to the peer link for each receiver VLAN To send the multicast traffic over a vPC peer link to each receiver VLAN that has orphan ports use the no ip igmp snooping mrouter vpc peer link command The IGMP snooping mrouter VPC peer link should also be globally disabled on the peer VPC switch Configures an interface belonging to a VLAN as a static member of a...

Страница 141: ... enabled Router port detection using PIM Hellos IGMP Queries Number of router ports 0 Number of groups 0 IGMP Snooping information for vlan 5 IGMP snooping enabled IGMP querier present address 192 0 2 1 version 3 Querier interval 125 secs Querier last member query interval 10 secs Querier robustness 2 Switch querier enabled address 192 0 2 1 currently running Explicit tracking enabled Fast leave e...

Страница 142: ...0 00 02 00 04 17 v2 1 100 225 1 1 76 Eth1 43 10 1 1 2 00 00 02 00 00 02 00 04 17 v2 1 100 225 1 1 77 Eth1 43 10 1 1 2 00 00 02 00 00 02 00 04 17 v2 1 100 225 1 1 78 Eth1 43 10 1 1 2 00 00 02 00 00 02 00 04 17 v2 1 switch Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 124 Configuring IGMP Snooping Verifying the IGMP Snooping Configuration ...

Страница 143: ...he switch forwards multicast data for MVR IP multicast streams only to MVR ports on which hosts have joined either by IGMP reports or by MVR static configuration The switch forwards IGMP reports received from MVR hosts only to the source port For other traffic VLAN isolation is preserved MVR requires at least one VLAN to be designated as the common VLAN to carry the multicast stream from the sourc...

Страница 144: ...s command multicast traffic is not sent over to a peer link for the source VLAN and receiver VLAN unless there is an orphan port in the VLAN The show mvr member command shows the multicast group on the vPC peer switch However the vPC peer switch does not show the multicast groups if it does not receive the IGMP membership report of the groups Licensing Requirements for MVR The following table show...

Страница 145: ...ceiver nor a source port Interface per port default Configuring MVR Configuring MVR Global Parameters Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Globally enables MVR The default is disabled switch config no mvr Step 2 Use the no form of the command to disable MVR Specifies the global default MVR VLAN The MVR VLAN is the source of the multi...

Страница 146: ...nters switch clear mvr counters source ports receiver ports Step 6 Optional Displays the global MVR configuration switch show mvr Step 7 Optional Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration switch copy running config startup config Step 8 This example shows how to globally enable MVR and configure the global parameter...

Страница 147: ...red as an MVR receiver A receiver port receives data only when it becomes a member of the multicast group by using IGMP leave and join messages If you attempt to configure a non MVR port with MVR characteristics the configuration is cached and does not take effect until the port becomes an MVR port The default port mode is non MVR Optional Specifies an interface default MVR VLAN that overrides the...

Страница 148: ...ch config if mvr group 225 1 3 1 vlan 100 switch config if mvr type receiver switch config if end switch copy running config startup config switch Verifying the MVR Configuration Use the following commands to verify the MVR configuration Description Command Displays the MVR subsystem configuration and status show mvr Displays the MVR group configuration show mvr groups Displays information about I...

Страница 149: ...shows how to verify the MVR group configuration switch show mvr groups Global default MVR VLAN Group start Group end Count MVR VLAN Interface Mask 228 1 2 240 228 1 2 255 28 101 230 1 1 1 230 1 1 4 4 100 235 1 1 6 235 1 1 6 1 340 225 1 3 1 225 1 3 1 1 100 Eth1 10 This example shows how to verify the MVR interface configuration and status switch show mvr interface Port VLAN Type Status MVR VLAN Po1...

Страница 150: ...is example shows how to display all MVR receiver ports on all interfaces switch show mvr receiver ports Port MVR VLAN Status Joins Leaves v1 v2 v3 Po201 100 ACTIVE 8 2 Po202 100 ACTIVE 8 2 Po203 100 ACTIVE 8 2 Po204 100 INACTIVE 0 0 Po205 100 ACTIVE 10 6 Po206 100 ACTIVE 10 6 Po207 100 ACTIVE 5 0 Po208 100 ACTIVE 6 0 Eth1 10 101 ACTIVE 12 2 Eth2 2 101 ACTIVE 12 2 Eth102 1 1 340 ACTIVE 16 15 Eth102...

Страница 151: ...his process allows you to create and configure a new VLAN only on one device in the management domain and then that information is automatically learned by all the other devices in the same management domain Once a device learns about a VLAN the device receives all frames on that VLAN from any trunk port by default and if appropriate forwards them to each of its other trunk ports if any This proce...

Страница 152: ... VTP pruning for the entire VTP domain VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on messages received over trunk links Beginning with Release 5 1 1 the server mode is the default mode The VLAN information is stored on the bootflash and is not erased after a reboot Client Allows you to c...

Страница 153: ...itch processes TLVs in the VTP V3 summary packets VTP V3 Per Interface VTP allows you to enable or disable the VTP protocol on a per port basis to control the VTP traffic When a trunk is connected to a switch or end device it drops incoming VTP packets and prevents VTP advertisements on this particular trunk By default VTP is enabled on all the switch ports VTP V3 Pruning and Spanning Tree Protoco...

Страница 154: ...re Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Enables VTP on the device The default is disabled switch config feature vtp Step 2 Specifies the name of the VTP domain that you want this device to join The default is blank switch config vtp domain domain name Step 3 Sets the VTP version that you want to use The default is version 1 switch config vtp v...

Страница 155: ...ary feature force Example Device vtp primary vlan Step 10 information to the entire VTP domain If the password is configured as hidden the user is prompted to re enter the password after this command Enter VTP password This switch is becoming Primary Before the device takes over the role of primary it attempts to discover servers that conflict this server for vlan feature in the VTP domain informa...

Страница 156: ...r switches running VTP version 3 domain please wait VTP Database Conf switch ID Primary Server Revision System Name lict VLAN Yes 00b0 8e50 d000 000c 0412 6300 12354 main cisco com MST No 00b0 8e50 d000 0004 AB45 6000 24 main cisco com VLAN Yes 000c 0412 6300 000c 0412 6300 67 qwerty cisco com Optional Copies the running configuration to the startup configuration switch copy running config startup...

Страница 157: ...face identifier switchport Step 4 Creates a port channel interface and enter interface configuration mode switch config interface port channel channel number Step 5 Sets the specified VLANs to be VTP pruning eligible switch config if switchport trunk pruning vlan add remove except none all VLAN IDs Step 6 Returns to privileged EXEC mode switch config if end Step 7 Optional Displays VTP pruning inf...

Страница 158: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 140 Configuring VTP V3 Configuring VTP V3 Pruning ...

Страница 159: ...formance You can use the traffic storm control feature to prevent disruptions on Ethernet interfaces by a broadcast multicast or unknown unicast traffic storm Traffic storm control also called traffic suppression allows you to monitor the levels of the incoming broadcast multicast or unknown unicast traffic over a 10 microsecond interval During this interval the traffic level which is a percentage...

Страница 160: ... use Because packets do not arrive at uniform intervals the 10 microsecond interval can affect the operation of traffic storm control The following are examples of how traffic storm control operation is affected If you enable broadcast traffic storm control and broadcast traffic exceeds the level within the 10 microsecond interval traffic storm control drops all exceeding broadcast traffic until t...

Страница 161: ...recommended The configuration might fail for one or more interfaces in the range depending on the hardware resource availability The result of the command is partial success in some cases In the Cisco Nexus 5000 switch storm control does not distinguish between IP non IP registered or unregistered multicast traffic All multicast traffic is subject to a single multicast storm control policer when c...

Страница 162: ...ands to display traffic storm control configuration information Purpose Command Displays the traffic storm control configuration for the interfaces Traffic storm control uses a 10 microsecond interval that can affect the operation of traffic storm control Note If this is a 10G breakout port the slot port syntax is QSFP module port Note show interface ethernet slot port port channel number counters...

Страница 163: ...rm control parameters Table 11 Default Traffic Storm Control Parameters Default Parameters Disabled Traffic storm control 100 Threshold percentage Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 145 Configuring Traffic Storm Control Default Settings for Traffic Storm Control ...

Страница 164: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 146 Configuring Traffic Storm Control Default Settings for Traffic Storm Control ...

Страница 165: ... Management page 160 Fabric Extender Hardware page 160 Speed and Duplex Mode page 162 Associating a Fabric Extender to a Fabric Interface page 165 Configuring Fabric Extender Global Features page 168 Enabling the Fabric Extender Locator LED page 170 Redistributing the Links page 171 Verifying the Fabric Extender Configuration page 173 Verifying the Chassis Management Information page 174 Configuri...

Страница 166: ...nd hosts to be supported by using the same feature set as the parent device including security and quality of service QoS configuration parameters with a single management domain The Fabric Extender and its parent switch enable a large multipath loop free active active data center topology without the use of the Spanning Tree Protocol STP Figure 19 Single Management Domain The Cisco Nexus 2000 Ser...

Страница 167: ...s have a total of 6 40 Gigabit Ethernet uplink ports towards the parent switch If these are used with native 40G uplinks port on a parent switch then there is no limitation All 6 ports can be used in either single homed or dual homed configuration You can also use 40 Gigabit Ethernet uplink ports on the N2348 Fabric Extender device with 10 Gigabit Ethernet ports on the parent switch when used with...

Страница 168: ...uld ensure a loop free topology below the Fabric Extender host interfaces You can enable host interfaces to accept Cisco Discovery Protocol CDP packets This protocol only works when it is enabled for both ends of a link CDP is not supported on fabric interfaces when the Fabric Extender is configured in a virtual port channel vPC topology Note Ingress and egress packet counters are provided on each...

Страница 169: ... Channels With a virtual port channel vPC you can configure topologies where a Cisco Nexus Fabric Extender is connected to a pair of parent switches or a pair of Fabric Extenders are connected to a single parent switch The vPC can provide multipath connections which allow you to create redundancy between the nodes on your network A port channel between two FEXs that are connected to the same Cisco...

Страница 170: ... to single homed servers see the following figure Figure 21 Dual Homed Fabric Extender vPC Topology This configuration is also called an Active Active topology Port channels between two Fabric Extenders connected to the same Cisco Nexus device is not supported vPCs cannot span two different Fabric Extenders that are connected to the same physical Cisco Nexus device Note Cisco Nexus 6000 Series NX ...

Страница 171: ...to the other Egress policies are also restricted to these two classes The Cisco Nexus Series device provides two predefined type qos class maps for matching broadcast or multicast traffic class all flood and class ip multicast These classes are ignored on the Fabric Extender The Fabric Extender uses IEEE 802 1p class of service CoS values to associate traffic with the appropriate class Per port qu...

Страница 172: ...d for all the host interfaces on the same Fabric Extender Ingress source Rx egress source Tx or both ingress and egress monitoring are supported All IP multicast traffic on the VLANs that a Fabric Extender host interface belongs to is captured in the SPAN session You cannot separate the traffic by IP multicast group membership If you configure ingress monitoring and egress monitoring for host inte...

Страница 173: ... Fabric Extender has 4 10 Gigabit Ethernet fabric interfaces and 48 1000BASE T 1 Gigabit Ethernet host interfaces With this system you can have any number of configurations For example you can configure the following No oversubscription 40 host interfaces for four fabric interfaces 1 2 to 1 oversubscription 48 host interfaces for four fabric interfaces 4 8 to 1 oversubscription 48 host interfaces ...

Страница 174: ...nel mode are supported When all host interfaces are sending traffic to all fabric interfaces the maximum oversubscription ratio for the Cisco Nexus B22 Fabric Extender for Dell N2K B22DELL P is 2 1 The Cisco Nexus B22 Fabric Extender for IBM NB22IBM has 8 10 Gigabit Ethernet fabric interfaces and 14 1G 10 Gigabit Ethernet host interfaces All host interfaces use all of the available fabric interfac...

Страница 175: ...itch to a host interface that interface is placed in an error disabled state when a BPDU is received You cannot disable BPDU Guard on the host interfaces of the Fabric Extender Note The Fabric Extender supports egress multicast replication from the network to the host Packets that are sent from the parent switch for multicast addresses attached to the Fabric Extender are replicated by the Fabric E...

Страница 176: ... a fabric interface fails all its associated host interfaces are brought down and remain down until the fabric interface is restored Note You must use the pinning max links command to create a number of pinned fabric interface connections so that the parent switch can determine a distribution of host interfaces The host interfaces are divided by the number of the max links and distributed accordin...

Страница 177: ...fabric interface connection to its parent switch the switch load balances the traffic from the hosts that are connected to the host interface ports by using the following load balancing criteria to select the link For a Layer 2 frame the switch uses the source and destination MAC addresses For a Layer 3 frame the switch uses the source and destination MAC addresses and the source and destination I...

Страница 178: ...pecific slot and chassis ID Fabric Extender Image Management No software ships with the Cisco Nexus 2000 Series Fabric Extender The Fabric Extender image is bundled into the system image of the parent switch The image is automatically verified and updated if required during the association process between the parent switch and the Fabric Extender When you enter the install all command it upgrades ...

Страница 179: ... FEX supporting 32 10GBaseT host ports and 4 QSFP network ports Cisco Nexus 2348UPQ FEX for QSA FET 10G SFP 10G SR SFP 10G ER Cisco Nexus 2348TQ FEX N2K C2348TQ 10GE The Cisco Nexus 2248TP has 48 100BASE T 1000Base T Ethernet host interfaces for its downlink connection to servers or hosts and 4 10 Gigabit Ethernet fabric interfaces with SFP interface adapters for its uplink connection to the paren...

Страница 180: ...UTO AUTO Link DOWN in some scenarios 1 UP 100 Mbps Full duplex UP 100 Mbps Full duplex 100 Mbps Full duplex 100 Mbps Full duplex force mode Duplex mismatch as per standard results in collision errors Hence not a functional scenario UP 100 Mbps Half duplex UP 100 Mbps Full duplex 100 Mbps Half duplex 100 Mbps Full duplex force mode Duplex mismatch as per standard results in collision errors Hence n...

Страница 181: ...ull duplex Speed Mismatch DOWN DOWN 100 Mbps Full duplex 1000 Mbps Full duplex Speed Mismatch DOWN DOWN 100 Mbps Half duplex 1000 Mbps Full duplex Speed Mismatch DOWN DOWN 1000 Mbps Full duplex 10000 Mbps Full duplex Speed Mismatch DOWN DOWN 100 Mbps Full duplex 10000 Mbps Full duplex Speed Mismatch DOWN DOWN 100 Mbps Half duplex 10000 Mbps Full duplex Table for 10G 10000 Mbps Assuming maximum cap...

Страница 182: ...peed as AUTO advertises all speeds and Full Duplex only switch config interface ethernet 101 1 1 switch config if speed auto Configuration 100 Force Mode Configuring speed as 100 Mbps switch config interface ethernet 101 1 1 switch config if speed 100 Configuration 1G Configuring speed as 1000 Mbps This has autoneg enabled with 1000 Mbps switch config interface ethernet 101 1 1 switch config if sp...

Страница 183: ... the Fabric Extender feature Procedure Purpose Command or Action Enters global configuration mode configure terminal Example switch configure terminal switch config Step 1 Specifies an Ethernet interface to configure interface ethernet slot port Step 2 Example switch config interface ethernet 1 40 switch config If this is a 10G breakout port the slot port syntax is QSFP module port Note Sets the i...

Страница 184: ...1 37 Eth101 1 36 Eth101 1 35 Eth101 1 34 Eth101 1 33 Eth101 1 32 Eth101 1 31 Eth101 1 30 Eth101 1 29 Eth101 1 28 Eth101 1 27 Eth101 1 26 Eth101 1 25 Eth101 1 24 Eth101 1 23 Eth101 1 22 Eth101 1 21 Eth101 1 20 Eth101 1 19 Eth101 1 18 Eth101 1 17 Eth101 1 16 Eth101 1 15 Eth101 1 14 Eth101 1 13 Eth101 1 12 Eth101 1 11 Eth101 1 10 Eth101 1 9 Eth101 1 8 Eth101 1 7 Eth101 1 6 Eth101 1 5 Eth101 1 4 Eth10...

Страница 185: ...switch config if exit switch config interface ethernet 1 30 switch config if channel group 4 switch config if no shutdown switch config if exit switch config interface ethernet 1 31 switch config if channel group 4 switch config if no shutdown switch config if exit switch config interface port channel 4 switch config if switchport switch config if switchport mode fex fabric switch config if fex as...

Страница 186: ...tion mode configure terminal Example switch configure terminal switch config Step 1 Specifies the interface to configure The interface can be an Ethernet interface or a port channel interface ethernet slot port port channel channel Step 2 Example switch config interface port channel 4 switch config if If this is a 10G breakout port the slot port syntax is QSFP module port Note Disassociates the Fa...

Страница 187: ...interfaces and 4 10 Gigabit SFP Ethernet fabric interfaces module N2224TP 24 100 Base T 1000 Base T Ethernet host interfaces and 2 10 Gigabit SFP Ethernet fabric interfaces module N2232P and N2232TM 32 10 Gigabit SFP Ethernet host interfaces and 8 10 Gigabit SFP Ethernet fabric interfaces module N2232TP 32 10 Gigabit Base T Ethernet host interfaces and 8 10 Gigabit SFP Ethernet fabric interfaces m...

Страница 188: ...ations for all interfaces on the Fabric Extender are deleted Optional Defines a serial number string If this command is configured a switch allows the corresponding chassis ID to associate using the fex serial serial Example switch config fex serial JAF1339BDSK Step 7 associate command only if the Fabric Extender reports a matching serial number string Configuring a serial number that does not mat...

Страница 189: ...witch for example port 33 as your only fabric interface all 48 host interfaces are pinned to this port If you provision another port for example 35 you must enter the pinning max links 2 command to redistribute the host interfaces All host interfaces are brought down and host interfaces 1 to 24 are pinned to fabric interface 33 and host interfaces 25 to 48 are pinned to fabric interface 35 Maintai...

Страница 190: ...port number of the fabric interface If you want to configure the same fixed distribution of host interfaces without restarting the Fabric Extender enter the fex pinning redistribute command It is a misconfiguration to have more fabric ports than pinning number even if the extra port is in DOWN state Note Redistributing Host Interfaces This command disrupts all the host interface ports of the Fabri...

Страница 191: ...ific switch interface This example shows how to display the switch interfaces that are connected to a Fabric Extender uplink This example shows how to display the SFP transceiver and diagnostic optical monitoring DOM information for Fabric Extender uplinks for an SFP transceiver that is plugged into the parent switch interface switch show interface ethernet 1 40 transceiver Ethernet1 40 sfp is pre...

Страница 192: ...t all connected Fabric Extender units This example shows how to display the inventory information about a specific Fabric Extender switch show inventory fex 101 NAME FEX 101 CHASSIS DESCR N2K C2248TP 1GE CHASSIS PID N2K C2248TP 1GE VID V00 SN SSI13380FSM NAME FEX 101 Module 1 DESCR Fabric Extender Module 48x1GE 4x10GE Supervisor PID N2K C2248TP 1GE VID V00 SN JAF1339BDSK NAME FEX 101 Fan 1 DESCR F...

Страница 193: ...101 SUP sprom contents Common block Block Signature 0xabab Block Version 3 Block Length 160 Block Checksum 0x1a1e EEPROM Size 65535 Block Count 3 FRU Major Type 0x6002 FRU Minor Type 0x0 OEM String Cisco Systems Inc Product Number N2K C2248TP 1GE Serial Number JAF1339BDSK Part Number 73 12748 01 Part Revision 11 Mfg Deviation 0 H W Version 0 103 Mfg Bits 0 Engineer Use 0 snmpOID 9 12 3 1 9 78 3 0 ...

Страница 194: ...XXXXXXTDBV00 VID V00 Chassis specific block Block Signature 0x6001 Block Version 3 Block Length 39 Block Checksum 0x2cf Feature Bits 0x0 HW Changes Bits 0x0 Stackmib OID 0 MAC Addresses 00 0d ec e3 28 00 Number of MACs 64 OEM Enterprise 0 OEM MIB Offset 0 MAX Connector Power 0 WWN software module specific block Block Signature 0x6005 Block Version 1 Block Length 0 Block Checksum 0x66 wwn usage bit...

Страница 195: ...ystems Inc NXK PAC 400W Product Number NXK PAC 400W Serial Number LIT13370QD6 Part Number 341 Part Revision 037 CLEI Code 5 01 01 000 VID 000 snmpOID 12336 12336 12336 12336 12336 12336 12374 12336 H W Version 43777 2 Current 36 RMA Code 200 32 32 32 Power supply specific block Block Signature 0x0 Block Version 0 Block Length 0 Block Checksum 0x0 Feature Bits 0x0 Current 110v 36 Current 220v 36 St...

Страница 196: ...e Purpose Command or Action Enters global configuration mode configure terminal Example switch configure terminal switch config Step 1 Enters configuration mode for the specified FEX fex chassis_id Step 2 Example switch config fex 100 switch config fex The range of the chassis_id value is 100 to 199 Specifies the shared buffer size KB hardware N2248TP E shared buffer size buffer size Step 3 The ra...

Страница 197: ...ters configuration mode for the specified FEX fex chassis_id Step 2 Example switch config fex 100 switch config The range of the chassis_id value is 100 to 199 Controls the egress tx or ingress rx queue tail drop threshold level on a FEX hardware N2248TP E queue limit queue limit tx rx Step 3 Example switch config fex hardware N2248TP E queue limit 83000 tx The default queue limit for tx egress is...

Страница 198: ...ueue limit tx rx Step 3 Example switch config if hardware N2248TP E queue limit 83000 tx The default queue limit for tx egress is 4 MB The default queue limit for rx ingress is 1 MB This example shows how to configure the queue limit switch configure terminal switch config interface ethernet 100 1 1 switch config if hardware N2248TP E queue limit 83000 tx switch config if Configuring the Uplink Di...

Страница 199: ...h config fex 100 switch config fex hardware N2248TP E uplink pause no drop distance 3000 switch config fex Configuring the Cisco Nexus N2248PQ Fabric Extender The Cisco Nexus 2248PQ Fabric Extender supports all of the CLI commands of the Cisco Nexus 2248TP Fabric Extender with additional commands to configure the following Shared buffer FEX global level Load balancing queues FEX global level No dr...

Страница 200: ... shared buffer size 8096 The hardware N2248PQ shared buffer size command specifies the default shared buffer size of 10240 KB Note This example shows how to configure the shared buffer switch configure terminal switch config fex 100 switch config fex hardware N2248PQ shared buffer size 8096 switch config fex Configuring the Uplink Distance The Cisco Nexus N2248PQ FEX supports a pause no drop class...

Страница 201: ...eter cable length Note This example shows how to configure the uplink distance switch configure terminal switch config fex 100 switch config fex hardware N2248PQ uplink pause no drop distance 3000 switch config fex Configuring Slow Drain Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Enters configuration mode for the specified FEX switch confi...

Страница 202: ... Step 1 Enters configuration mode for the specified FEX fex chassis_id Example switch config fex 100 switch config Step 2 The range of the chassis_id value is 100 to 199 Enables and disables load balancing queues at the FEX global level hardware N2248PQ uplink load balance mode Example switch config fex hardware N2248PQ uplink load balance mode Step 3 This example shows how to configure the load b...

Страница 203: ...the parent switch This dedicated virtual interface can be managed monitored and spanned in the same way as a physical interface Local switching in the hypervisor is eliminated with all switching being performed by the physical switch VM FEX Components Server VM FEX is supported by Cisco UCS C Series rack mount servers with the VMware virtualization environment as the hypervisor The configuration o...

Страница 204: ...vEthernet interface VM FEX Terminology The following terms are used in describing VM FEX components and interfaces virtual Ethernet interface A virtual Ethernet interface vEthernet or vEth represents the switch port that is connected to the vNIC of a virtual machine Unlike a traditional switch interface a vEth interface s name does not indicate the module with which the port is associated Where a ...

Страница 205: ... called a floating vEthernet interface fixed vEthernet interface A fixed vEthernet interface is a virtual interface that does not support migration across physical interfaces For fixed vEthernet static or dynamic an administrator can change configurations at any time The binding of the vEthernet interface number to a channel number is persistent unless the administrator changes it Licensing Requir...

Страница 206: ...See Configuring the Fixed Static Interfaces on page 190 Step 4 Switch Define port profiles to be associated with the VMs See Configuring a Port Profile for the Dynamic Interfaces on page 193 Step 5 Switch Verify that the two static vEthernet interfaces are active and associated with the vEthernet interfaces of the switch See Verifying the Status of the Virtual Interfaces on page 196 Step 6 Switch ...

Страница 207: ...nabling Features Required for VM FEX Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Installs the virtualization feature set on the switch install feature set virtualization Step 2 Enables the virtualization feature set on the switch This feature set enables the use of static vEthernet interfaces feature set virtualization Step 3 Enables FEX fe...

Страница 208: ...wo virtual interfaces to each physical interface creating fixed static vEthernet interfaces For more information on configuring fixed static interfaces see the Adapter FEX Configuration Guide for your device With redundant switches you can perform the following procedure with identical settings on both the primary and secondary switches Before You Begin VM FEX and other required services must be e...

Страница 209: ...port syntax is QSFP module port Note Enables local traffic on the interface no shutdown Step 10 Enters configuration mode for the second virtual interface for the first Ethernet port interface vethernet interface number Step 11 Binds the virtual interface to the physical interface and the specified port channel bind interface ethernet slot port channel channel number Step 12 If this is a 10G break...

Страница 210: ... interfaces to each physical interface and enables the interfaces switch 1 configure terminal switch 1 config interface ethernet 1 17 switch 1 config if shutdown switch 1 config if switchport mode vntag switch 1 config if interface ethernet 1 18 switch 1 config if shutdown switch 1 config if switchport mode vntag switch 1 config if interface vethernet 1 switch 1 config if bind interface ethernet 1...

Страница 211: ...ort mode access Step 3 Optional Specifies the VLAN when the interface is in access mode switchport access vlan vlan id Step 4 Specifies the vCenter DVS to which the port profile is exported as a port group With the keyword all the port profile is exported to all DVSs in the vCenter dvs name all name Step 5 Optional Specifies dynamic port binding The port is connected when the VM is powered on and ...

Страница 212: ...dvs datacenter name dc name Step 4 Configures a name for the DVS in the vCenter Server dvs name dvs name Step 5 Specifies the hostname or IP address for the vCenter Server Optionally specifies the port number and VRF Choose one Step 6 remote ip address ipv4 addr port port num vrf vrf name default management remote hostname host name port port num vrf vrf name default management Installs a certific...

Страница 213: ...Next Activate the connection on the primary switch only Activating an SVS Connection to the vCenter Server You can activate a connection from the switch to the vCenter Server Before You Begin The vCenter Server must be running and reachable You must have already registered an extension with the vCenter Server The SVS connection must be configured on the switch Procedure Purpose Command or Action E...

Страница 214: ... ethernet port slot Displays summary information about virtual interfaces on a bound Ethernet interface show interface virtual summary bound interface ethernet port slot This example shows how to display status and configuration information about a static interface switch 1 show interface vethernet 1 Vethernet1 is up Bound Interface is Ethernet1 17 Hardware is Virtual address is 0005 73fc 24a0 Por...

Страница 215: ... Veth32774 Eth1 20 7579 Unused_Or_Quarantine_Veth 00 50 56 9b 33 ad ESX145_1_RH55 Veth32775 Eth1 20 7580 Unused_Or_Quarantine_Veth 00 50 56 9b 33 ae ESX145_1_RH55 Veth32776 Eth1 20 7607 Unused_Or_Quarantine_Veth 00 50 56 9b 33 ab ESX145_1_RH55 switch 1 This example shows how to display status and summary information about fixed vEthernet interfaces switch 1 show interface virtual status bound inte...

Страница 216: ...ol vmware vim https certificate default datacenter name DC1 extension key Cisco_Nexus_6004_1945593678 dvs name Pod1 DVS uuid cd 05 25 50 6d a9 a5 c4 eb 9c 8f 6b fa 51 b1 aa config status Enabled operational status Connected sync status in progress version VMware vCenter Server 6 0 2 build 388657 Peer Info hostname ip address vrf protocol extension key Cisco_Nexus_6004_1945593678 certificate defaul...

Страница 217: ...by Station Table Management STM and the Host Route Table HRT STM is the part of the host table that holds the MAC entries HRT is the part of the host table that holds ARP IPv6 ND and 32 host routes The STM HRT template profile feature is specific to the Cisco Nexus device This feature provides you with a flexibility to carve STM HRT table sizes per their requirements The total table size is 256k Y...

Страница 218: ...guration mode switch configure terminal Step 1 Commits a specified pre defined template switch config hardware profile route resource service template template name Step 2 Four pre defined stm hrt templates exist hrt 128 stm 128 Default value hrt 96 stm 160 hrt 64 stm 192 hrt 32 stm 224 When entering this command a message is displayed telling you the applied stm hrt template will be activated upo...

Страница 219: ... config copy running config startup config What to Do Next Rebooting the switch applies the default template hrt 128 stm 128 Verifying the MAC ARP Hardware Resource Carving Template Configuration To display MAC ARP Hardware Resource Carving Template configuration information enter one of the following commands Purpose Command Displays all existing templates including the default show hardware prof...

Страница 220: ...guration information related to the template manager When entering the copy running config startup config command the currently applied non default stm hrt template is displayed If the default template is applied nothing is displayed show startup config hardware profile route resource template Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 202 Configuring MAC ARP H...

Страница 221: ...ge 207 Configuring VN Segment in Non Transit Mode page 208 Disabling VN Segment page 208 Verifying VN Segment Configuration page 209 Information About VN Segment The VN Segment feature defines a new way to tag packets on the wire replacing the traditional 802 1Q VLAN tag This feature uses a 24 bit tag also referred to as a Virtual Network Identifier VNI CE links access and trunk carry traditional ...

Страница 222: ...ditional 1Q tagged or untagged frames No new configurations are needed on the servers The spines forward the VN Segment tagged frames to the intended leafs Assume that servers A and B need to be in the same Layer 2 flood domain On the leaf switches VLAN 333 is mapped to an available VN Segment ID 16535 This VN Segment ID identifies the VLAN 333 on the FabricPath network Here is a typical packet fl...

Страница 223: ...he VLAN ID Up to 4K VN Segments and global VLANs are supported per leaf switch There are only 4K VLANs Different leafs can have different mapping to up to support 50K tenants on the fabric depending on hardware and software limitations If compatibility checks fail for the image ISSD might be rejected The VLAN to VN Segment mapping must be consistent on the vPC peer switches for correct traffic flo...

Страница 224: ...1 Creates a VLAN switch config vlan vlan id Step 2 Configures the VLAN as a FabricPath VLAN switch config vlan mode fabricpath Step 3 VN Segments for a VLAN must be configured in FabricPath mode on the Leaf Defines the network global ID switch config vlan vn segment segmentation id Step 4 The segmentation id range is from 4096 to 16 773 119 Optional Saves the change persistently through reboots an...

Страница 225: ...ots and restarts by copying the running configuration to the startup configuration switch config sync sp vlan copy running config startup config Step 6 This example shows how to configure VN Segment for a VLAN in configure sync mode switch configure sync switch config sync switch profile test Switch Profile started Profile ID is 1 switch config sync sp vlan 3500 switch config sync sp vlan vn segme...

Страница 226: ... mode Before You Begin The FabricPath feature set must be enabled Procedure Purpose Command or Action Enters global configuration mode switch configure terminal Step 1 Enables a VLAN based VN Segment switch config feature vn segment vlan based Step 2 The range of vni id is 4096 to 16 773 119 switch config vni vni id Step 3 This example shows how to configure VN Segment in non transit mode switch c...

Страница 227: ...an based Verifying VN Segment Configuration Use the following commands to display VN Segment configuration information Purpose Command Displays the configured VLAN to VN Segment mappings for the specified list of VLANs show vlan id vland id list vn segment Displays information on the number of VLANs and VN Segment mappings on each VPC switch to help determine any mismatches show vpc consistency pa...

Страница 228: ...Cisco Nexus 6000 Series NX OS Layer 2 Switching Configuration Guide Release 7 x 210 Configuring VN Segment Verifying VN Segment Configuration ...

Страница 229: ...co Nexus B22 Fabric Extender for IBM NB22IBM 161 CIST regional root 72 CIST root 73 class of service See CoS clearing dynamic addresses 114 MAC table 114 community ports 30 community VLANs 28 31 configuration data 156 configuring 19 23 38 39 105 183 200 207 FEX port spanning tree BPDU transmit interval 105 isolated trunk port 39 MAC ARP hardware resource carving template 200 promiscuous trunk port...

Страница 230: ...57 locator LED 170 loopback address assignment 156 loopback address range 156 M MAC address configuration 114 verifying 114 MAC addresses 112 static configuring 112 MAC table 112 114 aging time configuring 112 clearing dynamic addresses 114 manual redistribution 158 max links disruption 158 MST 72 80 CIST regional root 72 setting to default values 80 MSTP 69 70 71 72 73 74 80 boundary ports 74 des...

Страница 231: ...rity 63 Rapid PVST 58 configuring 58 rapid PVST configurations 66 verifying 66 Rapid Spanning Tree Protocol 69 redistributing host interfaces 172 reduced MAC address 44 reserved range VLANs 8 root guard 97 RSTP 48 51 55 69 active topology 51 BPDU 55 processing 55 designated port defined 51 designated switch defined 51 proposal agreement handshake process 48 rapid convergence 48 point to point link...

Страница 232: ...patibility 160 VLAN configurations 25 verifying 25 VLAN reserved ranges 17 changing 17 VLAN translation on a trunk port 22 configuring 22 VLANs 8 13 17 19 20 41 adding ports to 20 changing 17 configuring 19 extended range 8 guidelines 13 limitations 13 private 41 reserved range 8 VM FEX 185 186 187 188 189 190 193 194 196 198 components 185 configuration steps 188 configuring fixed static interfac...

Отзывы:

Нет отзывов

Похожие инструкции для Nexus 6000

Бренд: Zektor Страницы: 17

Бренд: Panio Страницы: 5

TECMA Silence Marine

Бренд: Thetford Marine Страницы: 9

LS-5500-28C-PWR-SI-OVS

Бренд: H3C Страницы: 86

Бренд: G-Lab Страницы: 12

Бренд: Taiden Страницы: 21

Бренд: ATEN Страницы: 26

SI1P-SH-DVI-UCAC

Бренд: Black Box Страницы: 16

Бренд: Unipoe Страницы: 41

Бренд: Lionel Страницы: 8

Бренд: S+S Страницы: 16

8 PORT SMART SWITCH CE 232D4SS8

Бренд: B&B Electronics Страницы: 29

Smart view IC-1304-IO

Бренд: C&C TECHNIC Страницы: 2

Бренд: Zektor Страницы: 30

Бренд: IOGear Страницы: 54

Бренд: TP-Link Страницы: 2

Бренд: Videoswitch Страницы: 17

Бренд: H3C Страницы: 53

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды