Attention! Your ePaper is waiting for publication!
By publishing your document, the content will be optimally indexed by Google via AI and sorted into the right category for over 500 million ePaper readers on YUMPU.
This will ensure high visibility and many readers!
Your ePaper is now published and live on YUMPU!
You can find your publication here:
Share your interactive ePaper on all platforms and on your website with our embed function
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
I’d also like to thank my manager, Rajeev Grover. Your guidance <strong>and</strong> support for this<br />
project are truly appreciated!
We need to find another heavy concert to top the Megadeth one we went to together the winter of 2011; Brett, this is why we were a year late on the project . I want to thank Kevin Corbin for your contributions to the second editions. Thank you for being a great friend <strong>and</strong> peer co-worker. Chris Clevel<strong>and</strong>, again it was a pleasure to work with you. Your expertise, professionalism, <strong>and</strong> follow-up as a development editor is unsurpassed; thank you for your hard work <strong>and</strong> quick turnaround; this helped to meet the deadlines set forth. To our technical editors—Jeff Fry <strong>and</strong> Chad Hintz—thank you for the time, sharp eyes, <strong>and</strong> excellent comments/feedback; both of you created a ton more work for me just when I thought I was done. It was a pleasure having you as part of the team. I would like to thank Yuri Lukin for allowing me access to his lab to complete the Nexus 1000V chapter <strong>and</strong> all the services. Yuri you are a true professional; thank you for your time <strong>and</strong> expertise. Thanks to my manager at Cisco, Robert Fisher—I appreciate your guidance <strong>and</strong> your trust in my ability to juggle the many work tasks along with extra projects like working on a book. Thank you for all your support Bob! I would like to thank the heavy metal music world out there—it allowed me to stay focused when burning the midnight oil; I would not have been able to complete this without loud rock ‘n roll music. Thank you. I want to thank my family for their support <strong>and</strong> underst<strong>and</strong>ing while I was working on this project late at night <strong>and</strong> being patient with me when my lack of rest may have made me a little less than pleasant to be around. I know it is also hard to sleep when Dad is downstairs writing <strong>and</strong> not realizing the db levels of the music while the rest of the family sleeps. M<strong>os</strong>t important, I would like to thank God for giving me the ability to complete such a task with dedication <strong>and</strong> determination <strong>and</strong> for providing me the skills, knowledge, <strong>and</strong> health needed to be successful in such a dem<strong>and</strong>ing profession. Matthew McPherson: I’d like to thank both David <strong>and</strong> Ron for asking me to be a part of such an amazing opportunity. Dave, thank you again for being such an awesome friend <strong>and</strong> great mentor. You are a technical rock star who is always there to help in any situation, <strong>and</strong> for that reason I have the utm<strong>os</strong>t respect for you. I cannot thank you enough your continued guidance <strong>and</strong> wisdom. Ron, you have become a great friend, <strong>and</strong> it’s been a privilege to work more cl<strong>os</strong>ely with you. I look forward to our continued friendship <strong>and</strong> am eagerly awaiting the next laser-sword match! It is so amazing to be at Cisco <strong>and</strong> have an opportunity to work with such amazing people! Brett Bartow <strong>and</strong> Chris Clevel<strong>and</strong>, thank you both for your patience <strong>and</strong> support through my first publication. It has certainly been a privilege working with you both, <strong>and</strong> I look forward to starting on the third edition! Chad Hintz <strong>and</strong> Jeff Fry, it has been great working with you both. Thank you for your time, attention to detail, <strong>and</strong> technical knowledge that have helped shape this book. Gary Witt, thank you for stepping up to mentor me when I joined Cisco. You are such a great leader, <strong>and</strong> I certainly appreciate your insight <strong>and</strong> encouragement. I look forward to continuing our conversations <strong>and</strong> learning as much as I can.
I’d also like to thank my manager, Rajeev Grover. Your guidance <strong>and</strong> support for this project are truly appreciated!
- Page 2 and 3: NX-OS and Cisco Nexus Switching Nex
- Page 4 and 5: For sales outside of the U.S. pleas
- Page 6 and 7: About the Authors Ron Fuller, CCIE
- Page 8 and 9: Dedications Ron Fuller: This book i
- Page 12 and 13: Contents at a Glance Foreword Intro
- Page 14 and 15: Interface Allocation: N7K-M108X2-12
- Page 16 and 17: OSPF OSPFv2 Configuration OSPF Summ
- Page 18 and 19: Cisco TrustSec Configuring AAA for
- Page 20 and 21: Chapter 8 Unified Fabric Unified Fa
- Page 22 and 23: OTV Control Plane Multicast-Enabled
- Page 24 and 25: Icons Used in This Book
- Page 26 and 27: Foreword With more than 30,000 cust
- Page 28 and 29: Chapters 1 through 14 cover the fol
- Page 30 and 31: • Security: Cisco NX-OS provides
- Page 32 and 33: Fibre Channel, Ethernet, and FCoE i
- Page 34 and 35: • Nexus 2224: FEX, 24 100/1000Bas
- Page 36 and 37: Nexus 3000 Learned Routes), EIGRP-S
- Page 38 and 39: • NX-OS supports VDCs, which enab
- Page 40 and 41: Click here to view code image Congo
- Page 42 and 43: NX-OS has many different types of m
- Page 44 and 45: module to which it is attached, ena
- Page 46 and 47: Example 1-6. Enabling a Telnet Serv
- Page 48 and 49: user:admin this user account has no
- Page 50 and 51: SNMP Figure 1-4. Results of the Sel
- Page 52 and 53: ___________________________________
- Page 54 and 55: User Auth Priv ____ ____ ____ NMS s
- Page 56 and 57: Managing System Files Directories c
- Page 58 and 59: 309 Mar 21 15:43:51 2011 dc1-fp.lic
- Page 60 and 61:
active/ bootflash://sup-remote/ boo
- Page 62 and 63:
will be applied to your current run
- Page 64 and 65:
N7010-1(config)# snmp-server enable
- Page 66 and 67:
vrf 2 1000 3 0 portchannel 0 768 1
- Page 68 and 69:
• Independent processes started f
- Page 70 and 71:
Figure 1-6. Shared Interface Concep
- Page 72 and 73:
Example 1-14. Creating a VDC Core o
- Page 74 and 75:
Figure 1-13. Nexus 7000 F2e 48-Port
- Page 76 and 77:
• After a port has been assigned
- Page 78 and 79:
Figure 1-20. N7K-M148GS-11 and L Mo
- Page 80 and 81:
Figure 1-22. N7K-M224XP-23L I/O Mod
- Page 82 and 83:
Interface Allocation on M2 Modules
- Page 84 and 85:
egypt(config)# vdc core egypt(confi
- Page 86 and 87:
Further Reading Figure 1-25. Physic
- Page 88 and 89:
Chapter 2. Layer 2 Support and Conf
- Page 90 and 91:
connectivity. One of the most appar
- Page 92 and 93:
1GE JAF1318AALS NX5000# show fex 10
- Page 94 and 95:
- down 1 full 1000 -- Eth100/1/9 -
- Page 96 and 97:
Eth100/1/11 Eth100/1/3 Eth100/1/2 E
- Page 98 and 99:
Eth100/1/2 Up Po100 Po100 Eth100/1/
- Page 100 and 101:
N7K-1(config)# mac address-table ag
- Page 102 and 103:
Congo# show vlan internal usage VLA
- Page 104 and 105:
the requirements of the devices con
- Page 106 and 107:
14 VLAN0014 active Eth2/11, Eth2/12
- Page 108 and 109:
• Host6(192.168.100.26): Sends tr
- Page 110 and 111:
Kenya(config-if)# switchport mode p
- Page 112 and 113:
used to provide a much simpler conf
- Page 114 and 115:
Congo# conf t Enter configuration c
- Page 116 and 117:
Eth2/11 Root FWD 4 128.267 Network
- Page 118 and 119:
Example 2-29 demonstrates how the d
- Page 120 and 121:
Example 2-31. MST Verification Clic
- Page 122 and 123:
Click here to view code image Egypt
- Page 124 and 125:
Example 2-38 shows the root ports o
- Page 126 and 127:
- ---------------- VLAN0001 4097 00
- Page 128 and 129:
001b.54c2.bbc2 4 2 12 9 Ethernet2/1
- Page 130 and 131:
intervention to enable ports that h
- Page 132 and 133:
Congo# Example 2-51 shows how to re
- Page 134 and 135:
After the VLAN is defined on Egypt,
- Page 136 and 137:
Configuring Layer 2 Interfaces Now
- Page 138 and 139:
!Time: Fri Oct 30 08:52:29 2009 ver
- Page 140 and 141:
aggregation protocol information is
- Page 142 and 143:
Members must have same Ethernet Lay
- Page 144 and 145:
---------------------- Po100 on on
- Page 146 and 147:
oth devices are online, and also to
- Page 148 and 149:
Congo(config-if)# no shutdown Congo
- Page 150 and 151:
link. This will enable spanning tre
- Page 152 and 153:
00- 103 00-103 Allowed VLANs - 40-4
- Page 154 and 155:
spanning tree domain to the entire
- Page 156 and 157:
Current operational state: advertis
- Page 158 and 159:
FabricPath IS-IS adjacencies are th
- Page 160 and 161:
Figure 2-9. FabricPath Topology As
- Page 162 and 163:
Figure 2-10. FabricPath Interface C
- Page 164 and 165:
D - Static Adjacencies attached to
- Page 166 and 167:
• Enable the vPC feature. • Def
- Page 168 and 169:
Performed vPC role : none establish
- Page 170 and 171:
Figure 2-12. vPC+ Interface Configu
- Page 172 and 173:
VLAN MAC Address Type age Secure NT
- Page 174 and 175:
called the Diffusing Update Algorit
- Page 176 and 177:
Example 3-4 shows an alphanumeric s
- Page 178 and 179:
Interface Peers Un/Reliable SRTT Un
- Page 180 and 181:
Note Mixing standard and wide metri
- Page 182 and 183:
Example 3-14. Summarizing Networks
- Page 184 and 185:
GigabitEthernet1/48 10.0.0.0/24 is
- Page 186 and 187:
Congo# show ip eigrp neighbor detai
- Page 188 and 189:
complex routing scenarios with a fi
- Page 190 and 191:
edistributed. Example 3-24. Definin
- Page 192 and 193:
D 10.10.10.0 [90/3072] via 192.168.
- Page 194 and 195:
total) With the output in Example 3
- Page 196 and 197:
Figure 3-5. Network Topology for OS
- Page 198 and 199:
Congo# config t Enter configuration
- Page 200 and 201:
Libya# show ip ospf neighbor detail
- Page 202 and 203:
CNTL/Z. Congo(config)# router ospf
- Page 204 and 205:
*via 192.168.1.1, Lo0, [0/0], 01:02
- Page 206 and 207:
as Type 7 LSAs. Although not common
- Page 208 and 209:
Number of LSAs: 6, checksum sum 0x3
- Page 210 and 211:
Securing OSPF Area ranges are 192.1
- Page 212 and 213:
Example 3-55. Verification of OSPF
- Page 214 and 215:
Congo(config-route-map)# match ip a
- Page 216 and 217:
default-metric 100 The process begi
- Page 218 and 219:
D - EIGRP, EX - EIGRP external, O -
- Page 220 and 221:
Example 3-67. This information is e
- Page 222 and 223:
extremely valuable when troubleshoo
- Page 224 and 225:
1. Enable IS-IS. 2. Configure the I
- Page 226 and 227:
Level-1 Designated IS: Congo Level-
- Page 228 and 229:
Congo(config-if)# sh isis adj IS-IS
- Page 230 and 231:
Figure 3-10. Network Topology for B
- Page 232 and 233:
feature bgp router bgp 65000.65088
- Page 234 and 235:
BGP version 4, remote router ID 192
- Page 236 and 237:
Received 4 messages, 0 notification
- Page 238 and 239:
Neighbor capabilities: Dynamic capa
- Page 240 and 241:
queue Sent 6689 messages, 1 notific
- Page 242 and 243:
S 172.26.2.0/23 [1/0] via 172.26.32
- Page 244 and 245:
o - ODR, P - periodic downloaded st
- Page 246 and 247:
*>r192.168.1.40/30 0.0.0.0 44 2500
- Page 248 and 249:
version 4.2(2a) feature hsrp Simila
- Page 250 and 251:
Virtual IP address is 10.10.100.1 (
- Page 252 and 253:
Vlan100 - Group 100 (HSRP-V1) (IPv4
- Page 254 and 255:
VRRP 2 state changes, last state ch
- Page 256 and 257:
implementation in IOS, a device wit
- Page 258 and 259:
You can see the addition of authent
- Page 260 and 261:
Figure 3-13. HSRP/VRRP Interaction
- Page 262 and 263:
Figure 3-15 illustrates the topolog
- Page 264 and 265:
Verifying GLBP Configuration A quic
- Page 266 and 267:
Active is local Standby is 10.10.10
- Page 268 and 269:
emaining) Active is local, weightin
- Page 270 and 271:
Chapter 4. IP Multicast Configurati
- Page 272 and 273:
eferred to as the RP tree or RPT. F
- Page 274 and 275:
In general, PIM can operate in two
- Page 276 and 277:
Due to this behavior, it is not nec
- Page 278 and 279:
N7K-1-Core1# config Enter configura
- Page 280 and 281:
priority: 0, RP-source: (local), gr
- Page 282 and 283:
Auto-RP Announce policy: None Auto-
- Page 284 and 285:
N7K-2-Core# config Enter configurat
- Page 286 and 287:
Auto-RP RPA: 10.1.0.1, uptime: 00:0
- Page 288 and 289:
BSR RP Candidate policy: None BSR R
- Page 290 and 291:
PIM Group-Range Configuration for V
- Page 292 and 293:
The Nexus 7000 is a Layer 3 switch
- Page 294 and 295:
Vlan100, Interface status: protocol
- Page 296 and 297:
Switch-querier disabled IGMPv3 Expl
- Page 298 and 299:
CMHLAB-DC2-VSM1# show ip igmp snoop
- Page 300 and 301:
Figure 4-9. Network Topology for MS
- Page 302 and 303:
238.102.1.1/32 238.101.1.1/32 238.1
- Page 304 and 305:
PIM configured DR priority: 1 PIM b
- Page 306 and 307:
Chapter 5. Security This chapter co
- Page 308 and 309:
share. This model provides security
- Page 310 and 311:
distribution, use the following com
- Page 312 and 313:
deadtime value:0 source interface:l
- Page 314 and 315:
or Offline Click here to view code
- Page 316 and 317:
Figure 5-3. Adding a User to the Ci
- Page 318 and 319:
Click here to view code image Egypt
- Page 320 and 321:
pending pending-diff Egypt(config)#
- Page 322 and 323:
Example 5-16. Verifying TACACS+ CFS
- Page 324 and 325:
configuration required in NX-OS. Ex
- Page 326 and 327:
Figure 5-7. Adding Redundant NX-OS
- Page 328 and 329:
Note • Be sure to have an SSH Ser
- Page 330 and 331:
Tx 7653 output packets 6642 unicast
- Page 332 and 333:
Figure 5-9. Cisco TrustSec Example
- Page 334 and 335:
NX7k-SGA # conf t NX7k-SGA (config)
- Page 336 and 337:
Figure 5-12. The Required Fields to
- Page 338 and 339:
Click here to view code image NX7K-
- Page 340 and 341:
Example 5-32 shows the successful d
- Page 342 and 343:
• PCI 3 (decimal) / 0003 (hex)
- Page 344 and 345:
Figure 5-20. The ISE Compares Its S
- Page 346 and 347:
NX7K-SGA(config)# cts refresh role-
- Page 348 and 349:
Egypt# show run cts feature dot1x f
- Page 350 and 351:
Egypt# show runn cts !Command: show
- Page 352 and 353:
Example 5-42 confirms the VLAN used
- Page 354 and 355:
Total Length: 84 Identification: 0x
- Page 356 and 357:
To improve the scalability of ACL m
- Page 358 and 359:
0001 ip access-list TCP1 0002 permi
- Page 360 and 361:
Example 5-53 shows how to change th
- Page 362 and 363:
Port security enables you to config
- Page 364 and 365:
Click here to view code image Egypt
- Page 366 and 367:
A maximum number of MAC addresses c
- Page 368 and 369:
Note Enable DHCP snooping globally
- Page 370 and 371:
Egypt# Example 5-67 shows how to ve
- Page 372 and 373:
Note By default, all interfaces are
- Page 374 and 375:
Vlan : 1 ----------- Configuration
- Page 376 and 377:
!Command: show running-config dhcp
- Page 378 and 379:
network performance. The traffic st
- Page 380 and 381:
Egypt(config-if)# Example 5-84 veri
- Page 382 and 383:
Unicast packets : 0/0/0/0/0 Unicast
- Page 384 and 385:
permit eigrp any any ipv6 access-li
- Page 386 and 387:
permit pim any ff02::d/128 permit u
- Page 388 and 389:
match access-group name copp-system
- Page 390 and 391:
class copp-system-p-class-critical
- Page 392 and 393:
| glean | mtu | multicast {directly
- Page 394 and 395:
Example 5-90. Configuring Rate Limi
- Page 396 and 397:
copy Config : 30000 Allowed : 26346
- Page 398 and 399:
User ____ Auth Priv ____ ____ Examp
- Page 400 and 401:
Role: vdc-operator Description: Pre
- Page 402 and 403:
-----------------------------------
- Page 404 and 405:
entity : entity_power_status_change
- Page 406 and 407:
entity : entity_power_status_change
- Page 408 and 409:
Chapter 6. High Availability This c
- Page 410 and 411:
edundant Configure power supply red
- Page 412 and 413:
• Cisco Nexus 7010 Series system
- Page 414 and 415:
2 QEng1Sn3(s20) 115 105 46 2 QEng1S
- Page 416 and 417:
not be prolonged because of the ina
- Page 418 and 419:
--- -------------- ------ 1 NA 1.0
- Page 420 and 421:
Example 6-7. Supervisor Runtime Dia
- Page 422 and 423:
Congo# show diagnostic description
- Page 424 and 425:
L/* - Exclusively run this test / N
- Page 426 and 427:
***N******A 00:30:00 9) SecondaryBo
- Page 428 and 429:
These software features combine to
- Page 430 and 431:
N7k-1(config)# install feature-set
- Page 432 and 433:
Other supervisor (sup-5) ----------
- Page 434 and 435:
! The impact of the software upgrad
- Page 436 and 437:
5 bios v3.22.0(02/20/10): v3.22.0(0
- Page 438 and 439:
Kernel uptime is 128 day(s), 7 hour
- Page 440 and 441:
1 yes non-disruptive rolling 2 yes
- Page 442 and 443:
ios/loader/bootrom. Warning: please
- Page 444 and 445:
http://www.opensource.org/licenses/
- Page 446 and 447:
In addition to the NX-OS operating
- Page 448 and 449:
features such as stateful process r
- Page 450 and 451:
it to the destination. SPANning tra
- Page 452 and 453:
Jealousy(config-if)# switchport mon
- Page 454 and 455:
Example 7-5. Displaying a Monitor S
- Page 456 and 457:
Example 7-7. Displaying a Virtual S
- Page 458 and 459:
Figure 7-3. Nexus 5x00 SPAN Topolog
- Page 460 and 461:
Click here to view code image CMHLA
- Page 462 and 463:
state : up source intf : rx : vfc10
- Page 464 and 465:
Note The Nexus 1000V does not suppo
- Page 466 and 467:
CMHLAB-DC2-VSM1# config t CMHLAB-DC
- Page 468 and 469:
Figure 7-6. Create a vmk Port Using
- Page 470 and 471:
Figure 7-8. Create a vmk Port Using
- Page 472 and 473:
CMHLAB-DC2-VSM1(config-erspan-src)#
- Page 474 and 475:
N7K-2(config-erspan-src)# no shut N
- Page 476 and 477:
Legend: l = learning enabled f = fo
- Page 478 and 479:
Legend: l = learning enabled f = fo
- Page 480 and 481:
Note The Nexus 5500 series switches
- Page 482 and 483:
cmhlab-dc2-tor2(config-erspan-src)#
- Page 484 and 485:
802.1Q Virtual LAN 000. .... .... .
- Page 486 and 487:
.... 10.. = Port Role: Root (2) ...
- Page 488 and 489:
Frame Length: 57 bytes Capture Leng
- Page 490 and 491:
...0 .... .... .... = CFI: 0 .... 0
- Page 492 and 493:
..1. .... = Forwarding: Yes ...1 ..
- Page 497 and 498:
Note You can add more show commands
- Page 499 and 500:
Data Center Jealousy(config-callhom
- Page 501 and 502:
neighbor If the email transport opt
- Page 503 and 504:
Example 7-35. System-Generated Chec
- Page 505 and 506:
After a review of the differences,
- Page 507 and 508:
Checkpoints can be given a name and
- Page 509 and 510:
Rollback Patch is Empty Note: Apply
- Page 511 and 512:
Jealousy(config-flow-record)# end J
- Page 513 and 514:
Layer 2 NetFlow cannot be applied i
- Page 515 and 516:
packets CMHLAB-DC2-VSM1(config-flow
- Page 517 and 518:
where NTP runs in multiple VDCs, th
- Page 519 and 520:
Local clock time:Sun May 6 03:21:16
- Page 521 and 522:
2. A DHCP request is sent and repli
- Page 523 and 524:
if protocol == "telnet": c = "/isan
- Page 525 and 526:
scLogFileName + ".*100%", \ pexpect
- Page 527 and 528:
print "Failed connecting to " + hos
- Page 529 and 530:
• Higher availability: Quite simp
- Page 531 and 532:
eaping the benefits of a Unified I/
- Page 533 and 534:
Figure 8-4. FIP Process FIP can be
- Page 535 and 536:
Multhop Fibre Channel over Ethernet
- Page 537 and 538:
to Cisco NX-OS,” and the focus in
- Page 539 and 540:
switch as a Fabric Port (F-port) an
- Page 541 and 542:
-----------------------------------
- Page 543 and 544:
Restarting system. Single-Hop FCoE
- Page 545 and 546:
1 minute output rate 0 bits/sec, 0
- Page 547 and 548:
Port Native Status Port Vlan Channe
- Page 549 and 550:
Click here to view code image N5K-1
- Page 551 and 552:
N5K-1# A similar configuration must
- Page 553 and 554:
N7K-1# config Enter configuration c
- Page 555 and 556:
Click here to view code image N7K-1
- Page 557 and 558:
2000 2000 Operational N7K-1-FCoE# N
- Page 559 and 560:
version 5.2(2a) interface Ethernet3
- Page 561 and 562:
Note If all the shared ASIC ports a
- Page 563 and 564:
Figure 8-14. FCoE Topology Example
- Page 565 and 566:
could fail. By taking advantage of
- Page 567 and 568:
VSM in an active-standby pair; and
- Page 569 and 570:
Figure 9-2. Nexus 1000V Topology Th
- Page 571 and 572:
The VEM differentiates between the
- Page 573 and 574:
Figure 9-3. VEM Loop Prevention Not
- Page 575 and 576:
login as: admin Nexus 1010 Using ke
- Page 577 and 578:
VsbEthernet1/1 control 0 up up VsbE
- Page 579 and 580:
vsm login: admin Password: Cisco Ne
- Page 581 and 582:
Click here to view code image vsm#
- Page 583 and 584:
Figure 9-6. Selecting the Plug-Ins
- Page 585 and 586:
Figure 9-9. Registering the Plug-In
- Page 587 and 588:
such license is available at http:/
- Page 589 and 590:
sync status: Complete version: VMwa
- Page 591 and 592:
Figure 9-14. Entering the VMWare vC
- Page 593 and 594:
Figure 9-16. The OVA File and VSM R
- Page 595 and 596:
Figure 9-18. Configuring the Networ
- Page 597 and 598:
Figure 9-20. VSM Configuration Attr
- Page 599 and 600:
Figure 9-22. VSM Installation Proce
- Page 601 and 602:
Figure 9-24. VSM Installation Summa
- Page 603 and 604:
1000v Management Center. Note For t
- Page 605 and 606:
Figure 9-28. Entering the Nexus 100
- Page 607 and 608:
Figure 9-30. VEM Configuration Summ
- Page 609 and 610:
Figure 9-32. Configuring the Nexus
- Page 611 and 612:
Reboot Required: false VIBs Install
- Page 613 and 614:
vsm(config-port-prof)# no shutdown
- Page 615 and 616:
Figure 9-34. Adding the VEM Through
- Page 617 and 618:
Figure 9-36. Selecting the ESX Host
- Page 619 and 620:
Figure 9-38. Selecting the VM to Mi
- Page 621 and 622:
Figure 9-40. Verifying That the ESX
- Page 623 and 624:
--- -------------------------------
- Page 625 and 626:
vsm# Note There is a 60-day evaluat
- Page 627 and 628:
Figure 9-41. 1000V-Topology Example
- Page 629 and 630:
vsm(config)# Example 9-11 shows how
- Page 631 and 632:
Figure 9-43. Selecting the vmkernel
- Page 633 and 634:
2012 Aug 23 22:29:33 vsm %VIM-5-IF_
- Page 635 and 636:
• VLAN configuration • VMware m
- Page 637 and 638:
vsm(config-port-prof)# no shutdown
- Page 639 and 640:
HR-APPS Veth3 Net Adapter 1 Demo-Te
- Page 641 and 642:
Figure 9-46. Verifying the Port-Pro
- Page 643 and 644:
Click here to view code image Sampl
- Page 645 and 646:
(vASA) to deploy virtualized servic
- Page 647 and 648:
Figure 9-49. Verifying the OVF Depl
- Page 649 and 650:
Figure 9-51. Specifying the Data Ce
- Page 651 and 652:
Figure 9-53. Specifying the Specifi
- Page 653 and 654:
Figure 9-55. Specifying the Datasto
- Page 655 and 656:
Figure 9-57. Specifying the IP Addr
- Page 657 and 658:
Figure 9-59. Verifying the Informat
- Page 659 and 660:
Figure 9-63. Displaying the VNMC Vi
- Page 661 and 662:
Figure 9-65. Browse to the VNMC Man
- Page 663 and 664:
Figure 9-68. Install the Extension
- Page 665 and 666:
8. Add vCenter VM Manager in VNMC (
- Page 667 and 668:
Figure 9-75. Display vCenter ESX Ho
- Page 669 and 670:
workloads. Deployment of virtualize
- Page 671 and 672:
Figure 9-77. VSG System Component C
- Page 673 and 674:
ootflash:/repository Directory Clic
- Page 675 and 676:
Configuring the Cisco VNMC Policy-A
- Page 677 and 678:
Creating a Tenant in VMMC Figure 9-
- Page 679 and 680:
Figure 9-83. Creating a Virtual Dat
- Page 681 and 682:
Figure 9-87. Create a Security Prof
- Page 683 and 684:
Figure 9-89. Creating a Security Pr
- Page 685 and 686:
Figure 9-92 shows how to assign the
- Page 687 and 688:
Figure 9-95. Adding a Policy in VNM
- Page 689 and 690:
demonstrated in Example 9-30. Examp
- Page 691 and 692:
profile Employee state enabled vsm(
- Page 693 and 694:
Click here to view code image vsm#
- Page 695 and 696:
Figure 9-100. Create a vmk Interfac
- Page 697 and 698:
Example 9-39. Verify the vPath Info
- Page 699 and 700:
Flow Lookup Hit 229 Flow Lookup Mis
- Page 701 and 702:
Destroy 8 L4 TCP Flow Create 0 L4 T
- Page 703 and 704:
Rcvd 0 L2-Frag Coalesced 0 Encap ex
- Page 705 and 706:
Encap Err 0 0 0 All- Drops 38 1 Flo
- Page 707 and 708:
DV Port : 161 DVS uuid : ed 5d 0b 5
- Page 709 and 710:
Figure 9-103 shows the VXLAN topolo
- Page 711 and 712:
Enter configuration commands, one p
- Page 713 and 714:
Figure 9-105. Assigning vmknic 10.1
- Page 715 and 716:
Figure 9-108. Assigning the VxLAN-V
- Page 717 and 718:
Figure 9-110. The VMs and ESX Host
- Page 719 and 720:
Figure 9-112. Verifying the VM IP A
- Page 721 and 722:
Segment BD Error: 0 Dest Mcast IP n
- Page 723 and 724:
Pinning Failed on Decap: 0 Can't ge
- Page 725 and 726:
75 Multicast Packets 1801 Broadcast
- Page 727 and 728:
0 Input Packet Drops 0 Output Packe
- Page 729 and 730:
2 Eth3/3 3 182 0013.21cb.eb94 dynam
- Page 731 and 732:
105 0050.568b.1c32 dynamic 47 Eth4/
- Page 733 and 734:
username admin password 5 $1$Sx5LsG
- Page 735 and 736:
switchport access vlan 182 no shutd
- Page 737 and 738:
capability l3-vn-service vmware dvp
- Page 739 and 740:
ip ttl 64 ip prec 0 ip dscp 0 mtu 1
- Page 741 and 742:
VM version 7. VM type Other Linux 6
- Page 743 and 744:
Figure 9-116. Option to Install the
- Page 745 and 746:
Figure 9-118. Login Prompt After Bo
- Page 747 and 748:
session 1 --------------- type : er
- Page 749 and 750:
Figure 9-121. Selecting or Changing
- Page 751 and 752:
Figure 9-124. Defining the Subnet I
- Page 753 and 754:
Figure 9-126. Monitoring and Traffi
- Page 755 and 756:
1000v.VSG1.3.1a.iso 246831104 Aug 0
- Page 757 and 758:
Chapter 10. Quality of Service (QoS
- Page 759 and 760:
Nexus devices enable class maps to
- Page 761 and 762:
switch to offer lossless services o
- Page 763 and 764:
============================ policy
- Page 765 and 766:
The queues are hardware components
- Page 767 and 768:
queue-limit percent 16 queue droppe
- Page 769 and 770:
the remaining queues to schedule tr
- Page 771 and 772:
default-4q-8e-out- Service-policy (
- Page 773 and 774:
N7K-2(config-pmap-que)# class type
- Page 775 and 776:
Class-map (queuing): 1p7q4t-out-q3
- Page 777 and 778:
fex port interface: Ethernet101/1/1
- Page 779 and 780:
FCoE is defined by default, it is g
- Page 781 and 782:
Service-policy (queuing) output: de
- Page 783 and 784:
Service-policy (queuing) input: voi
- Page 785 and 786:
QoS on Nexus 1000V The Nexus 1000V
- Page 787 and 788:
Click here to view code image demol
- Page 789 and 790:
demolab-vsm1(config-cmap-que)# exit
- Page 791 and 792:
the overlay; this enables data cent
- Page 793 and 794:
• OTV join-interface: The OTV joi
- Page 795 and 796:
identifier is mandatory to configur
- Page 797 and 798:
AED)Overlay1 59* otv- 1 active Over
- Page 799 and 800:
Stale routes during non-graceful co
- Page 801 and 802:
57 0050.5692.48d1 42 1w4d overlay o
- Page 803 and 804:
59 0050.569c.2902 1 4d00h site port
- Page 805 and 806:
channel1002 61 00e0.81c2.4a74 42 1w
- Page 807 and 808:
and preventing unicast-flooding in
- Page 809 and 810:
ip pim rp-address 40.10.10.50 group
- Page 811 and 812:
Example 11-14. Sample Configuration
- Page 813 and 814:
102-103, 106, 116, 120, 122 (Total:
- Page 815 and 816:
For the Layer 2 multicast communica
- Page 817 and 818:
MAC_ vlan vlan-name interface OTV-i
- Page 819 and 820:
Example 11-19 shows the OTV ARP Cac
- Page 821 and 822:
! mac access-list ALL_MACs 10 permi
- Page 823 and 824:
methods are discussed from a high-l
- Page 825 and 826:
ip route 10.1.64.128/25 Null0 250 r
- Page 827 and 828:
• VRF-Aware Telnet • VRF-Aware
- Page 829 and 830:
Ethernet10/22 default 1 - - Etherne
- Page 831 and 832:
for any subsequent show or EXEC com
- Page 833 and 834:
N7k-1(config)# feature isis N7k-1(c
- Page 835 and 836:
Paths: (1 available, best #1) Flags
- Page 837 and 838:
• Label Switching Router (LSR): A
- Page 839 and 840:
N7k-1(config)# install feature-set
- Page 841 and 842:
192.168.0.2 2.2.2.2 From a CE to PE
- Page 843 and 844:
Click here to view code image N7k-1
- Page 845 and 846:
license be installed first. The Nex
- Page 847 and 848:
• EID addresses: The IP addresses
- Page 849 and 850:
Note Consult the following link to
- Page 851 and 852:
destination of 172.20.40.0 /24. LIS
- Page 853 and 854:
infrastructure, destined to one of
- Page 855 and 856:
13-3. Example 13-3. Define the Glob
- Page 857 and 858:
Layer 3 SVI interface. Note The mul
- Page 859 and 860:
authentication-key 3 9125d59c18a9b0
- Page 861 and 862:
Click here to view code image N7K1#
- Page 863 and 864:
Who last registered: 1.1.1.13 Routi
- Page 865 and 866:
connects the xTR to the L3 domain o
- Page 867 and 868:
Design Goals Figure 14-1. Existing
- Page 869 and 870:
must go smoothly. With this in mind
- Page 871 and 872:
10.255.255.2 vrf VPCKA peer-gateway
- Page 873 and 874:
dove(config-if)# shutdown dove(conf
- Page 875 and 876:
Click here to view code image bluej
- Page 877 and 878:
outed full 10G 10g Po2 to CS1 (BLUE
- Page 879 and 880:
with previous steps, these port-cha
- Page 881 and 882:
scotland(config-if)# switchport sco
- Page 883 and 884:
Design Note Care has been given to
- Page 885 and 886:
w - waiting to be aggregated Number
- Page 887 and 888:
0023.04ee.be01 0 2 20 15 This bridg
- Page 889 and 890:
denmark# show run interface Vlan26
- Page 891 and 892:
! We want this to be an undesirable
- Page 893 and 894:
egypt(config-if)# shutdown egypt(co
- Page 895 and 896:
egypt# conf t Enter configuration c
- Page 897 and 898:
TenGigabitEthernet4/3 D 10.198.57.0
- Page 899 and 900:
egypt(config-if-hsrp)# interface vl
- Page 901 and 902:
Standby 10.198.208.4 local 10.198.2
- Page 903 and 904:
0023.04ee.be01 3 2 20 15 Po100 VLAN
- Page 905 and 906:
Figure 14-4. Migrated Topology One
- Page 907 and 908:
Figure 14-5. Topology with 5K/2K De
- Page 909 and 910:
Example 14-52. vPC Configuration on
- Page 911 and 912:
channel-group 101 interface Etherne
- Page 913 and 914:
stub routing, 146 summarization, 14
- Page 915 and 916:
oadcast storms, traffic storm contr
- Page 917 and 918:
multicasts, 253 CP (Control Process
- Page 919 and 920:
Nexus 7000, 386-392 overview of, 38
- Page 921 and 922:
authentication, 174-203 configuring
- Page 923 and 924:
stateful switchovers, 368-369 Unifi
- Page 925 and 926:
isolated VLAN (Virtual Local Area N
- Page 927 and 928:
Rapid-PVST, 80-87 RootGuard, 96-97
- Page 929 and 930:
LSP, 719 LSR, 719 managing, 725 Nex
- Page 931 and 932:
LoopGuard, 97-98 Loose Unicast RPF
- Page 933 and 934:
defining, 719 enabling, 721-722 ope
- Page 935 and 936:
Atomic mode, 434 Best-Effort mode,
- Page 937 and 938:
Nexus 1000v NX-OS licensing, 9 NX-O
- Page 939 and 940:
FCoE installation, 478-479 MDS FCoE
- Page 941 and 942:
network advertisements, 157 passive
- Page 943 and 944:
topology of, 155, 170 VRF configura
- Page 945 and 946:
ARP synchronization, 117 flow contr
- Page 947 and 948:
FEX, 661-662 forwarding architectur
- Page 949 and 950:
HSRP, 174-203 IP Source Guard, 321-
- Page 951 and 952:
snooping DHCP snooping, 313-316 IGM
- Page 953 and 954:
configuration files, 33-35 file sys
- Page 955 and 956:
enabling FCoE, 468 enabling NPV mod
- Page 957 and 958:
Single-Hop FCoE configuration, 471-
- Page 959:
port profile creation, 545-546 port
Inappropriate
Loading...
Inappropriate
You have already flagged this document.
Thank you, for helping us keep this platform clean.
The editors will have a look at it as soon as possible.
Mail this publication
Loading...
Embed
Loading...
Delete template?
Are you sure you want to delete your template?
DOWNLOAD ePAPER
This ePaper is currently not available for download.
You can find similar magazines on this topic below under ‘Recommendations’.
Change language