SlideShare une entreprise Scribd logo

Topic 5 nx os management-ver 0.2

Télécharger en tant que PPTX, PDF
Krunal Shah
Krunal Shah

The document discusses several topics related to NX-OS management on Nexus devices including SPAN, NetFlow, Smart Call Home, managing system files, and implementing NTP and PTP. It provides configuration examples and details for SPAN, ERSPAN, NetFlow, and Smart Call Home. It also describes the different file systems used to manage files on Nexus devices and commands to work with files.

Technologie
1  sur  29
Topic 5 NX-OS Management
NX-OS Management • SPAN and ERSPAN • NetFlow • Smart Call Home • Manage System Files • Implement NTP, PTP • Implement Configure and Verify DCNM Functionality
SPAN • Switchport analyzer : Copies the traffic (Tx/RX/both) from source interface/VLANs to destination port. • Destination port cannot be a port-channel, FEX’s host interface or a shared interface (between storage and LAN VDC) and cannot be part of two different span session. Must be in same VDC as source port. • Destination port can be an access port or trunk port but MUST BE configured with “switchport monitor” command. • Source interface can be a 10gig port and destination can be 1gig port in same span session.
SPAN • N7K introduces virtual SPAN session to monitor multiple VLAN sources and choose only VLANs of interest to transmit on multiple destination ports. • IMP thing to remember is Virtual SPAN sessions cause all source packets to be copied to all destinations, whether the packets are required at the destination or not. VLAN traffic filtering occurs at the egress destination port level.
SPAN configuration example Nexus 7000 N7K(config)# interface ethernet 2/5 N7K(config-if)# switchport N7K(config-if)# switchport mode trunk N7K(config-if)# switchport monitor N7K(config-if)# no shut N7K(config-if)# exit N7K(config)# monitor session 3 N7K(config-monitor)# source interface ethernet 2/1-3, ethernet 101/1/2 N7K(config-monitor)# source interface port-channel 2 rx N7K(config-monitor)# source interface sup- eth 0 both N7K(config-monitor)# source vlan 3, 6-8 tx N7K(config-monitor)# filter vlan 3-5, 7 N7K(config-monitor)# destination interface ethernet 2/5 N7K(config-monitor)# no shut Nexus 5500 N5K(config)# interface ethernet 1/3 N5K(config-if)# switchport monitor N5K(config-if)# exit N5K(config)# monitor session 3 N5K(config-monitor)# source interface ethernet 1/16 N5K(config-monitor)# source interface port-channel 2 rx N5K(config-monitor)# source vlan 1 N5K(config-monitor)# destination interface ethernet 1/3 N5K(config)# interface fc 2/4 N5K(config-if)# switchport mode SD N5K(config-if)# switchport speed 1000 N5K(config-if)# exit N5K(config)# monitor session 2 N5K(config-monitor)# source vsan 1 N5K(config-monitor)# destination interface fc 2/4
SPAN configuration differences • In N7K switch(config)# monitor session 3 switch(config-monitor)# rate-limit 10 switch(config-monitor)# no shut • In N5K switch(config)# no monitor session 3 shut switch(config-if)# switchport monitor rate-limit 1G I do not have good answer for this configuration differences.
N5K Valid span source and destination Source SPAN Dest SPAN Ethernet Ethernet Fibre Channel Fibre Channel (speed must be configured) Fibre Channel Ethernet (FCoE) (10G port Only) Virtual Fibre Channel Fibre Channel Virtual Fibre Channel Ethernet (FCoE) (10G port Only)
Feature Parameter Verified Limit (Cisco NX-OS 6.0) SPAN and ERSPAN Number of configured (not active) SPAN sessions per VDC 48 Number of active SPAN or ERSPAN source sessions per system 2 Number of active ERSPAN destination sessions per system 23 Number of source interfaces per SPAN or ERSPAN session 128 Number of destination interfaces per SPAN or ERSPAN session 32 Number of source VLANs per SPAN or ERSPAN session1 32 N7K configuration limits for SPAN
Encapsulated Remote Switched Port Analyzer (ERSPAN) • ERSPAN transports mirrored traffic over an IP network in GRE encapsulated packets. • There are two types of ERSPAN sessions : source and destination. • Sample for erspan-source type configuration NX-7000# config t NX-7000(config)# interface e1/30 NX-7000(config-if)# no shut NX-7000(config-if)# exit NX-7000(config)# monitor erspan origin ip-address 3.3.3.3 global NX-7000(config)# monitor session 1 type erspan-source NX-7000(config-erspan-src)# source interface e1/30 NX-7000(config-erspan-src)# erspan-id 1 NX-7000(config-erspan-src)# ip ttl 16 NX-7000(config-erspan-src)# ip dscp 5 NX-7000(config-erspan-src)# vrf default NX-7000(config-erspan-src)# destination ip 9.1.1.2 NX-7000(config-erspan-src)# no shut NX-7000(config-erspan-src)# exit NX-7000(config)# show monitor session 1
Encapsulated Remote Switched Port ANalyzer (ERSPAN) • Sample for erspan-destination type configuration NX-7000# config t NX-7000(config)# interface e1/30 NX-7000(config-if)# ip address 9.1.1.2/24 NX-7000(config-if)# no shut NX-7000(config)# interface e2/20 NX-7000(config-if)# switchport mode access NX-7000(config-if)# description Laptop with wireshark connected to it NX-7000(config-if)# switchport monitor NX-7000(config)# monitor session 1 type erspan-destination NX-7000(config-erspan-dst)# source ip 9.1.1.2 NX-7000(config-erspan-dst)# destination interface e2/20 NX-7000(config-erspan-dst)# no shut NX-7000(config-erspan-dst)# erspan-id 5 NX-7000(config-erspan-dst)#vrf default NX-7000(config)# show monitor session 1
Encapsulated Remote Switched Port ANalyzer (ERSPAN) • Nexus 1000v does not support destination erspan • Capability L3-control has to be specified for port-profile of ERSPAN source. This port profile is applied to vmk port of hypervisor and it is used as source of a GRE tunnel.
Netflow • It is a Cisco NX-OS application that provides statistics on packets flowing through the router. • NetFlow captures data from ingress and egress packets. • Egress packets – Egress NetFlow Accounting: IP traffic only – NetFlow MPLS Egress: MPLS-to-IP packets • Key Fields – Src IP – Dst IP – Src Port – Dst port – Layer 3 protocol type – Type of service (ToS) – Input Logical Interface • You can configure NetFlow on a per-subinterface basis.
Netflow Export • Expired flows in NetFlow Cache grouped together into “NetFlow Export” datagrams for export from the device. • Versions – V9: more flexible and extensible. Supports IPv4, IPv6, Multicast, MPLS and BGP. Record formats are defined by templates. – V8: A format added to support data export from aggregation cache. – V5: most commonly used format. Adds BGP AS information and flow sequence number. – V1: Initially released export format • Datagram sizes – V1: 24 flows, 1200bytes – V5&v9: 30 flows, 1500bytes
Netflow • Sample configuration feature netflow flow exporter Exporter_name destination 192.168.2.12 use-vrf management source mgmt0 ! It can be any other interface. version 9 flow record Record_name match ipv4 source address match ipv4 destination address collect counter bytes collect counter packets flow monitor FOO record Record_name exporter Exporter_name interface Ethernet2/45 ip flow monitor FOO output ip address 10.20.1.1/24 no shutdown
Smart Call Home (SCH) • SCH provides an automated notification system for policies that Network admin has defined. • E.g SCH can automate process of opening a TAC case with Cisco TAC for hardware failure and attach appropriate corresponding CLI output. • SCH is email based application and it supports – Test based – XML based Message formats (destination-profiles format).
Smart Call Home (SCH) • Prerequisites for SCM configuration. Requires a SMARTNET support contract from Cisco CCO ID that has this contract attached. SNMP system contact has o be configured “snmp- server contact sys-contact”. ip domain-name and ip name-server for DNS look-ups or ip host for static entries in order to resolve host- names that may appear in destination addresses. Register device using call home registration process
Smart Call Home (SCH) Configuration • Everything is configured under “callhome” and configuration can be seen using show run callhome. • Configure SNMP syscontact NX-7000(config)# snmp-server contact person@company.com • Configure the mandatory contact information NX-7000(config)#callhome NX-7000(config-callhome)#email-contact email-address NX-7000(config-callhome)#phone-contact +1-000-000-0000 NX-7000(config-callhome)#streetaddress a-street-address • Configure the mandatory email server information and from email address NX-7000(config-callhome)#transport email smtp-server ip-address port 25 use-vrf vrf-name NX-7000(config-callhome)#transport email from email-address • Set the destination profile and attach alert group NX-7000(config-callhome)#destination-profile CiscoTAC-1 email-addr callhome@cisco.com NX-7000(config-callhome)#destination-profile CiscoTAC-1 transport-method email NX-7000(config-callhome)#destination-profile CiscoTAC-1 alert-group Cisco-TAC • Add additional command in alert group NX-7000(config-callhome)# alert-group Cisco-TAC user-def-cmd show ip route • Finally commit and enable callhome NX-7000(config-callhome)#commit NX-7000(config-callhome)#enable
Smart Call Home (SCH) Configuration • Testing Smart Call Home Communications NX-7000(config-callhome)# callhome send [diagnostic | configuration ] NX-7000(config-callhome)# callhome test • Callhome configuration (except for SNMP sysContact and device priority) can be distributed thru CFS over IP or CFS over Ethernet just like device-alias, zones and DPVM in fiber channel world to other switches. NX-7000(config)# callhome NX-7000(config-callhome)# distribute NX-7000(config-callhome)# show callhome status Distribution : Enabled NX-7000(config-callhome)# commit
Smart Call Home (SCH) verification NX-7000# show callhome ? <CR> > Redirect it to a file >> Redirect it to a file in append mode destination-profile Show callhome destination profile information last Show the status of the last cfs commit/abort operation merge Show the status of the last cfs merge operation pending Show the status of pending callhome commands pending-diff Show the difference between running and pending config session Show the status of the last cfs commit/abort operation status Show if CFS distribution is enabled/disabled for callhome transport Show callhome transport configuration (email and http) user-def-cmds Show the cli commands configured for each alert group | Pipe command output to filter
Smart Call Home (SCH) • Sample Lab question: Configure call home feature on NX-AGG01 VDCs. Create a desitnation profile call it N0c101, use admin@company.com,1 800 123 4567 and address: 123 Anystreet st. Anytown,AnyWhere. Send configuration along with routing table of default vrf.set urgency level to “Major”. Use 192.0.2.10 as email server make sure to use proper vrf which is used to reach this email server. All configuration has to be done on NX-AGG01 switch and it should distribute this configuration to NX-AGG02 switch. • Solution: switchto vdc NX-AGG01 cfs ipv4 distribute snmp-server contact person@company.com callhome distribute email-contact admin@company.com phone-contact +1-800-123-4567 streetaddress 123 Anystreet st. Anytown,AnyWhere destination-profile Noc101 format full-txt destination-profile full-text-destination callhome@cisco.com destination-profile full-text-destination message-level 5 destination-profile Noc101 alert-group Configuration alert-group Configuration user-def-cmd show ip route transport email mail-server 192.0.2.10 priority 1 transport http use-vrf Blue enable commit switchto vdc NX-AGG02 cfs ipv4 distribute snmp-server contact person@company.com callhome
Management of System Files There are 5 files systems in Nexus 7000 and nexus 5500 NX-7000# dir ? bootflash: Directory or filename debug: Directory or filename log: Directory or filename logflash: Directory or filename on log flash slot0: Directory or filename on expansion flash usb1: Directory or filename usb2: Directory or filename volatile: Directory or filename NX-5500# dir ? bootflash: Directory or filename debug: Directory or filename log: Directory or filename modflash: Directory or filename usb1: Directory or filename volatile: Directory or filename
Management of System Files • Bootflash: Internal CompactFlash memory located on the supervisor module used for storing image files, configuration files, and other miscellaneous files. The initial default directory is bootflash. In N7K it has two modules sup-remote sup-local. • Debug: Memory on a supervisor module used for debug logs. • Log: Memory on the active supervisor that stores logging file statistics. • Logflash or modflash: • System: Memory on a supervisor module used for storing the running-configuration file. • Volatile: Volatile random-access memory (VRAM) located on a supervisor module used for temporary or pending changes. • NVRAM: Nonvolatile random-access memory (NVRAM) located on a supervisor module used for storing the startup-configuration file. • Usb1 or usb2: External USB flash memory installed in a supervisor module used for storing image files, configuration files, and other miscellaneous files.
Management of System Files • Identifying the Current Directory NX-7000# pwd bootflash: • Creating a Directory NX-7000# mkdir trace • Changing the Current Directory NX-7000# cd trace NX-7000# pwd bootflash:trace • Displaying Directory Contents NX-7000# dir bootflash: 161980383 Sep 07 16:29:26 2011 n7000-s1-dk9.5.2.1.bin 30674944 Aug 20 16:41:54 2011 n7000-s1-kickstart.5.2.1.bin 4096 Jul 04 14:49:28 2012 trace/ • Deleting a Directory NX-7000# rmdir trace • Accessing Directories on the Standby Supervisor Module NX-7000# dir bootflash:? bootflash:/// bootflash://module-5/ bootflash://module-6/ bootflash://sup-1/ bootflash://sup-2/ bootflash://sup-active/ bootflash://sup-local/ bootflash://sup-remote/ bootflash://sup-standby/
Management of System Files • Moving Files: move [filesystem:[//module/][directory /] | directory/]source-filename {{filesystem:[//module/][directory /] |directory/}[target-filename] | target-filename} • Copying Files: copy [filesystem:[//module/][directory/] | directory/]source- filename | {filesystem:[//module/][directory/]] |directory/}[target- filename] • Deleting Files: NX-7000# delete bootflash:hardware.txt ? <CR> no-prompt Do not prompt for multiple deletion of files • Displaying File Contents: show file bootflash:startuplogs.txt • Displaying File Checksums: show file bootflash:startuplogs.txt [md5 | cksum] • Compressing and Uncompressing Files (Creating an Archive Files): NX-7000# g? gunzip Uncompresses LZ77 coded files gzip Compresses file using LZ77 coding • Displaying the Last Lines in a File: NX-7000#tail bootflash:startuplogs.txt
Management of System Files • Redirecting show Command Output to a File NX-7000# show hardware ? <CR> > Redirect it to a file >> Redirect it to a file in append mode NX-7000# show hardware > bootflash:hardware.txt • Finding Files in directory and its all subdirectories. V-BAN1-NX7K01# find hardware.txt /usr/bin/find: ./lost+found: Permission denied ./hardware.txt • Collecting core files from core: partition, command “show cores” then Collect the core file number e.g. 1123 then “copy core:1123 tftp:”
Network Time protocol (NTP) • Protocol used to synchronize timing on network devices. All NTP communications use Coordinated Universal Time (UTC). • Only default VDC synchronizes the system clock at any given time but multiple instances of NTP on different VDCs are supported. • To configure NTP, you must have connectivity to at least one server that is running NTP. • VRF aware • Configuration can be distributed via CFS (but not ntp authentication key).
Network Time protocol (NTP) • Feature ntp • ntp server {ip-address | ipv6-address | dns-name} [key key-id] [maxpoll max-poll] [minpoll min-poll] [prefer] [use-vrf vrf-name] ! Forms an association with a server. • ntp authentication-key number md5 md5-string • ntp trusted-key number • ntp access-group {peer | serve | serve-only | query-only} access-list-name • ntp source-interface interface | ntp source ip- address • ntp logging
Network Time protocol (NTP) NX-7000# sh ntp ? access-groups Display NTP access groups authentication-keys Display authentication keys authentication-status NTP Authentication Status internal NTP internal info logging-status Display NTP logging status peer-status Show the status for all the server/peers peers Show all the peers. pending Show the NTP temporary database pending-diff Show the pending database diff. rts-update Show if the RTS update is enabled session Show the session information source Source IP address configured source-interface Source interface configured statistics Show the NTP statistics status Show the NTP distribution status trusted-keys Display trusted keys
Reference • http://www.cisco.com/en/US/docs/switches/ datacenter/sw/6_x/nx- os/system_management/configuration/guide/ sm_3ntp.html

Recommandé

Cisco Commands
Cisco CommandsCisco Commands
Cisco Commands
Fredrick Hall
 
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Cisco Canada
 
Cisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA ConfigurationCisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA Configuration
Hamed Moghaddam
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static Configuration
Hamed Moghaddam
 
Cisco CCNA- How to Configure Multi-Layer Switch
Cisco CCNA- How to Configure Multi-Layer SwitchCisco CCNA- How to Configure Multi-Layer Switch
Cisco CCNA- How to Configure Multi-Layer Switch
Hamed Moghaddam
 
Ccna Imp Guide
Ccna Imp GuideCcna Imp Guide
Ccna Imp Guide
abhijitgnbbl
 
Cisco CCNA CCNP VACL Configuration
Cisco CCNA CCNP VACL ConfigurationCisco CCNA CCNP VACL Configuration
Cisco CCNA CCNP VACL Configuration
Hamed Moghaddam
 
ACI Multicast 구성 가이드
ACI Multicast 구성 가이드ACI Multicast 구성 가이드
ACI Multicast 구성 가이드
Woo Hyung Choi
 

Recommandé

Cisco Commands
Cisco CommandsCisco Commands
Cisco Commands
Fredrick Hall
 
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Introduction to Network Performance Measurement with Cisco IOS IP Service Lev...
Cisco Canada
 
Cisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA ConfigurationCisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA Configuration
Hamed Moghaddam
 
Cisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static ConfigurationCisco CCNA IPV6 Static Configuration
Cisco CCNA IPV6 Static Configuration
Hamed Moghaddam
 
Cisco CCNA- How to Configure Multi-Layer Switch
Cisco CCNA- How to Configure Multi-Layer SwitchCisco CCNA- How to Configure Multi-Layer Switch
Cisco CCNA- How to Configure Multi-Layer Switch
Hamed Moghaddam
 
Ccna Imp Guide
Ccna Imp GuideCcna Imp Guide
Ccna Imp Guide
abhijitgnbbl
 
Cisco CCNA CCNP VACL Configuration
Cisco CCNA CCNP VACL ConfigurationCisco CCNA CCNP VACL Configuration
Cisco CCNA CCNP VACL Configuration
Hamed Moghaddam
 
ACI Multicast 구성 가이드
ACI Multicast 구성 가이드ACI Multicast 구성 가이드
ACI Multicast 구성 가이드
Woo Hyung Choi
 
Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port Security
Hamed Moghaddam
 
Packet Tracer Simulation Lab Layer3 Routing
Packet Tracer Simulation Lab Layer3 RoutingPacket Tracer Simulation Lab Layer3 Routing
Packet Tracer Simulation Lab Layer3 Routing
Johnson Liu
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT Configuration
Hamed Moghaddam
 
Cisco CCNA EIGRP IPV6 Configuration
Cisco CCNA EIGRP IPV6 ConfigurationCisco CCNA EIGRP IPV6 Configuration
Cisco CCNA EIGRP IPV6 Configuration
Hamed Moghaddam
 
Cisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListCisco CCNA-Standard Access List
Cisco CCNA-Standard Access List
Hamed Moghaddam
 
Ccnpswitch
CcnpswitchCcnpswitch
Ccnpswitch
Siddhartha Rajbhatt
 
Ccna command
Ccna commandCcna command
Ccna command
Siddhartha Rajbhatt
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPN
NetProtocol Xpert
 
Cisco CCNA- PPP Multilink Configuration
Cisco CCNA- PPP Multilink ConfigurationCisco CCNA- PPP Multilink Configuration
Cisco CCNA- PPP Multilink Configuration
Hamed Moghaddam
 
Juniper JNCIA – Juniper RIP Route Configuration
Juniper JNCIA – Juniper RIP Route ConfigurationJuniper JNCIA – Juniper RIP Route Configuration
Juniper JNCIA – Juniper RIP Route Configuration
Hamed Moghaddam
 
How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1
n|u - The Open Security Community
 
Cisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationCisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configuration
Hamed Moghaddam
 
Ha nsf notes
Ha nsf notesHa nsf notes
Ha nsf notes
Krunal Shah
 
How to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guideHow to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guide
IT Tech
 
CCN3Switching_lab_5_5_2
CCN3Switching_lab_5_5_2CCN3Switching_lab_5_5_2
CCN3Switching_lab_5_5_2
alan moreno
 
Cisco CCNA-Router on Stick
Cisco CCNA-Router on StickCisco CCNA-Router on Stick
Cisco CCNA-Router on Stick
Hamed Moghaddam
 
Cisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationCisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 Configuration
Hamed Moghaddam
 
Juniper JNCIA – Juniper Floating Static Route Configuration
Juniper JNCIA – Juniper Floating Static Route ConfigurationJuniper JNCIA – Juniper Floating Static Route Configuration
Juniper JNCIA – Juniper Floating Static Route Configuration
Hamed Moghaddam
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
Thomas Graf
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center support
Krunal Shah
 
Service Provider Networks and Frame Relay
Service Provider Networks and Frame RelayService Provider Networks and Frame Relay
Service Provider Networks and Frame Relay
Tharindu Sankalpa
 
Lab6.4.1
Lab6.4.1Lab6.4.1
Lab6.4.1
Kanbuncha Panichcharoen
 

Contenu connexe

Tendances

Packet Tracer Simulation Lab Layer3 Routing
Packet Tracer Simulation Lab Layer3 RoutingPacket Tracer Simulation Lab Layer3 Routing
Packet Tracer Simulation Lab Layer3 Routing
Johnson Liu
 
CCN3Switching_lab_5_5_2
CCN3Switching_lab_5_5_2CCN3Switching_lab_5_5_2
CCN3Switching_lab_5_5_2
alan moreno
 

Tendances (18)

Cisco CCNA Port Security
Cisco CCNA Port SecurityCisco CCNA Port Security
Cisco CCNA Port Security
 
Packet Tracer Simulation Lab Layer3 Routing
Packet Tracer Simulation Lab Layer3 RoutingPacket Tracer Simulation Lab Layer3 Routing
Packet Tracer Simulation Lab Layer3 Routing
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT Configuration
 
Cisco CCNA EIGRP IPV6 Configuration
Cisco CCNA EIGRP IPV6 ConfigurationCisco CCNA EIGRP IPV6 Configuration
Cisco CCNA EIGRP IPV6 Configuration
 
Cisco CCNA-Standard Access List
Cisco CCNA-Standard Access ListCisco CCNA-Standard Access List
Cisco CCNA-Standard Access List
 
Ccnpswitch
CcnpswitchCcnpswitch
Ccnpswitch
 
Ccna command
Ccna commandCcna command
Ccna command
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPN
 
Cisco CCNA- PPP Multilink Configuration
Cisco CCNA- PPP Multilink ConfigurationCisco CCNA- PPP Multilink Configuration
Cisco CCNA- PPP Multilink Configuration
 
Juniper JNCIA – Juniper RIP Route Configuration
Juniper JNCIA – Juniper RIP Route ConfigurationJuniper JNCIA – Juniper RIP Route Configuration
Juniper JNCIA – Juniper RIP Route Configuration
 
How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1
 
Cisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configurationCisco CCNA IP SLA with tracking configuration
Cisco CCNA IP SLA with tracking configuration
 
Ha nsf notes
Ha nsf notesHa nsf notes
Ha nsf notes
 
How to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guideHow to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guide
 
CCN3Switching_lab_5_5_2
CCN3Switching_lab_5_5_2CCN3Switching_lab_5_5_2
CCN3Switching_lab_5_5_2
 
Cisco CCNA-Router on Stick
Cisco CCNA-Router on StickCisco CCNA-Router on Stick
Cisco CCNA-Router on Stick
 
Cisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 ConfigurationCisco CCNA OSPF IPV6 Configuration
Cisco CCNA OSPF IPV6 Configuration
 
Juniper JNCIA – Juniper Floating Static Route Configuration
Juniper JNCIA – Juniper Floating Static Route ConfigurationJuniper JNCIA – Juniper Floating Static Route Configuration
Juniper JNCIA – Juniper Floating Static Route Configuration
 

Similaire à Topic 5 nx os management-ver 0.2

The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
Thomas Graf
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center support
Krunal Shah
 
Ccna voice study summary 460
Ccna voice study summary 460Ccna voice study summary 460
Ccna voice study summary 460
B Mach
 

Similaire à Topic 5 nx os management-ver 0.2 (20)

The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThe Next Generation Firewall for Red Hat Enterprise Linux 7 RC
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center support
 
Service Provider Networks and Frame Relay
Service Provider Networks and Frame RelayService Provider Networks and Frame Relay
Service Provider Networks and Frame Relay
 
Lab6.4.1
Lab6.4.1Lab6.4.1
Lab6.4.1
 
SPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANSPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPAN
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
 
Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)
 
CCNA R&S 2 3 4 All Commands
CCNA R&S 2 3 4 All Commands CCNA R&S 2 3 4 All Commands
CCNA R&S 2 3 4 All Commands
 
Configuración del dial peer
Configuración del dial peer Configuración del dial peer
Configuración del dial peer
 
OSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchOSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable Switch
 
managing your network environment
managing your network environmentmanaging your network environment
managing your network environment
 
Ccna voice study summary 460
Ccna voice study summary 460Ccna voice study summary 460
Ccna voice study summary 460
 
Catena
CatenaCatena
Catena
 
RNEC N101 Lite- RAX711-L.pptx
RNEC N101 Lite- RAX711-L.pptxRNEC N101 Lite- RAX711-L.pptx
RNEC N101 Lite- RAX711-L.pptx
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
Ciso commands
Ciso commandsCiso commands
Ciso commands
 
Ciso commands
Ciso commandsCiso commands
Ciso commands
 
Basic cisco commands_by_marcus_nielson_2
Basic cisco commands_by_marcus_nielson_2Basic cisco commands_by_marcus_nielson_2
Basic cisco commands_by_marcus_nielson_2
 
Aula04 - configuração da topologia ppp - resolvido
Aula04 - configuração da topologia ppp - resolvidoAula04 - configuração da topologia ppp - resolvido
Aula04 - configuração da topologia ppp - resolvido
 
CampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology EvolvementCampusSDN2017 - Jawdat: SDN Technology Evolvement
CampusSDN2017 - Jawdat: SDN Technology Evolvement
 

Plus de Krunal Shah

Plus de Krunal Shah (7)

Vpc notes
Vpc notesVpc notes
Vpc notes
 
Ucs security part2
Ucs security part2Ucs security part2
Ucs security part2
 
Ucs rbac aaa-backu-ps
Ucs rbac aaa-backu-psUcs rbac aaa-backu-ps
Ucs rbac aaa-backu-ps
 
Otv notes
Otv notesOtv notes
Otv notes
 
Nexus 1000v part ii
Nexus 1000v part iiNexus 1000v part ii
Nexus 1000v part ii
 
Nexus 1000v
Nexus 1000vNexus 1000v
Nexus 1000v
 
Fhrp notes
Fhrp notesFhrp notes
Fhrp notes
 

Dernier

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Dernier (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

Topic 5 nx os management-ver 0.2

  • 1. Topic 5 NX-OS Management
  • 2. NX-OS Management • SPAN and ERSPAN • NetFlow • Smart Call Home • Manage System Files • Implement NTP, PTP • Implement Configure and Verify DCNM Functionality
  • 3. SPAN • Switchport analyzer : Copies the traffic (Tx/RX/both) from source interface/VLANs to destination port. • Destination port cannot be a port-channel, FEX’s host interface or a shared interface (between storage and LAN VDC) and cannot be part of two different span session. Must be in same VDC as source port. • Destination port can be an access port or trunk port but MUST BE configured with “switchport monitor” command. • Source interface can be a 10gig port and destination can be 1gig port in same span session.
  • 4. SPAN • N7K introduces virtual SPAN session to monitor multiple VLAN sources and choose only VLANs of interest to transmit on multiple destination ports. • IMP thing to remember is Virtual SPAN sessions cause all source packets to be copied to all destinations, whether the packets are required at the destination or not. VLAN traffic filtering occurs at the egress destination port level.
  • 5. SPAN configuration example Nexus 7000 N7K(config)# interface ethernet 2/5 N7K(config-if)# switchport N7K(config-if)# switchport mode trunk N7K(config-if)# switchport monitor N7K(config-if)# no shut N7K(config-if)# exit N7K(config)# monitor session 3 N7K(config-monitor)# source interface ethernet 2/1-3, ethernet 101/1/2 N7K(config-monitor)# source interface port-channel 2 rx N7K(config-monitor)# source interface sup- eth 0 both N7K(config-monitor)# source vlan 3, 6-8 tx N7K(config-monitor)# filter vlan 3-5, 7 N7K(config-monitor)# destination interface ethernet 2/5 N7K(config-monitor)# no shut Nexus 5500 N5K(config)# interface ethernet 1/3 N5K(config-if)# switchport monitor N5K(config-if)# exit N5K(config)# monitor session 3 N5K(config-monitor)# source interface ethernet 1/16 N5K(config-monitor)# source interface port-channel 2 rx N5K(config-monitor)# source vlan 1 N5K(config-monitor)# destination interface ethernet 1/3 N5K(config)# interface fc 2/4 N5K(config-if)# switchport mode SD N5K(config-if)# switchport speed 1000 N5K(config-if)# exit N5K(config)# monitor session 2 N5K(config-monitor)# source vsan 1 N5K(config-monitor)# destination interface fc 2/4
  • 6. SPAN configuration differences • In N7K switch(config)# monitor session 3 switch(config-monitor)# rate-limit 10 switch(config-monitor)# no shut • In N5K switch(config)# no monitor session 3 shut switch(config-if)# switchport monitor rate-limit 1G I do not have good answer for this configuration differences.
  • 7. N5K Valid span source and destination Source SPAN Dest SPAN Ethernet Ethernet Fibre Channel Fibre Channel (speed must be configured) Fibre Channel Ethernet (FCoE) (10G port Only) Virtual Fibre Channel Fibre Channel Virtual Fibre Channel Ethernet (FCoE) (10G port Only)
  • 8. Feature Parameter Verified Limit (Cisco NX-OS 6.0) SPAN and ERSPAN Number of configured (not active) SPAN sessions per VDC 48 Number of active SPAN or ERSPAN source sessions per system 2 Number of active ERSPAN destination sessions per system 23 Number of source interfaces per SPAN or ERSPAN session 128 Number of destination interfaces per SPAN or ERSPAN session 32 Number of source VLANs per SPAN or ERSPAN session1 32 N7K configuration limits for SPAN
  • 9. Encapsulated Remote Switched Port Analyzer (ERSPAN) • ERSPAN transports mirrored traffic over an IP network in GRE encapsulated packets. • There are two types of ERSPAN sessions : source and destination. • Sample for erspan-source type configuration NX-7000# config t NX-7000(config)# interface e1/30 NX-7000(config-if)# no shut NX-7000(config-if)# exit NX-7000(config)# monitor erspan origin ip-address 3.3.3.3 global NX-7000(config)# monitor session 1 type erspan-source NX-7000(config-erspan-src)# source interface e1/30 NX-7000(config-erspan-src)# erspan-id 1 NX-7000(config-erspan-src)# ip ttl 16 NX-7000(config-erspan-src)# ip dscp 5 NX-7000(config-erspan-src)# vrf default NX-7000(config-erspan-src)# destination ip 9.1.1.2 NX-7000(config-erspan-src)# no shut NX-7000(config-erspan-src)# exit NX-7000(config)# show monitor session 1
  • 10. Encapsulated Remote Switched Port ANalyzer (ERSPAN) • Sample for erspan-destination type configuration NX-7000# config t NX-7000(config)# interface e1/30 NX-7000(config-if)# ip address 9.1.1.2/24 NX-7000(config-if)# no shut NX-7000(config)# interface e2/20 NX-7000(config-if)# switchport mode access NX-7000(config-if)# description Laptop with wireshark connected to it NX-7000(config-if)# switchport monitor NX-7000(config)# monitor session 1 type erspan-destination NX-7000(config-erspan-dst)# source ip 9.1.1.2 NX-7000(config-erspan-dst)# destination interface e2/20 NX-7000(config-erspan-dst)# no shut NX-7000(config-erspan-dst)# erspan-id 5 NX-7000(config-erspan-dst)#vrf default NX-7000(config)# show monitor session 1
  • 11. Encapsulated Remote Switched Port ANalyzer (ERSPAN) • Nexus 1000v does not support destination erspan • Capability L3-control has to be specified for port-profile of ERSPAN source. This port profile is applied to vmk port of hypervisor and it is used as source of a GRE tunnel.
  • 12. Netflow • It is a Cisco NX-OS application that provides statistics on packets flowing through the router. • NetFlow captures data from ingress and egress packets. • Egress packets – Egress NetFlow Accounting: IP traffic only – NetFlow MPLS Egress: MPLS-to-IP packets • Key Fields – Src IP – Dst IP – Src Port – Dst port – Layer 3 protocol type – Type of service (ToS) – Input Logical Interface • You can configure NetFlow on a per-subinterface basis.
  • 13. Netflow Export • Expired flows in NetFlow Cache grouped together into “NetFlow Export” datagrams for export from the device. • Versions – V9: more flexible and extensible. Supports IPv4, IPv6, Multicast, MPLS and BGP. Record formats are defined by templates. – V8: A format added to support data export from aggregation cache. – V5: most commonly used format. Adds BGP AS information and flow sequence number. – V1: Initially released export format • Datagram sizes – V1: 24 flows, 1200bytes – V5&v9: 30 flows, 1500bytes
  • 14. Netflow • Sample configuration feature netflow flow exporter Exporter_name destination 192.168.2.12 use-vrf management source mgmt0 ! It can be any other interface. version 9 flow record Record_name match ipv4 source address match ipv4 destination address collect counter bytes collect counter packets flow monitor FOO record Record_name exporter Exporter_name interface Ethernet2/45 ip flow monitor FOO output ip address 10.20.1.1/24 no shutdown
  • 15. Smart Call Home (SCH) • SCH provides an automated notification system for policies that Network admin has defined. • E.g SCH can automate process of opening a TAC case with Cisco TAC for hardware failure and attach appropriate corresponding CLI output. • SCH is email based application and it supports – Test based – XML based Message formats (destination-profiles format).
  • 16. Smart Call Home (SCH) • Prerequisites for SCM configuration. Requires a SMARTNET support contract from Cisco CCO ID that has this contract attached. SNMP system contact has o be configured “snmp- server contact sys-contact”. ip domain-name and ip name-server for DNS look-ups or ip host for static entries in order to resolve host- names that may appear in destination addresses. Register device using call home registration process
  • 17. Smart Call Home (SCH) Configuration • Everything is configured under “callhome” and configuration can be seen using show run callhome. • Configure SNMP syscontact NX-7000(config)# snmp-server contact person@company.com • Configure the mandatory contact information NX-7000(config)#callhome NX-7000(config-callhome)#email-contact email-address NX-7000(config-callhome)#phone-contact +1-000-000-0000 NX-7000(config-callhome)#streetaddress a-street-address • Configure the mandatory email server information and from email address NX-7000(config-callhome)#transport email smtp-server ip-address port 25 use-vrf vrf-name NX-7000(config-callhome)#transport email from email-address • Set the destination profile and attach alert group NX-7000(config-callhome)#destination-profile CiscoTAC-1 email-addr callhome@cisco.com NX-7000(config-callhome)#destination-profile CiscoTAC-1 transport-method email NX-7000(config-callhome)#destination-profile CiscoTAC-1 alert-group Cisco-TAC • Add additional command in alert group NX-7000(config-callhome)# alert-group Cisco-TAC user-def-cmd show ip route • Finally commit and enable callhome NX-7000(config-callhome)#commit NX-7000(config-callhome)#enable
  • 18. Smart Call Home (SCH) Configuration • Testing Smart Call Home Communications NX-7000(config-callhome)# callhome send [diagnostic | configuration ] NX-7000(config-callhome)# callhome test • Callhome configuration (except for SNMP sysContact and device priority) can be distributed thru CFS over IP or CFS over Ethernet just like device-alias, zones and DPVM in fiber channel world to other switches. NX-7000(config)# callhome NX-7000(config-callhome)# distribute NX-7000(config-callhome)# show callhome status Distribution : Enabled NX-7000(config-callhome)# commit
  • 19. Smart Call Home (SCH) verification NX-7000# show callhome ? <CR> > Redirect it to a file >> Redirect it to a file in append mode destination-profile Show callhome destination profile information last Show the status of the last cfs commit/abort operation merge Show the status of the last cfs merge operation pending Show the status of pending callhome commands pending-diff Show the difference between running and pending config session Show the status of the last cfs commit/abort operation status Show if CFS distribution is enabled/disabled for callhome transport Show callhome transport configuration (email and http) user-def-cmds Show the cli commands configured for each alert group | Pipe command output to filter
  • 20. Smart Call Home (SCH) • Sample Lab question: Configure call home feature on NX-AGG01 VDCs. Create a desitnation profile call it N0c101, use admin@company.com,1 800 123 4567 and address: 123 Anystreet st. Anytown,AnyWhere. Send configuration along with routing table of default vrf.set urgency level to “Major”. Use 192.0.2.10 as email server make sure to use proper vrf which is used to reach this email server. All configuration has to be done on NX-AGG01 switch and it should distribute this configuration to NX-AGG02 switch. • Solution: switchto vdc NX-AGG01 cfs ipv4 distribute snmp-server contact person@company.com callhome distribute email-contact admin@company.com phone-contact +1-800-123-4567 streetaddress 123 Anystreet st. Anytown,AnyWhere destination-profile Noc101 format full-txt destination-profile full-text-destination callhome@cisco.com destination-profile full-text-destination message-level 5 destination-profile Noc101 alert-group Configuration alert-group Configuration user-def-cmd show ip route transport email mail-server 192.0.2.10 priority 1 transport http use-vrf Blue enable commit switchto vdc NX-AGG02 cfs ipv4 distribute snmp-server contact person@company.com callhome
  • 21. Management of System Files There are 5 files systems in Nexus 7000 and nexus 5500 NX-7000# dir ? bootflash: Directory or filename debug: Directory or filename log: Directory or filename logflash: Directory or filename on log flash slot0: Directory or filename on expansion flash usb1: Directory or filename usb2: Directory or filename volatile: Directory or filename NX-5500# dir ? bootflash: Directory or filename debug: Directory or filename log: Directory or filename modflash: Directory or filename usb1: Directory or filename volatile: Directory or filename
  • 22. Management of System Files • Bootflash: Internal CompactFlash memory located on the supervisor module used for storing image files, configuration files, and other miscellaneous files. The initial default directory is bootflash. In N7K it has two modules sup-remote sup-local. • Debug: Memory on a supervisor module used for debug logs. • Log: Memory on the active supervisor that stores logging file statistics. • Logflash or modflash: • System: Memory on a supervisor module used for storing the running-configuration file. • Volatile: Volatile random-access memory (VRAM) located on a supervisor module used for temporary or pending changes. • NVRAM: Nonvolatile random-access memory (NVRAM) located on a supervisor module used for storing the startup-configuration file. • Usb1 or usb2: External USB flash memory installed in a supervisor module used for storing image files, configuration files, and other miscellaneous files.
  • 23. Management of System Files • Identifying the Current Directory NX-7000# pwd bootflash: • Creating a Directory NX-7000# mkdir trace • Changing the Current Directory NX-7000# cd trace NX-7000# pwd bootflash:trace • Displaying Directory Contents NX-7000# dir bootflash: 161980383 Sep 07 16:29:26 2011 n7000-s1-dk9.5.2.1.bin 30674944 Aug 20 16:41:54 2011 n7000-s1-kickstart.5.2.1.bin 4096 Jul 04 14:49:28 2012 trace/ • Deleting a Directory NX-7000# rmdir trace • Accessing Directories on the Standby Supervisor Module NX-7000# dir bootflash:? bootflash:/// bootflash://module-5/ bootflash://module-6/ bootflash://sup-1/ bootflash://sup-2/ bootflash://sup-active/ bootflash://sup-local/ bootflash://sup-remote/ bootflash://sup-standby/
  • 24. Management of System Files • Moving Files: move [filesystem:[//module/][directory /] | directory/]source-filename {{filesystem:[//module/][directory /] |directory/}[target-filename] | target-filename} • Copying Files: copy [filesystem:[//module/][directory/] | directory/]source- filename | {filesystem:[//module/][directory/]] |directory/}[target- filename] • Deleting Files: NX-7000# delete bootflash:hardware.txt ? <CR> no-prompt Do not prompt for multiple deletion of files • Displaying File Contents: show file bootflash:startuplogs.txt • Displaying File Checksums: show file bootflash:startuplogs.txt [md5 | cksum] • Compressing and Uncompressing Files (Creating an Archive Files): NX-7000# g? gunzip Uncompresses LZ77 coded files gzip Compresses file using LZ77 coding • Displaying the Last Lines in a File: NX-7000#tail bootflash:startuplogs.txt
  • 25. Management of System Files • Redirecting show Command Output to a File NX-7000# show hardware ? <CR> > Redirect it to a file >> Redirect it to a file in append mode NX-7000# show hardware > bootflash:hardware.txt • Finding Files in directory and its all subdirectories. V-BAN1-NX7K01# find hardware.txt /usr/bin/find: ./lost+found: Permission denied ./hardware.txt • Collecting core files from core: partition, command “show cores” then Collect the core file number e.g. 1123 then “copy core:1123 tftp:”
  • 26. Network Time protocol (NTP) • Protocol used to synchronize timing on network devices. All NTP communications use Coordinated Universal Time (UTC). • Only default VDC synchronizes the system clock at any given time but multiple instances of NTP on different VDCs are supported. • To configure NTP, you must have connectivity to at least one server that is running NTP. • VRF aware • Configuration can be distributed via CFS (but not ntp authentication key).
  • 27. Network Time protocol (NTP) • Feature ntp • ntp server {ip-address | ipv6-address | dns-name} [key key-id] [maxpoll max-poll] [minpoll min-poll] [prefer] [use-vrf vrf-name] ! Forms an association with a server. • ntp authentication-key number md5 md5-string • ntp trusted-key number • ntp access-group {peer | serve | serve-only | query-only} access-list-name • ntp source-interface interface | ntp source ip- address • ntp logging
  • 28. Network Time protocol (NTP) NX-7000# sh ntp ? access-groups Display NTP access groups authentication-keys Display authentication keys authentication-status NTP Authentication Status internal NTP internal info logging-status Display NTP logging status peer-status Show the status for all the server/peers peers Show all the peers. pending Show the NTP temporary database pending-diff Show the pending database diff. rts-update Show if the RTS update is enabled session Show the session information source Source IP address configured source-interface Source interface configured statistics Show the NTP statistics status Show the NTP distribution status trusted-keys Display trusted keys