Cisco Systems N3KC3048TP1GE, N3KC3064TFAL3 User Manual

0 (0)
Cisco Systems N3KC3048TP1GE, N3KC3064TFAL3 User Manual

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

First Published: February 29, 2012

Last Modified: March 22, 2012

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive

San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000

800 553-NETS (6387) Fax: 408 527-0883

Text Part Number: OL-26590-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© Cisco Systems, Inc. All rights reserved.

C O N T E N T S

P r e f a c e

C H A P T E R 1

C H A P T E R 2

C H A P T E R 3

Preface xi

Audience xi

Document Conventions xi

Related Documentation for Nexus 3000 Series NX-OS Software xii

Obtaining Documentation and Submitting a Service Request xiv

New and Changed Information for this Release 1

New and Changed Information for this Release 1

 

Overview 3

 

 

 

 

Layer 2 Ethernet Switching Overview

3

 

VLANs 3

 

 

 

 

Private VLANs

4

 

 

 

Spanning Tree

4

 

 

 

STP Overview

4

 

 

Rapid PVST+

5

 

 

MST 5

 

 

 

 

STP Extensions 5

 

 

Configuring Ethernet Interfaces 7

 

 

Information About Ethernet Interfaces

7

 

About the Interface Command 7

 

 

About the Unidirectional Link Detection Parameter

8

Default UDLD Configuration

9

 

UDLD Aggressive and Nonaggressive Modes

9

About Interface Speed 10

 

 

About the Cisco Discovery Protocol

10

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

iii

Contents

C H A P T E R 4

Default CDP Configuration

10

 

 

About the Error-Disabled State 10

 

 

About Port Profiles 11

 

 

 

 

 

 

Guidelines and Limitations for Port Profiles 11

About the Debounce Timer Parameters

11

 

About MTU Configuration

11

 

 

 

 

Configuring Ethernet Interfaces

11

 

 

 

Configuring the UDLD Mode

12

 

 

 

Changing an Interface Port Mode

13

 

 

Configuring Interface Speed

14

 

 

 

Disabling Link Negotiation

15

 

 

 

Configuring the CDP Characteristics 16

 

Enabling or Disabling CDP

17

 

 

 

Enabling the Error-Disabled Detection

18

 

Enabling the Error-Disabled Recovery

19

 

Configuring the Error-Disabled Recovery Interval 19

Configuring the Debounce Timer

20

 

 

Configuring the Description Parameter

20

 

Disabling and Restarting Ethernet Interfaces

21

Displaying Interface Information

21

 

 

Displaying Input Packet Discard Information 23

Default Physical Ethernet Settings

24

 

 

Configuring VLANs 27

 

 

 

 

 

 

Information About VLANs

27

 

 

 

 

 

Understanding VLANs

27

 

 

 

 

 

VLAN Ranges 28

 

 

 

 

 

 

Creating, Deleting, and Modifying VLANs

29

About the VLAN Trunking Protocol 30

 

 

Guidelines and Limitations for VTP 30

 

Configuring a VLAN 30

 

 

 

 

 

 

Creating and Deleting a VLAN 30

 

 

Configuring a VLAN 31

 

 

 

 

 

Adding Ports to a VLAN 32

 

 

 

 

Configuring a VLAN as a Routed SVI

33

 

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

iv

OL-26590-01

Contents

Configuring a VLAN as a Management SVI 34

Configuring VTP 34

Verifying VLAN Configuration 36

C H A P T E R 5

C H A P T E R 6

Configuring Private VLANs 37

 

 

 

 

 

Information About Private VLANs 37

 

 

 

 

Primary and Secondary VLANs in Private VLANs

38

 

 

Private VLAN Ports 38

 

 

 

 

 

Primary, Isolated, and Community Private VLANs

39

 

 

Associating Primary and Secondary VLANs

40

 

 

Private VLAN Promiscuous Trunks

41

 

 

 

Private VLAN Isolated Trunks 41

 

 

 

 

Broadcast Traffic in Private VLANs

41

 

 

 

Private VLAN Port Isolation 41

 

 

 

 

Guidelines and Limitations for Private VLANs 42

 

 

 

Configuring a Private VLAN

42

 

 

 

 

Enabling Private VLANs

42

 

 

 

 

Configuring a VLAN as a Private VLAN 43

 

 

 

Associating Secondary VLANs with a Primary Private VLAN

43

Configuring an Interface as a Private VLAN Host Port

45

 

Configuring an Interface as a Private VLAN Promiscuous Port

45

Configuring a Promiscuous Trunk Port 46

 

 

 

Configuring an Isolated Trunk Port

46

 

 

 

Configuring the Allowed VLANs for PVLAN Trunking Ports

46

Configuring Native 802.1Q VLANs on Private VLANs

47

 

Verifying the Private VLAN Configuration 47

 

 

 

Configuring Access and Trunk Interfaces 49

Information About Access and Trunk Interfaces 49

Understanding Access and Trunk Interfaces 49

Understanding IEEE 802.1Q Encapsulation 50

Understanding Access VLANs 51

Understanding the Native VLAN ID for Trunk Ports 52

Understanding Allowed VLANs 52

Understanding Native 802.1Q VLANs 52

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

v

Contents

 

 

Configuring Access and Trunk Interfaces 53

 

 

 

 

 

Configuring a LAN Interface as an Ethernet Access Port

53

 

 

Configuring Access Host Ports

54

 

 

 

 

 

 

Configuring Trunk Ports 54

 

 

 

 

 

 

 

 

Configuring the Native VLAN for 802.1Q Trunking Ports

55

 

 

Configuring the Allowed VLANs for Trunking Ports 55

 

 

 

Configuring Native 802.1Q VLANs

56

 

 

 

 

 

Verifying Interface Configuration

57

 

 

 

 

 

 

Configuring Switching Modes 59

 

 

 

 

 

 

C H A P T E R

7

 

 

 

 

 

 

 

 

Information About Switching Modes 59

 

 

 

 

 

Guidelines and Limitations for Switching Modes

60

 

 

 

Licensing Requirements for Switching Modes

60

 

 

 

 

Default Settings for Switching Modes

61

 

 

 

 

 

Configuring Switching Modes 61

 

 

 

 

 

 

 

Enabling Store-and-Forward Switching 61

 

 

 

 

 

Reenabling Cut-Through Switching

61

 

 

 

 

 

Feature History for Switching Modes

62

 

 

 

 

 

Configuring Rapid PVST+

63

 

 

 

 

 

 

C H A P T E R

8

 

 

 

 

 

 

 

 

Information About Rapid PVST+

63

 

 

 

 

 

 

Understanding STP

63

 

 

 

 

 

 

 

 

STP Overview

63

 

 

 

 

 

 

 

 

Understanding How a Topology is Created

64

 

 

 

Understanding the Bridge ID 64

 

 

 

 

 

Bridge Priority Value

 

64

 

 

 

 

 

 

Extended System ID

 

65

 

 

 

 

 

 

STP MAC Address Allocation 65

 

 

 

 

 

Understanding BPDUs 66

 

 

 

 

 

 

 

Election of the Root Bridge 67

 

 

 

 

 

 

Creating the Spanning Tree Topology

67

 

 

 

 

Understanding Rapid PVST+

68

 

 

 

 

 

 

Rapid PVST+ Overview

68

 

 

 

 

 

 

Rapid PVST+ BPDUs 69

 

 

 

 

 

 

 

 

Proposal and Agreement Handshake 70

 

 

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

vi

OL-26590-01

Contents

C H A P T E R 9

Protocol Timers 71

Port Roles 71

Port States 72

Rapid PVST+ Port State Overview 72

Blocking State 73

Learning State 73

Forwarding State 73

Disabled State 74

Summary of Port States 74

Synchronization of Port Roles 74

Processing Superior BPDU Information 75

Processing Inferior BPDU Information 76

Spanning-Tree Dispute Mechanism 76

Port Cost 76

Port Priority 77

Rapid PVST+ and IEEE 802.1Q Trunks 77

Rapid PVST+ Interoperation with Legacy 802.1D STP 77

Rapid PVST+ Interoperation with 802.1s MST 78

Configuring Rapid PVST+ 78

Enabling Rapid PVST+ 78

Enabling Rapid PVST+ per VLAN 79

Configuring the Root Bridge ID 80

Configuring a Secondary Root Bridge 81

Configuring the Rapid PVST+ Port Priority 82

Configuring the Rapid PVST+ Pathcost Method and Port Cost 83

Configuring the Rapid PVST+ Bridge Priority of a VLAN 83

Configuring the Rapid PVST+ Hello Time for a VLAN 84

Configuring the Rapid PVST+ Forward Delay Time for a VLAN 85

Configuring the Rapid PVST+ Maximum Age Time for a VLAN 85

Specifying the Link Type 85

Restarting the Protocol 86

Verifying Rapid PVST+ Configurations 86

Configuring Multiple Spanning Tree 89

Information About MST 89

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

vii

Contents

MST Overview 89

MST Regions 90

MST BPDUs 90

MST Configuration Information 91

IST, CIST, and CST 91

IST, CIST, and CST Overview 91

Spanning Tree Operation Within an MST Region 92

Spanning Tree Operations Between MST Regions 92

MST Terminology 93

Hop Count 94

Boundary Ports 94

Spanning-Tree Dispute Mechanism 95

Port Cost and Port Priority 96

Interoperability with IEEE 802.1D 96

Interoperability with Rapid PVST+: Understanding PVST Simulation 97

Configuring MST 97

MST Configuration Guidelines 97

Enabling MST 97

Entering MST Configuration Mode 98

Specifying the MST Name 99

Specifying the MST Configuration Revision Number 100

Specifying the Configuration on an MST Region 100

Mapping and Unmapping VLANs to MST Instances 102

Mapping Secondary VLANs to Same MSTI as Primary VLANs for Private VLANs 102

Configuring the Root Bridge

103

Configuring a Secondary Root Bridge 104

Configuring the Port Priority

105

Configuring the Port Cost 106

Configuring the Switch Priority 106

Configuring the Hello Time

107

Configuring the Forwarding-Delay Time 108

Configuring the Maximum-Aging Time

108

Configuring the Maximum-Hop Count

109

Configuring PVST Simulation Globally

109

Configuring PVST Simulation Per Port

110

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

viii

OL-26590-01

Contents

Specifying the Link Type 111

Restarting the Protocol 111

C H A P T E R 1 0

C H A P T E R 1 1

C H A P T E R 1 2

Verifying MST Configurations 112

 

 

 

 

Configuring STP Extensions 113

 

 

 

 

About STP Extensions 113

 

 

 

 

Information About STP Extensions

113

 

Understanding STP Port Types

113

 

Spanning Tree Edge Ports

113

 

Spanning Tree Network Ports

114

 

Spanning Tree Normal Ports

114

 

Understanding Bridge Assurance

114

 

Understanding BPDU Guard

114

 

 

Understanding BPDU Filtering

115

 

Understanding Loop Guard

116

 

 

 

Understanding Root Guard 116

 

 

 

Configuring STP Extensions 117

 

 

 

 

STP Extensions Configuration Guidelines 117

 

Configuring Spanning Tree Port Types Globally

117

Configuring Spanning Tree Edge Ports on Specified Interfaces 118

Configuring Spanning Tree Network Ports on Specified Interfaces 119

Enabling BPDU Guard Globally

120

 

Enabling BPDU Guard on Specified Interfaces 121

Enabling BPDU Filtering Globally 122

 

Enabling BPDU Filtering on Specified Interfaces

123

Enabling Loop Guard Globally

124

 

Enabling Loop Guard or Root Guard on Specified Interfaces 124

Verifying STP Extension Configuration 125

 

Configuring LLDP 127

 

 

 

 

Configuring Global LLDP Commands

127

 

Configuring Interface LLDP Commands

129

 

Configuring the MAC Address Table

131

 

 

 

Information About MAC Addresses

131

 

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

ix

Contents

C H A P T E R 1 3

C H A P T E R 1 4

Configuring MAC Addresses 131

Configuring a Static MAC Address 131

Configuring the Aging Time for the MAC Table 132

Clearing Dynamic Addresses from the MAC Table 133

Verifying the MAC Address Configuration 133

Configuring IGMP Snooping 135

Information About IGMP Snooping 135

IGMPv1 and IGMPv2 136

IGMPv3 137

IGMP Snooping Querier 137

IGMP Forwarding 137

Configuring IGMP Snooping Parameters 138

Verifying IGMP Snooping Configuration 141

Configuring Traffic Storm Control 143

Information About Traffic Storm Control 143

Traffic Storm Guidelines and Limitations 144

Configuring Traffic Storm Control 145

Verifying Traffic Storm Control Configuration 146

Traffic Storm Control Example Configuration 146

Default Traffic Storm Settings 146

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

x

OL-26590-01

Preface

This preface contains the following sections:

Audience, page xi

Document Conventions, page xi

Related Documentation for Nexus 3000 Series NX-OS Software, page xii

Obtaining Documentation and Submitting a Service Request, page xiv

Audience

This publication is for experienced network administrators who configure and maintain Cisco Nexus Series devices.

Document Conventions

Command descriptions use the following conventions:

Convention

Description

bold

Bold text indicates the commands and keywords that you enter literally

 

as shown.

Italic

Italic text indicates arguments for which the user supplies the values.

[x]

Square brackets enclose an optional element(keyword or argument).

[x | y]

Square brackets enclosing keywords or arguments separated by a vertical

 

bar indicate an optional choice.

{x | y}

Braces enclosing keywords or arguments separated by a vertical bar

 

indicate a required choice.

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

xi

Preface

Related Documentation for Nexus 3000 Series NX-OS Software

Convention

Description

[x {y | z}]

Nested set of square brackets or braces indicate optional or required

 

choices within optional or required elements. Braces and a vertical bar

 

within square brackets indicate a required choice within an optional

 

element.

variable

Indicates a variable for which you supply values, in context where italics

 

cannot be used.

string

A nonquoted set of characters. Do not use quotation marks around the

 

string or the string will include the quotation marks.

Examples use the following conventions:

Convention

Description

screen font

Terminal sessions and information the switch displays are in screen font.

boldface screen font

Information you must enter is in boldface screen font.

italic screen font

Arguments for which you supply values are in italic screen font.

< >

Nonprinting characters, such as passwords, are in angle brackets.

[ ]

Default responses to system prompts are in square brackets.

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line

 

of code indicates a comment line.

This document uses the following conventions:

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Related Documentation for Nexus 3000 Series NX-OS Software

The entire Cisco NX-OS 3000 Series documentation set is available at the following URL:

http://www.cisco.com/en/US/products/ps11541/tsd_products_support_series_home.html

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

xii

OL-26590-01

Preface

Related Documentation for Nexus 3000 Series NX-OS Software

Release Notes

The release notes are available at the following URL:

http://www.cisco.com/en/US/products/ps11541/prod_release_notes_list.html

Installation and Upgrade Guides

The installation and upgrade guides are available at the following URL:

http://www.cisco.com/en/US/products/ps11541/prod_installation_guides_list.html

The documents in this category include:

Cisco Nexus 5000 Series, Cisco Nexus 3000 Series, and Cisco Nexus 2000 Series Safety Information and Documentation

Regulatory, Compliance, and Safety Information for the Cisco Nexus 5000 Series, Cisco Nexus 3000 Series, and Cisco Nexus 2000 Series

Cisco Nexus 3000 Series Hardware Installation Guide

Configuration Guides

The configuration guides are available at the following URL: http://www.cisco.com/en/US/products/ps11541/products_installation_and_configuration_guides_list.html The documents in this category include:

Configuration Limits for Cisco NX-OS

Fundamentals Configuration Guide

Layer 2 Switching Configuration Guide

Multicast Configuration Guide

Quality of Service Configuration Guide

Security Configuration Guide

System Management Configuration Guide

Unicast Routing Configuration Guide

Verified Scalability Guide for Cisco NX-OS

Technical References

The technical references are available at the following URL:

http://www.cisco.com/en/US/products/ps11541/prod_technical_reference_list.html

Error and System Messages

The error and system message reference guides are available at the following URL:

http://www.cisco.com/en/US/products/ps11541/products_system_message_guides_list.html

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

xiii

Preface

Obtaining Documentation and Submitting a Service Request

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

xiv

OL-26590-01

C H A P T E R 1

New and Changed Information for this Release

The following table provides an overview of the significant changes to this guide for this current release. The table does not provide an exhaustive list of all changes made to the configuration guides or of the new features in this release.

New and Changed Information for this Release, page 1

New and Changed Information for this Release

The following table provides an overview of the significant changes to this guide for this current release. The table does not provide an exhaustive list of all changes made to the configuration guides or of the new features in this release.

Table 1: New and Changed Features

Feature

Description

Added or

Where Documented

 

 

Changed

 

 

 

in

 

 

 

Release

 

Switching Modes

Added a new chapter about configuring your

5.0(3)U3(1)

ConfiguringSwitching

 

switching mode. There are two switching

 

Modes, on page 59

 

modes: cut-through and store-and-forward.

 

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

1

New and Changed Information for this Release

New and Changed Information for this Release

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

2

OL-26590-01

C H A P T E R 2

Overview

This chapter contains the following sections:

Layer 2 Ethernet Switching Overview, page 3

VLANs, page 3

Private VLANs, page 4

Spanning Tree , page 4

Layer 2 Ethernet Switching Overview

The device supports simultaneous, parallel connections between Layer 2 Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet.

The device solves congestion problems caused by high-bandwidth devices and a large number of users by assigning each device (for example, a server) to its own 10-, 100-, 1000-Mbps, or 10-Gigabit collision domain. Because each LAN port connects to a separate Ethernet collision domain, servers in a switched environment achieve full access to the bandwidth.

Because collisions cause significant congestion in Ethernet networks, an effective solution is full-duplex communication. Typically, 10/100-Mbps Ethernet operates in half-duplex mode, which means that stations can either receive or transmit. In full-duplex mode, which is configurable on these interfaces, two stations can transmit and receive at the same time. When packets can flow in both directions simultaneously, the effective Ethernet bandwidth doubles. 1/10-Gigabit Ethernet operates in full-duplex only.

VLANs

A VLAN is a switched network that is logically segmented by function, project team, or application, without regard to the physical locations of the users. VLANs have the same attributes as physical LANs, but you can group end stations even if they are not physically located on the same LAN segment.

Any switch port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded only to end stations in that VLAN. Each VLAN is considered as a logical network, and packets destined for stations that do not belong to the VLAN must be forwarded through a bridge or a router.

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

3

Overview

Private VLANs

All ports, including the management port, are assigned to the default VLAN (VLAN1) when the device first comes up. A VLAN interface, or switched virtual interface (SVI), is a Layer 3 interface that is created to provide communication between VLANs.

The devices support 4094 VLANs in accordance with the IEEE 802.1Q standard. These VLANs are organized into several ranges, and you use each range slightly differently. Some of these VLANs are reserved for internal use by the device and are not available for configuration.

Note Inter-Switch Link (ISL) trunking is not supported on the NX-OS software for the Cisco Nexus 3000 Series.

Private VLANs

Private VLANs provide traffic separation and security at the Layer 2 level.

A private VLAN is one or more pairs of a primary VLAN and a secondary VLAN, all with the same primary VLAN. The two types of secondary VLANs are isolated and community VLANs. Hosts on isolated VLANs communicate only with hosts in the primary VLAN. Hosts in a community VLAN can communicate only among themselves and with hosts in the primary VLAN but not with hosts in isolated VLANs or in other community VLANs.

Regardless of the combination of isolated and community secondary VLANs, all interfaces within the primary VLAN comprise one Layer 2 domain, and therefore, require only one IP subnet.

Spanning Tree

This section discusses the implementation of the Spanning Tree Protocol (STP). Spanning tree is used to refer to IEEE 802.1w and IEEE 802.1s. When the IEEE 802.1D Spanning Tree Protocol is referred to in the publication, 802.1D is stated specifically.

STP Overview

STP provides a loop-free network at the Layer 2 level. Layer 2 LAN ports send and receive STP frames, which are called Bridge Protocol Data Units (BPDUs), at regular intervals. Network devices do not forward these frames but use the frames to construct a loop-free path.

802.1D is the original standard for STP, and many improvements have enhanced the basic loop-free STP. You can create a separate loop-free path for each VLAN, which is named Per VLAN Spanning Tree (PVST+). Additionally, the entire standard was reworked to make the loop-free convergence process faster to keep up with the faster equipment. This STP standard with faster convergence is the 802.1w standard, which is known as Rapid Spanning Tree (RSTP).

Finally, the 802.1s standard, Multiple Spanning Trees (MST), allows you to map multiple VLANs into a single spanning tree instance. Each instance runs an independent spanning tree topology.

Although the software can interoperate with legacy 802.1D systems, the system runs Rapid PVST+ and MST. You can use either Rapid PVST+ or MST in a given VDC; you cannot mix both in one VDC. Rapid PVST+ is the default STP protocol for Cisco NX-OS for the Cisco Nexus 3000 Series.

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

4

OL-26590-01

Overview

Rapid PVST+

Note Cisco NX-OS for the Cisco Nexus 3000 Series uses the extended system ID and MAC address reduction; you cannot disable these features.

In addition, Cisco has created some proprietary features to enhance the spanning tree activities.

Rapid PVST+

Rapid PVST+ is the default spanning tree mode for the software and is enabled by default on the default VLAN and all newly created VLANs.

A single instance, or topology, of RSTP runs on each configured VLAN, and each Rapid PVST+ instance on a VLAN has a single root device. You can enable and disable STP on a per-VLAN basis when you are running Rapid PVST+.

MST

The software also supports MST. The multiple independent spanning tree topologies enabled by MST provide multiple forwarding paths for data traffic, enable load balancing, and reduce the number of STP instances required to support a large number of VLANs.

MST incorporates RSTP, so it also allows rapid convergence. MST improves the fault tolerance of the network because a failure in one instance (forwarding path) does not affect other instances (forwarding paths).

Note Changing the spanning tree mode disrupts the traffic because all spanning tree instances are stopped for the previous mode and started for the new mode.

You can force specified interfaces to send prestandard, rather than standard, MST messages using the command-line interface.

STP Extensions

The software supports the following Cisco proprietary features:

Spanning tree port typesThe default spanning tree port type is normal. You can configure interfaces connected to Layer 2 hosts as edge ports and interfaces connected to Layer 2 switches or bridges as network ports.

Bridge AssuranceOnce you configure a port as a network port, Bridge Assurance sends BPDUs on all ports and moves a port into the blocking state if it no longer receives BPDUs. This enhancement is available only when you are running Rapid PVST+ or MST.

BPDU GuardBPDU Guard shuts down the port if that port receives a BPDU.

BPDU FilterBPDU Filter suppresses sending and receiving BPDUs on the port.

Loop GuardLoop Guard prevents the nondesignated ports from transitioning to the STP forwarding state, which prevents loops in the network.

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

5

Overview

STP Extensions

Root GuardRoot Guard prevents the port from becoming the root in an STP topology.

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

6

OL-26590-01

C H A P T E R 3

Configuring Ethernet Interfaces

This chapter contains the following sections:

Information About Ethernet Interfaces,

page

7

Configuring Ethernet Interfaces,

page

11

 

Displaying Interface Information,

page

21

 

Displaying Input Packet Discard Information,

page 23

Default Physical Ethernet Settings , page 24

 

Information About Ethernet Interfaces

The Ethernet ports can operate as standard Ethernet interfaces connected to servers or to a LAN.

On a Cisco Nexus 3000 Series switch, the Ethernet interfaces are enabled by default.

About the Interface Command

You can enable the various capabilities of the Ethernet interfaces on a per-interface basis using the interface command. When you enter the interface command, you specify the following information:

Interface typeAll physical Ethernet interfaces use the ethernet keyword.

Slot number

Slot 1 includes all the fixed ports.

Slot 2 includes the ports on the upper expansion module (if populated).

Slot 3 includes the ports on the lower expansion module (if populated).

Port number

Port number within the group.

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

7

Configuring Ethernet Interfaces

About the Unidirectional Link Detection Parameter

The interface numbering convention is extended to support use with a Cisco Nexus 2000 Series Fabric Extender as follows:

switch(config)# interface ethernet [chassis/]slot/port

Chassis ID is an optional entry to address the ports of a connected Fabric Extender. The chassis ID is configured on a physical Ethernet or EtherChannel interface on the switch to identify the Fabric Extender discovered via the interface. The chassis ID ranges from 100 to 199.

About the Unidirectional Link Detection Parameter

The Cisco-proprietary Unidirectional Link Detection (UDLD) protocol allows ports that are connected through fiber optics or copper (for example, Category 5 cabling) Ethernet cables to monitor the physical configuration of the cables and detect when a unidirectional link exists. When the switch detects a unidirectional link, UDLD shuts down the affected LAN port and alerts the user. Unidirectional links can cause a variety of problems, including spanning tree topology loops.

UDLD is a Layer 2 protocol that works with the Layer 1 protocols to determine the physical status of a link. At Layer 1, autonegotiation takes care of physical signaling and fault detection. UDLD performs tasks that autonegotiation cannot perform, such as detecting the identities of neighbors and shutting down misconnected LAN ports. When you enable both autonegotiation and UDLD, Layer 1 and Layer 2 detections work together to prevent physical and logical unidirectional connections and the malfunctioning of other protocols.

A unidirectional link occurs whenever traffic transmitted by the local device over a link is received by the neighbor but traffic transmitted from the neighbor is not received by the local device. If one of the fiber strands in a pair is disconnected, as long as autonegotiation is active, the link does not stay up. In this case, the logical link is undetermined, and UDLD does not take any action. If both fibers are working normally at Layer 1, then UDLD at Layer 2 determines whether those fibers are connected correctly and whether traffic is flowing bidirectionally between the correct neighbors. This check cannot be performed by autonegotiation, because autonegotiation operates at Layer 1.

A Cisco Nexus 3000 Series switch periodically transmits UDLD frames to neighbor devices on LAN ports with UDLD enabled. If the frames are echoed back within a specific time frame and they lack a specific acknowledgment (echo), the link is flagged as unidirectional and the LAN port is shut down. Devices on both ends of the link must support UDLD in order for the protocol to successfully identify and disable unidirectional links.

Note By default, UDLD is locally disabled on copper LAN ports to avoid sending unnecessary control traffic on this type of media.

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

8

OL-26590-01

Configuring Ethernet Interfaces

About the Unidirectional Link Detection Parameter

The following figure shows an example of a unidirectional link condition. Device B successfully receives traffic from Device A on the port. However, Device A does not receive traffic from Device B on the same port. UDLD detects the problem and disables the port.

Figure 1: Unidirectional Link

Default UDLD Configuration

The following table shows the default UDLD configuration.

Table 2: UDLD Default Configuration

 

Feature

Default Value

UDLD global enable state

UDLD aggressive mode

UDLD per-port enable state for fiber-optic media

UDLD per-port enable state for twisted-pair (copper) media

Globally disabled

Disabled

Enabled on all Ethernet fiber-optic LAN ports

Disabled on all Ethernet 10/100 and 1000BASE-TX LAN ports

UDLD Aggressive and Nonaggressive Modes

UDLD aggressive mode is disabled by default. You can configure UDLD aggressive mode only on point-to-point links between network devices that support UDLD aggressive mode. If UDLD aggressive mode is enabled, when a port on a bidirectional link that has a UDLD neighbor relationship established stops receiving UDLD frames, UDLD tries to reestablish the connection with the neighbor. After eight failed retries, the port is disabled.

To prevent spanning tree loops, nonaggressive UDLD with the default interval of 15 seconds is fast enough to shut down a unidirectional link before a blocking port transitions to the forwarding state (with default spanning tree parameters).

When you enable the UDLD aggressive mode, the following occurs:

One side of a link has a port stuck (both transmission and receive)

One side of a link remains up while the other side of the link is down

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

9

Configuring Ethernet Interfaces

About Interface Speed

In these cases, the UDLD aggressive mode disables one of the ports on the link, which prevents traffic from being discarded.

About Interface Speed

A Cisco Nexus 3000 Series switch has a number of fixed 10-Gigabit ports, each equipped with SFP+ interface adapters.

About the Cisco Discovery Protocol

The Cisco Discovery Protocol (CDP) is a device discovery protocol that runs over Layer 2 (the data link layer) on all Cisco-manufactured devices (routers, bridges, access servers, and switches) and allows network management applications to discover Cisco devices that are neighbors of already known devices. With CDP, network management applications can learn the device type and the Simple Network Management Protocol (SNMP) agent address of neighboring devices running lower-layer, transparent protocols. This feature enables applications to send SNMP queries to neighboring devices.

CDP runs on all media that support Subnetwork Access Protocol (SNAP). Because CDP runs over the data-link layer only, two systems that support different network-layer protocols can learn about each other.

Each CDP-configured device sends periodic messages to a multicast address, advertising at least one address at which it can receive SNMP messages. The advertisements also contain time-to-live, or holdtime information, which is the length of time a receiving device holds CDP information before discarding it. Each device also listens to the messages sent by other devices to learn about neighboring devices.

The switch supports both CDP Version 1 and Version 2.

Default CDP Configuration

The following table shows the default CDP configuration.

Table 3: Default CDP Configuration

 

Feature

Default Setting

CDP interface state

Enabled

CDP timer (packet update frequency)

60 seconds

CDP holdtime (before discarding)

180 seconds

CDP Version-2 advertisements

Enabled

About the Error-Disabled State

An interface is in the error-disabled (err-disabled) state when the inteface is enabled administratively (using the no shutdown command) but disabled at runtime by any process. For example, if UDLD detects a unidirectional link, the interface is shut down at runtime. However, because the interface is administratively

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

10

OL-26590-01

Configuring Ethernet Interfaces

About Port Profiles

enabled, the interface status displays as err-disabled. Once an interface goes into the err-disabled state, you must manually reenable it or you can configure an automatic timeout recovery value. The err-disabled detection is enabled by default for all causes. The automatic recovery is not configured by default.

When an interface is in the err-disabled state, use the errdisable detect cause command to find information about the error.

You can configure the automatic err-disabled recovery timeout for a particular err-disabled cause by changing the time variable.

The errdisable recovery cause command provides automatic recovery after 300 seconds. To change the recovery period, use the errdisablerecoveryinterval command to specify the timeout period. You can specify 30 to 65535 seconds.

If you do not enable the err-disabled recovery for the cause, the interface stays in the err-disabled state until you enter the shutdown and no shutdown commands. If the recovery is enabled for a cause, the interface is brought out of the err-disabled state and allowed to retry operation once all the causes have timed out. Use the show interface status err-disabled command to display the reason behind the error.

About Port Profiles

The Cisco Nexus 3000 Series device does not support Port Profiles.

Guidelines and Limitations for Port Profiles

The Cisco Nexus 3000 Series device does not support Port Profiles.

About the Debounce Timer Parameters

The debounce timer feature is not supported on Nexus 3000.

About MTU Configuration

The Cisco Nexus 3000 Series switch does not fragment frames. As a result, the switch cannot have two ports in the same Layer 2 domain with different maximum transmission units (MTUs). A per-physical Ethernet interface MTU is not supported. Instead, the MTU is set according to the QoS classes. You modify the MTU by setting Class and Policy maps.

Note When you show the interface settings, a default MTU of 1500 is displayed for physical Ethernet interfaces.

Configuring Ethernet Interfaces

The section includes the following topics:

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

11

Configuring Ethernet Interfaces

Configuring the UDLD Mode

Configuring the UDLD Mode

You can configure normal or aggressive unidirectional link detection (UDLD) modes for Ethernet interfaces on devices configured to run UDLD. Before you can enable a UDLD mode for an interface, you must make sure that UDLD is already enabled on the device that includes the interface. UDLD must also be enabled on the other linked interface and its device.

To use the normal UDLD mode, you must configure one of the ports for normal mode and configure the other port for the normal or aggressive mode. To use the aggressive UDLD mode, you must configure both ports for the aggressive mode.

Note Before you begin, UDLD must be enabled for the other linked port and its device.

To configure the UDLD mode, perform this task:

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# feature udld

Enables UDLD for the device.

Step 3

switch(config)# no feature udld

Disables UDLD for the device.

Step 4

switch(config)# show udld global

Displays the UDLD status for the device.

Step 5

switch(config)# interface type slot/port

Specifies an interface to configure, and enters

 

 

interface configuration mode.

Step 6

switch(config-if)# udld {enable | disable

Enables the normal UDLD mode, disables

 

| aggressive}

UDLD, or enables the aggressive UDLD mode.

Step 7

switch(config-if)# show udld interface

Displays the UDLD status for the interface.

This example shows how to enable the UDLD for the switch:

switch# configure terminal switch(config)# feature udld

This example shows how to enable the normal UDLD mode for an Ethernet port:

switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# udld enable

This example shows how to enable the aggressive UDLD mode for an Ethernet port:

switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# udld aggressive

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

12

OL-26590-01

Configuring Ethernet Interfaces

Changing an Interface Port Mode

This example shows how to disable UDLD for an Ethernet port:

switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# udld disable

This example shows how to disable UDLD for the switch:

switch# configure terminal switch(config)# no feature udld

Changing an Interface Port Mode

You can configure a Quad small form-factor pluggable (QSFP+) port by using the hardwareprofileportmode command. To restore the defaults, use the no form of this command.

To change an interface port mode, preform this task:

Procedure

 

Command or Action

Purpose

 

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# copy

Copies the running configuration to the bootflash. You

 

running-config bootflash:

can use this file to configure your device later.

 

my-config.cfg

 

 

Step 3

switch(config)# write erase

Removes all the interface configurations.

Step 4

switch(config)# reload

Reloads the Cisco Nexus 3000 Series switch software.

Step 5

switch(config)# [no] hardware

Changes the interface port mode.

 

profile portmode portmode

 

 

Step 6

switch(config)# copy

(Optional)

 

running-config startup-config

Saves the change persistently through reboots and restarts

 

 

by copying the running configuration to the startup

 

 

configuration.

Step 7

switch(config)# reload

Reloads the Cisco Nexus 3000 Series switch software.

 

 

Manually apply all the interface configuration. You can

 

 

refer to the configuration file that you saved earlier.

 

 

Note

The interface numbering changes if the ports

 

 

 

are changed from 40G mode to 4x10G mode or

 

 

 

vice-versa.

This example shows how to change the port mode to 48x10g+4x40g for QSFP+ ports:

switch# configure terminal

switch(config) copy running-config bootflash:my-config.cfg switch(config)# write erase

switch(config)# reload

WARNING: This command will reboot the system Do you want to continue? (y/n) [n] y

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

13

Configuring Ethernet Interfaces

Configuring Interface Speed

switch(config)# hardware profile portmode 48x10g+4x40g

Warning: This command will take effect only after saving the configuration and reload! Port configurations could get lost when port mode is changed!

switch(config)# copy running-config startup-config switch(config)# reload

WARNING: This command will reboot the system Do you want to continue? (y/n) [n] y

This example shows how to change the port mode to 48x10g+4x40g for QSFP+ ports and verify the changes:

switch# configure terminal

switch(config)# hardware profile portmode 48x10g+4x40g

Warning: This command will take effect only after saving the configuration and r eload! Port configurations could get lost when port mode is changed! switch(config)# show running-config

!Command: show running-config !Time: Thu Aug 25 07:39:37 2011 version 5.0(3)U2(1)

feature telnet no feature ssh feature lldp

username admin password 5 $1$OOV4MdOM$BAB5RkD22YanT4empqqSM0 role network-admin ip domain-lookup

switchname BLR-QG-5 ip access-list my-acl

10 deny ip any 10.0.0.1/32

20 deny ip 10.1.1.1/32 any

class-map type control-plane match-any copp-arp class-map type control-plane match-any copp-bpdu

:

:

control-plane

service-policy input copp-system-policy hardware profile tcam region arpacl 128 hardware profile tcam region ifacl 256 hardware profile tcam region racl 256 hardware profile tcam region vacl 512 hardware profile portmode 48x10G+4x40G

snmp-server user admin network-admin auth md5 0xdd1d21ee42e93106836cdefd1a60e062 <--Output truncated-->

switch#

This example shows how to restore the default port mode for QSFP+ ports:

switch# configure terminal

switch(config)# no hardware profile portmode

Warning: This command will take effect only after saving the configuration and r eload! Port configurations could get lost when port mode is changed! switch(config)#

Configuring Interface Speed

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface type

Enters interface configuration mode for the specified

 

slot/port

interface. This interface must have a 1-Gigabit Ethernet SFP

 

 

transceiver inserted into it.

Step 3

switch(config-if)# speed speed

Sets the speed on the interface.

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

14

OL-26590-01

Configuring Ethernet Interfaces

Disabling Link Negotiation

Command or Action

Purpose

This command can only be applied to a physical Ethernet interface. The speed argument can be set to one of the following:

10 Mbps

100 Mbps

1 Gbps

10Gbps

automatic

The following example shows how to set the speed for a 1-Gigabit Ethernet port:

switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# speed 1000

Note If the interface and transceiver speed is mismatched, the SFP validation failed message is displayed when you enter the show interface ethernet slot/port command. For example, if you insert a 1-Gigabit SFP transceiver into a port without configuring the speed 1000 command, you will get this error. By default, all ports are 10 Gigabits.

Disabling Link Negotiation

You can disable link negotiation using the nonegotiateauto command. By default, auto-negotiation is enabled on 1-Gigabit ports and disabled on 10-Gigabit ports. By default, auto-negotiation is enabled on the Cisco Nexus 3064 and 3064-X switches and disabled on the Cisco Nexus 3048 switch.

This command is equivalent to the IOS speed non-negotiate command.

Note Cisco does not recommend that you to enable auto negotiation on 10-Gigabit ports. Enabling auto-negotiation on 10-Gigabit ports brings the link down. By default, link negotiation is disabled on 10-Gigabit ports.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface ethernet

Selects the interface and enters interface mode.

 

slot/port

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

OL-26590-01

15

Configuring Ethernet Interfaces

Configuring the CDP Characteristics

 

Command or Action

Purpose

Step 3

switch(config-if)# no negotiate auto

Disables link negotiation on the selected Ethernet

 

 

interface (1-Gigabit port).

Step 4

switch(config-if)# negotiate auto

(Optional)

 

 

Enables link negotiation on the selected Ethernet

 

 

interface. The default for 1-Gigabit ports is enabled.

This example shows how to disable auto negotiation on a specified Ethernet interface (1-Gigabit port): switch# configure terminal

switch(config)# interface ethernet 1/1 switch(config-if)# no negotiate auto switch(config-if)#

This example shows how to enable auto negotiation on a specified Ethernet interface (1-Gigabit port): switch# configure terminal

switch(config)# interface ethernet 1/5 switch(config-if)# negotiate auto switch(config-if)#

Configuring the CDP Characteristics

You can configure the frequency of Cisco Discovery Protocol (CDP) updates, the amount of time to hold the information before discarding it, and whether or not to send Version-2 advertisements.

To configure CDP characteristics for an interface, perform this task:

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# [no] cdp

(Optional)

 

advertise {v1 | v2 }

Configures the version to use to send CDP advertisements.

 

 

Version-2 is the default state.

 

 

Use the no form of the command to return to its default

 

 

setting.

Step 3

switch(config)# [no] cdp format

(Optional)

 

device-id {mac-address |

Configures the format of the CDP device ID. The default is

 

serial-number | system-name}

the system name, which can be expressed as a fully qualified

 

 

domain name.

 

 

Use the no form of the command to return to its default

 

 

setting.

Step 4

switch(config)# [no] cdp

(Optional)

 

holdtime seconds

Specifies the amount of time a receiving device should hold

 

 

the information sent by your device before discarding it. The

 

 

range is 10 to 255 seconds; the default is 180 seconds.

 

Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)

16

OL-26590-01

Loading...
+ 134 hidden pages