Cisco Systems Nexus 5596t N5KC5596TFA User Manual

Size:
1.74 Mb
Download

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide,

Release 5.2(1)N1(1)

First Published: July 02, 2012

Last Modified: July 02, 2012

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive

San Jose, CA 95134-1706USA http://www.cisco.com Tel: 408526-4000

800 553-NETS(6387) Fax: 408527-0883

Text Part Number: 78-26881-OL

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDINGANYOTHERWARRANTYHEREIN,ALLDOCUMENTFILESANDSOFTWAREOFTHESESUPPLIERSAREPROVIDED“ASIS"WITHALLFAULTS. CISCO AND THE ABOVE-NAMEDSUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY,FITNESSFORAPARTICULARPURPOSEANDNONINFRINGEMENTORARISINGFROMACOURSEOFDEALING,USAGE,ORTRADEPRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks.Third-partytrademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

AnyInternetProtocol(IP)addressesusedinthisdocumentarenotintendedtobeactualaddresses. Anyexamples,commanddisplayoutput,andfiguresincludedinthedocumentareshown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2012 Cisco Systems, Inc. All rights reserved.

C O N T E N T S

P r e f a c e

Preface ix

Audience ix

Document Conventions ix

Documentation Feedback x

C H A P T E R 1

C H A P T E R 2

Obtaining Documentation and Submitting a Service Request xi

New and Changed Information for this Release 1

New and Changed Information for this Release 1

 

 

Configuring Layer 2 Interfaces 3

 

 

 

 

Information About Ethernet Interfaces

3

 

 

About the Interface Command 3

 

 

 

Information About Unified Ports 4

 

 

 

Guidelines and Limitations for Unified Ports

4

 

About the Unidirectional Link Detection Parameter

5

Default UDLD Configuration

5

 

 

UDLD Aggressive and Nonaggressive Modes

6

Interface Speed 6

 

 

 

 

About the Cisco Discovery Protocol

6

 

 

Default CDP Configuration

7

 

 

 

About the Error-DisabledState

7

 

 

 

About Port Profiles 8

 

 

 

 

Guidelines and Limitations for Port Profiles

9

 

About the Debounce Timer Parameters 9

 

 

About MTU Configuration 9

Configuring Ethernet Interfaces 10

Configuring a Layer 3 Interface on a Cisco Nexus 5500 Platform Switch 10

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

iii

Contents

C H A P T E R 3

Configuring Unified Ports 10

 

 

 

Configuring the UDLD Mode 12

 

 

 

Configuring Interface Speed

13

 

 

 

Disabling Link Negotiation

14

 

 

 

Configuring the CDP Characteristics 14

 

Enabling or Disabling CDP

15

 

 

 

Enabling the Error-DisabledDetection

16

 

Enabling the Error-DisabledRecovery

17

 

Configuring the Error-DisabledRecovery Interval18

Port Profiles 19

 

 

 

 

 

Creating a Port Profile

19

 

 

 

Modifying a Port Profile 20

 

 

 

Enabling a Specific Port Profile 21

 

 

Inheriting a Port Profile

22

 

 

 

Removing an Inherited Port Profile

23

 

Assigning a Port Profile to a Range of Interfaces 24

Removing a Port Profile from a Range of Interfaces 25

Configuration Examples for Port Profiles 26

Configuring the Debounce Timer

27

 

 

Configuring the Description Parameter

28

 

Disabling and Restarting Ethernet Interfaces

28

Displaying Interface Information 29

 

 

Default Physical Ethernet Settings

31

 

 

Configuring Layer 3 Interfaces 33

 

 

 

 

Information About Layer 3 Interfaces 33

 

 

Routed Interfaces

33

 

 

 

 

Subinterfaces 34

 

 

 

 

 

VLAN Interfaces

35

 

 

 

 

Loopback Interfaces 35

 

 

 

 

Tunnel Interfaces

36

 

 

 

 

Licensing Requirements for Layer 3 Interfaces

36

Guidelines and Limitations for Layer 3 Interfaces 36

Default Settings for Layer 3 Interfaces 36

 

 

Configuring Layer 3 Interfaces

36

 

 

 

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

iv

78-26881-OL

Contents

Configuring a Routed Interface 36

 

Configuring a Subinterface 37

 

Configuring the Bandwidth on an Interface

38

Configuring a VLAN Interface 39

 

Configuring a Loopback Interface 40

 

Assigning an Interface to a VRF 40

 

Verifying the Layer 3 Interfaces Configuration

41

Monitoring Layer 3 Interfaces 42

 

Configuration Examples for Layer 3 Interfaces

43

Related Documents for Layer 3 Interfaces 44

 

MIBs for Layer 3 Interfaces 44

Standards for Layer 3 Interfaces 44

C H A P T E R 4

Configuring Port Channels 45

Information About Port Channels 45

Understanding Port Channels 45

Guidelines and Limitations for Port Channel Configuration 46

Compatibility Requirements 47

Load Balancing Using Port Channels 48

Understanding LACP 51

LACP Overview 51

LACP ID Parameters 52

Channel Modes 52

LACP Marker Responders 53

LACP-Enabled and Static Port Channel Differences 54

Configuring Port Channels 54

Creating a Port Channel 54

Adding a Port to a Port Channel 55

Configuring Load Balancing Using Port Channels 55

Configuring Hardware Hashing for Multicast Traffic 57

Enabling LACP 57

Configuring the Channel Mode for a Port 58

Configuring the LACP Fast Timer Rate 59

Configuring the LACP System Priority and System ID 60

Configuring the LACP Port Priority 60

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

v

Contents

Disabling LACP Graceful Convergence 61

Reenabling LACP Graceful Convergence 62

Verifying Port Channel Configuration 63

Verifying the Load-Balancing Outgoing Port ID 64

C H A P T E R 5

Configuring Virtual Port Channels 65

Information About vPCs 65

vPC Overview 65

Terminology 67

vPC Terminology 67

Fabric Extender Terminology 67

Supported vPC Topologies 68

Cisco Nexus 5000 Series Switch vPC Topology 68

Single Homed Fabric Extender vPC Topology 69

Dual Homed Fabric Extender vPC Topology 70

vPC Domain 70

Peer-Keepalive Link and Messages 71

Compatibility Parameters for vPC Peer Links 71

Configuration Parameters That Must Be Identical 71

Configuration Parameters That Should Be Identical 73

Graceful Type-1 Check 73

Per-VLAN Consistency Check 74

vPC Auto-Recovery 74

vPC Peer Links 74

vPC Peer Link Overview 74

vPC Number 75

vPC Interactions with Other Features 76

Configuring vPC Peer Links and Links to the Core 76 vPC and LACP 77

vPC Peer Links and STP 77

vPC and ARP 78

CFSoE 78

vPC Peer Switch 79

Guidelines and Limitations for vPCs 79

Configuring vPCs 80

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

vi

78-26881-OL

Contents

Enabling vPCs 80

Disabling vPCs 80

Creating a vPC Domain 81

Configuring a vPC Keepalive Link and Messages 82

Creating a vPC Peer Link 84

Checking the Configuration Compatibility 85

Enabling vPC Auto-Recovery 86

Suspending Orphan Ports on a Secondary Switch in a vPC Topology 87

Creating an EtherChannel Host Interface 88

Moving Other Port Channels into a vPC 89

Manually Configuring a vPC Domain MAC Address 90

Manually Configuring the System Priority 91

Manually Configuring a vPC Peer Switch Role 92

Configuring the vPC Peer Switch 93

Configuring a Pure vPC Peer Switch Topology 93

Configuring a Hybrid vPC Peer Switch Topology 94

Verifying the vPC Configuration 95

Viewing The Graceful Type-1 Check Status 96

Viewing A Global Type-1 Inconsistency 97

Viewing An Interface-Specific Type-1 Inconsistency 98

Viewing a Per-VLAN Consistency Status 99

vPC Example Configurations 101

Dual Homed Fabric Extender vPC Configuration Example 101

Single Homed Fabric Extender vPC Configuration Example 103

vPC Default Settings 105

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

vii

Contents

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

viii

78-26881-OL

Preface

This preface contains the following sections:

Audience, page ix

Document Conventions, page ix

Documentation Feedback , page x

Obtaining Documentation and Submitting a Service Request, page xi

Audience

This publication is for experienced network administrators who configure and maintain Cisco Nexus devices and Cisco Nexus 2000 Series Fabric Extenders.

Document Conventions

Command descriptions use the following conventions:

Convention

Description

bold

Bold text indicates the commands and keywords that you enter literally

 

as shown.

Italic

Italic text indicates arguments for which the user supplies the values.

[x]

Square brackets enclose an optional element(keyword or argument).

[x | y]

Squarebracketsenclosingkeywordsorargumentsseparatedbyavertical

 

bar indicate an optional choice.

{x | y}

Braces enclosing keywords or arguments separated by a vertical bar

 

indicate a required choice.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

ix

Preface

Documentation Feedback

Convention

Description

[x {y | z}]

Nested set of square brackets or braces indicate optional or required

 

choices within optional or required elements. Braces and a vertical bar

 

within square brackets indicate a required choice within an optional

 

element.

variable

Indicatesavariableforwhichyousupplyvalues,incontextwhereitalics

 

cannot be used.

string

A nonquoted set of characters. Do not use quotation marks around the

 

string or the string will include the quotation marks.

Examples use the following conventions:

Convention

Description

screen font

Terminalsessionsandinformationtheswitchdisplaysareinscreenfont.

boldface screen font

Information you must enter is in boldface screen font.

italic screen font

Arguments for which you supply values are in italic screen font.

< >

Nonprinting characters, such as passwords, are in angle brackets.

[ ]

Default responses to system prompts are in square brackets.

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line

 

of code indicates a comment line.

This document uses the following conventions:

Note Meansreader take note. Notes contain helpful suggestions or references to material not covered in the manual.

Caution Meansreader be careful. Inthissituation,youmightdosomethingthatcouldresultinequipmentdamage or loss of data.

Documentation Feedback

Toprovidetechnicalfeedbackonthisdocument,ortoreportanerrororomission,pleasesendyourcomments to nexus5k-docfeedback@cisco.com .We appreciate your feedback.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

x

78-26881-OL

Preface

Obtaining Documentation and Submitting a Service Request

Obtaining Documentation and Submitting a Service Request

Forinformationonobtainingdocumentation,submittingaservicerequest,andgatheringadditionalinformation, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

xi

Preface

Obtaining Documentation and Submitting a Service Request

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

xii

78-26881-OL

C H A P T E R 1

New and Changed Information for this Release

The following table provides an overview of the significant changes to this guide for this current release. The table does not provide an exhaustive list of all changes made to the configuration guides or of the new features in this release.

New and Changed Information for this Release, page 1

New and Changed Information for this Release

Thefollowingtableprovidesanoverviewofthesignificantchangestothisguideforthiscurrentrelease. The tabledoesnotprovideanexhaustivelistofallchangesmadetotheconfigurationguidesorofthenewfeatures in this release.

Table 1: New Features

 

 

Feature

Description

Where Documented

IPv6

AddedsupportforIPv6addressing.

Routed Interfaces, on page

 

 

 

 

33

 

 

Configuring a Subinterface,

 

 

on page 37

 

 

Configuring the Bandwidth

 

 

on an Interface, on page 38

 

 

Configuring a VLAN

 

 

Interface, on page 39

 

 

Configuring a Loopback

 

 

Interface, on page 40

 

 

Assigning an Interface to a

 

 

VRF, on page 40

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

1

New and Changed Information for this Release

New and Changed Information for this Release

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

2

78-26881-OL

C H A P T E R 2

Configuring Layer 2 Interfaces

This chapter contains the following sections:

Information About Ethernet Interfaces,

page 3

Configuring Ethernet Interfaces,

page

10

Displaying Interface Information,

page

29

Default Physical Ethernet Settings , page 31

Information About Ethernet Interfaces

The Ethernet ports can operate as standard Ethernet interfaces connected to servers or to a LAN.

TheEthernetinterfacesalsosupportFibreChanneloverEthernet(FCoE). FCoEallowsthephysicalEthernet link to carry both Ethernet and Fibre Channel traffic.

The Ethernet interfaces are enabled by default.

About the Interface Command

You can enable the various capabilities of the Ethernet interfaces on a per-interfacebasis using theinterface command. When you enter theinterface command, you specify the following information:

• Interface type—Allphysical Ethernet interfaces use theethernet keyword.

Slot number

Slot 1 includes all the fixed ports.

Slot 2 includes the ports on the upper expansion module (if populated).

Slot 3 includes the ports on the lower expansion module (if populated).

Slot 4 includes the ports on the lower expansion module (if populated).

Port number— Port number within the group.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

3

Configuring Layer 2 Interfaces

Information About Unified Ports

TheinterfacenumberingconventionisextendedtosupportusewithaCiscoNexus2000SeriesFabricExtender as follows:

switch(config)# interface ethernet [chassis/]slot/port

Chassis ID is an optional entry to address the ports of a connected Fabric Extender. The chassis ID is configuredonaphysicalEthernetorEtherChannelinterfaceontheswitchtoidentifytheFabricExtender discovered via the interface. The chassis ID ranges from 100 to 199.

Information About Unified Ports

Cisco Nexus unified ports allow you to configure a physical port on a Cisco Nexus 5500 Platform switch as a 1/10-GigabitEthernet, Fibre Channel over Ethernet (FCoE), or1-,2-,4-,8-Gigabitnative Fibre Channel port.

Currently, most networks have two types of switches for different types of networks. For example, LAN switches carry Ethernet traffic up to Catalyst switches and SAN switches carry FC traffic from servers to MDS switches. With unified port technology, you can deploy a unified platform, unified device, and unified wire approach. Unified ports allow you to move from an existing segregated platform approach where you choose LAN and SAN port options to transition to a single, unified fabric that is transparent and consistent with existing practices and management software. A unified fabric includes the following:

Unified platform—Usesthe same hardware platform and the same software code level and certifies it once for your LAN and SAN environments.

Unified device—RunsLAN and SAN services on the same platform switch. The unified device allows you to connect your Ethernet and Fibre Channel cables to the same device.

Unified wire—ConvergesLAN and SAN networks on a single converged network adapter (CNA) and connects them to your server.

A unified fabric allows you to manage Ethernet and FCoE features independently with existing Cisco tools.

Guidelines and Limitations for Unified Ports

Ethernet ports and Fibre Channel ports must be configured in the following order:

Fibre Channel ports must be configured from the last port of the module.

Ethernet ports must be configured from the first port of the module.

If the order is not followed, the following errors are displayed:

ERROR: Ethernet range starts from first port of the module

ERROR: FC range should end on last port of the module

On the Cisco Nexus 5548UP switch, the 32 ports of the main slot (slot1) are unified ports. The Ethernet ports start from port 1/1 to port 1/32. The Fibre Channel ports start from port 1/32 backwards to port 1/1.

FortheCiscoNexus5596Tswitch,thelast16ports(ports33-48)areFiberChannelandareconfigurableas unified ports. The first 32 ports(1-32)are10GBase-TEthernet ports only and cannot be configured as unified ports.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

4

78-26881-OL

Configuring Layer 2 Interfaces

About the Unidirectional Link Detection Parameter

About the Unidirectional Link Detection Parameter

TheCisco-proprietaryUnidirectionalLinkDetection(UDLD)protocolallowsportsthatareconnectedthroughfiberopticsorcopper(forexample,Category5cabling)Ethernetcablestomonitorthephysicalconfiguration ofthecablesanddetectwhenaunidirectionallinkexists.Whentheswitchdetectsaunidirectionallink,UDLD shuts down the affected LAN port and alerts the user. Unidirectional links can cause a variety of problems, including spanning tree topology loops.

UDLD is a Layer 2 protocol that works with the Layer 1 protocols to determine the physical status of a link. At Layer 1, autonegotiation takes care of physical signaling and fault detection. UDLD performs tasks that autonegotiationcannotperform,suchasdetectingtheidentitiesofneighborsandshuttingdownmisconnected LANports. WhenyouenablebothautonegotiationandUDLD,Layer1andLayer2detectionsworktogether to prevent physical and logical unidirectional connections and the malfunctioning of other protocols.

A unidirectional link occurs whenever traffic transmitted by the local device over a link is received by the neighborbuttraffictransmittedfromtheneighborisnotreceivedbythelocaldevice.Ifoneofthefiberstrands inapairisdisconnected,aslongasautonegotiationisactive,thelinkdoesnotstayup. Inthiscase,thelogical link is undetermined, and UDLD does not take any action. If both fibers are working normally at Layer 1, thenUDLDatLayer2determineswhetherthosefibersareconnectedcorrectlyandwhethertrafficisflowing bidirectionally between the correct neighbors. This check cannot be performed by autonegotiation, because autonegotiation operates at Layer 1.

A Cisco Nexus device periodically transmits UDLD frames to neighbor devices on LAN ports with UDLD enabled. If the frames are echoed back within a specific time frame and they lack a specific acknowledgment (echo), the link is flagged as unidirectional and the LAN port is shut down. Devices on both ends of the link must support UDLD in order for the protocol to successfully identify and disable unidirectional links.

Note By default, UDLD is locally disabled on copper LAN ports to avoid sending unnecessary control traffic on this type of media.

The following figure shows an example of a unidirectional link condition. Device B successfully receives traffic from Device A on the port. However, Device A does not receive traffic from Device B on the same port. UDLD detects the problem and disables the port.

Figure 1: Unidirectional Link

Default UDLD Configuration

The following table shows the default UDLD configuration.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

5

Configuring Layer 2 Interfaces

Interface Speed

Table 2: UDLD Default Configuration

 

Feature

Default Value

UDLD global enable state

Globally disabled

UDLD aggressive mode

Disabled

UDLD per-portenable state forfiber-opticmedia

Enabled on all Ethernet fiber-opticLAN ports

UDLDper-portenablestatefortwisted-pair(copper)

Disabled on all Ethernet 10/100 and 1000BASE-TX

media

LAN ports

UDLD Aggressive and Nonaggressive Modes

UDLD aggressive mode is disabled by default. You can configure UDLD aggressive mode only on point-to-pointlinksbetweennetworkdevicesthatsupportUDLDaggressivemode.IfUDLDaggressivemodeis enabled, when a port on a bidirectional link that has a UDLD neighbor relationship established stops receivingUDLDframes,UDLDtriestoreestablishtheconnectionwiththeneighbor.Aftereightfailedretries, the port is disabled.

To prevent spanning tree loops, nonaggressive UDLD with the default interval of 15 seconds is fast enough to shut down a unidirectional link before a blocking port transitions to the forwarding state (with default spanning tree parameters).

When you enable the UDLD aggressive mode, the following occurs:

One side of a link has a port stuck (both transmission and receive)

One side of a link remains up while the other side of the link is down

In these cases, the UDLD aggressive mode disables one of the ports on the link, which prevents traffic from being discarded.

Interface Speed

The 5596T switch has 48 base board ports and 3 GEM slots. The first 32 ports are 10GBase-Tports the last 16 ports are SFP+ ports. The10GBase-Tports support a speed of1-Gigabit,10-Gigabit,or Auto. The Auto setting automatically negotiates with the link parser to select either1-Gigabitor10-Gigabitspeed.

About the Cisco Discovery Protocol

TheCiscoDiscoveryProtocol(CDP)isadevicediscoveryprotocolthatrunsoverLayer2(thedatalinklayer) on all Cisco-manufactureddevices (routers, bridges, access servers, and switches) and allows network management applications to discover Cisco devices that are neighbors of already known devices. With CDP, network management applications can learn the device type and the Simple Network Management Protocol(SNMP)agentaddressofneighboringdevicesrunninglower-layer,transparentprotocols.Thisfeatureenablesapplications to send SNMP queries to neighboring devices.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

6

78-26881-OL

Configuring Layer 2 Interfaces

About the Error-DisabledState

CDPrunsonallmediathatsupportSubnetworkAccessProtocol(SNAP).BecauseCDPrunsoverthedata-linklayer only, two systems that support differentnetwork-layerprotocols can learn about each other.

Each CDP-configureddevice sends periodic messages to a multicast address, advertising at least one addressatwhichitcanreceiveSNMPmessages.Theadvertisementsalsocontaintime-to-live,orholdtimeinformation,which is the length of time a receiving device holds CDP information before discarding it. Each device also listens to the messages sent by other devices to learn about neighboring devices.

The switch supports both CDP Version 1 and Version 2.

Default CDP Configuration

The following table shows the default CDP configuration.

Table 3: Default CDP Configuration

 

Feature

Default Setting

CDP interface state

Enabled

CDP timer (packet update frequency)

60 seconds

CDP holdtime (before discarding)

180 seconds

CDP Version-2advertisements

Enabled

About the Error-DisabledState

An interface is in the error-disabled(err-disabled)state when the inteface is enabled administratively (using theno shutdown command) but disabled at runtime by any process. For example, if UDLD detects a unidirectional link, the interface is shut down at runtime. However, because the interface is administratively enabled, the interface status displays aserr-disabled.Once an interface goes into theerr-disabledstate, youmustmanuallyreenableitoryoucanconfigureanautomatictimeoutrecoveryvalue.Theerr-disableddetectionis enabled by default for all causes. The automatic recovery is not configured by default.

When an interface is in the err-disabledstate, use theerrdisable detect cause command to find information about the error.

Youcanconfiguretheautomaticerr-disabledrecoverytimeoutforaparticularerr-disabledcausebychangingthe time variable.

The errdisable recovery cause command provides automatic recovery after 300 seconds. To change the recoveryperiod,usetheerrdisablerecoveryinterval commandtospecifythetimeoutperiod.Youcanspecify 30 to 65535 seconds.

If you do not enable the err-disabledrecovery for the cause, the interface stays in theerr-disabledstate until you enter theshutdown andno shutdown commands. If the recovery is enabled for a cause, the interface is brought out of theerr-disabledstate and allowed to retry operation once all the causes have timed out. Use theshow interface status err-disabled command to display the reason behind the error.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

7

Configuring Layer 2 Interfaces

About Port Profiles

About Port Profiles

You can create a port profile that contains many interface commands and apply that port profile to a range of interfaces on the Cisco Nexus device. Port profiles can be applied to the following interface types:

Ethernet

VLAN network interface

Port channel

A command that is included in a port profile can be configured outside of the port profile. If the new configuration in the port profile conflicts with the configurations that exist outside the port profile, the commandsconfiguredforaninterfaceinconfigurationterminalmodehavehigherprioritythanthecommands in the port profile. If changes are made to the interface configuration after a port profile is attached to it, and theconfigurationconflictswiththatintheportprofile,theconfigurationsintheinterfacewillbegivenpriority.

You inherit the port profile when you attach the port profile to an interface or range of interfaces, When you attach, or inherit, a port profile to an interface or range of interfaces, the switch applies all the commands in that port profile to the interfaces.

You can have one port profile inherit the settings from another port profile. Inheriting another port profile allows the initial port profile to assume all of the commands of the second, inherited, port profile that do not conflict with the initial port profile. Four levels of inheritance are supported. The same port profile can be inherited by any number of port profiles.

To apply the port profile configurations to the interfaces, you must enable the specific port profile. You can configureandinheritaportprofileontoarangeofinterfacespriortoenablingtheportprofile;youthenenable that port profile for the configurations to take effect on the specified interfaces.

When you remove a port profile from a range of interfaces, the switch undoes the configuration from the interfacesfirstandthenremovestheportprofilelinkitself.Whenyouremoveaportprofile,theswitchchecks the interface configuration and either skips the port profile commands that have been overridden by directly entered interface commands or returns the command to the default value.

Ifyouwanttodeleteaportprofilethathasbeeninheritedbyotherportprofiles,youmustremovetheinheritance before you can delete the port profile.

Youcanchooseasubsetofinterfacesfromwhichtoremoveaportprofilefromamongthatgroupofinterfaces that you originally applied the profile. For example, if you configured a port profile and configured ten interfaces to inherit that port profile, you can remove the port profile from just some of the specified ten interfaces. The port profile continues to operate on the remaining interfaces to which it is applied.

Ifyoudeleteaspecificconfigurationforaspecifiedrangeofinterfacesusingtheinterfaceconfigurationmode, that configuration is also deleted from the port profile for that range of interfaces only. For example, if you have a channel group inside a port profile and you are in the interface configuration mode and you delete that port channel, the specified port channel is also deleted from the port profile as well.

After you inherit a port profile on an interface or range of interfaces and you delete a specific configuration value, that port profile configuration will not operate on the specified interfaces.

If you attempt to apply a port profile to the wrong type of interface, the switch returns an error.

When you attempt to enable, inherit, or modify a port profile, the switch creates a checkpoint. If the port profile configuration fails, the switch rolls back to the prior configuration and returns an error. A port profile is never only partially applied.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

8

78-26881-OL

Configuring Layer 2 Interfaces

About the Debounce Timer Parameters

Guidelines and Limitations for Port Profiles

Port profiles have the following configuration guidelines and limitations:

Each port profile must have a unique name across interface types and the network.

Commands that you enter under the interface mode take precedence over the port profile’s commands if there is a conflict. However, the port profile retains that command in the port profile.

The port profile’s commands take precedence over the default commands on the interface, unless the default command explicitly overrides the port profile command.

After you inherit a port profile onto an interface or range of interfaces, you can override individual configuration values by entering the new value at the interface configuration level. If you remove the individual configuration values at the interface configuration level, the interface uses the values in the port profile again.

There are no default configurations associated with a port profile.

A subset of commands are available under the port profile configuration mode, depending on which interface type that you specify.

You cannot use port profiles with Session Manager.

About the Debounce Timer Parameters

The port debounce time is the amount of time that an interface waits to notify the supervisor of a link going down. During this time, the interface waits to see if the link comes back up. The wait period is a time when traffic is stopped.

You can enable the debounce timer for each interface and specify the delay time in milliseconds.

Caution When you enable the port debounce timer the link up and link down detections are delayed, resulting in alossoftrafficduringthedebounceperiod.Thissituationmightaffecttheconvergenceandreconvergence of some protocols.

About MTU Configuration

The Cisco Nexus device switch does not fragment frames. As a result, the switch cannot have two ports in thesameLayer2domainwithdifferentmaximumtransmissionunits(MTUs).Aper-physicalEthernetinterfaceMTUisnotsupported. Instead,theMTUissetaccordingtotheQoSclasses. YoumodifytheMTUbysetting class and policy maps.

Note Whenyoushowtheinterfacesettings,adefaultMTUof1500isdisplayedforphysicalEthernetinterfaces and a receive data field size of 2112 is displayed for Fibre Channel interfaces.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

9

Configuring Layer 2 Interfaces

Configuring Ethernet Interfaces

Configuring Ethernet Interfaces

The section includes the following topics:

Configuring a Layer 3 Interface on a Cisco Nexus 5500 Platform Switch

On Cisco Nexus devices, you can configure a Layer 3 interface.

You can change a Layer 3 interface into a Layer 2 interface by using the switchport command. You can change a Layer 2 interface into a Layer 3 interface by using theno switchport command.

Note

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface ethernetslot/port

Entersconfigurationmodeforthespecified

 

 

interface.

Step 3

switch(config-if)#no switchport

Selects the Layer 3 interface.

Step 4

switch(config-if)#no shutdown

Restarts the interface.

This example shows how to configure a Layer 3 interface:

switch# configure terminalswitch(config)# interface ethernet 1/2switch(config-if)# no switchportswitch(config-if)# no shutdown

Configuring Unified Ports

Before You Begin

Confirm that you have a supported Cisco Nexus switch. Unified Ports are available on the following Cisco Nexus switches:

Cisco Nexus 5596T

Cisco Nexus 5548UP

Cisco Nexus 5596UP

Cisco Nexus 5548P switch with an installed Cisco N55-M16UPexpansion module

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

10

78-26881-OL

Configuring Layer 2 Interfaces

Configuring Unified Ports

Ifyou'reconfiguringaunifiedportasFibreChannelorFCoE,confirmthatyouhaveenabledthe feature fcoe command.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config) # slot slot number

Identifies the slot on the switch.

Step 3

switch(config-slot)#port port

ConfiguresaunifiedportasanativeFibreChannelport

 

number type{ethernet| fc}

and an Ethernet port.

 

 

type—Specifiesthe type of port to configure on

 

 

 

a slot in a chassis.

 

 

ethernet—Specifiesan Ethernet port.

 

 

fc—Specifiesa Fibre Channel (FC) port.

 

 

Note

Changingunifiedportsonanexpansionmodule

 

 

 

(GEM)requiresthatyoupowercycletheGEM

 

 

 

card. You do not have to reboot the entire

 

 

 

switch for changes to take effect.

Step 4

switch(config-slot)#copy

Copies the running configuration to the startup

 

running-configstartup-config

configuration.

Step 5

switch(config-slot)#reload

Reboots the switch.

Step 6

switch(config)#noport portnumber

Removes the unified port.

 

type fc

 

 

ThisexampleshowshowtoconfigureaunifiedportonaCiscoNexus5548UPswitchorCiscoNexus5596UP

switch:

switch# configure terminalswitch(config)# slot 1switch(config-slot)# port 32 type fc

switch(config-slot)#copy running-config startup-config switch(config-slot)#reload

This example shows how to configure 20 ports as Ethernet ports and 12 as FC ports:

switch# configure terminal switch(config)#slot 1 switch(config-slot)#port 21-32 type fc

switch(config-slot)#copy running-config startup-config switch(config-slot)#reload

This example shows how to configure a unified port on a Cisco N55-M16UPexpansion module:

switch# configure terminalswitch(config)# slot 2switch(config-slot)# port 16 type fc

switch(config-slot)#copy running-config startup-config switch(config-slot)#poweroff module 2 switch(config-slot)#no poweroff module 2

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

11

Configuring Layer 2 Interfaces

Configuring the UDLD Mode

Configuring the UDLD Mode

You can configure normal or aggressive unidirectional link detection (UDLD) modes for Ethernet interfaces on devices configured to run UDLD. Before you can enable a UDLD mode for an interface, you must make sure that UDLD is already enabled on the device that includes the interface. UDLD must also be enabled on the other linked interface and its device.

TousethenormalUDLDmode,youmustconfigureoneoftheportsfornormalmodeandconfiguretheother port for the normal or aggressive mode. To use the aggressive UDLD mode, you must configure both ports for the aggressive mode.

Note Before you begin, UDLD must be enabled for the other linked port and its device.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# feature udld

Enables UDLD for the device.

Step 3

switch(config)# no feature udld

Disables UDLD for the device.

Step 4

switch(config)# show udld global

Displays the UDLD status for the device.

Step 5

switch(config)# interface type slot/port

Specifies an interface to configure, and enters

 

 

interface configuration mode.

Step 6

switch(config-if)#udld {enable |disable

Enables the normal UDLD mode, disables

 

| aggressive}

UDLD,orenablestheaggressiveUDLDmode.

Step 7

switch(config-if)#show udld interface

Displays the UDLD status for the interface.

This example shows how to enable the UDLD for the switch:

switch# configure terminalswitch(config)# feature udld

This example shows how to enable the normal UDLD mode for an Ethernet port:

switch# configure terminalswitch(config)# interface ethernet 1/4switch(config-if)# udld enable

This example shows how to enable the aggressive UDLD mode for an Ethernet port:

switch# configure terminalswitch(config)# interface ethernet 1/4switch(config-if)# udld aggressive

This example shows how to disable UDLD for an Ethernet port:

switch# configure terminal

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

12

78-26881-OL

Configuring Layer 2 Interfaces

Configuring Interface Speed

switch(config)# interface ethernet 1/4switch(config-if)# udld disable

This example shows how to disable UDLD for the switch:

switch# configure terminalswitch(config)# no feature udld

Configuring Interface Speed

The first 32 ports of a Cisco Nexus 5596T switch are switchable 1-Gigabitand10-Gigabitports. You can also configure them toauto-negotiateto either1-Gigabitor10-Gigabit.The last ports33-48are SFP+ ports and do not support auto negotiation.

Note Iftheinterfaceandtransceiverspeedismismatched,theSFPvalidationfailedmessageisdisplayedwhen you enter theshow interface ethernet slot/port command. For example, if you insert a1-GigabitSFP transceiver into a port without configuring the speed 1000 command, you will get this error. By default, all ports are 10 Gigabits.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# interface

Enters interface configuration mode for the specified interface.

 

type slot/port

This interface must have a 1-GigabitEthernet SFP transceiver

 

 

inserted into it.

Step 3 switch(config-if)#speed speed

Sets the speed for a physical Ethernet interface.

For Cisco Nexus 5500 series switches, the speed argument can be set to one of the following:

1000—1Gbps

10000—10Gbps

auto

Note 100 Mbps is not a supported speed for the Cisco Nexus 5596 switch orCU-96GEM card.

For the Cisco Nexus 5596T switch, the base board ports support 1 Gbps and 10 Gbps. On the 10GBase-Tports you can also choose auto.

The following example shows how to set the speed for a 1-GigabitEthernet port:

switch# configure terminalswitch(config)# interface ethernet 1/4switch(config-if)# speed 1000

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

13

Configuring Layer 2 Interfaces

Disabling Link Negotiation

Disabling Link Negotiation

Youcandisablelinknegotiationusingthenonegotiateauto command.Bydefault,auto-negotiationisenabledon1-Gigabitports and disabled on10-Gigabitports.

This command is equivalent to the Cisco IOS speed non-negotiate command.

Note We do not recommend that you enable auto negotiation on10-Gigabitports. Enablingauto-negotiationon10-Gigabitports brings the link down. By default, link negotiation is disabled on10-Gigabitports.

Procedure

 

Command or Action

Purpose

 

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface ethernet

Selects the interface and enters interface mode.

 

slot/port

 

 

Step 3

switch(config-if)#nonegotiateauto

Disables link negotiation on the selected Ethernet

 

 

interface (1-Gigabitport).

Step 4

switch(config-if)#negotiate auto

(Optional)

 

 

Enables link negotiation on the selected Ethernet

 

 

interface. The default for 1-Gigabitports is enabled.

 

 

Note

Thiscommandisnotapplicablefor10GBase-T

 

 

 

ports.Itshouldnotbeusedon10GBase-Tports.

This example shows how to disable auto negotiation on a specified Ethernet interface (1-Gigabit port): switch# configure terminal

switch(config)# interface ethernet 1/1switch(config-if)# no negotiate autoswitch(config-if)#

This example shows how to enable auto negotiation on a specified Ethernet interface (1-Gigabit port): switch# configure terminal

switch(config)# interface ethernet 1/5switch(config-if)# negotiate autoswitch(config-if)#

Configuring the CDP Characteristics

You can configure the frequency of Cisco Discovery Protocol (CDP) updates, the amount of time to hold the information before discarding it, and whether or not to send Version-2advertisements.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

14

78-26881-OL

Configuring Layer 2 Interfaces

Enabling or Disabling CDP

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# [no]cdp

(Optional)

 

advertise {v1| v2}

Configures the version to use to send CDP advertisements.

 

 

Version-2is the default state.

 

 

Use the no form of the command to return to its default

 

 

setting.

Step 3

switch(config)# [no]cdp format

(Optional)

 

device-id{mac-address|

Configures the format of the CDP device ID. The default is

 

serial-number| system-name}

the system name, which can be expressed as a fully qualified

 

 

domain name.

 

 

Use the no form of the command to return to its default

 

 

setting.

Step 4

switch(config)# [no]cdp

(Optional)

 

holdtime seconds

Specifies the amount of time a receiving device should hold

 

 

the information sent by your device before discarding it. The

 

 

range is 10 to 255 seconds; the default is 180 seconds.

 

 

Use the no form of the command to return to its default

 

 

setting.

Step 5

switch(config)# [no]cdp timer

(Optional)

 

seconds

Sets the transmission frequency of CDP updates in seconds.

 

 

The range is 5 to 254; the default is 60 seconds.

 

 

Use the no form of the command to return to its default

 

 

setting.

This example shows how to configure CDP characteristics:

switch# configure terminalswitch(config)# cdp timer 50switch(config)# cdp holdtime 120switch(config)# cdp advertise v2

Enabling or Disabling CDP

You can enable or disable CDP for Ethernet interfaces. This protocol works only when you have it enabled on both interfaces on the same link.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

15

Configuring Layer 2 Interfaces

Enabling the Error-DisabledDetection

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)#interface type slot/port

Entersinterfaceconfigurationmodeforthespecified

 

 

interface.

Step 3

switch(config-if)#cdp enable

Enables CDP for the interface.

 

 

To work correctly, this parameter must be enabled

 

 

for both interfaces on the same link.

Step 4

switch(config-if)#no cdp enable

Disables CDP for the interface.

This example shows how to enable CDP for an Ethernet port:

switch# configure terminalswitch(config)# interface ethernet 1/4switch(config-if)# cdp enable

This command can only be applied to a physical Ethernet interface.

Enabling the Error-DisabledDetection

You can enable error-disable(err-disabled)detection in an application. As a result, when a cause is detected on an interface, the interface is placed in anerr-disabledstate, which is an operational state that is similar to thelink-downstate.

Procedure

 

Command or Action

Purpose

Step 1

config t

Enters configuration mode.

 

Example:

 

 

switch# config t

 

 

switch(config)#

 

Step 2

errdisable detect cause {all | link-flap |

Specifies a condition under which to place the

 

loopback}

interface in an err-disabledstate. The default is

 

 

enabled.

 

Example:

 

 

switch(config)# errdisable detect cause

 

 

all

 

 

switch(config)#

 

Step 3

shutdown

Example:

switch(config)# shutdown switch(config)#

Brings the interface down administratively. To manually recover the interface from the err-disabledstate, enter this command first.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

16

78-26881-OL

Configuring Layer 2 Interfaces

Enabling the Error-DisabledRecovery

 

Command or Action

Step 4

no shutdown

Example:

switch(config)# no shutdown switch(config)#

Purpose

Brings the interface up administratively and enables the interface to recover manually from the err-disabledstate.

Step 5

show interface status err-disabled

Displays information about err-disabled

 

 

interfaces.

 

Example:

 

 

switch(config)# show interface status

 

 

err-disabled

 

Step 6

copy running-configstartup-config

(Optional) Copies the running configuration to

 

 

the startup configuration.

 

Example:

 

 

switch(config)# copy running-config

 

 

startup-config

 

This example shows how to enable the err-disableddetection in all cases:

switch(config)#errdisable detect cause allswitch(config)#

Enabling the Error-DisabledRecovery

You can specify the application to bring the interface out of the error-disabled(err-disabled)state and retry coming up. It retries after 300 seconds, unless you configure the recovery timer (see theerrdisable recovery interval command).

Procedure

 

Command or Action

Purpose

Step 1

config t

Enters configuration mode.

 

Example:

 

 

switch#config t

 

 

switch(config)#

 

Step 2 errdisable recovery cause{all | udld | bpduguard | link-flap | failed-port-state | pause-rate-limit}

Example:

switch(config)#errdisable recovery cause all

switch(config-if)#

Specifiesaconditionunderwhichtheinterface automatically recovers from the err-disabledstate, and the device retries bringing the interface up. The device waits 300 seconds to retry. The default is disabled.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

17

Configuring Layer 2 Interfaces

Configuring the Error-DisabledRecovery Interval

 

Command or Action

Purpose

Step 3

show interface status err-disabled

Displays information about err-disabled

 

 

interfaces.

 

Example:

 

 

switch(config)#show interface status

 

 

err-disabled

 

Step 4

copy running-configstartup-config

(Optional)Copiestherunningconfigurationto

 

 

the startup configuration.

 

Example:

 

 

switch(config)#copy running-config

 

 

startup-config

 

This example shows how to enable err-disabledrecovery under all conditions:

switch(config)#errdisable recovery cause allswitch(config)#

Configuring the Error-DisabledRecovery Interval

You can use this procedure to configure the err-disabledrecovery timer value. The range is from 30 to 65535 seconds. The default is 300 seconds.

Procedure

 

Command or Action

Purpose

Step 1

config t

Enters configuration mode.

 

Example:

 

 

switch#config t

 

 

switch(config)#

 

Step 2

errdisable recovery interval interval

Example:

switch(config)#errdisable recovery interval 32

switch(config-if)#

Specifies the interval for the interface to recoverfromtheerr-disabledstate.Therange is from 30 to 65535 seconds. The default is 300 seconds.

Step 3

show interface status err-disabled

Displays information about err-disabled

 

 

interfaces.

 

Example:

 

 

switch(config)#show interface status

 

 

err-disabled

 

Step 4

copy running-configstartup-config

(Optional) Copies the running configuration

 

 

to the startup configuration.

 

Example:

 

 

switch(config)#copyrunning-config

 

 

startup-config

 

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

18

78-26881-OL

Configuring Layer 2 Interfaces

Port Profiles

This example shows how to enable err-disabledrecovery under all conditions:

switch(config)#errdisable recovery cause allswitch(config)#

Port Profiles

Creating a Port Profile

You can create a port profile on the switch. Each port profile must have a unique name across interface types and the network.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

port-profile[type{ethernet| interface-vlan|

Creates and names a port profile for the

 

port channel}] name

specified type of interface and enters the

 

 

port profile configuration mode.

 

Example:

 

 

switch(config)# port-profiletype ethernet

 

 

test

 

 

switch(config-port-prof)#

 

Step 3

exit

Exits port profile configuration mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 4

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 5

copy running-configstartup-config

Example:

switch(config)# copy running-configstartup-config

(Optional)

Copies the running configuration to the startup configuration.

This example shows how to create a port profile named test for Ethernet interfaces:

switch# configure terminal

switch(config)# port-profiletype ethernet testswitch(config-port-prof)#

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

19

Configuring Layer 2 Interfaces

Port Profiles

ThisexampleshowshowtoaddtheinterfacecommandstoaportprofilenamedppEthconfiguredforEthernet interfaces:

switch# configure terminal switch(config)# port-profileppEth

switch(config-port-prof)#switchport mode trunkswitch(config-port-prof)#switchport trunk allowed vlan300-400switch(config-port-prof)#flowcontrol receive onswitch(config-port-prof)#speed 10000switch(config-port-prof)#

Modifying a Port Profile

You can modify a port profile in port-profileconfiguration mode.

You can remove commands from a port profile using the no form of the command. When you remove a command from the port profile, the corresponding command is removed from the interface that is attached to the port profile.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

port-profile[type{ethernet| interface-vlan|

 

port channel}] name

Example:

switch(config)# port-profiletype ethernet test

switch(config-port-prof)#

Enters the port profile configuration mode for the specified port profile and allows you to add or remove configurations to the profile.

Step 3

exit

Exits the port profile configuration mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 4

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 5

copy running-configstartup-config

Example:

switch(config)# copy running-configstartup-config

(Optional)

Copies the running configuration to the startup configuration.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

20

78-26881-OL

Configuring Layer 2 Interfaces

Port Profiles

ThisexampleshowshowtoremovecommandsfromtheportprofilenamedppEthconfiguredforanEthernet interface:

switch# configure terminal switch(config)# port-profileppEth

switch(config-port-prof)#switchport mode trunkswitch(config-port-prof)#switchport trunk allowed vlan300-400switch(config-port-prof)#flowcontrol receive onswitch(config-port-prof)#no speed 10000switch(config-port-prof)#

Enabling a Specific Port Profile

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

port-profile[type{ethernet| interface-vlan| port

Enters the port profile configuration

 

channel}] name

mode for the specified port profile.

 

Example:

 

 

switch(config)# port-profiletype ethernet

 

 

test

 

 

switch(config-port-prof)#no shutdown

 

 

switch(config-port-prof)#

 

Step 3

state enabled name

Enables the port profile.

 

Example:

 

 

switch(config-port-prof)#state enabled

 

 

switch(config-port-prof)#

 

Step 4

exit

Exits the port profile configuration

 

 

mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 5

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 6

copy running-configstartup-config

(Optional)

 

 

Copiestherunningconfigurationtothe

 

Example:

startup configuration.

 

switch(config)# copy running-config

 

 

startup-config

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

21

Configuring Layer 2 Interfaces

Port Profiles

This example shows how to enter port profile configuration mode and enable the port profile:

switch# configure terminal

switch(config)# port-profiletype ethernet testswitch(config-port-prof)#state enabledswitch(config-port-prof)#

Inheriting a Port Profile

You can inherit a port profile onto an existing port profile. The switch supports four levels of inheritance.

Procedure

 

Command or Action

Step 1

configure terminal

Example:

switch# configure terminal switch(config)#

Step 2

port-profilename

Example:

switch(config)# port-profiletestswitch(config-port-prof)#

Step 3

inherit port-profilename

Example:

switch(config-port-prof)#inheritport-profileadamswitch(config-port-prof)#

Purpose

Enters configuration mode.

Entersportprofileconfigurationmodeforthe specified port profile.

Inheritsanotherportprofileontotheexisting one. The original port profile assumes all the configurations of the inherited port profile.

Step 4

exit

Exits the port profile configuration mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 5

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 6

copy running-configstartup-config

Example:

switch(config)# copy running-configstartup-config

(Optional)

Copies the running configuration to the startup configuration.

This example shows how to inherit the port profile named adam onto the port profile named test:

switch# configure terminal switch(config)# port-profiletest

switch(config-ppm)#inheritport-profileadamswitch(config-ppm)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

22

78-26881-OL

Configuring Layer 2 Interfaces

Port Profiles

ThisexampleshowshowtoaddtheinterfacecommandstoaportprofilenamedppEthconfiguredforEthernet interfaces:

switch# configure terminal switch(config)# port-profileppEth

switch(config-port-prof)#switchport mode trunkswitch(config-port-prof)#switchport trunk allowed vlan300-400switch(config-port-prof)#flowcontrol receive onswitch(config-port-prof)#speed 10000switch(config-port-prof)#

This example shows how to inherit a port profile named ppEth configured for Ethernet interfaces into an

existing port profile named test:

switch# configure terminal switch(config)# port-profiletest

switch(config-port-prof)#inheritport-profileppEthswitch(config-port-prof)#

This example shows how to assign a port profile named ppEth configured for Ethernet interfaces to a range

of Ethernet interfaces:

switch# configure terminal switch(config)# interface ethernet 1/2-5

switch(config-if)#inheritport-profileppEthswitch(config-if)#

ThisexampleshowshowtoremoveaninheritedportprofilenamedppEthfromanexistingportprofilenamed

test:

switch# configure terminal switch(config)# port-profiletest

switch(config-port-prof)#no inheritport-profileppEthswitch(config-port-prof)#

Removing an Inherited Port Profile

You can remove an inherited port profile.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

port-profilename

Entersportprofileconfigurationmodefor

 

 

the specified port profile.

 

Example:

 

 

switch(config)# port-profiletest

 

switch(config-port-prof)#

 

Step 3

no inherit port-profilename

Removes an inherited port profile from

 

 

this port profile.

 

Example:

no inherit

 

switch(config-port-prof)#

 

port-profileadam

 

 

switch(config-port-prof)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

23

Configuring Layer 2 Interfaces

Port Profiles

 

Command or Action

Purpose

Step 4

exit

Exits the port profile configuration mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 5

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 6

copy running-configstartup-config

Example:

switch(config)# copy running-configstartup-config

(Optional)

Copies the running configuration to the startup configuration.

This example shows how to remove the inherited port profile named adam from the port profile named test:

switch# configure terminal switch(config)# port-profiletest

switch(config-ppm)#no inheritport-profileadamswitch(config-ppm)#

Assigning a Port Profile to a Range of Interfaces

You can assign a port profile to an interface or to a range of interfaces. All of the interfaces must be the same type.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

interface [ethernetslot/port |interface-vlanvlan-id

Selects the range of interfaces.

 

| port-channelnumber]

 

 

Example:

 

 

switch(config)# interface ethernet 7/3-5,

 

 

10/2, 11/20-25

 

 

switch(config-if)#

 

Step 3

inherit port-profilename

Assignsthespecifiedportprofiletothe

 

 

selected interfaces.

Example:

switch(config-if)#inheritport-profileadamswitch(config-if)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

24

78-26881-OL

Configuring Layer 2 Interfaces

Port Profiles

 

Command or Action

Purpose

Step 4

exit

Exits port profile configuration mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 5

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 6

copy running-configstartup-config

(Optional)

 

 

Copiestherunningconfigurationtothe

 

Example:

startup configuration.

 

switch(config)# copy running-config

 

 

startup-config

 

This example shows how to assign the port profile named adam to Ethernet interfaces 2/3 to 2/5, 3/2, and 1/20 to 1/25:

switch# configure terminal

switch(config)# interface ethernet 2/3 to 2/5, 3/2, and 1/20 to 1/25 switch(config-if)#inheritport-profileadam

switch(config-if)#

Removing a Port Profile from a Range of Interfaces

You can remove a port profile from some or all of the interfaces to which you have applied the profile.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

interface [ethernetslot/port |interface-vlanvlan-id

Selects the range of interfaces.

 

| port-channelnumber]

 

 

Example:

 

 

switch(config)# interface ethernet 7/3-5,

 

 

10/2, 11/20-25

 

 

switch(config-if)#

 

Step 3

no inherit port-profilename

Removesthespecifiedportprofilefrom

 

 

the selected interfaces.

 

Example:

 

 

switch(config-if)#no inheritport-profile

 

 

adam

 

 

switch(config-if)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

25

Configuring Layer 2 Interfaces

Port Profiles

 

Command or Action

Purpose

Step 4

exit

Exits port profile configuration mode.

 

Example:

 

 

switch(config-port-prof)#exit

 

 

switch(config)#

 

Step 5

show port-profile

(Optional)

 

 

Displays the port profile configuration.

 

Example:

 

 

switch(config)# show port-profilename

 

Step 6

copy running-configstartup-config

Example:

switch(config)# copy running-configstartup-config

(Optional)

Copies the running configuration to the startup configuration.

This example shows how tos remove the port profile named adam from Ethernet interfaces 1/3-5:

switch# configure terminal switch(config)# interface ethernet 1/3-5

switch(config-if)#no inheritport-profileadamswitch(config-if)#

Configuration Examples for Port Profiles

Thefollowingexampleshowshowtoconfigureaportprofile,inherittheportprofileonanEthernetinterface, and enabling the port profile.

switch(config)#

switch(config)# show running-configinterface Ethernet1/14

!Command: show running-configinterface Ethernet1/14 !Time: Thu Aug 26 07:01:32 2010

version 5.0(2)N1(1)

interface Ethernet1/14

switch(config)# port-profiletype ethernet alphaswitch(config-port-prof)#switchport mode trunkswitch(config-port-prof)#switchport trunk allowed vlan10-15switch(config-port-prof)#

switch(config-port-prof)#showrunning-configport-profilealpha

!Command: show running-configport-profilealpha !Time: Thu Aug 26 07:02:29 2010

version 5.0(2)N1(1) port-profiletype ethernet alpha

switchport mode trunk

switchport trunk allowed vlan 10-15

switch(config-port-prof)#int eth 1/14switch(config-if)#inheritport-profilealphaswitch(config-if)#

switch(config-if)#port-profiletype ethernet alphaswitch(config-port-prof)#state enabledswitch(config-port-prof)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

26

78-26881-OL

Configuring Layer 2 Interfaces

Configuring the Debounce Timer

switch(config-port-prof)#shrunning-configinterface ethernet 1/14

!Command: show running-configinterface Ethernet1/14 !Time: Thu Aug 26 07:03:17 2010

version 5.0(2)N1(1)

interface Ethernet1/14 inherit port-profilealpha

switch(config-port-prof)#shrunning-configinterface ethernet 1/14expand-port-profile

!Command: show running-configinterface Ethernet1/14expand-port-profile!Time: Thu Aug 26 07:03:21 2010

version 5.0(2)N1(1)

interface Ethernet1/14 switchport mode trunk

switchport trunk allowed vlan 10-15

switch(config-port-prof)#

Configuring the Debounce Timer

You can enable the debounce timer for Ethernet ports by specifying a debounce time (in milliseconds) or disable the timer by specifying a debounce time of 0.

YoucanshowthedebouncetimesforalloftheEthernetportsbyusingtheshowinterfacedebounce command.

To enable or disable the debounce timer, perform this task:

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)#interface type slot/port

Entersinterfaceconfigurationmodeforthespecified

 

 

interface.

Step 3

switch(config-if)#link debounce time

Enables the debounce timer for the amount of time

 

milliseconds

(1 to 5000 milliseconds) specified.

 

 

Disables the debounce timer if you specify 0

 

 

milliseconds.

This example shows how to enable the debounce timer and set the debounce time to 1000 milliseconds for an Ethernet interface:

switch# configure terminal switch(config)#interface ethernet 1/4 switch(config-if)#link debounce time 1000

This example shows how to disable the debounce timer for an Ethernet interface:

switch# configure terminal switch(config)#interface ethernet 1/4 switch(config-if)#link debounce time 0

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

27

Configuring Layer 2 Interfaces

Configuring the Description Parameter

Configuring the Description Parameter

You can provide textual interface descriptions for the Ethernet ports.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface type slot/port

Enters interface configuration mode for the

 

 

specified interface.

Step 3

switch(config-if)#description test

Specifies the description for the interface.

This example shows how to set the interface description to Server 3 Interface:

switch# configure terminalswitch(config)# interface ethernet 1/3

switch(config-if)# description Server 3 Interface

Disabling and Restarting Ethernet Interfaces

You can shut down and restart an Ethernet interface. This action disables all of the interface functions and marks the interface as being down on all monitoring displays. This information is communicated to other network servers through all dynamic routing protocols. When shut down, the interface is not included in any routing updates.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface type slot/port

Enters interface configuration mode for the

 

 

specified interface.

Step 3

switch(config-if)#shutdown

Disables the interface.

Step 4

switch(config-if)#no shutdown

Restarts the interface.

This example shows how to disable an Ethernet port:

switch# configure terminalswitch(config)# interface ethernet 1/4switch(config-if)# shutdown

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

28

78-26881-OL

Configuring Layer 2 Interfaces

Displaying Interface Information

This example shows how to restart an Ethernet interface:

switch# configure terminalswitch(config)# interface ethernet 1/4switch(config-if)# no shutdown

Displaying Interface Information

To view configuration information about the defined interfaces, perform one of these tasks:

Command

Purpose

switch# show interfacetype slot/port

Displays the detailed configuration of the specified

 

interface.

switch# show interfacetype slot/port capabilities

Displays detailed information about the capabilities

 

ofthespecifiedinterface.Thisoptionisonlyavailable

 

for physical interfaces

switch# show interfacetype slot/port transceiver

Displays detailed information about the transceiver

 

connected to the specified interface. This option is

 

only available for physical interfaces.

switch# show interface brief

Displays the status of all interfaces.

switch# show interface debounce

Displays the debounce status of all interfaces.

switch# show interface flowcontrol

Displays the detailed listing of the flow control

 

settings on all interfaces.

show port--profile

Displays information about the port profiles.

Theshowinterface commandisinvokedfromEXECmodeanddisplaystheinterfaceconfigurations.Without any arguments, this command displays the information for all the configured interfaces in the switch.

This example shows how to display the physical Ethernet interface:

switch# show interface ethernet 1/1

Ethernet1/1 is up

Hardware is 1000/10000 Ethernet, address is 000d.eca3.5f08 (bia 000d.eca3.5f08) MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,

reliability 255/255, txload 190/255, rxload 192/255 Encapsulation ARPA

Port mode is trunk

full-duplex,10 Gb/s, media type is 1/10g

Input flow-controlis off, outputflow-controlis offAuto-mdixis turned on

Rate mode is dedicated Switchport monitor is off

Last clearing of "show interface" counters never

5 minute input rate 942201806 bytes/sec, 14721892 packets/sec

5 minute output rate 935840313 bytes/sec, 14622492 packets/sec Rx

129141483840 input packets 0 unicast packets 129141483847 multicast packets 0 broadcast packets 0 jumbo packets 0 storm suppression packets 8265054965824 bytes

0 No buffer 0 runt 0 Overrun

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

29

Configuring Layer 2 Interfaces

Displaying Interface Information

 

0

crc 0 Ignored 0 Bad etype drop

 

Tx

0

Bad proto drop

 

 

 

119038487241

output packets 119038487245 multicast packets

0

broadcast packets

0 jumbo packets

 

7618463256471 bytes

 

 

 

 

0

output CRC

0 ecc

 

0

output error 0 collision 0 deferred

 

0

underrun 0

if down drop

 

0

late collision 0

lost carrier

0 no carrier

0babble

0Rx pause 8031547972 Tx pause 0 reset

This example shows how to display the physical Ethernet capabilities:

switch# show interface ethernet 1/1 capabilities

Ethernet1/1

734510033

Model:

Type:

10Gbase-(unknown)

Speed:

1000,10000

Duplex:

full

Trunk encap. type:

802.1Q

Channel:

yes

Broadcast suppression:

percentage(0-100)

Flowcontrol:

rx-(off/on),tx-(off/on)

Rate mode:

none

QOS scheduling:

rx-(6q1t),tx-(1p6q0t)

CoS rewrite:

no

ToS rewrite:

no

SPAN:

yes

UDLD:

yes

Link Debounce:

yes

Link Debounce Time:

yes

MDIX:

no

FEX Fabric:

yes

This example shows how to display the physical Ethernet transceiver:

switch# show interface ethernet 1/1 transceiver

Ethernet1/1

sfp is present

name is CISCO-EXCELIGHTpart number isSPP5101SR-C1revision is A

serial number is ECL120901AV nominal bitrate is 10300 MBits/sec

Link length supported for 50/125mm fiber is 82 m(s) Link length supported for 62.5/125mm fiber is 26 m(s) cisco id is --

cisco extended id number is 4

Thisexampleshowshowtodisplayabriefinterfacestatus(someoftheoutputhasbeenremovedforbrevity):

switch# show interface brief

--------------------------------------------------------------------------------

Ethernet

VLAN Type Mode Status Reason

Speed

Port

Interface

 

 

Ch #

--------------------------------------------------------------------------------

Eth1/1

200

eth

trunk

up

none

10G(D) --

Eth1/2

1

eth

trunk

up

none

10G(D) --

Eth1/3

300

eth

access

down

SFP not inserted

10G(D) --

Eth1/4

300

eth

access

down

SFP not inserted

10G(D) --

Eth1/5

300

eth

access

down

Link not connected

1000(D) --

Eth1/6

20

eth

access

down

Link not connected

10G(D) --

Eth1/7

300

eth

access down

SFP not inserted

10G(D) --

...

 

 

 

 

 

 

Thisexampleshowshowtodisplaythelinkdebouncestatus(someoftheoutputhasbeenremovedforbrevity):

switch# show interface debounce

--------------------------------------------------------------------------------

Port Debounce time Value(ms)

--------------------------------------------------------------------------------

...

Eth1/1

enable

100

Eth1/2

enable

100

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

30

78-26881-OL

Configuring Layer 2 Interfaces

Default Physical Ethernet Settings

Eth1/3

enable

100

...

 

 

This example shows how to display the CDP neighbors:

Note The default device ID field for CDP advertisement is the hostname and serial number, as in the example above.

switch# show cdp neighbors

Trans-Bridge,B -

Source-Route-Bridge

Capability Codes: R

- Router, T -

S

-

Switch, H -

Host, I - IGMP, r

- Repeater,

V

-

VoIP-Phone,

D - Remotely-Managed-Device,

Device ID

s - Supports-STP-Dispute

Capability

Platform

Port ID

Local Intrfce

Hldtme

d13-dist-1

mgmt0

148

S I

WS-C2960-24TCFas0/9

n5k(FLC12080012)

Eth1/5

8

S I s

N5K-C5020P-BA

Eth1/5

Default Physical Ethernet Settings

The following table lists the default settings for all physical Ethernet interfaces:

Parameter

Default Setting

Debounce

Enable, 100 milliseconds

Duplex

Auto (full-duplex)

Encapsulation

ARPA

MTU1

1500 bytes

Port Mode

Access

Speed

Auto (10000)

1 MTU cannot be changedper-physicalEthernet interface. You modify MTU by selecting maps of QoS classes.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

31

Configuring Layer 2 Interfaces

Default Physical Ethernet Settings

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

32

78-26881-OL

C H A P T E R 3

Configuring Layer 3 Interfaces

This chapter contains the following sections:

Information About Layer 3 Interfaces, page 33

Licensing Requirements for Layer 3 Interfaces, page 36

Guidelines and Limitations for Layer 3 Interfaces, page 36

Default Settings for Layer 3 Interfaces, page 36

Configuring Layer 3 Interfaces, page 36

Verifying the Layer 3 Interfaces Configuration, page 41

Monitoring Layer 3 Interfaces, page 42

Configuration Examples for Layer 3 Interfaces, page 43

Related Documents for Layer 3 Interfaces, page 44

MIBs for Layer 3 Interfaces, page 44

Standards for Layer 3 Interfaces, page 44

Information About Layer 3 Interfaces

Layer 3 interfaces forward packets to another device using static or dynamic routing protocols. You can use Layer 3 interfaces for IP routing and inter-VLANrouting of Layer 2 traffic.

Routed Interfaces

You can configure a port as a Layer 2 interface or a Layer 3 interface. A routed interface is a physical port that can route IP traffic to another device. A routed interface is a Layer 3 interface only and does not support Layer 2 protocols, such as the Spanning Tree Protocol (STP).

AllEthernetportsareswitchedinterfacesbydefault. YoucanchangethisdefaultbehaviorwiththeCLIsetup script or through the system default switchport command.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

33

Configuring Layer 3 Interfaces

Subinterfaces

You can assign an IP address to the port, enable routing, and assign routing protocol characteristics to this routed interface.

You can assign a static MAC address to a Layer 3 interface. For information on configuring MAC addresses, see the Layer 2 Switching Configuration Guide for your device.

You can also create a Layer 3 port channel from routed interfaces.

Routed interfaces and subinterfaces support exponentially decayed rate counters. Cisco NX-OStracks the following statistics with these averaging counters:

Input packets/sec

Output packets/sec

Input bytes/sec

Output bytes/sec

Subinterfaces

YoucancreatevirtualsubinterfacesonaparentinterfaceconfiguredasaLayer3interface. Aparentinterface can be a physical port or a port channel.

Subinterfaces divide the parent interface into two or more virtual interfaces on which you can assign unique Layer3parameterssuchasIPaddressesanddynamicroutingprotocols. TheIPaddressforeachsubinterface should be in a different subnet from any other subinterface on the parent interface.

You create a subinterface with a name that consists of the parent interface name (for example, Ethernet 2/1) followedbyaperiodandthenbyanumberthatisuniqueforthatsubinterface. Forexample,youcouldcreate a subinterface for Ethernet interface 2/1 named Ethernet 2/1.1 where .1 indicates the subinterface.

Cisco NX-OSenables subinterfaces when the parent interface is enabled. You can shut down a subinterface independent of shutting down the parent interface. If you shut down the parent interface, CiscoNX-OSshuts down all associated subinterfaces as well.

OneuseofsubinterfacesistoprovideuniqueLayer3interfacestoeachVLANthatissupportedbytheparent interface. In this scenario, the parent interface connects to a Layer 2 trunking port on another device. You configure a subinterface and associate the subinterface to a VLAN ID using 802.1Q trunking.

The following figure shows a trunking port from a switch that connects to router B on interface E 2/1. This interfacecontainsthreesubinterfacesthatareassociatedwitheachofthethreeVLANsthatarecarriedbythe trunking port.

Figure 2: Subinterfaces for VLANs

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

34

78-26881-OL

Configuring Layer 3 Interfaces

VLAN Interfaces

VLAN Interfaces

A VLAN interface or a switch virtual interface (SVI) is a virtual routed interface that connects a VLAN on the device to the Layer 3 router engine on the same device. Only one VLAN interface can be associated with a VLAN, but you need to configure a VLAN interface for a VLAN only when you want to route between VLANs or to provide IP host connectivity to the device through a virtual routing and forwarding (VRF) instance that is not the management VRF. When you enable VLAN interface creation, Cisco NX-OScreates a VLAN interface for the default VLAN (VLAN 1) to permit remote switch administration.

You must enable the VLAN network interface feature before you can configure it. The system automatically takes a checkpoint prior to disabling the feature, and you can roll back to this checkpoint. For information about rollbacks and checkpoints, see the System Management Configuration Guide for your device.

Note You cannot delete the VLAN interface for VLAN 1.

You can route across VLAN interfaces to provide Layer 3 inter-VLANrouting by configuring a VLAN interfaceforeachVLANthatyouwanttoroutetraffictoandassigninganIPaddressontheVLANinterface. For more information on IP addresses and IP routing, see the Unicast Routing Configuration Guide for your device.

The following figure shows two hosts connected to two VLANs on a device. You can configure VLAN interfacesforeachVLANthatallowsHost1tocommunicatewithHost2usingIProutingbetweentheVLANs. VLAN1communicatesatLayer3overVLANinterface1andVLAN10communicatesatLayer3overVLAN interface 10.

Figure 3: Connecting Two VLANs with VLAN Interfaces

Loopback Interfaces

Aloopbackinterfaceisavirtualinterfacewithasingleendpointthatisalwaysup.Anypacketthatistransmitted over a loopback interface is immediately received by this interface. Loopback interfaces emulate a physical interface.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

35

Configuring Layer 3 Interfaces

Tunnel Interfaces

You can use loopback interfaces for performance analysis, testing, and local communications. Loopback interfaces can act as a termination address for routing protocol sessions. This loopback configuration allows routing protocol sessions to stay up even if some of the outbound interfaces are down.

Tunnel Interfaces

CiscoNX-OSsupportstunnelinterfacesasIPtunnels.IPtunnelscanencapsulateasameayerorhigherlayer protocol and transport the result over IP through a tunnel that is created between two routers.

Licensing Requirements for Layer 3 Interfaces

Thisfeaturedoesnotrequirealicense.AnyfeaturenotincludedinalicensepackageisbundledwiththeCisco NX-OSsystem images and is provided at no extra charge to you. For a complete explanation of the CiscoNX-OSlicensing scheme, see theCisco NX-OS Licensing Guide.

Guidelines and Limitations for Layer 3 Interfaces

Layer 3 interfaces have the following configuration guidelines and limitations:

IfyouchangeaLayer3interfacetoaLayer2interface,CiscoNX-OSshutsdowntheinterface,reenablesthe interface, and removes all configuration specific to Layer 3.

IfyouchangeaLayer2interfacetoaLayer3interface,CiscoNX-OSshutsdowntheinterface,reenablesthe interface, and deletes all configuration specific to Layer 2.

Default Settings for Layer 3 Interfaces

The default setting for the Layer 3 Admin state is Shut.

Configuring Layer 3 Interfaces

Configuring a Routed Interface

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)#interfaceethernet

Enters interface configuration mode.

 

slot/port

 

Step 3

switch(conifg-if)#no switchport

Configures the interface as a Layer 3 interface and deletes

 

 

any configuration specific to Layer 2 on this interface.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

36

78-26881-OL

Configuring Layer 3 Interfaces

Configuring a Subinterface

 

Command or Action

Purpose

 

 

 

Note

To convert a Layer 3 interface back into a Layer

 

 

 

2 interface, use the switchport command.

Step 4

switch(config-if)#[ip |ipv6

Configures an IP address for this interface.

 

]ip-address/length

 

 

Step 5

switch(config-if)#medium

(Optional)

 

{broadcast| p2p}

Configures the interface medium as either point to point

 

 

or broadcast.

 

 

Note

The default setting is broadcast, and this setting

 

 

 

does not appear in any of the show commands.

 

 

 

However,ifyoudochangethesettingtop2p,you

 

 

 

will see this setting when you enter the show

 

 

 

running-configcommand.

Step 6

switch(config-if)#showinterfaces

(Optional)

 

 

Displays the Layer 3 interface statistics.

Step 7

switch(config-if)#copy

(Optional)

 

running-configstartup-config

Saves the change persistently through reboots and restarts

 

 

by copying the running configuration to the startup

 

 

configuration.

This example shows how to configure an IPv4 routed Layer 3 interface:

switch# configure terminal switch(config)#interface ethernet 2/1 switch(config-if)#no switchport switch(config-if)#ip address 192.0.2.1/8

switch(config-if)# copyrunning-configstartup-config

Configuring a Subinterface

Before You Begin

Configure the parent interface as a routed interface.

Create the port-channelinterface if you want to create a subinterface on that port channel.

Procedure

 

Command or Action

Purpose

Step 1

switch(config-if)#copyrunning-config

(Optional)

 

startup-config

Saves the change persistently through reboots and

 

 

restarts by copying the running configuration to the

 

 

startup configuration.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

37

Configuring Layer 3 Interfaces

Configuring the Bandwidth on an Interface

 

Command or Action

Purpose

Step 2

switch(config)# interface ethernet

Entersinterfaceconfigurationmode.Therangeforthe

 

slot/port.number

slot is from 1 to 255. The range for theport is from 1

 

 

to 128.

Step 3

switch(config-if)#[ip |ipv6]address

Configures IP address for this interface.

 

ip-address/length

 

Step 4

switch(config-if)#encapsulation

ConfiguresIEEE802.1QVLANencapsulationonthe

 

dot1Q vlan-id

subinterface. The range for the vlan-id is from 2 to

 

 

4093.

Step 5

switch(config-if)#show interfaces

(Optional)

 

 

Displays the Layer 3 interface statistics.

Step 6

switch(config-if)#copyrunning-config

(Optional)

 

startup-config

Saves the change persistently through reboots and

 

 

restarts by copying the running configuration to the

 

 

startup configuration.

This example shows how to create a subinterface:

switch# configure terminal switch(config)#interface ethernet 2/1 switch(config-if)#ip address 192.0.2.1/8 switch(config-if)#encapsulation dot1Q 33

switch(config-if)# copyrunning-configstartup-config

Configuring the Bandwidth on an Interface

You can configure the bandwidth for a routed interface, port channel, or subinterface.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# interface

Enters interface configuration mode. The range for the slot is

 

ethernet slot/port

from 1 to 255. The range for the port is from 1 to 128.

Step 3

switch(conifg-if)#bandwidth

Configures the bandwidth parameter for a routed interface,

 

[value| inherit [value]]

port channel, or subinterface, as follows:

 

 

value—Sizeof the bandwidth in kilobytes. The range is

 

 

from 1 to 10000000.

 

 

inherit—Indicatesthatallsubinterfacesofthisinterface

 

 

inheriteitherthebandwidthvalue(ifavalueisspecified)

 

 

orthebandwidthoftheparentinterface(ifavalueisnot

 

 

specified).

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

38

78-26881-OL

Configuring Layer 3 Interfaces

Configuring a VLAN Interface

 

Command or Action

Purpose

Step 4

switch(config-if)#copy

(Optional)

running-config startup-config Saves the change persistently through reboots and restarts by copyingtherunningconfigurationtothestartupconfiguration.

This example shows how to configure Ethernet interface 2/1 with a bandwidth value of 80000:

switch# configure terminalswitch(config)# interface ethernet 2/1switch(config-if)# bandwidth 80000

switch(config-if)# copyrunning-configstartup-config

Configuring a VLAN Interface

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# featureinterface-vlan

Enables VLAN interface mode.

Step 3

switch(config)# interface vlan number

Creates a VLAN interface. The number range is

 

 

from 1 to 4094.

Step 4

switch(config-if)#[ip |ipv6 ]address

Configures an IP address for this interface.

 

ip-address/length

 

Step 5

switch(config-if)#show interface vlan

(Optional)

 

number

Displays the VLAN interface statistics. The

 

 

number range is from 1 to 4094.

Step 6

switch(config-if)#copy running-config

(Optional)

 

startup-config

Savesthechangepersistentlythroughrebootsand

 

 

restarts by copying the running configuration to

 

 

the startup configuration.

This example shows how to create a VLAN interface:

switch# configure terminal switch(config)#feature interface-vlan switch(config)#interface vlan 10 switch(config-if)#ip address 192.0.2.1/8

switch(config-if)# copyrunning-configstartup-config

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

39

Configuring Layer 3 Interfaces

Configuring a Loopback Interface

Configuring a Loopback Interface

Before You Begin

Ensure that the IP address of the loopback interface is unique across all routers on the network.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# interface loopback

Createsaloopbackinterface. The instance rangeis

 

instance

from 0 to 1023.

Step 3

switch(config-if)#[ip |ipv6 ]address

Configures an IP address for this interface.

 

ip-address/length

 

Step 4

switch(config-if)#show interface

(Optional)

 

loopback instance

Displays the loopback interface statistics. The

 

 

instance range is from 0 to 1023.

Step 5

switch(config-if)#copy running-config

(Optional)

 

startup-config

Saves the change persistently through reboots and

 

 

restartsbycopyingtherunningconfigurationtothe

 

 

startup configuration.

This example shows how to create a loopback interface:

switch# configure terminalswitch(config)# interface loopback 0

switch(config-if)# ip address 192.0.2.100/8switch(config-if)# copyrunning-configstartup-config

Assigning an Interface to a VRF

Before You Begin

Assign the IP address for a tunnel interface after you have configured the interface for a VRF.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# interface

Enters interface configuration mode.

 

interface-typenumber

 

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

40

78-26881-OL

Configuring Layer 3 Interfaces

Verifying the Layer 3 Interfaces Configuration

 

Command or Action

Purpose

Step 3

switch(conifg-if)#vrf member vrf-name

Adds this interface to a VRF.

Step 4

switch(config-if)#[ip |

Configures an IP address for this interface. You

 

ipv6]ip-address/length

must do this step after you assign this interface

 

 

to a VRF.

Step 5

switch(config-if)#show vrf [vrf-name]

(Optional)

 

interface interface-typenumber

Displays VRF information.

Step 6

switch(config-if)#show interfaces

(Optional)

 

 

Displays the Layer 3 interface statistics.

Step 7

switch(config-if)#copy running-config

(Optional)

 

startup-config

Saves the change persistently through reboots

 

 

andrestartsbycopyingtherunningconfiguration

 

 

to the startup configuration.

This example shows how to add a Layer 3 interface to the VRF:

switch# configure terminal switch(config)# interface loopback 0

switch(config-if)#vrf member RemoteOfficeVRFswitch(config-if)#ip address 209.0.2.1/16switch(config-if)#copyrunning-configstartup-config

Verifying the Layer 3 Interfaces Configuration

Use one of the following commands to verify the configuration:

Command

Purpose

show interface ethernet slot/port

Displays the Layer 3 interface configuration, status,

 

and counters (including the 5-minuteexponentially

 

decayed moving average of inbound and outbound

 

packet and byte rates).

show interface ethernet slot/port brief

Displays the Layer 3 interface operational status.

show interface ethernet slot/port capabilities

DisplaystheLayer3interfacecapabilities,including

 

port type, speed, and duplex.

show interface ethernet slot/port description

Displays the Layer 3 interface description.

show interface ethernet slot/port status

Displays the Layer 3 interface administrative status,

 

port mode, speed, and duplex.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

41

Configuring Layer 3 Interfaces

Monitoring Layer 3 Interfaces

Command

Purpose

show interface ethernet slot/port.number

Displays the subinterface configuration, status, and

 

counters (including the f-minuteexponentially

 

decayed moving average of inbound and outbound

 

packet and byte rates).

show interface port-channelchannel-id.number

Displaystheport-channelsubinterfaceconfiguration,

 

status, and counters (including the 5-minute

 

exponentially decayed moving average of inbound

 

and outbound packet and byte rates).

show interface loopback number

Displaystheloopbackinterfaceconfiguration,status,

 

and counters.

show interface loopback number brief

Displays the loopback interface operational status.

show interface loopback number description

Displays the loopback interface description.

show interface loopback number status

Displaystheloopbackinterfaceadministrativestatus

 

and protocol status.

show interface vlan number

Displays the VLAN interface configuration, status,

 

and counters.

show interface vlan number brief

Displays the VLAN interface operational status.

show interface vlan number description

Displays the VLAN interface description.

show interface vlan number private-vlanmapping

Displays the VLAN interface private VLAN

 

information.

show interface vlan number status

Displays the VLAN interface administrative status

 

and protocol status.

Monitoring Layer 3 Interfaces

Use one of the following commands to display statistics about the feature:

Command

Purpose

show interface ethernet slot/port counters

Displays the Layer 3 interface statistics (unicast,

 

multicast, and broadcast).

show interface ethernet slot/port counters brief

Displays the Layer 3 interface input and output

 

counters.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

42

78-26881-OL

Configuring Layer 3 Interfaces

Configuration Examples for Layer 3 Interfaces

Command

Purpose

show interface ethernet slot/port counters detailed

Displays the Layer 3 interface statistics. You can

[all]

optionallyincludeall32-bitand64-bitpacketand

 

byte counters (including errors).

show interface ethernet slot/port counters error

Displays the Layer 3 interface input and output

 

errors.

show interface ethernet slot/port counters snmp

Displays the Layer 3 interface counters reported

 

bySNMPMIBs. Youcannotclearthesecounters.

show interface ethernet slot/port.number counters

Displays the subinterface statistics (unicast,

 

multicast, and broadcast).

show interface port-channelchannel-id.number

Displays the port-channelsubinterface statistics

counters

(unicast, multicast, and broadcast).

show interface loopback number counters

Displays the loopback interface input and output

 

counters (unicast, multicast, and broadcast).

show interface loopback number counters detailed

Displaystheloopbackinterfacestatistics.Youcan

[all]

optionallyincludeall32-bitand64-bitpacketand

 

byte counters (including errors).

show interface loopback number counters errors

Displays the loopback interface input and output

 

errors.

show interface vlan number counters

Displays the VLAN interface input and output

 

counters (unicast, multicast, and broadcast).

show interface vlan number counters detailed[all]

Displays the VLAN interface statistics. You can

 

optionally include all Layer 3 packet and byte

 

counters (unicast and multicast).

show interface vlan counters snmp

Displays the VLAN interface counters reported

 

bySNMPMIBs. Youcannotclearthesecounters.

Configuration Examples for Layer 3 Interfaces

This example shows how to configure Ethernet subinterfaces:

switch# configuration terminalswitch(config)# interface ethernet 2/1.10switch(config-if)# no switchport

switch(config-if)# description Layer 3 for VLAN 10switch(config-if)# encapsulation dot1q 10switch(config-if)# ip address 192.0.2.1/8switch(config-if)# copyrunning-configstartup-config

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

43

Configuring Layer 3 Interfaces

Related Documents for Layer 3 Interfaces

This example shows how to configure a VLAN interface:

switch# configuration terminalswitch(config)# interface vlan 100switch(config-if)# no switchport

switch(config-if)# ipv6 address 33:0DB::2/8 switch(config-if)# copyrunning-configstartup-config

This example shows how to configure a loopback interface:

switch# configuration terminalswitch(config)# interface loopback 3switch(config-if)# no switchportswitch(config-if)# ip address 192.0.2.2/32

switch(config-if)# copyrunning-configstartup-config

Related Documents for Layer 3 Interfaces

Related Topics

Document Title

Command syntax

Fordetailsaboutcommandsyntax,seethecommand

 

reference for your device.

IP

“Configuring IP” chapter in the Unicast Routing

 

Configuration Guide for your device.

VLAN

“Configuring VLANs” chapter in the Layer 2

 

Switching Configuration Guide for your device.

MIBs for Layer 3 Interfaces

MIB

IF-MIB

CISCO-IF-EXTENSION-MIB

ETHERLIKE-MIB

MIB Link

To locate and download MIBs, go to the following URL:

http://www.cisco.com/public/sw-center/netmgmt/ cmtk/mibs.shtml

Standards for Layer 3 Interfaces

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

44

78-26881-OL

C H A P T E R 4

Configuring Port Channels

This chapter contains the following sections:

Information About Port Channels, page 45

Configuring Port Channels, page 54

Verifying Port Channel Configuration, page 63

Verifying the Load-Balancing Outgoing Port ID , page 64

Information About Port Channels

A port channel bundles individual interfaces into a group to provide increased bandwidth and redundancy. Port channeling also load balances traffic across these physical interfaces. The port channel stays operational as long as at least one physical interface within the port channel is operational.

You create an port channel by bundling compatible interfaces. You can configure and run either static port channels or port channels running the Link Aggregation Control Protocol (LACP).

Any configuration changes that you apply to the port channel are applied to each member interface of that port channel. For example, if you configure Spanning Tree Protocol (STP) parameters on the port channel, Cisco NX-OSapplies those parameters to each interface in the port channel.

Youcanusestaticportchannels,withnoassociatedprotocol,forasimplifiedconfiguration.Formoreefficient useoftheportchannel,youcanusetheLinkAggregationControlProtocol(LACP),whichisdefinedinIEEE 802.3ad. When you use LACP, the link passes protocol packets.

Related Topics

LACP Overview, on page 51

Understanding Port Channels

Using port channels, Cisco NX-OSprovides wider bandwidth, redundancy, and load balancing across the channels.

You can collect ports into a static port channel or you can enable the Link Aggregation Control Protocol (LACP). Configuring port channels with LACP requires slightly different steps than configuring static port

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

45

Configuring Port Channels

Guidelines and Limitations for Port Channel Configuration

Note

Note

channels. Forinformationonportchannelconfigurationlimits,seethe Verified Scalability documentforyour platform. For more information about load balancing, seeLoad Balancing Using Port Channels, on page 48.

Cisco NX-OSdoes not support Port Aggregation Protocol (PAgP) for port channels.

A port channel bundles individual links into a channel group to create a single logical link that provides the aggregate bandwidth of several physical links. If a member port within a port channel fails, traffic previously carried over the failed link switches to the remaining member ports within the port channel.

Each port can be in only one port channel. All the ports in an port channel must be compatible; they must use the same speed and operate in full-duplexmode. When you are running static port channels, without LACP, the individual links are all in the on channel mode; you cannot change this mode without enabling LACP.

You cannot change the mode from ON to Active or from ON to Passive.

You can create a port channel directly by creating the port-channelinterface, or you can create a channel group that acts to aggregate individual ports into a bundle. When you associate an interface with a channelgroup,CiscoNX-OScreatesamatchingportchannelautomaticallyiftheportchanneldoesnotalreadyexist.Youcanalsocreatetheportchannelfirst.Inthisinstance,CiscoNX-OScreatesanemptychannelgroupwiththe same channel number as the port channel and takes the default configuration.

Note A port channel is operationally up when at least one of the member ports is up and that port’s status is channeling. The port channel is operationally down when all member ports are operationally down.

Guidelines and Limitations for Port Channel Configuration

Port channels can be configured in one of two ways: either in global configuration mode or in switch profile mode.Considerthefollowingguidelinesandlimitationswhenconfiguringportchannelsviatheconfiguration synchronization feature in Cisco NX-OS:

Once a port channel is configured using switch profile mode, it cannot be configured using global configuration (config terminal) mode.

Note Severalportchannelsub-commandsarenotconfigurableinswitchprofilemode.These commands can be configured from global configuration mode even if the port channel is created and configured in switch profile mode.

For example, the following command can only be configured in global configuration mode:

switchport private-vlanassociation trunkprimary-vlan secondary-vlan

Shutdown and no shutdown can be configured in either global configuration mode or switch profile mode.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

46

78-26881-OL

Configuring Port Channels

Compatibility Requirements

If a port channel is created in global configuration mode, channel groups including member interfaces must also be created using global configuration mode.

Portchannelsthatareconfiguredwithinswitchprofilemodemayhavemembersbothinsideandoutside of a switch profile.

If you want to import a member interface to a switch profile, the port channel that corresponds with the member interface must also be present within the switch profile.

For more information on switch profiles, see the .

Compatibility Requirements

Whenyouaddaninterfacetoaportchannelgroup,CiscoNX-OScheckscertaininterfaceattributestoensurethat the interface is compatible with the channel group. CiscoNX-OSalso checks a number of operational attributes for an interface before allowing that interface to participate in theport-channelaggregation.

The compatibility check includes the following operational attributes:

Port mode

Access VLAN

Trunk native VLAN

Allowed VLAN list

Speed

802.3x flow control setting

MTU

The Cisco Nexus device only supports system level MTU. This attribute cannot be changed on an individual port basis.

Broadcast/Unicast/Multicast Storm Control setting

Priority-Flow-Control

Untagged CoS

Use the show port-channel compatibility-parameters command to see the full list of compatibility checks that CiscoNX-OSuses.

You can only add interfaces configured with the channel mode set to on to static port channels. You can also only add interfaces configured with the channel mode as active or passive to port channels that are running LACP. You can configure these attributes on an individual member port.

When the interface joins a port channel, the following individual parameters are replaced with the values on the port channel:

Bandwidth

MAC address

Spanning Tree Protocol

The following interface parameters remain unaffected when the interface joins a port channel:

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

47

Configuring Port Channels

Load Balancing Using Port Channels

Description

CDP

LACP port priority

Debounce

Afteryouenableforcingaporttobeaddedtoachannelgroupbyenteringthechannel-groupforce command, the following two conditions occur:

Whenaninterfacejoinsaportchannelthefollowingparametersareremovedandtheyareoperationally replaced with the values on the port channel; however, this change will not be reflected in the running-configurationfor the interface:

QoS

Bandwidth

Delay

STP

Service policy

ACLs

When an interface joins or leaves a port channel, the following parameters remain unaffected:

Beacon

Description

CDP

LACP port priority

Debounce

UDLD

Shutdown

SNMP traps

Load Balancing Using Port Channels

Cisco NX-OSload balances traffic across all operational interfaces in a port channel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel. Port channels provide load balancing by default.

The basic configuration uses the following criteria to select the link:

For a Layer 2 frame, it uses the source and destination MAC addresses.

For a Layer 3 frame, it uses the source and destination MAC addresses and the source and destination IP addresses.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

48

78-26881-OL

Configuring Port Channels

Load Balancing Using Port Channels

For a Layer 4 frame, it uses the source and destination MAC addresses and the source and destination IP addresses.

Note You have the option to include the source and destination port number for the Layer 4 frame.

You can configure the switch to use one of the following methods (see the following table for more details) to load balance across the port channel:

Destination MAC address

Source MAC address

Source and destination MAC address

Destination IP address

Source IP address

Source and destination IP address

Destination TCP/UDP port number

Source TCP/UDP port number

Source and destination TCP/UDP port number

Table 4: Port Channel Load-BalancingCriteria

 

 

Configuration

Layer 2 Criteria

Layer 3 Criteria

Layer 4 Criteria

Destination MAC

Destination MAC

Destination MAC

Destination MAC

Source MAC

Source MAC

Source MAC

Source MAC

Source and destination

Source and destination

Source and destination

Source and destination

MAC

MAC

MAC

MAC

Destination IP

Destination MAC

Destination MAC,

Destination MAC,

 

 

destination IP

destination IP

Source IP

Source MAC

Source MAC, source IP

Source MAC, source IP

SourceanddestinationIP

Source and destination

Source and destination

Source and destination

 

MAC

MAC, source and

MAC, source and

 

 

destination IP

destination IP

Destination TCP/UDP

Destination MAC

Destination MAC,

Destination MAC,

port

 

destination IP

destinationIP,destination

 

 

 

port

Source TCP/UDP port

Source MAC

Source MAC, source IP

Source MAC, source IP,

 

 

 

source port

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

49

Configuring Port Channels

Load Balancing Using Port Channels

Configuration

Layer 2 Criteria

Layer 3 Criteria

Layer 4 Criteria

Source and destination

Source and destination

Source and destination

Source and destination

TCP/UDP port

MAC

MAC, source and

MAC, source and

 

 

destination IP

destinationIP,sourceand

 

 

 

destination port

Fabric Extenders are not configurable individually. Fabric extender configurations are defined on the Cisco Nexus device. In the case of the port-channelload balancing protocol, the table below illustrates whichport-channelload balancing option is automatically configured on the fabric extender modules as a result of the configuration performed on the Cisco Nexus device.

The following table shows the criteria used for each configuration:

Table 5: Port channel Load-BalancingCriteria for the Cisco Nexus 2232 and Cisco Nexus 2248 Fabric Extenders

Configuration

Layer 2 Criteria

Layer 3 Criteria

Layer 4 Criteria

Destination MAC

Source and destination

Source and destination

Source and destination

 

MAC

MAC

MAC

Source MAC

Source and destination

Source and destination

Source and destination

 

MAC

MAC

MAC

Source and destination

Source and destination

Source and destination

Source and destination

MAC

MAC

MAC

MAC

Destination IP

Source and destination

Source and destination

Source and destination

 

MAC

MAC, and source and

MAC, and source and

 

 

destination IP

destination IP

Source IP

Source and destination

Source and destination

Source and destination

 

MAC

MAC, and source and

MAC, and source and

 

 

destination IP

destination IP

SourceanddestinationIP

Source and destination

Source and destination

Source and destination

 

MAC

MAC, and source and

MAC, and source and

 

 

destination IP

destination IP

Destination TCP/UDP

Source and destination

Source and destination

Source and destination

port

MAC

MAC, and source and

MAC, source and

 

 

destination IP

destinationIP,andsource

 

 

 

and destination port

Source TCP/UDP port

Source and destination

Source and destination

Source and destination

 

MAC

MAC, and source and

MAC, source and

 

 

destination IP

destinationIP,andsource

 

 

 

and destination port

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

50

78-26881-OL

Configuring Port Channels

Understanding LACP

Configuration

Layer 2 Criteria

Layer 3 Criteria

Layer 4 Criteria

Source and destination

Source and destination

Source and destination

Source and destination

TCP/UDP port

MAC

MAC, source and

MAC, source and

 

 

destination IP

destinationIP,andsource

 

 

 

and destination port

Use the option that provides the balance criteria with the greatest variety in your configuration. For example, ifthetrafficonaportchannelisgoingonlytoasingleMACaddressandyouusethedestinationMACaddress asthebasisofport-channelloadbalancing,theportchannelalwayschoosesthesamelinkinthatportchannel;using source addresses or IP addresses might result in better load balancing.

Understanding LACP

LACP Overview

Note You must enable the LACP feature before you can configure and use LACP functions.

The following figure shows how individual links can be combined into LACP port channels and channel groups as well as function as individual links.

Figure 4: Individual Links Combined into a Port channel

With LACP, just like with static port-channels,you can bundle up to 16 interfaces in a channel group.

Note When you delete the port channel, CiscoNX-OSautomatically deletes the associated channel group. All member interfaces revert to their previous configuration.

You cannot disable LACP while any LACP configurations are present.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

51

Configuring Port Channels

Understanding LACP

LACP ID Parameters

LACP uses the following parameters:

LACP system priority—Eachsystem that runs LACP has an LACP system priority value. You can acceptthedefaultvalueof32768forthisparameter,oryoucanconfigureavaluebetween1and65535. LACP uses the system priority with the MAC address to form the system ID and also uses the system priority during negotiation with other devices. A higher system priority value means a lower priority.

Note The LACP system ID is the combination of the LACP system priority value and the MAC address.

LACP port priority—Eachport configured to use LACP has an LACP port priority. You can accept the default value of 32768 for the LACP port priority, or you can configure a value between 1 and 65535. LACPusestheportprioritywiththeportnumbertoformtheportidentifier. LACPusestheportpriority todecidewhichportsshouldbeputinstandbymodewhenthereisalimitationthatpreventsallcompatible ports from aggregating and which ports should be put into active mode. A higher port priority value meansalowerpriorityforLACP. Youcanconfiguretheportprioritysothatspecifiedportshavealower priority for LACP and are most likely to be chosen as active links, rather thanhot-standbylinks.

LACP administrative key—LACPautomatically configures an administrative key value equal to thechannel-groupnumber on each port configured to use LACP. The administrative key defines the ability of a port to aggregate with other ports. A port’s ability to aggregate with other ports is determined by these factors:

Port physical characteristics, such as the data rate, the duplex capability, and the point-to-pointor shared medium state

Configuration restrictions that you establish

Channel Modes

Individual interfaces in port channels are configured with channel modes. When you run static port channels, with no protocol, the channel mode is always set to on. After you enable LACP globally on the device, you enable LACP for each channel by setting the channel mode for each interface to active or passive. You can configure either channel mode for individual links in the LACP channel group.

Note You must enable LACP globally before you can configure an interface in either the active or passive channel mode.

The following table describes the channel modes.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

52

78-26881-OL

Configuring Port Channels

Understanding LACP

Table 6: Channel Modes for Individual Links in a Port channel

Channel Mode

Description

passive

LACP mode that places a port into a passive

 

negotiatingstate,inwhichtheportrespondstoLACP

 

packets that it receives but does not initiate LACP

 

negotiation.

active

LACP mode that places a port into an active

 

negotiating state, in which the port initiates

 

negotiations with other ports by sending LACP

 

packets.

on

All static port channels, that is, that are not running

 

LACP,remaininthismode. Ifyouattempttochange

 

thechannelmodetoactiveorpassivebeforeenabling

 

LACP, the device returns an error message.

 

You enable LACP on each channel by configuring

 

the interface in that channel for the channel mode as

 

either active or passive. When an LACP attempts to

 

negotiate with an interface in the on state, it does not

 

receiveanyLACPpacketsandbecomesanindividual

 

link with that interface; it does not join the LACP

 

channel group.

Both the passive and active modes allow LACP to negotiate between ports to determine if they can form a port channel, based on criteria such as the port speed and the trunking state. The passive mode is useful when you do not know whether the remote system, or partner, supports LACP.

Ports can form an LACP port channel when they are in different LACP modes as long as the modes are compatible as in the following examples:

A port in active mode can form a port channel successfully with another port that is in active mode.

A port in active mode can form a port channel with another port in passive mode.

Aportinpassivemodecannotformaportchannelwithanotherportthatisalsoinpassivemodebecause neither port will initiate negotiation.

A port in on mode is not running LACP.

LACP Marker Responders

Usingportchannels,datatrafficmaybedynamicallyredistributedduetoeitheralinkfailureorloadbalancing. LACP uses the Marker Protocol to ensure that frames are not duplicated or reordered because of this redistribution. Cisco NX-OSsupports only Marker Responders.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

53

Configuring Port Channels

Configuring Port Channels

LACP-Enabledand Static Port Channel Differences

ThefollowingtableprovidesabriefsummaryofmajordifferencesbetweenportchannelswithLACPenabled andstaticportchannels. Forinformationaboutthemaximumconfigurationlimits,seethe Verified Scalability document for your device.

Table 7: Port channels with LACP Enabled and Static Port channels

 

Configurations

Port Channels with LACP Enabled

Static Port Channels

Protocol applied

Enable globally.

Not applicable.

Channel mode of links

Can be either:

Can only be On.

 

• Active

 

 

• Passive

 

Configuring Port Channels

Creating a Port Channel

You can create a port channel before creating a channel group. Cisco NX-OSautomatically creates the associated channel group.

Note If you wantLACP-basedport channels, you need to enable LACP.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)#interfaceport-channel

Specifies the port-channelinterface to configure, and

 

channel-number

enters the interface configuration mode. The range is

 

 

from 1 to 4096. Cisco NX-OSautomatically creates

 

 

the channel group if it does not already exist.

Step 3

switch(config)# no interface

Removes the port channel and deletes the associated

 

port-channel channel-number

channel group.

This example shows how to create a port channel:

switch# configure terminal

switch (config)# interfaceport-channel1

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

54

78-26881-OL

Configuring Port Channels

Adding a Port to a Port Channel

Adding a Port to a Port Channel

You can add a port to a new channel group or to a channel group that already contains ports. Cisco NX-OScreates the port channel associated with this channel group if the port channel does not already exist.

Note If you wantLACP-basedport channels, you need to enable LACP.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface type

Specifiestheinterfacethatyouwanttoaddtoachannel

 

slot/port

group and enters the interface configuration mode.

Step 3

switch(config-if)#switchport mode

(Optional)

 

trunk

Configures the interface as a trunk port.

Step 4

switch(config-if)#switchport trunk

(Optional)

 

{allowed vlanvlan-id | native vlan

Configures necessary parameters for a trunk port.

 

vlan-id}

 

Step 5

switch(config-if)#channel-group

Configures the port in a channel group and sets the

 

channel-number

mode. The channel-numberrange is from 1 to 4096.

 

 

Cisco NX-OScreates the port channel associated with

 

 

this channel group if the port channel does not already

 

 

exist. This is called implicit port channel creation.

Step 6

switch(config-if)#no channel-group

(Optional)

 

 

Removes the port from the channel group. The port

 

 

reverts to its original configuration.

This example shows how to add an Ethernet interface 1/4 to channel group 1:

switch# configure terminal

switch (config)# interface ethernet 1/4switch(config-if)# switchport mode trunkswitch(config-if)# channel-group1

Configuring Load Balancing Using Port Channels

You can configure the load-balancingalgorithm for port channels that applies to the entire device.

Note If you wantLACP-basedport channels, you need to enable LACP.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

55

Configuring Port Channels

Configuring Load Balancing Using Port Channels

Procedure

Command or Action

Step 1 switch# configure terminal

Step 2 switch(config)#port-channel load-balance ethernet {[destination-ip |destination-mac |destination-port |source-dest-ip |source-dest-mac |source-dest-port |source-ip |source-mac |source-port]crc-poly}

Step 3 switch(config)#no port-channel load-balance ethernet

Step 4 switch# showport-channelload-balance

Purpose

Enters configuration mode.

Specifiestheload-balancingalgorithmforthedevice.Therange depends on the device. The default issource-dest-mac.

Beginning with Cisco NX-OSRelease 5.0(3)N2(1), the Cisco Nexus 5500 Platform switches support 8 hash polynomials that can be used for compression on thehash-parameters.Depending on variations in the hash parameters for egress traffic flows from a port channel, different polynomials could provide different load distributionresults.ThedefaulthashpolynomialisCRC8a. The variable can be configured as follows:

CRC8a

CRC8b

CRC8c

CRC8d

CRC8e

CRC8f

CRC8g

(Optional)

Restores the default load-balancingalgorithm ofsource-dest-mac.

(Optional)

Displays the port-channelload-balancingalgorithm.

This example shows how to configure source IP load balancing for port channels:

switch# configure terminal

switch (config)# port-channelload-balanceethernetsource-ip

Note Before Release 4.0(1a)N1 of CiscoNX-OS,thesource-dest-ip,source-dest-mac,andsource-dest-portkeywords weresource-destination-ip,source-destination-mac,andsource-destination-port,respectively.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

56

78-26881-OL

Configuring Port Channels

Configuring Hardware Hashing for Multicast Traffic

Configuring Hardware Hashing for Multicast Traffic

By default, ingress multicast traffic on any port in the switch selects a particular port channel member to egress the traffic. You can configure hardware hashing for multicast traffic to reduce potential bandwidth issues and to provide effective load balancing of the ingress multicast traffic. Use the hardware multicast hw-hash command to enable hardware hashing. To restore the default, use theno hardware multicast hw-hash command.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interfaceport-channel

Selectstheportchannelandenterstheinterface

 

channel-number

configuration mode.

Step 3

switch(config-if)#hardware multicast

Configureshardwarehashingforthespecified

 

hw-hash

port channel.

This example shows how to configure hardware hashing on a port channel:

switch# configure terminal

switch (config)# interfaceport-channel21switch(config-if)# hardware multicasthw-hash

This example shows how to remove hardware hashing from a port channel:

switch# configure terminal

switch (config)# interfaceport-channel21switch(config-if)# no hardware multicasthw-hash

Enabling LACP

LACP is disabled by default; you must enable LACP before you begin LACP configuration. You cannot disable LACP while any LACP configuration is present.

LACPlearnsthecapabilitiesofLANportgroupsdynamicallyandinformstheotherLANports. OnceLACP identifies correctly matched Ethernet links, it facilitates grouping the links into an port channel. The port channel is then added to the spanning tree as a single bridge port.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# feature lacp

Enables LACP on the switch.

Step 3

switch(config)# show feature

(Optional)

 

 

Displays enabled features.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

57

Configuring Port Channels

Configuring the Channel Mode for a Port

This example shows how to enable LACP:

switch# configure terminalswitch(config)# feature lacp

Configuring the Channel Mode for a Port

You can configure the channel mode for each individual link in the LACP port channel as active or passive. This channel configuration mode allows the link to operate with LACP.

When you configure port channels with no associated protocol, all interfaces on both sides of the link remain in the on channel mode.

Before You Begin

Ensure that you have enabled the LACP feature.

Procedure

Command or ActionStep 1switch# configure terminal

Step 2 switch(config)#interfacetype slot/port

Step 3 switch(config-if)#channel-group channel-number [force] [mode {on |active |passive}]

Step 4 switch(config-if)#no channel-groupnumbermode

Purpose

Enters configuration mode.

Specifies the interface to configure, and enters the interface configuration mode.

Specifies the port mode for the link in a port channel. After LACP is enabled, you configure each link or the entire channel as active or passive.

force—Specifiesthat the LAN port be forcefully added to the channel group. This option is available in CiscoNX-OSRelease 5.0(2)N2(1).

mode—Specifiesthe port channel mode of the interface.

active—Specifiesthat when you enable LACP, this command enablesLACPonthespecifiedinterface.Theinterfaceisinanactive negotiating state in which the port initiates negotiations with other ports by sending LACP packets.

on—(Defaultmode) Specifies that all port channels that are not running LACP remain in this mode.

passive—EnablesLACP only if an LACP device is detected. The interfaceisinapassivenegotiationstateinwhichtheportresponds to LACP packets that it receives but does not initiate LACP negotiation.

Whenyourunportchannelswithnoassociatedprotocol,thechannel mode is always on.

Returns the port mode to on for the specified interface.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

58

78-26881-OL

Configuring Port Channels

Configuring the LACP Fast Timer Rate

ThisexampleshowshowtosettheLACP-enabledinterfacetoactiveport-channelmodeforEthernetinterface1/4 in channel group 5:

switch# configure terminal

switch (config)# interface ethernet 1/4switch(config-if)# channel-group5 mode active

This example shows how to forcefully add an interface to the channel group 5:

switch(config)# interface ethernet 1/1switch(config-if)# channel-group5 forceswitch(config-if)#

Configuring the LACP Fast Timer Rate

YoucanchangetheLACPtimerratetomodifythedurationoftheLACPtimeout.Usethelacprate command to set the rate at which LACP control packets are sent to anLACP-supportedinterface. You can change the timeout rate from the default rate (30 seconds) to the fast rate (1 second). This command is supported only onLACP-enabledinterfaces.

Before You Begin

Ensure that you have enabled the LACP feature.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)#interface typeslot/port

Specifies the interface to configure and enters the

 

 

interface configuration mode.

Step 3

switch(config-if)#lacp rate fast

Configuresthefastrate(onesecond)atwhichLACP

 

 

control packets are sent to an LACP-supported

 

 

interface.

This example shows how to configure the LACP fast rate on Ethernet interface 1/4:

switch# configure terminal

switch (config)# interface ethernet 1/4

switch(config-if)#lacp rate fast

This example shows how to restore the LACP default rate (30 seconds) on Ethernet interface 1/4.

switch# configure terminal

switch (config)# interface ethernet 1/4switch(config-if)# no lacp rate fast

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

59

Configuring Port Channels

Configuring the LACP System Priority and System ID

Configuring the LACP System Priority and System ID

The LACP system ID is the combination of the LACP system priority value and the MAC address.

Before You Begin

Ensure that you have enabled the LACP feature.

Procedure

Command or Action

Purpose

Step 1

switch# configure terminal

Step 2

switch(config)# lacpsystem-priority

 

priority

Enters configuration mode.

Configures the system priority for use with LACP. Validvaluesare1through65535,andhighernumbers have lower priority. The default value is 32768.

Step 3

switch# show lacpsystem-identifier(Optional)

 

Displays the LACP system identifier.

This example shows how to set the LACP system priority to 2500:

switch# configure terminal switch(config)#lacp system-priority 2500

Configuring the LACP Port Priority

You can configure each link in the LACP port channel for the port priority.

Before You Begin

Ensure that you have enabled the LACP feature.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface type

Specifies the interface to configure, and enters the

 

slot/port

interface configuration mode.

Step 3

switch(config-if)#lacp port-priority

Configures the port priority for use with LACP. Valid

 

priority

values are 1 through 65535, and higher numbers have

 

 

lower priority. The default value is 32768.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

60

78-26881-OL

Configuring Port Channels

Disabling LACP Graceful Convergence

This example shows how to set the LACP port priority for Ethernet interface 1/4 to 40000:

switch# configure terminal

switch (config)# interface ethernet 1/4switch(config-if)# lacp port priority 40000

Disabling LACP Graceful Convergence

Before You Begin

Enable the LACP feature.

Confirm that the port channel is in the administratively down state.

EnsurethatyouareinthecorrectVDC. ToswitchtothecorrectVDC,enterthe switchto vdc command.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters global configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

interface port-channelnumber

Example:

switch(config)# interface port-channel1

switch(config) #

Specifies the port channel interface to configure, and enters interface configuration mode.

Step 3

shutdown

Administrativelyshutsdowntheportchannel.

 

Example:

 

 

switch(config-if)#shutdown

 

 

switch(config-if)#

 

Step 4

no lacp graceful-convergence

Disables LACP graceful convergence on the

 

 

specified port channel.

 

Example:

 

 

switch(config-if)#no lacp

 

 

graceful-convergence

 

 

switch(config-if)#

 

Step 5

no shutdown

Administratively brings the port channel up.

 

Example:

 

 

switch(config-if)#no shutdown

 

 

switch(config-if)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

61

Configuring Port Channels

Reenabling LACP Graceful Convergence

 

Command or Action

Purpose

Step 6

copy running-configstartup-config

(Optional)

 

 

Savesthechangepersistentlythroughreboots

 

Example:

and restarts by copying the running

 

switch(config-if)#copyrunning-config

configuration to the startup configuration.

 

startup-config

 

The following example disables LACP graceful convergence on a port channel:

switch# configure

terminal

switch(config) # interfaceport-channel1

switch(config-if)

# shutdown

switch(config-if)

# no lacpgraceful-convergence

switch(config-if)

# no shutdown

switch(config-if)

#

Reenabling LACP Graceful Convergence

Before You Begin

Enable the LACP feature.

Confirm that the port channel is in the administratively down state.

EnsurethatyouareinthecorrectVDC. ToswitchtothecorrectVDC,enterthe switchto vdc command.

Procedure

 

Command or Action

Purpose

Step 1

configure terminal

Enters global configuration mode.

 

Example:

 

 

switch# configure terminal

 

 

switch(config)#

 

Step 2

interface port-channelnumber

Example:

switch(config)# interface port-channel1

switch(config) #

Specifies the port channel interface to configure, and enters interface configuration mode.

Step 3

shutdown

Administrativelyshutsdowntheportchannel.

Example:

switch(config-if)#shutdownswitch(config-if)#

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

62

78-26881-OL

Configuring Port Channels

Verifying Port Channel Configuration

 

Command or Action

Purpose

Step 4

lacp graceful-convergence

Enables LACP graceful convergence on the

 

 

specified port channel.

 

Example:

 

 

switch(config-if)#lacp

 

 

graceful-convergence

 

 

switch(config-if)#

 

Step 5

no shutdown

Administratively brings the port channel up.

 

Example:

 

 

switch(config-if)#no shutdown

 

 

switch(config-if)#

 

Step 6

copy running-configstartup-config

Example:

switch(config-if)#copyrunning-configstartup-config

(Optional) Savesthechangepersistentlythroughreboots and restarts by copying the running configuration to the startup configuration.

The following example disables LACP graceful convergence on a port channel:

switch# configure terminalswitch(config) # interfaceport-channel1switch(config-if) # shutdown

switch(config-if)#lacp graceful-convergence switch(config-if)#no shutdown switch(config-if)#

Verifying Port Channel Configuration

To display port channel configuration information, perform one of the following tasks:

Command

Purpose

switch# show interfaceport-channel

Displays the status of a port channel interface.

channel-number

 

switch# show feature

Displays enabled features.

switch# show resource

Displaysthenumberofresourcescurrentlyavailable

 

in the system.

switch# show lacp{counters| interfacetype

Displays LACP information.

slot/port | neighbor| port-channel|

 

system-identifier}

 

switch# showport-channel

Displaystheparametersthatmustbethesameamong

compatibility-parameters

the member ports in order to join a port channel.

switch# showport-channeldatabase[interface

Displays the aggregation state for one or more

port-channel channel-number]

port-channelinterfaces.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

63

Configuring Port Channels

Verifying the Load-BalancingOutgoing Port ID

Command

Purpose

switch# showport-channelsummary

Displays a summary for the port channel interfaces.

switch# showport-channeltraffic

Displays the traffic statistics for port channels.

switch# showport-channelusage

Displays the range of used and unused channel

 

numbers.

switch# showport-channeldatabase

Displays information on current running of the port

 

channel feature.

switch# showport-channelload-balance

Displaysinformationaboutload-balancingusingport

 

channels.

Verifying the Load-BalancingOutgoing Port ID

Command Guidelines

The show port-channel load-balance command allows you to verify which ports a given frame is hashed to on a port channel. You need to specify the VLAN and the destination MAC in order to get accurate results.

Note Certain traffic flows are not subject to hashing, for example when there is a single port in aport-channel.

To display the load-balancingoutgoing port ID, perform one of the tasks listed in the table below.

Command

Purpose

switch# showport-channelload-balance

Displays the outgoing port ID.

forwarding-pathinterfaceport-channel

 

port-channel-id vlanvlan-id dst-ipsrc-ipdst-mac

 

src-macl4-src-portport-id l4-dst-portport-id

 

Example

This example shows the output of the short port-channel load-balance command.

switch# showport-channelload-balanceforwarding-pathinterfaceport-channel10 vlan 1dst-ip1.225.225.225src-ip1.1.10.10src-macaa:bb:cc:dd:ee:ff

l4-src-port0l4-dst-port1

Missing params will be substituted by 0's. Load-balanceAlgorithm on switch:source-dest-portcrc8_hash:204 Outgoing port id: Ethernet 1/1 Param(s) used to calculate load balance:dst-port:0

src-port:0

dst-ip:1.225.225.225src-ip:1.1.10.10dst-mac:0000.0000.0000src-mac:aabb.ccdd.eeff

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

64

78-26881-OL

C H A P T E R 5

Configuring Virtual Port Channels

This chapter contains the following sections:

Information About vPCs, page 65

 

Guidelines and Limitations for vPCs, page 79

Configuring vPCs, page 80

 

 

Configuring the vPC Peer Switch,

page

93

Verifying the vPC Configuration,

page

95

vPC Example Configurations, page 101

vPC Default Settings, page 105

 

 

Information About vPCs

vPC Overview

A virtual port channel (vPC) allows links that are physically connected to two different Cisco Nexus devices orCiscoNexusFabricExtenderstoappearasasingleportchannelbyathirddevice(seethefollowingfigure). Thethirddevicecanbeaswitch,server,oranyothernetworkingdevice.YoucanconfigurevPCsintopologies thatincludeCiscoNexusdevicesconnectedtoCiscoNexusFabricExtenders.AvPCcanprovidemultipathing,

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

65

Configuring Virtual Port Channels

vPC Overview

Note

Note

whichallowsyoutocreateredundancybyenablingmultipleparallelpathsbetweennodesandloadbalancing traffic where alternative paths exist.

Figure 5: vPC Architecture

You configure the EtherChannels by using one of the following:

No protocol

Link Aggregation Control Protocol (LACP)

When you configure the EtherChannels in a vPC—includingthe vPC peer linkchannel—eachswitch can have up to 16 active links in a single EtherChannel. When you configure a vPC on a Fabric Extender, only one port is allowed in an EtherChannel.

You must enable the vPC feature before you can configure or run the vPC functionality.

To enable the vPC functionality, you must create a peer-keepalivelink and apeer-linkunder the vPC domain for the two vPC peer switches to provide the vPC functionality.

To create a vPC peer link you configure an EtherChannel on one Cisco Nexus device by using two or more Ethernet ports. On the other switch, you configure another EtherChannel again using two or more Ethernet ports. Connecting these two EtherChannels together creates a vPC peer link.

We recommend that you configure the vPC peer-linkEtherChannels as trunks.

The vPC domain includes both vPC peer devices, the vPC peer-keepalivelink, the vPC peer link, and all of the EtherChannels in the vPC domain connected to the downstream device. You can have only one vPC domain ID on each vPC peer device.

Note Always attach all vPC devices using EtherChannels to both vPC peer devices.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

66

78-26881-OL

Configuring Virtual Port Channels

Terminology

A vPC provides the following benefits:

Allows a single device to use an EtherChannel across two upstream devices

Eliminates Spanning Tree Protocol (STP) blocked ports

Provides a loop-freetopology

Uses all available uplink bandwidth

Provides fast convergence if either the link or a switch fails

Provides link-levelresiliency

Assures high availability

Terminology

vPC Terminology

The terminology used in vPCs is as follows:

vPC—Thecombined EtherChannel between the vPC peer devices and the downstream device.

vPC peer device—Oneof a pair of devices that are connected with the special EtherChannel known as the vPC peer link.

vPC peer link—Thelink used to synchronize states between the vPC peer devices.

vPC member port—Interfacesthat belong to the vPCs.

Host vPC port—FabricExtender host interfaces that belong to a vPC.

vPC domain—Thisdomain includes both vPC peer devices, the vPCpeer-keepalivelink, and all of the port channels in the vPC connected to the downstream devices. It is also associated to the configuration modethatyoumustusetoassignvPCglobalparameters. ThevPCdomainIDmustbethesameonboth switches.

vPC peer-keepalivelink—Thepeer-keepalivelink monitors the vitality of a vPC peer Cisco Nexus device. Thepeer-keepalivelink sends configurable, periodic keepalive messages between vPC peer devices.

No data or synchronization traffic moves over the vPC peer-keepalivelink; the only traffic on this link is a message that indicates that the originating switch is operating and running vPCs.

Fabric Extender Terminology

The terminology used for the Cisco Nexus Fabric Extender is as follows:

Fabricinterface—A10-GigabitEthernetuplinkportdesignatedforconnectionfromtheFabricExtendertoitsparentswitch.Afabricinterfacecannotbeusedforanyotherpurpose.Itmustbedirectlyconnected to the parent switch.

EtherChannel fabric interface—AnEtherChannel uplink connection from the Fabric Extender to its parent switch. This connection consists of fabric interfaces bundled into a single logical channel.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

67

Configuring Virtual Port Channels

Supported vPC Topologies

Hostinterface—AnEthernetinterfaceforserverorhostconnectivity.Theseportsare1-GigabitEthernetinterfaces or10-GigabitEthernet interfaces, depending on the fabric extender model.

EtherChannel host interface—AnEtherChannel downlink connection from the Fabric Extender host interface to a server port.

Note AnEtherChannelhostinterfaceconsistsofonlyonehostinterfaceandcanbeconfigured either as a Link Aggregation Control Protocol (LACP) ornon-LACPEtherChannel.

Supported vPC Topologies

Cisco Nexus 5000 Series Switch vPC Topology

You can connect a pair of Cisco Nexus 5000 Series switches or a pair of Cisco Nexus 5500 Series switches in a vPC directly to another switch or to a server. vPC peer switches must be of the same type, for example, you can connect a pair of Nexus 5000 series switches or a pair of Nexus 5500 Series switches but you cannot connect a Nexus 5000 Series switch to a Nexus 5500 Series switch in a vPC topology. Up to 8 interfaces couldbeconnectedtoeachCiscoNexus5000Seriesswitchproviding16interfacesbundledforthevPCpair. The topology that is shown in the following figure provides the vPC functionality to dual connected switches or servers with 10-Gigabitor1-GigabitEthernet uplink interfaces.

Figure 6: Switch-to-SwitchvPC Topology

Note The first 8 ports on the Cisco Nexus 5010 switch and the first 16 ports on the Cisco Nexus 5020 switchareswitchable1-Gigabitand10-Gigabitports.YoucanenablevPCfunctionalityontheseportsin1-Gigabitmode.

The switch connected to the pair of Cisco Nexus 5000 Series switches can be any standards-basedEthernet switch. Common environments to use this configuration include Blade Chassis with dual switches connected to the pair of Cisco Nexus 5000 Series switches through vPC or Unified Computing Systems connected to the pair of Cisco Nexus 5000 Series switches.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

68

78-26881-OL

Configuring Virtual Port Channels

Supported vPC Topologies

Single Homed Fabric Extender vPC Topology

You can connect a server with dual or quad or more network adapters that are configured in a vPC to a pair of Cisco Nexus Fabric Extenders which are connected to the Cisco Nexus devices as depicted. Depending on the FEX model, you may be able to connect one or more network adapter interfaces to each fabric extender. As an example, the following figure refers to a topology built with the Cisco Nexus 2148T fabric extender, where a server has one link only to each fabric extender. A topology with Cisco Nexus 2248TP or with Cisco Nexus 2232PP fabric extender could consist of more links from the server to a single fabric extender.

. The topology that is shown in the following figure provides the vPC functionality to dual homed servers with 1-GigabitEthernet uplink interfaces.

Figure 7: Single Homed Fabric Extender vPC Topology

TheCiscoNexusdevicecansupportupto12configuredsinglehomedFabricExtenders(576ports)withthis

topologyhoweveronly480576dualhomedhostserverscanbeconfiguredinavPCswiththisconfiguration.

Note The Cisco Nexus 2148T fabric extender does not support EtherChannels on its host interfaces. Therefore amaximumoftwolinkscanbeconfiguredinanEtherChannelfromtheserverwhereeachlinkisconnected to a separate Fabric Extender.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

69

Configuring Virtual Port Channels

vPC Domain

Dual Homed Fabric Extender vPC Topology

You can connect the Cisco Nexus Fabric Extender to two upstream Cisco Nexus devices and downstream to anumberofsinglehomedservers. ThetopologyshowninthefollowingfigureprovidesthevPCfunctionality to singly connected servers with 1-GigabitEthernet uplink interfaces.

Figure 8: Dual Homed Fabric Extender vPC Topology

The Cisco Nexus device can support up to 12 configured dual homed Fabric Extenders with this topology. A maximum of 576 single homed servers can be connected to this configuration.

vPC Domain

To create a vPC domain, you must first create a vPC domain ID on each vPC peer switch using a number from 1 to 1000. This ID must be the same on a set of vPC peer devices.

You can configure the EtherChannels and vPC peer links by using LACP or no protocol. When possible, we recommend that you use LACP on the peer-link,because LACP provides configuration checks against a configuration mismatch on the EtherChannel.

ThevPCpeerswitchesusethevPCdomainIDthatyouconfiguretoautomaticallyassignauniquevPCsystem MACaddress. EachvPCdomainhasauniqueMACaddressthatisusedasauniqueidentifierforthespecific vPC-relatedoperations, although the switches use the vPC system MAC addresses only forlink-scopeoperations, such as LACP. We recommend that you create each vPC domain within the contiguous network with a unique domain ID. You can also configure a specific MAC address for the vPC domain, rather than having the CiscoNX-OSsoftware assign the address.

ThevPCpeerswitchesusethevPCdomainIDthatyouconfiguretoautomaticallyassignauniquevPCsystem MACaddress.TheswitchesusethevPCsystemMACaddressesonlyforlink-scopeoperations,suchasLACPor BPDUs. You can also configure a specific MAC address for the vPC domain.

Cisco recommends that you configure the same VPC domain ID on both peers and, the domain ID should be unique in the network. For example, if there are two different VPCs (one in access and one in aggregation) then each vPC should have a unique domain ID.

After you create a vPC domain, the Cisco NX-OSsoftware automatically creates a system priority for the vPC domain. You can also manually configure a specific system priority for the vPC domain.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

70

78-26881-OL

Configuring Virtual Port Channels

Peer-KeepaliveLink and Messages

Note If you manually configure the system priority, you must ensure that you assign the same priority value on both vPC peer switches. If the vPC peer switches have different system priority values, the vPC will not come up.

Peer-KeepaliveLink and Messages

TheCiscoNX-OSsoftwareusesapeer-keepalivelinkbetweenthevPCpeerstotransmitperiodic,configurablekeepalivemessages.YoumusthaveLayer3connectivitybetweenthepeerswitchestotransmitthesemessages; the system cannot bring up the vPC peer link unless apeer-keepalivelink is already up and running.

If one of the vPC peer switches fails, the vPC peer switch on the other side of the vPC peer link senses the failure when it does not receive any peer-keepalivemessages. The default interval time for the vPCpeer-keepalivemessageis1second.Youcanconfiguretheintervalbetween400millisecondsand10seconds.Youcanalsoconfigureatimeoutvaluewitharangeof3to20seconds;thedefaulttimeoutvalueis5seconds. Thepeer-keepalivestatus is checked only when thepeer-linkgoes down.

The vPC peer-keepalivecan be carried either in the management or default VRF on the Cisco Nexus device. When you configure the switches to use the management VRF, the source and destination for the keepalive messages are the mgmt 0 interface IP addresses. When you configure the switches to use the default VRF, an SVI must be created to act as the source and destination addresses for the vPCpeer-keepalivemessages.

Ensure that both the source and destination IP addresses used for the peer-keepalivemessages are unique inyournetworkandtheseIPaddressesarereachablefromtheVRFassociatedwiththevPCpeer-keepalivelink.

Note We recommend that you configure the vPCpeer-keepalivelink on the Cisco Nexus device to run in the management VRF using the mgmt 0 interfaces. If you configure the default VRF, ensure that the vPC peer link is not used to carry the vPCpeer-keepalivemessages.

Compatibility Parameters for vPC Peer Links

ManyconfigurationandoperationalparametersmustbeidenticalonallinterfacesinthevPC.Afteryouenable thevPCfeatureandconfigurethepeerlinkonbothvPCpeerswitches,CiscoFabricServices(CFS)messages provideacopyoftheconfigurationonthelocalvPCpeerswitchconfigurationtotheremotevPCpeerswitch. The system then determines whether any of the crucial configuration parameters differ on the two switches.

Enter the show vpc consistency-parameters command to display the configured values on all interfaces in the vPC. The displayed configurations are only those configurations that would limit the vPC peer link and vPC from coming up.

The compatibility check process for vPCs differs from the compatibility check for regular EtherChannels.

Configuration Parameters That Must Be Identical

The configuration parameters in this section must be configured identically on both switches at either end of the vPC peer link.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

71

Configuring Virtual Port Channels

Compatibility Parameters for vPC Peer Links

Note YoumustensurethatallinterfacesinthevPChavetheidenticaloperationalandconfigurationparameters

listed in this section.

Enter the show vpc consistency-parameters command to display the configured values on all interfaces in the vPC. The displayed configurations are only those configurations that would limit the vPC peer link and vPC from coming up.

TheswitchautomaticallycheckforcompatibilityoftheseparametersonthevPCinterfaces. Theper-interfaceparameters must be consistent per interface, and the global parameters must be consistent globally.

Port-channelmode: on, off, or active

Link speed per channel

Duplex mode per channel

Trunk mode per channel:

Native VLAN

VLANs allowed on trunk

Tagging of native VLAN traffic

Spanning Tree Protocol (STP) mode

STP region configuration for Multiple Spanning Tree (MST)

Enable or disable state per VLAN

STP global settings:

Bridge Assurance setting

Port type setting—Werecommend that you set all vPC interfaces as normal ports

Loop Guard settings

STP interface settings:

Port type setting

Loop Guard

Root Guard

For the Fabric Extender vPC topology, all the interface level parameters mentioned above should be identically configured for host interface from both the switches.

Fabric Extender FEX number configured on an EtherChannel fabric interface; for the Fabric Extender vPC toplogy.

If any of these parameters are not enabled or defined on either switch, the vPC consistency check ignores those parameters.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

72

78-26881-OL

Configuring Virtual Port Channels

Graceful Type-1Check

Note To ensure that none of the vPC interfaces are in the suspend mode, enter theshow vpc brief andshow vpc consistency-parameters commands and check the syslog messages.

Configuration Parameters That Should Be Identical

When any of the following parameters are not configured identically on both vPC peer switches, a misconfiguration may cause undesirable behavior in the traffic flow:

MAC aging timers

Static MAC entries

VLANinterface—EachswitchontheendofthevPCpeerlinkmusthaveaVLANinterfaceconfiguredfor the same VLAN on both ends and they must be in the same administrative and operational mode. Those VLANs configured on only one switch of the peer link do not pass traffic using the vPC or peer link. You must create all VLANs on both the primary and secondary vPC switches, or the VLAN will be suspended.

Private VLAN configuration

All ACL configurations and parameters

Quality of service (QoS) configuration and parameters—Localparameters; global parameters must be identical

STP interface settings:

BPDU Filter

BPDU Guard

Cost

Link type

Priority

VLANs (Rapid PVST+)

To ensure that all the configuration parameters are compatible, we recommend that you display the configurations for each vPC peer switch once you configure the vPC.

Graceful Type-1Check

Beginning with Cisco NX--OSRelease 5.0(2)N2(1), when a consistency check fails, vPCs are brought down only on the secondary vPC switch. The VLANs remain up on the primary switch andType-1configurations can be performed without traffic disruption. This feature is used both in the case of global as well asinterface-specificType-1inconsistencies.

Thisfeatureisnotenabledfordual-activeFEXports.WhenaType-1mismatchoccurs,VLANsaresuspendedon these ports on both switches.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

73

Configuring Virtual Port Channels

Per-VLANConsistency Check

Per-VLANConsistency Check

Beginning with Cisco NX-OSRelease 5.0(2)N2(1), someType-1consistency checks are performed on aper-VLANbasiswhenspanningtreeisenabledordisabledonaVLAN.VLANsthatdonotpasstheconsistencycheck are brought down on both the primary and secondary switches while other VLANs are not affected.

vPC Auto-Recovery

Beginning with Cisco NX-OSRelease 5.0(2)N2(1), the vPCauto-recoveryfeaturere-enablesvPC links in the following scenarios:

WhenbothvPCpeerswitchesreloadandonlyoneswitchreboots,auto-recoveryallowsthatswitchtoassumethe role of the primary switch and the vPC links will be allowed to come up after a predetermined period of time. The reload delay period in this scenario can range from240-3600seconds.

WhenvPCsaredisabledonasecondaryvPCswitchduetoapeer-linkfailureandthentheprimaryvPCswitchfails or is unable to forward traffic, the secondary switchre-enablesthe vPCs. In this scenario, the vPC waits for three consecutivekeep-alivefailures to recover the vPC links.

The vPC auto-recoveryfeature is disabled by default.

vPC Peer Links

A vPC peer link is the link that is used to synchronize the states between the vPC peer devices.

Note You must configure thepeer-keepalivelink before you configure the vPC peer link or the peer link will not come up.

vPC Peer Link Overview

You can have only two switches as vPC peers; each switch can serve as a vPC peer to only one other vPC peer. The vPC peer switches can also have non-vPClinks to other switches.

To make a valid configuration, you configure an EtherChannel on each switch and then configure the vPC domain. YouassigntheEtherChanneloneachswitchasapeerlink. Forredundancy,werecommendthatyou should configure at least two dedicated ports into the EtherChannel; if one of the interfaces in the vPC peer link fails, the switch automatically falls back to use another interface in the peer link.

Note We recommend that you configure the EtherChannels in trunk mode.

Many operational parameters and configuration parameters must be the same in each switch connected by a vPC peer link. Because each switch is completely independent on the management plane, you must ensure that the switches are compatible on the critical parameters. vPC peer switches have separate control planes. After configuring the vPC peer link, you should display the configuration on each vPC peer switch to ensure that the configurations are compatible.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

74

78-26881-OL

Configuring Virtual Port Channels

vPC Number

Note You must ensure that the two switches connected by the vPC peer link have certain identical operational and configuration parameters.

When you configure the vPC peer link, the vPC peer switches negotiate that one of the connected switches is the primary switch and the other connected switch is the secondary switch. By default, the Cisco NX-OSsoftware uses the lowest MAC address to elect the primary switch. The software takes different actions on eachswitch—thatis, the primary andsecondary—onlyin certain failover conditions. If the primary switch fails,thesecondaryswitchbecomestheoperationalprimaryswitchwhenthesystemrecovers,andthepreviously primary switch is now the secondary switch.

You can also configure which of the vPC switches is the primary switch. If you want to configure the role priorityagaintomakeonevPCswitchtheprimaryswitch,configuretherolepriorityonboththeprimaryand secondary vPC switches with the appropriate values, shut down the EtherChannel that is the vPC peer link on both switches by entering the shutdown command, and reenable the EtherChannel on both switches by entering theno shutdown command.

MAC addresses that are learned over vPC links are also synchronized between the peers.

Configuration information flows across the vPC peer links using the Cisco Fabric Services over Ethernet (CFSoE) protocol. All MAC addresses for those VLANs configured on both switches are synchronized between vPC peer switches. The software uses CFSoE for this synchronization.

IfthevPCpeerlinkfails,thesoftwarechecksthestatusoftheremotevPCpeerswitchusingthepeer-keepalivelink, which is a link between vPC peer switches, to ensure that both switches are up. If the vPC peer switch isup,thesecondaryvPCswitchdisablesallvPCportsonitsswitch.Thedatathenforwardsdowntheremaining active links of the EtherChannel.

The software learns of a vPC peer switch failure when the keepalive messages are not returned over the peer-keepalivelink.

Useaseparatelink(vPCpeer-keepalivelink)tosendconfigurablekeepalivemessagesbetweenthevPCpeerswitches. The keepalive messages on the vPCpeer-keepalivelink determines whether a failure is on the vPC peer link only or on the vPC peer switch. The keepalive messages are used only when all the links in the peer link fail.

vPC Number

Once you have created the vPC domain ID and the vPC peer link, you can create EtherChannels to attach the downstream switch to each vPC peer switch. That is, you create one single EtherChannel on the downstream switch with half of the ports to the primary vPC peer switch and the other half of the ports to the secondary peer switch.

OneachvPCpeerswitch,youassignthesamevPCnumbertotheEtherChannelthatconnectstothedownstream switch. You will experience minimal traffic disruption when you are creating vPCs. To simplify the configuration, you can assign the vPC ID number for each EtherChannel to be the same as the EtherChannel itself (that is, vPC ID 10 for EtherChannel 10).

Note The vPC number that you assign to the EtherChannel connecting to the downstream switch from the vPC peer switch must be identical on both vPC peer switches.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

75

Configuring Virtual Port Channels

vPC Interactions with Other Features

vPC Interactions with Other Features

Configuring vPC Peer Links and Links to the Core

Configure the command line interface by using a track object and a track list that is associated with the Layer 3 link to the core and on all vPC peer links on both vPC peer devices. You use this configuration to avoid dropping traffic if that particular module goes down because when all the tracked objects on the track list go down, the system does the following:

Stops the vPC primary peer device sending peer-keepalivemessages which forces the vPC secondary peer device to take over.

BringsdownallthedownstreamvPCsonthatvPCpeerdevice,whichforcesallthetraffictobererouted in the access switch toward the other vPC peer device.

Once you configure this feature and if the module fails, the system automatically suspends all the vPC links ontheprimaryvPCpeerdeviceandstopsthepeer-keepalivemessages.ThisactionforcesthevPCsecondary device to take over the primary role and all the vPC traffic to go to this new vPC primary device until the system stabilizes.

CreateatracklistthatcontainsallthelinkstothecoreandallthevPCpeerlinksasitsobject. Enabletracking for the specified vPC domain for this track list. Apply this same configuration to the other vPC peer device.

Before You Begin

To configure a track list to switch over vPC to the remote peer when all related interfaces fail:

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# interface type slot/port

Enters interface configuration mode.

Step 3

switch(config-if)#track track-id interface

Configures the track objects on an interface

 

type slot/portline-protocol

(Layer 3 to core).

Step 4

switch(config-track)#track track-id

Tracks the objects on an interface (Layer 3 to

 

interface type slot/port line-protocol

core).

Step 5

switch(config)# track track-id interface

Configures the track objects on a port channel

 

port-channelport line-protocol

(vPC peer link).

Step 6

switch(config)#tracktrack-id listboolean

Createsatracklistthatcontainsalltheinterfaces

 

[OR| AND]

in the track list using the Boolean OR to trigger

 

 

when all the objects fail. or trigger a switchover

 

 

when any core interface or peer-linkgoes down

 

 

using Boolean AND.

Step 7

switch(config-track)#object number

Specifiecs the object number.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

76

78-26881-OL

Configuring Virtual Port Channels

vPC Interactions with Other Features

 

Command or Action

Purpose

Step 8

switch(config-track)#end

Exits track configuration mode.

Step 9

switch(config)# vpc domain domain-id

Enters vPC domain configuration.

Step 10

switch(config-vpc-domain)#tracknumber

Adds the track object to the vPC domain.

Step 11

switch(config)# show vpc brief

(Optional)

 

 

Displays the track object.

Step 12

switch(config)# copyrunning-config

(Optional)

 

startup-config

Savesthechangepersistentlythroughrebootsand

 

 

restarts by copying the running configuration to

 

 

the startup configuration.

This example shows how to configure a track list to trigger when all the objects fail using Boolean OR:

switch# configure terminal switch(config)#interface ethernet 8/35

switch(config-if)# track 35 interface ethernet 8/35line-protocolswitch(config-track)# track 23 interface ethernet 8/33line-protocolswitch(config)# track 55 interfaceport-channel100line-protocolswitch(config)# track 44 list boolean OR

switch(config-track)#object 23 switch(config-track)#object 35 switch(config-track)#object 55 switch(config-track)#end switch(config)#vpc domain 1 switch(config-vpc-domain)#track 44

switch(config)# copyrunning-configstartup-config

vPC and LACP

The Link Aggregation Control Protocol (LACP) uses the system MAC address of the vPC domain to form the LACP Aggregation Group (LAG) ID for the vPC.

You can use LACP on all the vPC EtherChannels, including those channels from the downstream switch. We recommend that you configure LACP with active mode on the interfaces on each EtherChannel on the vPC peerswitches.Thisconfigurationallowsyoutomoreeasilydetectcompatibilitybetweenswitches,unidirectional links, and multihop connections, and provides dynamic reaction to run-timechanges and link failures.

The vPC peer link supports 16 EtherChannel interfaces.

Note When manually configuring the system priority, you must ensure that you assign the same priority value on both vPC peer switches. If the vPC peer switches have different system priority values, vPC will not come up.

vPC Peer Links and STP

When you first bring up the vPC functionality, STP reconverges. STP treats the vPC peer link as a special link and always includes the vPC peer link in the STP active topology.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

77

Configuring Virtual Port Channels

vPC Interactions with Other Features

We recommend that you set all the vPC peer link interfaces to the STP network port type so that Bridge Assurance is automatically enabled on all vPC peer links. We also recommend that you do not enable any of the STP enhancement features on VPC peer links.

You must configure a list of parameters to be identical on the vPC peer switches on both sides of the vPC peer link.

STPisdistributed;thatis,theprotocolcontinuesrunningonbothvPCpeerswitches.However,theconfiguration on the vPC peer switch elected as the primary switch controls the STP process for the vPC interfaces on the secondary vPC peer switch.

The primary vPC switch synchronizes the STP state on the vPC secondary peer switch using Cisco Fabric Services over Ethernet (CFSoE).

The vPC manager performs a proposal/handshake agreement between the vPC peer switches that sets the primaryandsecondaryswitchesandcoordinatesthetwoswitchesforSTP. TheprimaryvPCpeerswitchthen controls the STP protocol for vPC interfaces on both the primary and secondary switches.

The Bridge Protocol Data Units (BPDUs) use the MAC address set for the vPC for the STP bridge ID in the designated bridge ID field. The vPC primary switch sends these BPDUs on the vPC interfaces.

Note Display the configuration on both sides of the vPC peer link to ensure that the settings are identical. Use theshow spanning-tree command to display information about the vPC.

vPC and ARP

Table synchronization across vPC peers is managed in Cisco NX-OSusing the reliable transport mechanism oftheCiscoFabricServicesoverEthernet(CFSoE)protocol. Tosupportfasterconvergenceofaddresstables between the vPC peers, theip arp synchronize command must be enabled. This convergence is designed to overcome the delay involved in ARP table restoration when thepeer-linkport channel flaps or when a vPC peer comes back online.

Toimproveperformance,werecommendthatyouturnontheARPsyncfeature. Bydefault,itisnotenabled.

To check whether or not ARP sync is enabled, enter the following command:

switch# show running

To enable ARP sync, enter the following command:

switch(config-vpc-domain)#ip arp synchronize

CFSoE

The Cisco Fabric Services over Ethernet (CFSoE) is a reliable state transport mechanism that you can use to synchronizetheactionsofthevPCpeerdevices.CFSoEcarriesmessagesandpacketsformanyfeatureslinked with vPC, such as STP and IGMP. Information is carried in CFS/CFSoE protocol data units (PDUs).

WhenyouenablethevPCfeature,thedeviceautomaticallyenablesCFSoE,andyoudonothavetoconfigure anything. CFSoE distributions for vPCs do not need the capabilities to distribute over IP or the CFS regions. You do not need to configure anything for the CFSoE feature to work correctly on vPCs.

You can use the show mac address-table command to display the MAC addresses that CFSoE synchronizes for the vPC peer link.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78

78-26881-OL

Configuring Virtual Port Channels

vPC Peer Switch

Note Do not enter theno cfs eth distribute or theno cfs distribute command. CFSoE must be enabled for vPC functionality. If you do enter either of these commands when vPC is enabled, the system displays an error message.

When you enter the show cfs application command, the output displays"Physical-eth,"which shows the applications that are using CFSoE.

vPC Peer Switch

The vPC peer switch feature addresses performance concerns around STP convergence. This feature allows a pair of Cisco Nexus devices to appear as a single STP root in the Layer 2 topology. This feature eliminates the need to pin the STP root to the vPC primary switch and improves vPC convergence if the vPC primary switch fails.

To avoid loops, the vPC peer link is excluded from the STP computation. In vPC peer switch mode, STP BPDUsaresentfrombothvPCpeerdevicestoavoidissuesrelatedtoSTPBPDUtimeoutonthedownstream switches, which can cause traffic disruption.

This feature can be used with the pure peer switch topology in which the devices all belong to the vPC.

Note Peer-switchfeature is supported on networks that use vPC andSTP-basedredundancy is not supported. If the vPCpeer-linkfail in a hybridpeer-switchconfiguration, you can lose traffic. In this scenario, the vPC peers use the same STP root ID as well same bridge ID. The access switch traffic is split in two with half going to the first vPC peer and the other half to the second vPC peer. With the peer link failed, there is no impact on north/south traffic buteast-westtraffic will be lost(black-holed).

For information on STP enhancement features and Rapid PVST+, see the Layer 2 Switching Configuration Guide for your device.

Guidelines and Limitations for vPCs

vPC has the following configuration guidelines and limitations:

You must enable the vPC feature before you can configure vPC peer-linkand vPC interfaces.

You must configure the peer-keepalivelink before the system can form the vPC peer link.

The vPC peer-linkneeds to be formed using a minimum of two10-GigabitEthernet interfaces.

You can connect a pair of Cisco Nexus 5000 Series switches or a pair of Cisco Nexus 5500 Series switches in a vPC directly to another switch or to a server. vPC peer switches must be of the same type, for example, you can connect a pair of Nexus 5000 series switches or a pair of Nexus 5500 Series switches but you cannot connect a Nexus 5000 Series switch to a Nexus 5500 Series switch in a vPC topology.

OnlyportchannelscanbeinvPCs.AvPCcanbeconfiguredonanormalportchannel(switch-to-switchvPC topology), on a port channel fabric interface (fabric extender vPC topology), and on a port channel host interface (host interface vPC topology).

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

79

Configuring Virtual Port Channels

Configuring vPCs

AFabricExtendercanbeamemberofaHostInterfacevPCtopologyoraFabricExtendervPCtopology but not both simultaneously.

YoumustconfigurebothvPCpeerswitches;theconfigurationisnotautomaticallysynchronizedbetween the vPC peer devices.

Check that the necessary configuration parameters are compatible on both sides of the vPC peer link.

You may experience minimal traffic disruption while configuring vPCs.

You should configure all the port channels in the vPC using LACP with the interfaces in active mode.

Whenthe peer-switch commandisconfiguredandvPCkeepalivemessagesexchangedthroughanSVI instead of a management interface, additional Spanning Tree Protocol (STP) configuration is required. STP needs to be disabled on the dedicated link that carries the keepalive traffic between the vPC peers. You can disable STP on the dedicated link by configuring STP BPDUfilter on the both ends of the dedicated link. We recommend that the VLAN of the vPC keepalive SVI be allowed on only the interconnecting dedicated link and disallowed on all other links, including the peer link.

Configuring vPCs

Enabling vPCs

You must enable the vPC feature before you can configure and use vPCs.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# feature vpc

Enables vPCs on the switch.

Step 3

switch# show feature

(Optional)

 

 

Displays which features are enabled on the

 

 

switch.

Step 4

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to enable the vPC feature:

switch# configure terminalswitch(config)# feature vpc

Disabling vPCs

You can disable the vPC feature.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

80

78-26881-OL

Configuring Virtual Port Channels

Creating a vPC Domain

Note When you disable the vPC feature, the Cisco Nexus device clears all the vPC configurations.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# no feature vpc

Disables vPCs on the switch.

Step 3

switch# show feature

(Optional)

 

 

Displays which features are enabled on the

 

 

switch.

Step 4

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to disable the vPC feature:

switch# configure terminalswitch(config)# no feature vpc

Creating a vPC Domain

You must create identical vPC domain IDs on both the vPC peer devices. This domain ID is used to automatically form the vPC system MAC address.

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure both switches on either side of the vPC peer link with the following procedure.

Procedure

 

Command or Action

Purpose

 

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vpc domain

Creates a vPC domain on the switch, and enters the

 

domain-id

vpc-domainconfiguration mode. There is no default

 

 

domain-id ; the range is from 1 to 1000.

 

 

Note

You can also use the vpc domain command to

 

 

 

enter the vpc-domainconfiguration mode for an

 

 

 

existing vPC domain.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

81

Configuring Virtual Port Channels

Configuring a vPC Keepalive Link and Messages

 

Command or Action

Purpose

Step 3

switch# show vpc brief

(Optional)

 

 

Displays brief information about each vPC domain.

Step 4

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to create a vPC domain:

switch# configure terminalswitch(config)# vpc domain 5

Configuring a vPC Keepalive Link and Messages

YoucanconfigurethedestinationIPforthepeer-keepalivelinkthatcarriesthekeepalivemessages.Optionally,you can configure other parameters for the keepalive messages.

The Cisco Nexus 5500 Platform switches support VRF lite with Layer 3 modules and with the Base or LAN-Enterpriselicense installed. This capability allows you to create a VRF and assign a specific interface to the VRF. Prior to this release, two VRFs are created by default: VRF management and VRF default. The mgmt0 interface and all SVI interfaces reside in VRF management and default.

The Cisco NX-OSsoftware uses thepeer-keepalivelink between the vPC peers to transmit periodic, configurable keepalive messages. You must have Layer 3 connectivity between the peer devices to transmit these messages. The system cannot bring up the vPC peer link unless thepeer-keepalivelink is already up and running.

Ensure that both the source and destination IP addresses used for the peer-keepalivemessage are unique in yournetworkandtheseIPaddressesarereachablefromtheVirtualRoutingandForwarding(VRF)associated with the vPCpeer-keepalivelink.

Note We recommend that you configure a separate VRF instance and put a Layer 3 port from each vPC peer switch into that VRF for the vPCpeer-keepalivelink. Do not use the peer link itself to send vPCpeer-keepalivemessages. For information on creating and configuring VRFs, see the Unicast Routing Configuration Guide for your device.

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure the vPC peer-keepalivelink before the system can form the vPC peer link.

You must configure both switches on either side of the vPC peer link with the following procedure.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

82

78-26881-OL

Configuring Virtual Port Channels

Configuring a vPC Keepalive Link and Messages

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vpc domain domain-id

Creates a vPC domain on the switch if it does

 

 

not already exist, and enters the vpc-domain

 

 

configuration mode.

Step 3 switch(config-vpc-domain)#peer-keepalive destination ipaddress [hold-timeout secs |interval msecs {timeout secs} |precedence {prec-value |network |internet |critical |flash-override |flash |immediate priority |routine} |tos {tos-value |max-reliability |max-throughput |min-delay |min-monetary-cost |normal} |tos-byte tos-byte-value}|source ipaddress |vrf {name

| managementvpc-keepalive}]

Step 4 switch(config-vpc-domain)#vpc peer-keepalive destination ipaddress source ipaddress

Configures the IPv4 address for the remote end of the vPC peer-keepalivelink.

Note ThesystemdoesnotformthevPCpeer

link until you configure a vPC

peer-keepalivelink.

ThemanagementportsandVRFarethedefaults

(Optional)

Configures a separate VRF instance and puts a Layer3portfromeachvPCpeerdeviceintothat VRF for the vPC peer-keepalivelink.

Step 5

switch# show vpcpeer-keepalive

(Optional)

 

 

Displaysinformationabouttheconfigurationfor

 

 

the keepalive messages.

Step 6

switch# copyrunning-configstartup-config

(Optional)

 

 

Copies the running configuration to the startup

 

 

configuration.

This example shows how to configure the destination IP address for the vPC-peer-keepalivelink:

switch# configure terminalswitch(config)# vpc domain 5

switch(config-vpc-domain)# peer-keepalivedestination 10.10.10.42

This example shows how to set up the peer keepalive link connection between the primary and secondary vPC device:

switch(config)# vpc domain

100

switch(config-vpc-domain)#

peer-keepalivedestination 192.168.2.2 source 192.168.2.1

Note:--------

:: Management

VRF will be used as the default VRF ::--------

switch(config-vpc-domain)#

 

This example shows how to create a separate VRF named vpc_keepalive for the vPC keepalive link and how to verify the new VRF:

This example shows how to create a separate VRF named vpc_keepalive for the vPC keepalive link and how to verify the new VRF:

vrf context vpc_keepalive

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

83

Configuring Virtual Port Channels

Creating a vPC Peer Link

interface Ethernet1/31 switchport access vlan 123

interface Vlan123

vrf member vpc_keepalive ip address 123.1.1.2/30 no shutdown

vpc domain 1

peer-keepalivedestination 123.1.1.1 source 123.1.1.2 vrf

vpc_keepalive

 

 

L3-NEXUS-2# sh vpcpeer-keepalive

 

vPC keep-alivestatus

: peer is alive

--Peeris alive for

:

(154477) seconds, (908) msec

--Sendstatus

:

Success

--Lastsend at

:

2011.01.14 19:02:50 100 ms

--Senton interface

:

Vlan123

--Receivestatus

:

Success

--Lastreceive at

:

2011.01.14 19:02:50 103 ms

--Receivedon interface

:

Vlan123

--Lastupdate from peer

:

(0) seconds, (524) msec

vPC Keep-aliveparameters

: 123.1.1.1

--Destination

--Keepaliveinterval

:

1000 msec

--Keepalivetimeout

:

5 seconds

--Keepalivehold timeout

:

3 seconds

--Keepalivevrf

:

vpc_keepalive

--Keepaliveudp port

:

3200

--Keepalivetos

:

192

The services provided by the switch , such as ping, ssh, telnet, radius, are VRF aware. The VRF name need to be configured or specified in order for the correct routing table to be used. L3-NEXUS-2#ping 123.1.1.1 vrf vpc_keepalive

PING 123.1.1.1 (123.1.1.1): 56 data bytes

64 bytes from 123.1.1.1: icmp_seq=0 ttl=254 time=3.234 ms 64 bytes from 123.1.1.1: icmp_seq=1 ttl=254 time=4.931 ms 64 bytes from 123.1.1.1: icmp_seq=2 ttl=254 time=4.965 ms 64 bytes from 123.1.1.1: icmp_seq=3 ttl=254 time=4.971 ms 64 bytes from 123.1.1.1: icmp_seq=4 ttl=254 time=4.915 ms

---123.1.1.1 ping statistics---

5 packets transmitted, 5 packets received, 0.00% packet loss round-tripmin/avg/max = 3.234/4.603/4.971 ms

Creating a vPC Peer Link

YoucancreateavPCpeerlinkbydesignatingtheEtherChannelthatyouwantoneachswitchasthepeerlink for the specified vPC domain. We recommend that you configure the EtherChannels that you are designating as the vPC peer link in trunk mode and that you use two ports on separate modules on each vPC peer switch for redundancy.

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure both switches on either side of the vPC peer link with the following procedures

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

84

78-26881-OL

Configuring Virtual Port Channels

Creating a vPC Peer Link

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface

Selects the EtherChannel that you want to use as the

 

port-channel channel-number

vPC peer link for this switch, and enters the interface

 

 

configuration mode.

Step 3

switch(config-if)#vpc peer-link

Configures the selected EtherChannel as the vPC peer

 

 

link, and enters the vpc-domainconfiguration mode.

Step 4

switch# show vpc brief

(Optional)

 

 

Displays information about each vPC, including

 

 

information about the vPC peer link.

Step 5

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to configure a vPC peer link:

switch# configure terminalswitch(config)# interfaceport-channel20switch(config-if)# vpcpeer-link

Checking the Configuration Compatibility

After you have configured the vPC peer link on both vPC peer switches, check that the configurations are consistent on all vPC interfaces.

Note Beginning with CiscoNX-OSRelease 5.0(2)N1(1), the following QoS parameters support Type 2 consistency checks:

Network QoS—MTUand Pause

Input Queuing —Bandwidthand Absolute Priority

Output Queuing—Bandwidthand Absolute Priority

In the case of a Type 2 mismatch, the vPC is not suspended. Type 1 mismatches suspend the vPC.

Parameter

Default Setting

switch# show vpcconsistency-parameters{global

Displays the status of those parameters that must be

| interfaceport-channelchannel-number}

consistent across all vPC interfaces.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

85

Configuring Virtual Port Channels

Enabling vPC Auto-Recovery

ThisexampleshowshowtocheckthattherequiredconfigurationsarecompatibleacrossallthevPCinterfaces: switch# show vpcconsistency-parametersglobal

Legend:

Type 1 : vPC will be suspended in case of mismatch

Name

Type

Local Value

Peer Value

--------------------------------------------------------------

QoS

2

([], [], [], [], [],

([], [], [], [], [],

 

 

[])

[])

Network QoS (MTU)

2

(1538, 0, 0, 0, 0, 0)

(1538, 0, 0, 0, 0, 0)

Network Qos (Pause)

2

(F, F, F, F, F, F)

(1538, 0, 0, 0, 0, 0)

Input Queuing (Bandwidth)

2

(100, 0, 0, 0, 0, 0)

(100, 0, 0, 0, 0, 0)

Input Queuing (Absolute

2

(F, F, F, F, F, F)

(100, 0, 0, 0, 0, 0)

Priority)

2

(100, 0, 0, 0, 0, 0)

(100, 0, 0, 0, 0, 0)

Output Queuing (Bandwidth)

Output Queuing (Absolute

2

(F, F, F, F, F, F)

(100, 0, 0, 0, 0, 0)

Priority)

1

Rapid-PVST

Rapid-PVST

STP Mode

STP Disabled

1

None

None

STP MST Region Name

1

""

""

STP MST Region Revision

1

0

0

STP MST Region Instance to

1

 

 

VLAN Mapping

 

 

 

STP Loopguard

1

Disabled

Disabled

STP Bridge Assurance

1

Enabled

Enabled

STP Port Type, Edge

1

Normal, Disabled,

Normal, Disabled,

BPDUFilter, Edge BPDUGuard

1

Disabled

Disabled

STP MST Simulate PVST

Enabled

Enabled

Allowed VLANs

-

1,624

1

Local suspended VLANs

-

624

-

switch#

 

 

 

ThisexampleshowshowtocheckthattherequiredconfigurationsarecompatibleforanEtherChannelinterface: switch# show vpcconsistency-parametersinterfaceport-channel20

Legend:

Type 1 : vPC will be suspended in case of mismatch

Name

Type

Local Value

Peer Value

-------------

----

----------------------

-----------------------

Fex id

1

20

20

STP Port Type

1

Default

Default

STP Port Guard

1

None

None

STP MST Simulate PVST

1

Default

Default

mode

1

on

on

Speed

1

10 Gb/s

10 Gb/s

Duplex

1

full

full

Port Mode

1

fex-fabric

fex-fabric

Shut Lan

1

No

No

Allowed VLANs

-

1,3-3967,4048-4093

1-3967,4048-4093

Enabling vPC Auto-Recovery

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vpc domain domain-id

Enters vpc-domainconfiguration mode for an

 

 

existing vPC domain.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

86

78-26881-OL

Configuring Virtual Port Channels

Suspending Orphan Ports on a Secondary Switch in a vPC Topology

 

Command or Action

Purpose

Step 3

switch(config-vpc-domain)#auto-recovery

Enables the auto-recoveryfeature and sets the

 

reload-delaydelay

reload delay period. The default is disabled.

This example shows how to enable the auto-recoveryfeature in vPC domain 10 and set the delay period for 240 seconds.

switch(config)# vpc domain 10

switch(config-vpc-domain)# auto-recoveryreload-delay240

Warning:

Enables restoring of vPCs in a peer-detachedstate after reload, will wait for 240 seconds (by default) to determine if peer isun-reachable

This example shows how to view the status of the auto-recoveryfeature in vPC domain 10:

switch(config-vpc-domain)#show running-config vpc !Command: showrunning-configvpc

!Time: Tue Dec 7 02:38:44 2010

version 5.0(2)N2(1)

feature vpc vpc domain 10

peer-keepalivedestination 10.193.51.170auto-recovery

Suspending Orphan Ports on a Secondary Switch in a vPC Topology

Youcansuspendanon-virtualportchannel(vPC)portwhenavPCsecondarypeerlinkgoesdown.Anon-vPCport, also known as an orphaned port, is a port that is not part of a vPC.

Note Whenaportisconfiguredasanorphanport,theportwillflap. Thisoccursbecausethesystemreevaluates whether the port can be brought up, given the constraints of the orphan port. For example, MCT needs to be up and election needs to be complete.

Before You Begin

Enable the vPC feature.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface ethernet

Specifies the port that you want to configure and

 

slot/port

enters interface configuration mode.

Step 3

switch(config-if)#vpc orphan-port

Suspends the specified port if the secondary switch

 

suspend

goes down.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

87

Configuring Virtual Port Channels

Creating an EtherChannel Host Interface

 

Command or Action

Purpose

 

 

 

Note

The vpc-orphan-portsuspendcommand

 

 

 

is supported only on physical ports.

Step 4

switch(config-if)#exit

Exits interface configuration mode.

Step 5

switch# show vpcorphan-port

(Optional)

 

 

Displays the orphan port configuration.

Step 6

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to suspend an orphan port:

switch# configure terminal switch(config)#interface ethernet ½0 switch(config-if)#vpc orphan-port suspend

This example shows how to display ports that are not part of the vPC but that share common VLANs with ports that are part of the vPC:

switch#

configure terminal

switch(config)# show vpcorphan-ports

Note:

::Going through port database. Please be patient.::

--------

 

VLAN Orphan Ports

-------

-------------------------

1

Po600

 

2

Po600

 

3

Po600

 

4

Po600

 

5

Po600

 

6

Po600

 

7

Po600

 

8

Po600

 

9

Po600

 

10Po600

11Po600

12Po600

13Po600

14Po600

...

Creating an EtherChannel Host Interface

To connect to a downstream server from a Cisco Nexus 2000 Series Fabric Extender you can create a EtherChannel host interface. An EtherChannel host interface can have only one host interface as a member dependingonthefabricextendermodel.TheCiscoNexus2148Tallowsonlyoneinterfacememberperfabric extender, newer fabric extenders allow up to 8 members of the same port-channelon a single fabric extender. You need to create an EtherChannel host interface to configure a vPC on it that uses the Fabric Extender topology.

Before You Begin

Ensure that you have enabled the vPC feature.

Ensure that the connected Fabric Extender is online.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

88

78-26881-OL

Configuring Virtual Port Channels

Moving Other Port Channels into a vPC

You must configure both switches on either side of the vPC peer link with the following procedure.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface ethernet

Specifies an interface to configure, and enters

 

chassis/slot/port

interface configuration mode.

Step 3

switch(config-if)#channel-group

Creates an EtherChannel host interface on the

 

channel-number mode{active| passive|

selected host interface.

 

on}

 

Step 4

switch# showport-channelsummary

(Optional)

 

 

Displays information about each EtherChannel

 

 

host interface.

Step 5

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to configure an EtherChannel host interface:

switch# configure terminal

switch(config)# interface ethernet 101/1/20switch(config-if)# channel-group7 mode active

Moving Other Port Channels into a vPC

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure both switches on either side of the vPC peer link with the following procedure.

Procedure

 

Command or Action

Purpose

 

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# interface

Selects the port channel that you want to put into the vPC to

 

port-channel channel-number

connect to the downstream switch, and enters the interface

 

 

configuration mode.

 

 

Note

A vPC can be configured on a normal port channel

 

 

 

(physical vPC topology), on an port channel fabric

interface (fabric extender vPC topology), and on an port channel host interface (host interface vPC topology)

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

89

Configuring Virtual Port Channels

Manually Configuring a vPC Domain MAC Address

Command or Action

Purpose

Step 3 switch(config-if)#vpc number Configures the selected port channel into the vPC to connect to the downstream switch. The range is from 1 to 4096.

 

 

ThevPC number thatyouassigntotheportchannelconnecting

 

 

to the downstream switch from the vPC peer switch must be

 

 

identical on both vPC peer switches.

Step 4

switch# show vpc brief

(Optional)

 

 

Displays information about each vPC.

Step 5

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup configuration.

This example shows how to configure a port channel that will connect to the downstream device:

switch# configure terminalswitch(config)# interfaceport-channel20switch(config-if)# vpc 5

Manually Configuring a vPC Domain MAC Address

Note Configuring thesystem-macis an optional configuration step. This section explains how to configure it in case you want to.

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure both switches on either side of the vPC peer link with the following procedure.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vpc domain

SelectsanexistingvPCdomainontheswitch,orcreates

 

domain-id

a new vPC domain, and enters the vpc-domain

 

 

configuration mode. There is no default domain-id ;

 

 

the range is from 1 to 1000.

Step 3

switch(config-vpc-domain)#

EnterstheMACaddressthatyouwantforthespecified

 

system-macmac-address

vPC domain in the following format: aaaa.bbbb.cccc.

Step 4

switch# show vpc role

(Optional)

 

 

Displays the vPC system MAC address.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

90

78-26881-OL

Configuring Virtual Port Channels

Manually Configuring the System Priority

 

Command or Action

Purpose

Step 5

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to configure a vPC domain MAC address:

switch# configure terminalswitch(config)# vpc domain 5

switch(config-if)# system-mac23fb.4ab5.4c4e

Manually Configuring the System Priority

When you create a vPC domain, the system automatically creates a vPC system priority. However, you can also manually configure a system priority for the vPC domain.

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure both switches on either side of the vPC peer link with the following procedure.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vpc domain

Selects an existing vPC domain on the switch, or creates

 

domain-id

a new vPC domain, and enters the vpc-domain

 

 

configuration mode. There is no default domain-id ; the

 

 

range is from 1 to 1000.

Step 3

switch(config-vpc-domain)#

Enters the system priority that you want for the specified

 

system-prioritypriority

vPCdomain. Therangeofvaluesisfrom1to65535. The

 

 

default value is 32667.

Step 4

switch# show vpc brief

(Optional)

 

 

Displays information about each vPC, including

 

 

information about the vPC peer link.

Step 5

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

91

Configuring Virtual Port Channels

Manually Configuring a vPC Peer Switch Role

This example shows how to configure a vPC peer link:

switch# configure terminal switch(config)#vpc domain 5 switch(config-if)#system-priority 4000

Manually Configuring a vPC Peer Switch Role

By default, the Cisco NX-OSsoftware elects a primary and secondary vPC peer switch after you configure the vPC domain and both sides of the vPC peer link. However, you may want to elect a specific vPC peer switch as the primary switch for the vPC. Then, you would manually configure the role value for the vPC peer switch that you want as the primary switch to be lower than the other vPC peer switch.

vPC does not support role preemption. If the primary vPC peer switch fails, the secondary vPC peer switch takes over to become operationally the vPC primary switch. However, the original operational roles are not restored when the formerly primary vPC comes up again.

Before You Begin

Ensure that you have enabled the vPC feature.

You must configure both switches on either side of the vPC peer link with the following procedure.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vpc domain

Selects an existing vPC domain on the switch, or creates

 

domain-id

a new vPC domain, and enters the vpc-domain

 

 

configuration mode. There is no default domain-id ; the

 

 

range is from 1 to 1000.

Step 3

switch(config-vpc-domain)#role

Enters the role priority that you want for the vPC system

 

priority priority

priority. The range of values is from 1 to 65535. The

 

 

default value is 32667.

Step 4

switch# show vpc brief

(Optional)

 

 

Displays information about each vPC, including

 

 

information about the vPC peer link.

Step 5

switch# copyrunning-config

(Optional)

 

startup-config

Copies the running configuration to the startup

 

 

configuration.

This example shows how to configure a vPC peer link:

switch# configure terminalswitch(config)# vpc domain 5switch(config-if)# role priority 4000

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

92

78-26881-OL

Configuring Virtual Port Channels

Configuring the vPC Peer Switch

Configuring the vPC Peer Switch

Configuring a Pure vPC Peer Switch Topology

You can configure a pure vPC peer switch topology using the peer-switch command and then you set the best possible (lowest) spanning tree bridge priority value.

Note The values you apply for the spanning tree priority must be identical on both vPC peers.

Before You Begin

Ensure that you have enabled the vPC feature.

Procedure

 

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# vpc domain

EntersthevPCdomainnumberthatyouwanttoconfigure.

 

domain-id

The system enters the vpc-domainconfiguration mode.

Step 3

switch(config-vpc-domain)#

EnablesthevPCswitchpairtoappearasasingleSTProot

 

peer-switch

in the Layer 2 topology.

 

 

Usetheno formofthecommandtodisablethepeerswitch

 

 

vPC topology.

Step 4

switch(config-vpc-domain)#

 

spanning-treevlanvlan-range

 

priority value

Configures the bridge priority of the VLAN. Valid values are multiples of 4096. The default value is 32768.

Note This value must be identical on both vPC peers.

Step 5

switch(config-vpn-domain)#exit

Exits the vpc-domainconfiguration mode.

Step 6

switch(config)#showspanning-tree

(Optional)

 

summary

Displays a summary of the spanning tree port states

 

 

including the vPC peer switch.

 

 

Look for the following line in the command output:

 

 

vPC peer-switchis enabled (operational)

Step 7

switch(config)# copy

(Optional)

 

running-configstartup-config

Savesthechangepersistentlythroughrebootsandrestarts

 

 

by copying the running configuration to the startup

 

 

configuration.

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

93

Configuring Virtual Port Channels

Configuring a Hybrid vPC Peer Switch Topology

This example shows how to configure a pure vPC peer switch topology:

switch# configure terminal

Enter configuration commands, one per line. End with CNTL/Z. switch(config)# vpc domain 5

switch(config-vpc-domain)#peer-switch

2010 Apr 28 14:44:44 switch %STP-2-VPC_PEERSWITCH_CONFIG_ENABLED:vPCpeer-switchconfiguration is enabled. Please make sure to configure spanning tree "bridge" priority as

per recommended guidelines to make vPC peer-switchoperational.switch(config-vpc-domain)#exit

switch(config)# spanning-treevlan 1 priority 8192switch(config)# showspanning-treesummary

Switch is in rapid-pvstmode

Root bridge for: VLAN0001-VLAN0050,VLAN0100-VLAN0149,VLAN0200-VLAN0249

VLAN0300-VLAN0349,VLAN0400-VLAN0599,VLAN0900-VLAN0999

Port Type Default

 

is disable

Edge Port [PortFast] BPDU Guard Default

is disabled

Edge Port [PortFast] BPDU Filter Default

is disabled

Bridge Assurance

 

is enabled

Loopguard Default

 

is disabled

Pathcost method used

 

is short

vPC peer-switch

 

is enabled (operational)

Name

Blocking Listening Learning Forwarding STP Active

-------------------------------------------------------------------

VLAN0001

0

0

0

16

16

VLAN0002

0

0

0

16

16

switch(config)# copyrunning-configstartup-config

 

 

switch(config)#

 

 

 

 

 

Configuring a Hybrid vPC Peer Switch Topology

You can configure a hybrid vPC and non-vPCpeer switch topology by using thespanning-treepseudo-informationcommand to change the designated bridge ID so that it meets the STPVLAN-basedload-balancingcriteriaandthenchangetherootbridgeIDprioritytoavaluethatisbetterthanthebestbridgepriority. You then enable the peer switch. For more information, see the command reference for your device.

Note If you previously configured global spanning tree parameters and you subsequently configure spanning tree pseudo information parameters, be aware that the pseudo information parameters take precedence over the global parameters.

Before You Begin

Ensure that you have enabled the vPC feature.

Procedure

 

Command or Action

Step 1

switch# configure terminal

Step 2

switch(config)# spanning-tree

 

pseudo-information

Purpose

Enters global configuration mode.

Configures the spanning tree pseudo information.

Note This configuration takes precedence over any global spanning tree configurations.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

94

78-26881-OL

Configuring Virtual Port Channels

Verifying the vPC Configuration

 

Command or Action

Purpose

 

Step 3

switch(config-pseudo)#vlanvlan-id

Configures the designated bridge priority of the VLAN.

 

designated priority priority

Valid values are multiples of 4096 from 0 to 61440.

Step 4

switch(config-pseudo)#vlanvlan-id

Configures the root bridge priority of the VLAN. Valid

 

root priority priority

values are multiples of 4096 from 0 to 61440.

 

 

Note

This value must be identical on both vPC peers

 

 

 

to have an operational peer switch.

Step 5

switch(config-pseudo)#exit

Exists spanning tree pseudo information configuration

 

 

mode.

 

Step 6

switch(config)# vpc domain

EntersthevPCdomainnumberthatyouwanttoconfigure.

 

domain-id

The system enters the vpc-domainconfiguration mode.

Step 7

switch(config-vpc-domain)#

EnablesthevPCswitchpairtoappearasasingleSTProot

 

peer-switch

in the Layer 2 topology.

 

 

Usetheno formofthecommandtodisablethepeerswitch

 

 

vPC topology.

Step 8

switch(config-vpc-domain)#exit

Exits the vpc-domainconfiguration mode.

Step 9

switch(config)# show

(Optional)

 

spanning-treesummary

Displays a summary of the spanning tree port states

 

 

including the vPC peer switch.

 

 

Look for the following line in the command output:

 

 

vPC peer-switchis enabled (operational)

Step 10

switch(config)# copy

(Optional)

 

running-configstartup-config

Savesthechangepersistentlythroughrebootsandrestarts

 

 

by copying the running configuration to the startup

 

 

configuration.

This example shows how to configure a hybrid vPC peer switch topology:

switch# configure terminal

Enter configuration commands, one per line. End with CNTL/Z. switch(config)# spanning-tree pseudo-information switch(config-pseudo)#vlan 1 designated priority 8192 switch(config-pseudo)#vlan 1 root priority 4096 switch(config-pseudo)#exit

switch(config)# vpc domain 5 switch(config-vpc-domain)#peer-switch switch(config-vpc-domain)#exit

switch(config)# copyrunning-configstartup-config

Verifying the vPC Configuration

Use the following commands to display vPC configuration information:

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

95

Configuring Virtual Port Channels

Viewing The Graceful Type-1Check Status

Command

Purpose

 

switch# show feature

Displays whether vPC is enabled or not.

switch# showport-channelcapacity

Displays how many EtherChannels are configured

 

and how many are still available on the switch.

switch# showrunning-configvpc

DisplaysrunningconfigurationinformationforvPCs.

switch# show vpc brief

Displays brief information on the vPCs.

switch# show vpcconsistency-parameters

Displays the status of those parameters that must be

 

consistent across all vPC interfaces.

switch# show vpcpeer-keepalive

Displaysinformationonthepeer-keepalivemessages.

switch# show vpc role

Displays the peer status, the role of the local switch,

 

the vPC system MAC address and system priority,

 

and the MAC address and priority for the local vPC

 

switch.

 

switch# show vpc statistics

Displays statistics on the vPCs.

 

Note

This command displays the vPC statistics

 

 

only for the vPC peer device that you are

 

 

working on.

For information about the switch output, see the Command Reference for your Cisco Nexus Series switch.

Viewing The Graceful Type-1Check Status

This example shows how to display the current status of the graceful Type-1consistency check:

switch# show vpc brief

Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id

:

10

Peer status

:

peer adjacency formed ok

vPC keep-alivestatus

:

peer is alive

Configuration consistency status:

success

Per-vlanconsistency status

:

success

Type-2consistency status

:

success

vPC role

:

secondary

Number of vPCs configured

:

34

Peer Gateway

:

Disabled

Dual-activeexcluded VLANs

:

-

Graceful Consistency Check

:

Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

96

78-26881-OL

Configuring Virtual Port Channels

Viewing A Global Type-1Inconsistency

Viewing A Global Type-1Inconsistency

WhenaglobalType-1inconsistencyoccurs,thevPCsonthesecondaryswitcharebroughtdown.Thefollowingexample shows this type of inconsistency when there is aspanning-treemode mismatch.

The example shows how to display the status of the suspended vPC VLANs on the secondary switch:

switch(config)# show vpc Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC

domain id

:

10

Peer status

:

peer adjacency formed ok

vPC

keep-alivestatus

:

peer is alive

Configuration consistency status:

failed

Per-vlanconsistency status

:

success

Configuration consistency reason: vPC type-1configuration incompatible - STP

Type-2consistency status

Mode inconsistent

: success

vPC role

: secondary

Number of vPCs configured

: 2

Peer Gateway

: Disabled

Dual-activeexcluded VLANs

: -

Graceful Consistency Check

: Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1-10

vPC status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

20

Po20

down*

failed

Global compat check failed

-

30

Po30

down*

failed

Global compat check failed

-

Theexampleshowshowtodisplaytheinconsistentstatus(theVLANsontheprimaryvPCarenotsuspended) on the primary switch:

switch(config)# show vpc Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC

domain id

:

10

Peer status

:

peer adjacency formed ok

vPC

keep-alivestatus

:

peer is alive

Configuration consistency status:

failed

Per-vlanconsistency status

:

success

Configuration consistency reason: vPC type-1configuration incompatible - STP Mo

de inconsistent

: success

Type-2consistency status

vPC role

: primary

Number of vPCs configured

: 2

Peer Gateway

: Disabled

Dual-activeexcluded VLANs

: -

Graceful Consistency Check

: Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1-10

vPC status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

97

Configuring Virtual Port Channels

Viewing An Interface-SpecificType-1Inconsistency

20

Po20

up

failed

Global

compat

check

failed

1-10

30

Po30

up

failed

Global

compat

check

failed

1-10

Viewing An Interface-SpecificType-1Inconsistency

When an interface-specificType-1inconsistency occurs, the vPC port on the secondary switch is brought downwhiletheprimaryswitchvPCportsremainup.Thefollowingexampleshowsthistypeofinconsistency when there is a switchport mode mismatch.

This example shows how to display the status of the suspended vPC VLAN on the secondary switch:

switch(config-if)#show vpc brief Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id

:

10

Peer status

:

peer adjacency formed ok

vPC keep-alivestatus

:

peer is alive

Configuration consistency status:

success

Per-vlanconsistency status

:

success

Type-2consistency status

:

success

vPC role

:

secondary

Number of vPCs configured

:

2

Peer Gateway

:

Disabled

Dual-activeexcluded VLANs

:

-

Graceful Consistency Check

:

Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1

vPC status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

20

Po20

up

success

success

1

30

Po30

down*

failed

Compatibility check failed

-

 

 

 

 

for port mode

 

Thisexampleshowshowtodisplaytheinconsistentstatus(theVLANsontheprimaryvPCarenotsuspended) on the primary switch:

switch(config-if)#show vpc brief Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id

:

10

Peer status

:

peer adjacency formed ok

vPC keep-alivestatus

:

peer is alive

Configuration consistency status:

success

Per-vlanconsistency status

:

success

Type-2consistency status

:

success

vPC role

:

primary

Number of vPCs configured

:

2

Peer Gateway

:

Disabled

Dual-activeexcluded VLANs

:

-

Graceful Consistency Check

:

Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1

vPC status

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

98

78-26881-OL

Configuring Virtual Port Channels

Viewing a Per-VLANConsistency Status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

20

Po20

up

success

success

1

30

Po30

up

failed

Compatibility check failed

1

 

 

 

 

for port mode

 

Viewing a Per-VLANConsistency Status

To view the per-VLANconsistency or inconsistency status, enter theshow vpc consistency-parameters vlans command.

This example shows how to display the consistent status of the VLANs on the primary and the secondary switches.

switch(config-if)#show vpc brief Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id

:

10

Peer status

:

peer adjacency formed ok

vPC keep-alivestatus

:

peer is alive

Configuration consistency status:

success

Per-vlanconsistency status

:

success

Type-2consistency status

:

success

vPC role

:

secondary

Number of vPCs configured

:

2

Peer Gateway

:

Disabled

Dual-activeexcluded VLANs

:

-

Graceful Consistency Check

:

Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1-10

vPC status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

20

Po20

up

success

success

1-10

30

Po30

up

success

success

1-10

Enteringnospanning-treevlan5 commandtriggerstheinconsistencyontheprimaryandsecondaryVLANs:

switch(config)# nospanning-treevlan 5

This example shows how to display the per-VLANconsistency status as Failed on the secondary switch.

switch(config)# show vpc brief

 

 

Legend:

 

 

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id

:

10

Peer status

:

peer adjacency formed ok

vPC keep-alivestatus

:

peer is alive

Configuration consistency status:

success

Per-vlanconsistency status

:

failed

Type-2consistency status

:

success

vPC role

:

secondary

Number of vPCs configured

:

2

Peer Gateway

:

Disabled

Dual-activeexcluded VLANs

:

-

Graceful Consistency Check

:

Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

99

Configuring Virtual Port Channels

Viewing a Per-VLANConsistency Status

--------------------------------------------------------------

1 Po1 up 1-4,6-10

vPC status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

20

Po20

up

success

success

1-4,6-10

30

Po30

up

success

success

1-4,6-10

This example shows how to display the per-VLANconsistency status as Failed on the primary switch.

switch(config)# show vpc brief Legend:

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id

:

10

Peer status

:

peer adjacency formed ok

vPC keep-alivestatus

:

peer is alive

Configuration consistency status:

success

Per-vlanconsistency status

:

failed

Type-2consistency status

:

success

vPC role

:

primary

Number of vPCs configured

:

2

Peer Gateway

:

Disabled

Dual-activeexcluded VLANs

:

-

Graceful Consistency Check

:

Enabled

vPC Peer-linkstatus

---------------------------------------------------------------------

id Port Status Active vlans

--------------------------------------------------------------

1 Po1 up 1-4,6-10

vPC status

----------------------------------------------------------------------------

id

Port

Status

Consistency

Reason

Active vlans

------

-----------

------

-----------

--------------------------

-----------

20

Po20

up

success

success

1-4,6-10

30

Po30

up

success

success

1-4,6-10

This example shows the inconsistency as STP Disabled:

switch(config)# show vpcconsistency-parametersvlans

Name

Type

Reason Code

Pass Vlans

-------------

----

----------------------

-----------------------

STP Mode

1

success

0-4095

STP Disabled

1

vPC type-1

0-4,6-4095

 

 

configuration

 

 

 

incompatible - STP is

 

 

 

enabled or disabled on

 

STP MST Region Name

1

some or all vlans

0-4095

success

STP MST Region Revision

1

success

0-4095

STP MST Region Instance to

1

success

0-4095

VLAN Mapping

1

success

0-4095

STP Loopguard

STP Bridge Assurance

1

success

0-4095

STP Port Type, Edge

1

success

0-4095

BPDUFilter, Edge BPDUGuard

1

success

0-4095

STP MST Simulate PVST

Pass Vlans

-

 

0-4,6-4095

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

100

78-26881-OL

Configuring Virtual Port Channels

vPC Example Configurations

vPC Example Configurations

Dual Homed Fabric Extender vPC Configuration Example

The following example shows how to configure the dual homed Fabric Extender vPC topology using the management VRF to carry the peer-keepalivemessages on switchNX-5000-1as shown in following figure:

Figure 9: vPC Configuration Example

Before You Begin

Ensure that the Cisco Nexus 2000 Series Fabric Extender NX-2000-100is attached and online.

Procedure

Step 1 Enable vPC and LACP.

NX-5000-1# configure terminal

NX-5000-1(config)#feature lacp

NX-5000-1(config)#feature vpc

Step 2 Create the vPC domain and add the vPCpeer-keepalivelink.

NX-5000-1(config)#vpc domain 1

NX-5000-1(config-vpc-domain)# peer-keepalivedestination 10.10.10.237

NX-5000-1(config-vpc-domain)#exit

Step 3 Configure the vPC peer link as a two port Etherchannel.

NX-5000-1(config)# interface ethernet1/1-2

NX-5000-1(config-if-range)#switchport mode trunk

NX-5000-1(config-if-range)# switchport trunk allowed vlan20-50

NX-5000-1(config-if-range)# switchport trunk native vlan 20

NX-5000-1(config-if-range)#channel-group 20 mode active

NX-5000-1(config-if-range)#exit

NX-5000-1(config)# interfaceport-channel20

NX-5000-1(config-if)#vpc peer-link

NX-5000-1(config-if)#exit

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

101

Configuring Virtual Port Channels

Dual Homed Fabric Extender vPC Configuration Example

Step 4 Create a Fabric Extender identifier (for example, "100").

NX-5000-1(config)#fex 100

NX-5000-1(config-fex)#pinning max-links 1

NX-5000-1(fex)#exit

Step 5 Configure the fabric EtherChannel links for the Fabric Extender 100.

NX-5000-1(config)# interface ethernet 1/20

NX-5000-1(config-if)#channel-group 100

NX-5000-1(config-if)#exit

NX-5000-1(config)# interfaceport-channel100

NX-5000-1(config-if)# switchport modefex-fabric

NX-5000-1(config-if)#vpc 100

NX-5000-1(config-if)#fex associate 100

NX-5000-1(config-if)#exit

Step 6 Configure each host interface port on the Fabric Extender 100 on both Nexus 5000 Series switch as for all the other steps.

NX-5000-1(config)# interface ethernet100/1/1-48

NX-5000-1(config-if)#switchport mode access

NX-5000-1(config-if)# switchport access vlan 50

NX-5000-1(config-if)#no shutdown

NX-5000-1(config-if)#exit

Step 7 Save the configuration.

NX-5000-1(config)# copyrunning-configstartup-config

Repeat all the above steps for the NX-5000-2switch.

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

102

78-26881-OL

Configuring Virtual Port Channels

Single Homed Fabric Extender vPC Configuration Example

Single Homed Fabric Extender vPC Configuration Example

The following example shows how to configure the single homed Fabric Extender vPC topology using the default VRF to carry the peer-keepalivemessages on switchNX-5000-1as shown in following figure:

Figure 10: vPC Configuration Example

Note The following example only shows the configuration ofNX-5000-1which is connected to the Fabric ExtenderNX-2000-100.You must repeat these steps on its vPC peer,NX-5000-2,which is connected to the Fabric ExtenderNX-2000-101.

Before You Begin

Ensure that the Cisco Nexus 2000 Series Fabric Extenders NX-2000-100andNX-2000-101are attached and online.

Procedure

Step 1 Enable vPC and LACP.

NX-5000-1# configure terminal

NX-5000-1(config)#feature lacp

NX-5000-1(config)#feature vpc

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

103

Configuring Virtual Port Channels

Single Homed Fabric Extender vPC Configuration Example

Step 2 Enable SVI interfaces, create the VLAN and SVI to be used by the vPCpeer-keepalivelink.

NX-5000-1(config)# featureinterface-vlan

NX-5000-1(config)#vlan 900

NX-5000-1(config-vlan)#int vlan 900

NX-5000-1(config-if)# ip address 10.10.10.236 255.255.255.0

NX-5000-1(config-if)#no shutdown

NX-5000-1(config-if)#exit

Step 3 Create the vPC domain and add the vPCpeer-keepalivelink in the default VRF.

NX-5000-1(config)#vpc domain 30

NX-5000-1(config-vpc-domain)# peer-keepalivedestination 10.10.10.237 source 10.10.10.236

vrf default

NX-5000-1(config-vpc-domain)#exit

Note VLAN 900 mustnot be trunked across the vPCpeer-linkbecause it carries the vPCpeer-keepalivemessages. There must be an alternative path between switchesNX-5000-1andNX-5000-2for the vPCpeer-keepalivemessages.

Step 4 Configure the vPC peer link as a two port Etherchannel.

NX-5000-1(config)# interface ethernet1/1-2

NX-5000-1(config-if-range)#switchport mode trunk

NX-5000-1(config-if-range)# switchport trunk allowed vlan20-50

NX-5000-1(config-if-range)# switchport trunk native vlan 20

NX-5000-1(config-if-range)#channel-group 30 mode active

NX-5000-1(config-if-range)#exit

NX-5000-1(config)# interfaceport-channel30

NX-5000-1(config-if)#vpc peer-link

NX-5000-1(config-if)#exit

Step 5 Configure the Fabric ExtenderNX-2000-100.

NX-5000-1(config)#fex 100

NX-5000-1(config-fex)#pinning max-links 1

NX-5000-1(fex)#exit

Step 6 Configure the fabric EtherChannel links for the Fabric ExtenderNX-2000-100.

NX-5000-1(config)# interface ethernet1/20-21

NX-5000-1(config-if)#channel-group 100

NX-5000-1(config-if)#exit

NX-5000-1(config)# interfaceport-channel100

NX-5000-1(config-if)# switchport modefex-fabric

NX-5000-1(config-if)#fex associate 100

NX-5000-1(config-if)#exit

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

104

78-26881-OL

Configuring Virtual Port Channels

vPC Default Settings

Step 7 Configure a vPC server port on on the Fabric ExtenderNX-2000-100.

NX-5000-1(config-if)# interface ethernet 100/1/1

NX-5000-1(config-if)#switchport mode trunk

NX-5000-1(config-if)# switchport trunk native vlan 100

NX-5000-1(config-if)# switchport trunk allowed vlan100-105

NX-5000-1(config-if)#channel-group 600

NX-5000-1(config-if)#no shutdown

NX-5000-1(config-if)#exit

NX-5000-1(config)# interfaceport-channel600

NX-5000-1(config-if)#vpc 600

NX-5000-1(config-if)#no shutdown

NX-5000-1(config-if)#exit

Step 8 Save the configuration.

NX-5000-1(config)# copyrunning-configstartup-config

vPC Default Settings

The following table lists the default settings for vPC parameters.

Table 8: Default vPC Parameters

 

Parameters

Default

vPC system priority

32667

vPC peer-keepalivemessage

Disabled

vPC peer-keepaliveinterval

1 second

vPC peer-keepalivetimeout

5 seconds

vPC peer-keepaliveUDP port

3200

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

105

Configuring Virtual Port Channels

vPC Default Settings

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

106

78-26881-OL

I N D E X

A

adding ports 55 port channels55

B

bandwidth 38 configuring38

C

changed information 1 description1

channel mode 58 port channels58

channel modes 52 port channels52

configuration 41

Layer 3 interfaces 41 verifying41

configuration examples 43 Layer 3 interfaces 43 configuring 36, 37, 38, 39, 40 interface bandwidth 38 loopback interfaces 40

routed interfaces 36 subinterfaces37 VLAN interfaces39

configuring LACP 57

D

debounce timer 9 parameters9

debounce timer, configuring 27 Ethernet interfaces27

78-26881-OL

default settings 36 Layer 3 interfaces36

disabling 80 vPCs80

E

EtherChannel host interface 88 creating88

Ethernet interfaces 27

debounce timer, configuring 27

F

fabric extender 67 terminology67

FEX 67 terminology67

G

graceful convergence 61, 62

LACP 61, 62

port channels 61, 62

LACP 61, 62

graceful convergence 61, 62 guidelines and limitations36, 79

Layer 3 interfaces 36 vPCs79

H

hardware hashing 57 multicast traffic57

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

IN-1

Index

I

interface information, displaying 29 layer 229

interface speed 6, 13 configuring13

interfaces 3, 5, 33, 35, 36, 38, 39, 40, 42, 43 assigning to a VRF 40

chassis ID 3 configuring bandwidth38

Layer 3 33, 42, 43 configuration examples 43 monitoring 42

loopback 35, 40 options3 routed33 tunnel36 UDLD5

VLAN 35, 39 configuring 39

Layer 3 interfaces (continued) verifying41

licensing requirements 36 Layer 3 interfaces36

Link Aggregation Control Protocol 45 load balancing55

port channels 55 configuring55

loopback interfaces 35, 40 configuring40

M

MIBs 44

Layer 3 interfaces 44 monitoring42

Layer 3 interfaces 42 multicast traffic57

hardware hashing 57 port channels57

L

LACP 45, 51, 52, 53, 57, 60, 61, 62 configuring 57

graceful convergence 61, 62 disabling61 reenabling62

marker responders 53 port channels 51 port priority 60 system ID 52

LACP-enabledvs static54 port channels54

layer 2 29

interface information, displaying 29 layer 2 interfaces10

unified ports 10

Layer 3 interfaces 33, 36, 41, 42, 43, 44 configuration examples 43 configuring routed interfaces 36 default settings 36

guidelines and limitations 36 interfaces44

Layer 3 44 MIBs44

related documents 44 standards44

licensing requirements 36 MIBs44

monitoring 42 related documents44 standards44

N

new information 1 description1

P

parameters, about 9 debounce timer9

physical Ethernet settings 31 port channel63

verifying configuration 63 port channel configuration46

guidelines and limitations 46 port channeling45

port channels 38, 45, 47, 48, 51, 54, 55, 57, 58, 89 adding ports 55

channel mode 58 compatibility requirements47 configuring bandwidth38 creating54

hardware hashing 57 LACP51

LACP-enabledvs static54 load balancing48, 55

port channels 48 moving into a vPC89 STP45

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

IN-2

78-26881-OL

Index

port profiles 8, 9 about8

guidelines and limitations 9 port profiles9

R

related documents 44 Layer 3 interfaces44

routed interfaces 33, 36, 38 configuring36 configuring bandwidth38

U

UDLD 5, 6 aggressive mode6 defined5

nonaggressive mode 6 UDLD modeA12

configuring 12 Unidirectional Link Detection5 unified ports4, 10

configuring 10

S

SFP+ transceiver 6

Small form-factorpluggable (plus) transceiver6 standards44

Layer 3 interfaces 44 STP45

port channel 45 subinterfaces34, 37, 38 configuring37

configuring bandwidth 38

suspending orphan ports, secondary switch 87 vPC topology87

T

terminology 67 fabric extender67

topology 69, 70

dual homed fabric extender vPC 70 single homed fabric extender vPC69

tunnel interfaces 36

V

verifying 41

Layer 3 interface configuration 41 VLAN35

interfaces 35 VLAN interfaces39 configuring39

vPC 78

with ARP or ND 78 vpc peer links76

interfaces 76

vPC peer switch topology 93, 94 hybrid94

configuring 94 pure93

configuring 93 vPC peer switches79 vPC terminology67 vPC topology87

suspending orphan ports, secondary switch 87 vPCs 79, 89

guidelines and limitations 79 moving port channels into89

VRF 40

assigning an interface to 40

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

78-26881-OL

IN-3

Index

 

Cisco Nexus 5000 Series NX-OSInterfaces Configuration Guide, Release 5.2(1)N1(1)

IN-4

78-26881-OL