Cisco Nexus 9000 Series Configuration Manual
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
First Published: 2015-02-01
Last Modified: 2017-06-16
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version
of the UNIX operating system. All rights reserved. Copyright©1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWAREOF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (https://www.openssl.org/)
This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https:/
/www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
©
2016-2017 Cisco Systems, Inc. All rights reserved.
CONTENTS
Preface
CHAPTER 1
CHAPTER 2
Preface xi
Audience xi
Document Conventions xi
Related Documentation for Cisco Nexus 9000 Series Switches xii
Documentation Feedback xii
Obtaining Documentation and Submitting a Service Request xiii
New and Changed Information 1
New and Changed Information 1
Overview 3
Software Image 3
Software Compatibility 3
Spine/Leaf Topology 3
Modular Software Design 4
Serviceability 4
Switched Port Analyzer 4
Ethanalyzer 4
Smart Call Home 5
Online Diagnostics 5
Embedded Event Manager 5
Manageability 5
Simple Network Management Protocol 5
Configuration Verification and Rollback 5
Role-Based Access Control 6
Cisco NX-OS Device Configuration Methods 6
Programmability 6
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
iii
Contents
Python API 6
Tcl 6
Cisco NX-API 7
Bash Shell 7
Broadcom Shell 7
Traffic Routing, Forwarding, and Management 7
Ethernet Switching 7
IP Routing 8
IP Services 8
IP Multicast 8
Quality of Service 9
Network Security Features 9
Licensing 10
CHAPTER 3
CHAPTER 4
Supported Standards 10
Using the Cisco NX-OS Setup Utility 15
About the Cisco NX-OS Setup Utility 15
Prerequisites for the Setup Utility 17
Setting Up Your Cisco NX-OS Device 17
Additional References for the Setup Utility 21
Related Documents for the Setup Utility 21
Using PowerOn Auto Provisioning 23
About PowerOn Auto Provisioning 23
Network Requirements for POAP 24
POAP Configuration Script 24
Using the POAP Script and POAP Script Options 25
Setting up the DHCP Server without DNS for POAP 27
Downloading and Using User Data, Agents, and Scripts as part of POAP 28
POAP Process 28
Power-Up Phase 31
DHCP Discovery Phase 31
POAP Dynamic Breakout 33
Script Execution Phase 33
Post-Installation Reload Phase 33
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
iv
Contents
Guidelines and Limitations for POAP 33
Setting Up the Network Environment to Use POAP 34
Configuring a Switch Using POAP 34
Creating md5 Files 35
Verifying the Device Configuration 37
Troubleshooting for POAP 37
Managing the POAP Personality 37
POAP Personality 37
Backing Up the POAP Personality 38
Configuring the POAP Personality 38
Restoring the POAP Personality 40
POAP Personality Sample Script 40
CHAPTER 5
Understanding the Command-Line Interface 43
About the CLI Prompt 44
Command Modes 44
EXEC Command Mode 44
Global Configuration Command Mode 45
Interface Configuration Command Mode 45
Subinterface Configuration Command Mode 46
Saving and Restoring a Command Mode 46
Exiting a Configuration Command Mode 47
Command Mode Summary 47
Special Characters 48
Keystroke Shortcuts 49
Abbreviating Commands 52
Completing a Partial Command Name 52
Identifying Your Location in the Command Hierarchy 53
Using the no Form of a Command 53
Configuring CLI Variables 54
About CLI Variables 54
Configuring CLI Session-Only Variables 55
Configuring Persistent CLI Variables 55
Command Aliases 56
About Command Aliases 56
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
v
Contents
Defining Command Aliases 57
Configuring Command Aliases for a User Session 57
Command Scripts 58
Running a Command Script 58
Echoing Information to the Terminal 58
Delaying Command Action 59
Context-Sensitive Help 60
Understanding Regular Expressions 62
Special Characters 62
Multiple-Character Patterns 62
Anchoring 63
Searching and Filtering show Command Output 63
Filtering and Searching Keywords 64
diff Utility 65
grep and egrep Utilities 66
less Utility 67
Mini AWK Utility 67
sed Utility 67
sort Utility 67
Searching and Filtering from the --More-- Prompt 68
Using the Command History 69
Recalling a Command 69
Controlling CLI History Recall 70
Configuring the CLI Edit Mode 70
Displaying the Command History 70
Enabling or Disabling the CLI Confirmation Prompts 71
Setting CLI Display Colors 71
Sending Commands to Modules 72
Sending Command Output in Email 73
BIOS Loader Prompt 74
Examples Using the CLI 74
Using the System-Defined Timestamp Variable 74
Using CLI Session Variables 75
Defining Command Aliases 75
Running a Command Script 76
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
vi
Contents
Sending Command Output in Email 76
Additional References for the CLI 77
Related Documents for the CLI 77
CHAPTER 6
Configuring Terminal Settings and Sessions 79
About Terminal Settings and Sessions 79
Terminal Session Settings 79
Console Port 80
Virtual Terminals 80
Licensing Requirements for Terminal Settings and Sessions 80
Default Settings for File System Parameters 81
Configuring the Console Port 81
Configuring Virtual Terminals 82
Configuring the Inactive Session Timeout 82
Configuring the Session Limit 83
Clearing Terminal Sessions 84
Displaying Terminal and Session Information 85
Additional References for Terminal Settings and Sessions 85
Related Documents for Terminal Settings and Sessions 85
CHAPTER 7
Basic Device Management 87
About Basic Device Management 87
Device Hostname 87
Message-of-the-Day Banner 88
Device Clock 88
Clock Manager 88
Time Zone and Summer Time (Daylight Saving Time) 88
User Sessions 88
Licensing Requirements for Basic Device Management 88
Default Settings for Basic Device Parameters 89
Changing the Device Hostname 89
Configuring the MOTD Banner 90
Configuring the Time Zone 90
Configuring Summer Time (Daylight Saving Time) 91
Manually Setting the Device Clock 92
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
vii
Contents
Setting the Clock Manager 93
Managing Users 94
Displaying Information about the User Sessions 94
Sending a Message to Users 94
Verifying the Device Configuration 94
Additional References for Basic Device Management 95
Related Documents for Basic Device Management 95
CHAPTER 8
Using the Device File Systems, Directories, and Files 97
About the Device File Systems, Directories, and Files 97
File Systems 97
Directories 98
Files 98
Licensing Requirements for File Systems, Directories, and Files 99
Default Settings for File System Parameters 99
Configuring the FTP, HTTP, or TFTP Source Interface 99
Working with Directories 100
Identifying the Current Directory 100
Changing the Current Directory 100
Creating a Directory 101
Displaying Directory Contents 101
Deleting a Directory 101
Accessing Directories on the Standby Supervisor Module 102
Working with Files 102
viii
Moving Files 102
Copying Files 103
Deleting Files 104
Displaying File Contents 104
Displaying File Checksums 105
Compressing and Uncompressing Files 105
Displaying the Last Lines in a File 105
Redirecting show Command Output to a File 106
Finding Files 106
Working with Archive Files 107
Creating an Archive File 107
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
Contents
Appending Files to an Archive File 108
Extracting Files from an Archive File 108
Displaying the Filenames in an Archive File 109
Examples of Using the File System 109
Accessing Directories on Standby Supervisor Modules 109
Moving Files 110
Copying Files 110
Deleting a Directory 110
Displaying File Contents 111
Displaying File Checksums 111
Compressing and Uncompressing Files 112
Redirecting show Command Output 112
CHAPTER 9
Finding Files 112
Additional References for File Systems 113
Related Documents for File Systems 113
Working with Configuration Files 115
About Configuration Files 115
Types of Configuration Files 115
Licensing Requirements for Configuration Files 116
Managing Configuration Files 116
Saving the Running Configuration to the Startup Configuration 116
Copying a Configuration File to a Remote Server 117
Downloading the Running Configuration From a Remote Server 117
Downloading the Startup Configuration From a Remote Server 118
Copying Configuration Files to an External Flash Memory Device 120
Copying the Running Configuration from an External Flash Memory Device 120
Copying the Startup Configuration From an External Flash Memory Device 121
Copying Configuration Files to an Internal File System 122
Rolling Back to a Previous Configuration 123
Removing the Configuration for a Missing Module 123
Erasing a Configuration 124
Clearing Inactive Configurations 125
Configuration Archive and Configuration Log 126
Information About Configuration Archive 126
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
ix
Contents
Configuring the Characteristics of the Configuration Archive 126
Information About Configuration Log 128
Displaying Configuration Log Entries 129
Verifying the Device Configuration 130
Examples of Working with Configuration Files 130
Copying Configuration Files 130
Backing Up Configuration Files 130
Rolling Back to a Previous Configuration 131
Additional References for Configuration Files 131
Related Documents for Configuration Files 131
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
x
Preface
This preface includes the following sections:
Audience, page xi
•
Document Conventions, page xi
•
Related Documentation for Cisco Nexus 9000 Series Switches, page xii
•
Documentation Feedback, page xii
•
Obtaining Documentation and Submitting a Service Request, page xiii
•
Audience
This publication is for network administrators who install, configure, and maintain Cisco Nexus switches.
Document Conventions
Command descriptions use the following conventions:
DescriptionConvention
bold
Italic
[x | y]
{x | y}
Bold text indicates the commands and keywords that you enter literally
as shown.
Italic text indicates arguments for which the user supplies the values.
Square brackets enclose an optional element (keyword or argument).[x]
Square brackets enclosing keywords or arguments separated by a vertical
bar indicate an optional choice.
Braces enclosing keywords or arguments separated by a vertical bar
indicate a required choice.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
xi
Related Documentation for Cisco Nexus 9000 Series Switches
Preface
DescriptionConvention
[x {y | z}]
variable
string
Examples use the following conventions:
italic screen font
Nested set of square brackets or braces indicate optional or required
choices within optional or required elements. Braces and a vertical bar
within square brackets indicate a required choice within an optional
element.
Indicates a variable for which you supply values, in context where italics
cannot be used.
A nonquoted set of characters. Do not use quotation marks around the
string or the string will include the quotation marks.
DescriptionConvention
Terminal sessions and information the switch displays are in screen font.screen font
Information you must enter is in boldface screen font.boldface screen font
Arguments for which you supply values are in italic screen font.
Nonprinting characters, such as passwords, are in angle brackets.< >
Default responses to system prompts are in square brackets.[ ]
!, #
An exclamation point (!) or a pound sign (#) at the beginning of a line
of code indicates a comment line.
Related Documentation for Cisco Nexus 9000 Series Switches
The entire Cisco Nexus 9000 Series switch documentation set is available at the following URL:
http://www.cisco.com/en/US/products/ps13386/tsd_products_support_series_home.html
Documentation Feedback
To provide technical feedback on this document, or to report an error or omission, please send your comments
to nexus9k-docfeedback@cisco.com. We appreciate your feedback.
xii
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
Preface
Obtaining Documentation and Submitting a Service Request
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service
request, and gathering additional information, see What's New in Cisco Product Documentation at: http://
www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html.
Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical
documentation as an RSS feed and delivers content directly to your desktop using a reader application. The
RSS feeds are a free service.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
xiii
Obtaining Documentation and Submitting a Service Request
Preface
xiv
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
New and Changed Information
This chapter provides release-specific information for each new and changed feature in the Cisco Nexus
9000 Series NX-OS Fundamentals Guide, Release 7.x.
New and Changed Information, page 1
•
New and Changed Information
This table summarizes the new and changed features for the Cisco Nexus 9000 Series NX-OS Fundamentals
Configuration Guide, Release 7.x and tells you where they are documented.
Table 1: New and Changed Features for Cisco NX-OS Release 7.x
CHAPTER 1
POAP
POAP
Support for Configuration
Archive and Archive Log
Command-line interface
DescriptionFeature
the md5 checksum files.
Introduced a single POAP
script and the ability to start a
service on boot across all Cisco
Nexus 9000 Series switches
and the Cisco Nexus 3164Q,
31128PQ, 3232C, and 3264Q
switches.
configuration archive and
archive log.
variables to contain hyphens
and underscores.
in
Release
7.0(3)I6(1)Added procedure to re-create
7.0(3)I5(1)Added support for
7.0(3)I4(1)Enabled Cisco NX-OS CLI
Where DocumentedChanged
Creating md5 Files, on page
35
Using PowerOn Auto
Provisioning, on page 23
Configuration Archive and
Configuration Log, on page
126
Configuring CLI Session-Only
Variables, on page 55 and
Configuring Persistent CLI
Variables, on page 55
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
1
New and Changed Information
New and Changed Information
POAP
copy command
DescriptionFeature
personality and dynamic
breakout features.
file system.
in
Release
7.0(3)I4(1)Introduced the POAP
Where DocumentedChanged
Using PowerOn Auto
Provisioning, on page 23
Copying Files, on page 1037.0(3)I1(1)Added support for the HTTPS
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
2
Overview
This chapter contains the following sections:
Software Image, page 3
•
Software Compatibility, page 3
•
Serviceability, page 4
•
Manageability, page 5
•
Programmability, page 6
•
Traffic Routing, Forwarding, and Management, page 7
•
Quality of Service, page 9
•
Network Security Features, page 9
•
Licensing, page 10
•
Supported Standards, page 10
•
CHAPTER 2
Software Image
The Cisco NX-OS software consists of one NXOS software image (for example, n9000-dk9.6.1.2.I1.1.bin).
This image runs on all Cisco Nexus 9000 Series switches.
Software Compatibility
The Cisco NX-OS software interoperates with Cisco products that run any variant of the Cisco IOS software.
The Cisco NX-OS software also interoperates with any networking operating system that conforms to the
IEEE and RFC compliance standards.
Spine/Leaf Topology
The Cisco Nexus 9000 Series switches support a two-tier spine/leaf topology.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
3
Modular Software Design
This figure shows an example of a spine/leaf topology with four leaf switches (Cisco Nexus 9396 or 93128)
connecting into two spine switches (Cisco Nexus 9508) and two 40G Ethernet uplinks from each leaf to each
spine.
Figure 1: Spine/Leaf Topology
Overview
Modular Software Design
The Cisco NX-OS software supports distributed multithreaded processing on symmetric multiprocessors
(SMPs), multi-core CPUs, and distributed data module processors. The Cisco NX-OS software offloads
computationally intensive tasks, such as hardware table programming, to dedicated processors distributed
across the data modules. The modular processes are created on demand, each in a separate protected memory
space. Processes are started and system resources are allocated only when you enable a feature. A real-time
preemptive scheduler helps to ensure the timely processing of critical functions.
Serviceability
The Cisco NX-OS software has serviceability functions that allow the device to respond to network trends
and events. These features help you with network planning and improving response times.
Switched Port Analyzer
The Switched Port Analyzer (SPAN) feature allows you to analyze all traffic between ports (called the SPAN
source ports) by nonintrusively directing the SPAN session traffic to a SPAN destination port that has an
external analyzer attached to it. For more information about SPAN, see the Cisco Nexus 9000 Series NX-OS
System Management Configuration Guide.
Ethanalyzer
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
4
Ethanalyzer is a Cisco NX-OS protocol analyzer tool based on the Wireshark (formerly Ethereal) open source
code. Ethanalyzer is a command-line version of Wireshark for capturing and decoding packets. You can use
Ethanalyzer to troubleshoot your network and analyze the control-plane traffic. For more information about
Ethanalyzer, see the Cisco Nexus 9000 Series NX-OS Troubleshooting Guide.
Overview
Smart Call Home
The Call Home feature continuously monitors hardware and software components to provide e-mail-based
notification of critical system events. A versatile range of message formats is available for optimal compatibility
with pager services, standard e-mail, and XML-based automated parsing applications. It offers alert grouping
capabilities and customizable destination profiles. You can use this feature, for example, to directly page a
network support engineer, send an e-mail message to a network operations center (NOC), and employ Cisco
AutoNotify services to directly generate a case with the Cisco Technical Assistance Center (TAC). For more
information about Smart Call Home, see the Cisco Nexus 9000 Series NX-OS System Management Configuration
Guide.
Online Diagnostics
Cisco generic online diagnostics (GOLD) verify that hardware and internal data paths are operating as designed.
Boot-time diagnostics, continuous monitoring, and on-demand and scheduled tests are part of the Cisco GOLD
feature set. GOLD allows rapid fault isolation and continuous system monitoring. For information about
configuring GOLD, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide.
Smart Call Home
Embedded Event Manager
Cisco Embedded Event Manager (EEM) is a device and system management feature that helps you to customize
behavior based on network events as they happen. For information about configuring EEM, see the Cisco
Nexus 9000 Series NX-OS System Management Configuration Guide.
Manageability
This section describes the manageability features for the Cisco Nexus 9000 Series switches.
Simple Network Management Protocol
The Cisco NX-OS software is compliant with Simple Network Management Protocol (SNMP) version 1,
version 2, and version 3. A large number of MIBs is supported. For more information about SNMP, see the
Cisco Nexus 9000 Series NX-OS System Management Configuration Guide.
Configuration Verification and Rollback
The Cisco NX-OS software allows you to verify the consistency of a configuration and the availability of
necessary hardware resources prior to committing the configuration. You can preconfigure a device and apply
the verified configuration at a later time. Configurations also include checkpoints that allow you to roll back
to a known good configuration as needed. For more information about rollbacks, see the Cisco Nexus 9000
Series NX-OS System Management Configuration Guide.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
5
Role-Based Access Control
Role-Based Access Control
With role-based access control (RBAC), you can limit access to device operations by assigning roles to users.
You can customize access and restrict it to the users who require it. For more information about RBAC, see
the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.
Cisco NX-OS Device Configuration Methods
You can use these methods to configure Cisco NX-OS devices:
The CLI from a Secure Shell (SSH) session, a Telnet session, or the console port. SSH provides a secure
•
connection to the device. The CLI configuration guides are organized by feature. For more information,
see the Cisco NX-OS configuration guides. For more information about SSH and Telnet, see the Cisco
Nexus 9000 Series NX-OS Security Configuration Guide.
The XML management interface, which is a programmatic method based on the NETCONF protocol
•
that complements the CLI. For more information, see the Cisco NX-OS XML Interface User Guide.
Overview
The Cisco Data Center Network Management (DCNM) client, which runs on your local PC and uses
•
web services on the Cisco DCNM server. The Cisco DCNM server configures the device over the XML
management interface. For more information about the Cisco DCNM client, see the Cisco DCNM
Fundamentals Guide.
Programmability
This section describes the programmability features for the Cisco Nexus 9000 Series switches.
Python API
Python is an easy-to-learn, powerful programming language. It has efficient high-level data structures and a
simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing,
together with its interpreted nature, make it an ideal language for scripting and rapid application development
in many areas on most platforms. The Python interpreter and the extensive standard library are freely available
in source or binary form for all major platforms from the Python website: http://www.python.org/. The Python
scripting capability gives programmatic access to the CLI to perform various tasks and Power-On Auto
Provisioning (POAP) or Embedded Event Manager (EEM) actions. For more information about the Python
API and Python scripting, see the Cisco Nexus 9000 Series NX-OS Programmability Guide.
Tcl
Tool Command Language (Tcl) is a scripting language. With Tcl, you gain more flexibility in your use of the
CLI commands on the device. You can use Tcl to extract certain values in the output of a show command,
perform switch configurations, run Cisco NX-OS commands in a loop, or define EEM policies in a script.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
6
Overview
Cisco NX-API
Cisco NX-API
The Cisco NX-API provides web-based programmatic access to the Cisco Nexus 9000 Series switches. This
support is delivered through the NX-API open-source web server. The Cisco NX-API exposes the complete
configuration and management capabilities of the command-line interface (CLI) through web-based APIs.
You can configure the switch to publish the output of the API calls in either XML or JSON format. For more
information about the Cisco NX-API, see the Cisco Nexus 9000 Series NX-OS Programmability Guide.
Note
NX-API performs authentication through a programmable authentication module (PAM) on the switch.
Use cookies to reduce the number of PAM authentications and thus reduce the load on PAM.
Bash Shell
The Cisco Nexus 9000 Series switches support direct Linux shell access. With Linux shell support, you can
access the Linux system on the switch in order to use Linux commands and manage the underlying system.
For more information about Bash shell support, see the Cisco Nexus 9000 Series NX-OS Programmability
Guide.
Broadcom Shell
The Cisco Nexus 9000 Series switch front-panel and fabric module line cards contain several Broadcom
ASICs. You can use the CLI to access the command-line shell (bcm shell) for these ASICs. The benefit of
using this method to access the bcm shell is that you can use Cisco NX-OS command extensions such as pipe
include and redirect output to file to manage the output. In addition, the activity is recorded in the system
accounting log for audit purposes, unlike commands entered directly from the bcm shell, which are not recorded
in the accounting log. For more information about Broadcom shell support, see the Cisco Nexus 9000 Series
NX-OS Programmability Guide.
Caution
Use Broadcom shell commands with caution and only under the direct supervision or request of Cisco
Support personnel.
Traffic Routing, Forwarding, and Management
This section describes the traffic routing, forwarding, and management features supported by the Cisco NX-OS
software.
Ethernet Switching
The Cisco NX-OS software supports high-density, high-performance Ethernet systems and provides the
following Ethernet switching features:
IEEE 802.1D-2004 Rapid and Multiple Spanning Tree Protocols (802.1w and 802.1s)
•
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
7
IP Routing
IP Routing
Overview
IEEE 802.1Q VLANs and trunks
•
IEEE 802.3ad link aggregation
•
Unidirectional Link Detection (UDLD) in aggressive and standard modes
•
For more information, see the Cisco Nexus 9000 Series NX-OS Interfaces Configuration Guide and the Cisco
Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide.
The Cisco NX-OS software supports IP version 4 (IPv4) and IP version 6 (IPv6) and the following routing
protocols:
Open Shortest Path First (OSPF) Protocol Versions 2 (IPv4) and 3 (IPv6)
•
Intermediate System-to-Intermediate System (IS-IS) Protocol (IPv4 and IPv6)
•
Border Gateway Protocol (BGP) (IPv4 and IPv6)
•
IP Services
Enhanced Interior Gateway Routing Protocol (EIGRP) (IPv4 only)
•
Routing Information Protocol Version 2 (RIPv2) (IPv4 only)
•
The Cisco NX-OS software implementations of these protocols are fully compliant with the latest standards
and include 4-byte autonomous system numbers (ASNs) and incremental shortest path first (SPF). All unicast
protocols support Non-Stop Forwarding Graceful Restart (NSF-GR). All protocols support all interface types,
including Ethernet interfaces, VLAN interfaces, subinterfaces, port channels, and loopback interfaces.
For more information, see the Cisco Nexus 9000 Series NX-OS Unicast Routing Configuration Guide.
The following IP services are available in the Cisco NX-OS software:
Virtual routing and forwarding (VRF)
•
Dynamic Host Configuration Protocol (DHCP) helper
•
Hot Standby Router Protocol (HSRP)
•
Enhanced object tracking
•
Policy-based routing (PBR)
•
Unicast graceful restart for all protocols in IPv4 unicast graceful restart for OPSFv3 in IPv6
•
IP Multicast
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
8
For more information, see the Cisco Nexus 9000 Series NX-OS Unicast Routing Configuration Guide.
The Cisco NX-OS software includes the following multicast protocols and functions:
Protocol Independent Multicast (PIM) Version 2 (PIMv2)
•
Overview
Quality of Service
PIM sparse mode (Any-Source Multicast [ASM] for IPv4)
•
Anycast rendezvous point (Anycast-RP)
•
Multicast NSF for IPv4
•
RP-Discovery using bootstrap router (BSR) (Auto-RP and static)
•
Internet Group Management Protocol (IGMP) Versions 1, 2, and 3 router role
•
IGMPv2 host mode
•
IGMP snooping
•
Multicast Source Discovery Protocol (MSDP) (for IPv4)
•
The Cisco NX-OS software does not support PIM dense mode.Note
For more information, see the Cisco Nexus 9000 Series NX-OS Multicast Routing Configuration Guide.
Quality of Service
The Cisco NX-OS software supports quality of service (QoS) functions for classification, marking, queuing,
policing, and scheduling. Modular QoS CLI (MQC) supports all QoS features. You can use MQC to provide
uniform configurations across various Cisco platforms. For more information, see the Cisco Nexus 9000 Series
NX-OS Quality of Service Configuration Guide.
Network Security Features
The Cisco NX-OS software includes the following security features:
Control Plane Policing (CoPP)
•
Message-digest algorithm 5 (MD5) routing protocol authentication
•
Authentication, authorization, and accounting (AAA)
•
RADIUS and TACACS+
•
SSH Protocol Version 2
•
SNMPv3
•
Policies based on MAC and IPv4 addresses supported by named ACLs (port-based ACLs [PACLs],
•
VLAN-based ACLs [VACLs], and router-based ACLs [RACLs])
Traffic storm control (unicast, multicast, and broadcast)
•
For more information, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
9
Licensing
Licensing
The Cisco NX-OS software licensing feature allows you to access premium features on the device after you
install the appropriate license for that feature. Any feature not included in a license package is bundled with
the Cisco NX-OS software and is provided to you at no extra charge.
You must purchase and install a license for each device.
For detailed information about Cisco NX-OS software licensing, see the Cisco NX-OS Licensing Guide.
For information about troubleshooting licensing issues, see the Cisco Nexus 9000 Series NX-OS Troubleshooting
Guide.
Supported Standards
This table lists the IEEE compliance standards.
Table 2: IEEE Compliance Standards
Overview
DescriptionStandard
MAC Bridges802.1D
Class of Service Tagging for Ethernet frames802.1p
VLAN Tagging802.1Q
Multiple Spanning Tree Protocol802.1s
Rapid Spanning Tree Protocol802.1w
1000Base-T (10/100/1000 Ethernet over copper)802.3ab
Link aggregation with LACP802.3ad
10-Gigabit Ethernet802.3ae
This table lists the RFC compliance standards. For information on each RFC, see www.ietf.org.
Table 3: RFC Compliance Standards
DescriptionStandard
BGP
RFC 1997 BGP Communities Attribute
RFC 2385
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
10
Protection of BGP Sessions via the
TCP MD5 Signature Option
Overview
Supported Standards
DescriptionStandard
BGP Route flap dampingRFC 2439
RFC 2519
RFC 2858
RFC 3065
RFC 3392
RFC 4273
RFC 4486
RFC 4724
A Framework for Inter-Domain
Route Aggregation
Multiprotocol Extensions for
BGP-4
Autonomous System
Confederations for BGP
Capabilities Advertisement with
BGP-4
BGP version 4RFC 4271
BGP4 MIB - Definitions of
Managed Objects for BGP-4
BGP Route reflectionRFC 4456
Subcodes for BGP cease
notification message
Graceful Restart Mechanism for
BGP
RFC 4893
ietf-draft
ietf-draft
ietf-draft
IP Multicast
RFC 2236
RFC 3376
BGP Support for Four-octet AS
Number Space
Bestpath transition avoidance
(draft-ietf-idr-avoid-transition-05.txt)
Peer table objects
(draft-ietf-idr-bgp4-mib-15.txt)
Dynamic Capability
(draft-ietf-idr-dynamic-cap-03.txt)
Internet Group Management
Protocol, Version 2
Internet Group Management
Protocol, Version 3
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
11
Supported Standards
Overview
DescriptionStandard
RFC 3446
RFC 3569
RFC 3618
RFC 4601
RFC 4610
RFC 6187
ietf-draft
Anycast Rendezvous Point (RP)
mechanism using Protocol
Independent Multicast (PIM) and
Multicast Source Discovery
Protocol (MSDP)
An Overview of Source-Specific
Multicast (SSM)
Multicast Source Discovery
Protocol (MSDP)
ASM - Sparse Mode (PIM-SM):
Protocol Specification (Revised)
Source-Specific Multicast for IPRFC 4607
Anycast-RP Using Protocol
Independent Multicast (PIM)
X.509v3 Certificates for Secure
Shell Authentication
Mtrace server functionality, to
process mtrace-requests,
draft-ietf-idmr-traceroute-ipm-07.txt
IP Services
RFC 768 UDP
TFTPRFC 783
IPRFC 791
ICMPRFC 792
TCPRFC 793
ARPRFC 826
TelnetRFC 854
FTPRFC 959
Proxy ARPRFC 1027
NTP v3RFC 1305
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
12
Overview
Supported Standards
DescriptionStandard
CIDRRFC 1519
BootP relayRFC 1542
DNS clientRFC 1591
IPv4 routersRFC 1812
DHCP HelperRFC 2131
VRRPRFC 2338
IS-IS
RFC 1142 (OSI 10589)
RFC 1195
RFC 2763
RFC 2966
RFC 3277
RFC 3373
OSI 10589 Intermediate system to
intermediate system intra-domain
routing exchange protocol
Use of OSI IS-IS for routing in
TCP/IP and dual environment.
Dynamic Hostname Exchange
Mechanism for IS-IS
Domain-wide Prefix Distribution
with Two-Level IS-IS
IS-IS Mesh GroupsRFC 2973
IS-IS Transient Blackhole
Avoidance
Three-Way Handshake for IS-IS
Point-to-Point Adjacencies
IS-IS Cryptographic AuthenticationRFC 3567
Restart Signaling for IS-ISRFC 3847
ietf-draft
OSPF
Internet Draft Point-to-point
operation over LAN in link-state
routing protocols
(draft-ietf-isis-igp-p2p-over-lan-06.txt)
OSPF Version 2RFC 2328
OSPF Opaque LSA OptionRFC 2370
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
13
Supported Standards
Overview
DescriptionStandard
OSPF for IPv6 (OSPF version 3)RFC 2740
RFC 3101
RFC 3509
Per-Hop Behavior (PHB)
RIP
OSPF Not-So-Stubby-Area
(NSSA) Option
OSPF Stub Router AdvertisementRFC 3137
Alternative Implementations of
OSPF Area Border Routers
Graceful OSPF RestartRFC 3623
OSPF Version 2 MIBRFC 4750
Assured Forwarding PHB GroupRFC 2597
An Expedited Forwarding PHBRFC 3246
RIPv2 MIB extensionRFC 1724
RIPv2 MD5 AuthenticationRFC 2082
SNMP
RFC 2579
RFC 2863
RFC 3413
RFC 3417
RIP Version 2RFC 2453
Textual Conventions for SMIv2
The Interfaces Group MIB
Simple Network Management
Protocol (SNMP) Applications
Transport Mappings for the Simple
Network Management Protocol
(SNMP)
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
14
Using the Cisco NX-OS Setup Utility
This chapter contains the following sections:
About the Cisco NX-OS Setup Utility, page 15
•
Prerequisites for the Setup Utility, page 17
•
Setting Up Your Cisco NX-OS Device, page 17
•
Additional References for the Setup Utility, page 21
•
About the Cisco NX-OS Setup Utility
The Cisco NX-OS setup utility is an interactive command-line interface (CLI) mode that guides you through
a basic (also called a startup) configuration of the system. The setup utility allows you to configure only
enough connectivity for system management.
The setup utility allows you to build an initial configuration file using the System Configuration Dialog. The
setup starts automatically when a device has no configuration file in NVRAM. The dialog guides you through
initial configuration. After the file is created, you can use the CLI to perform additional configuration.
You can press Ctrl-C at any prompt to skip the remaining configuration options and proceed with what you
have configured up to that point, except for the administrator password. If you want to skip answers to any
questions, press Enter. If a default answer is not available (for example, the device hostname), the device
uses what was previously configured and skips to the next question.
CHAPTER 3
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
15
About the Cisco NX-OS Setup Utility
This figure shows how to enter and exit the setup script.
Figure 2: Setup Script Flow
Using the Cisco NX-OS Setup Utility
You use the setup utility mainly for configuring the system initially, when no configuration is present. However,
you can use the setup utility at any time for basic device configuration. The setup utility keeps the configured
values when you skip steps in the script. For example, if you have already configured the mgmt0 interface,
the setup utility does not change that configuration if you skip that step. However, if there is a default value
for the step, the setup utility changes to the configuration using that default, not the configured value. Be sure
to carefully check the configuration changes before you save the configuration.
Note
Be sure to configure the IPv4 route, the default network IPv4 address, and the default gateway IPv4 address
to enable SNMP access. If you enable IPv4 routing, the device uses the IPv4 route and the default network
IPv4 address. If IPv4 routing is disabled, the device uses the default gateway IPv4 address.
Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 7.x
16
Loading...