DCUFT Troubleshooting Cisco Data Center Unified Fabric Volume 1 Version 50 Student GuideProwion Se hg Count on crane nahn seEh SSCS ANG ASLO CN NST I-UED viii, eon WARNES Of MERCIAN AB NEN OPRINGENENT NO see Parmcutan prose on ares ron A COURSE OF EEAUNIS USAGE Om MAOEPRASTICN Naso hat ry tan cry eee or. ws Cuc bars aaa Ta na ocean we Scenes (02012 Caos mao aan A enetfeettis cisco. ‘Students, this letter deserves important ‘course evaluation access formation! ‘Welcome to Cisco Systems Learning. Trough the Cisco Leaning Parner Program, Cisco Systems is committed to bringing you the highest-quality training in the industry, Cisco learning proxdets are designed to advance your professional goals and give you the expertise you need to build and maintain sategic networks. Cisco relies on customer feedback to guide business decisions; therefore, your valuable input vill help shape future Cisco couse eurecul, products, and training offering. ‘We would appreciate a few minutes of you ime to complet a bref issn online course evaluation of your intrtor an the course material in this student ki. On the Final day of class, your instructor will provide you witha URL directing you toa short post-course evaation. I there is no Intemet access in the classroom, please complete ‘the evalaion within the next 48 hours or as soon as you ean access the web. ‘On behalf of Cisco, thank you For choosing Cisco Learning Partners for your Internet technology taining. Sincerely, (Cisco Systems LearningTable of Contents Volume 4 1 Overview 4 {lamer Sis ad Knowedge 2 (Cou Goal and Objectives 4 ‘Cours Flew. 4 ‘tonal Relea, 3 ‘isco Glossary of Tons 5 ‘Your Traning Curtewum 6 ‘Tools and Methodoloaies of Troubleshooting. Overien Modula Objectives nds Troubleshooting T : ss (i ‘Overview. 13 ‘Objectives 8 ‘Troubleshooting ievodoogy 3 Ping, Pong, and Traceroute : 3 ‘Montor System, Processes, and GPU 3 ‘Sutshes Po Analyze uw Ethnalyer = 14 teagig 420 isc Genetic ine agnosis ' 435 Bin or Beacon, vat SUP and ROW. 143 Cui Debug. 149 Summary. 154 cisco Ben or La 158 ‘Gisce DON fr SAN 183 Summary. ver Modula Summary, 1093 esl Sel. Check mn ‘Module Set Check Answer ay. 13 ‘One “Troubleshooting Vis and BULA 24 ‘Troubeshootag VIP. 248 Sommary. : 248 ing Port Chan vero 221 ‘Obecves. 221 Troubleshooting Bat Channels 22 Troubleshooting LACP 24 “Troubleshooting VPC 228 summary 260Overview 251 ‘Objectives 2st isco FabrcPain Conia ane 252 (isco FabiePath Data Plane 258 “Troubleshooting Cisco Fabrica 2.00 ‘Summary an ‘Troubleshooting OTV. Det HRP Islaton Betwesn aia Centers Using OT 200 Summary 204 ‘Mocute sua 295 Module Sezcreci 2ar z 33 ‘Objectives 3 ‘Troublosnoctng Five Chanel Bot ines, oa ‘Troubleshooting SAN Port Channa! nares - Sat summary 338 ‘Teoubl ibre Chan Overview. 3.99 ‘Objecives 0 “roubleshoatng VSAne 340 Tretleshooing Fire Channa Soman, 350 “Troubleshoeing Fide Channel Name Services. 360 “Troubleshooting Fire Channel Zoning. 3.65 “Troubleshooting Cisco Fabre Services on Cisco iS Sais and Cisco News Sutches. 384 Summary 390 hooting N Overview. ‘301 “Ovectios Sat NPIV ana NPY ioe FOG! Processes, 3.02 “Troubeshootng NPV Mode 397 Sutenary ‘Hoe oaule Suneary 34108 Module Settchece 5:08 Module Sel check Answer Key S07 ‘02012 ess Sane.DCUFT Course Introduction Overview Troubleshooting Cisco Data Center Unified Fabric (DCUPT) ¥$.0's abe day inset ted course Its designed for systems and ld engineers, consulting stems engineers, and Cisco interiors and partners who install, inplement, maitain and woublesiot the Cisco Nexus ToGo stl S000 Switches, the Cisco Nexus 2000 Fabre Extenders, and Cisco MDS Mlilayer Furie Switches, The cours covers the key components and procedures needed to toubleshoot ‘an esol common issues with the Cisco Neus 700, S000, MDS Switches, and Nexus 2000 Fabre Extender inthe network and SAN environmentLearner Skills and Knowledge This subtopic iss the skills and knowledge that leavers mst posses o beef fully from the ‘course, The subiopic als includes recommended Cisco len oferings tht ners shuld Fist complete to beni lly fom this course. Leamer Skill and Knowledge Prerequisites + Goed understanding of networking protocols streets npr Cn Dita CrterUnos Recommended attendance of News 700, 000, and MOS prc cours Recommended CCNA or CCNPcatesion + Good understanding of he FCP and the SAN environment Recommended atensane of FCP dae ral expaence ecormengedatendance of te Inplenaring Cla Skorage Nata. Sota posh) Sonor eur srpeneres scandent by Robt Kel on ie Chamelard Before attending this couse lamers shoul be failior with networking potcos and technologies, the SAN environment, andthe Fibre Chanel Protocol (FCP), “The lamer should have tended the Inpe menting Cisco Dota Center Unie Fabric (DCUFD) «course ad Nexus 7000, 500, and MDS peodact courses, Cisco CCNA or CCNPS level of ‘knowledge isalso recommended for students attending the DCUFT course. Toto Therecommended ean lx CONA ae te intcomecing ica Nena Devic Pat f LACNDI) and nrconecing Cisco Netwak Devices Put 2 (GND core In ner to tain the appropriate lve of nwlede of the FCP and SAN environment the leamer sould have attended an FCP cours such asthe npemening Cisco tage Network Solions (ICSNS) couse. The recommended reading incest books by Raber Kembel on Fibve Chane and Fibre Chanel switched fabric, ‘Teushaig Giza Daa Car Unie Fabs BOF SO a Gace BeCourse Goal and Objectives “This topic deserts the course goal and objectives. “Troubleshoot and repli Cis00 Data Center architecture ‘components onthe Cio "Nexus 7000, 5000, and MOS ‘Swiiches and News 2000 Fabric Exonders, Course Goal ‘Upon completing this cours, you will be ale to meet these objectives: ‘Describe the troubleshooting tools nd methodologies tha are avalible frm the CLI and i Cisco DCNM tht are used o identify and solve isues in a Choo DataCenter network rehitecre ‘ent and esolve issues tat are elated to VLANs and PVLAN dent andeesolveisues that ae related o port channels and vPCS entity and resolve ise that ae elated 1 isc FatriePath entfy and resolve issues th eo and resolve ses that ae tne elated 10 OTV tet Fibre Chane interface operation ei and resolve ses that are relate o Fibre Channel withing when a Cisco Nexus “itch is adn switched mode on NPV mode ety and resolve sss that ar related to PCOE in the Ciseo Data Conte rhitestre entity and resolve issues that are related to Cisco Nex 7000 Series Switches enti and resolve issues that ar pec o Cisco Nexus 5000 Seis Switches enti and resolve ess that at spect Claco Nexus 2000 Series Fabric Extenders ent 5 ate specific lo Ceo MDS Switees ‘Tait james aSCourse Flow “This topic presets the suggested low ofthe course materia Course Flow EP eg leap a Bees eee ade Pi MM Mga soouand ——aedueenn ——Spetat Vebecingeee!” ——itigue tg netnobg Taetanhry Noise Laer Waos Mobi 9 SAN Mae Pte “teaitehcirg—Swnching aie— Seenue : Towestoang —Tauetetna M Moa reas Nouba “The sched reflets the recommended structure for this course, Ths srt allows enough time forthe inset to preset the cours information and for you to werk ough the ab activities. The exact ining of the sbjet materials and labs depends on the pace of your specific clas, 7 Teiaosing Gar Os CoeUnia Fie OCIS 29 Caen Sm reAdditional References “This topic resents the Cisco cons and symbols tat are used in his coms, as wel as infomation on where to ind tonal echnical erences Cisco Icons and Symbols Cisco Glossary of Terms For addtional information on Cisco terminology, let the Cleo Imervorking Terms and ‘ero horny of tems at ihipdocwNiccacom/viierietring Tem, and_ Acronyms 968ITAM. Gui Sma Gee we CaYour Training Curriculum “Thistopic presents th waning crea for his cous, Cisco Certifications ‘You are encouraged to join the Cisco Cetifiaton Community discussion frum open to anyone foding. valid Cisco Caeee Certification (such ax Ciseo CCTE®, CCNA®, CCDAS, CCNP*, CCDP®, CCIP®, CCVP®, or CCSP). Ie provdes a gathering pace fr Cisoooetfied profesional to share questions, suguestions, an information about Cisco Caer Cefieaton ‘Programs and other eetfation elated topics. For more information visit ‘www cisco con/gneetiiatons ia Co Ua Fae DOUFT ‘i as Sane neCisco Career Cert Network Professional (CCNP) Data Center Expand Your Professional Options and Advance Your Caveer CCNP-level recognition in data center "an Ge itd Cam EN ‘nonming ConUn Fibe 9 “eye OCU Fa DOT ‘Sam Gao year ConeSod Fae OCUFT ‘SE as SparanoModule 1 Tools and Methodologies of Troubleshooting Overview “This maul designed to show the student some ofthe common tol and methodologies tht et in troubleshooting the Cisco Data Centr arcitectre Module Objectives ‘= Deseribe the toubeshooting tools and methodologies that ar ‘hac are used identify and resolve issues ina Cisco Data CenteTies baa Goa Una Fave OCUFT AD "ata Gace SeLesson 1 Understanding CLI Troubleshooting Tools Overview Descibe he toublesooting tol nd methodologies that arabe from the CL dat re ‘et ey and resol resin he Caco Data Center network ariel. Objectives ‘Upon competing this ssn, you wil be able o describe the toubesootng ols and ‘methodologies that are available fom the CLI that are usd to identi and resolve issues ina (Caco Data Cntr ctvorkachtestre. You will beable meet hese objectives: ‘= Provide the basi concepts, methodology, and genera troubleshoot ng guidelines for ‘roblems that may occur when configuring and wing Cisco NX-OS ‘© Explain how tous ping and tsceroue fo troubleshoot problems wth comectivty, and how to ue path chokes ofthe pong Fear to messre the delay othe network between ‘0 pins 1 Explain how tous the CLI to monitor the system, prooeses, andthe CPU, 1» Explain hove tows the CLI SPAN ult o perform detailed toabeshooting from a patcular application host fo proactive moatoring snd analysis 1» Explain hoe to ase Ethaalyer to toubeshoot your network ana analyze contro plane tale = plain how tows the logging feature o log information for montoring and ‘woublesoatng af the Cisco Nexus or MDS switch ‘© xpi how to use GOLD to collet diagnostic results and detailed statistics onthe Cisco "Nexis of MDS switch ‘components in the Cisco Nexis switch‘= Explain how to use SNMP and RMON to monitor and troubleshoot a seh iso Nexus of MDS 1 Explnin how to wse the CLI debug feature to show realtime information while actively troblesooting a meter i td Fe BOOTED Gs SreeTroubleshooting Methodology “This topic introices the tase concepts, methodology, and general rovbeshooing gideines for problems that may occur when configuring ad using the Cisco Nexus Operating System (x08), ‘System Troubleshooting Methodology + Tatroubleshoot your network, flow these general steps: ‘Caer iflomaton at dfs the specie syria ent ptt rb that aud be causing te syns ‘Systeaicony emit sac poesia ti (onl ha + Aer cotecting infrmaton onthe symptoms and behav ofthe ‘robem, fo narrow the focus of your efor, you shou aera be spect ovine nod ne ble. ‘Cece verona steering on each de Dati sen has changedin the nets. ‘ait te toy oe eck. The implementation phase of your network deployment isan excellent tine to develop 2 methodology for toublesooting the network as whole. When a prabiem occu, the ist of potential suspects can be one. You must olet dete ifermation and systematically narrow thelist of potenti causes to determine the root problem, To rubleshnot your network, llow these general steps 1. Gather information sat defines the spect symptoms. 2 ental poten problems that could be causing the symptoms 44. Systematically eliminate each potential problem (om mos likely to east key) unl the symptoms disappen. Afr collsting informatio onthe symptoms and behavior ofthe protle, to marrow the Focus ‘of your efforts and to folate pois) of alr, you should do the fllewing: 1 ent the spect devices involved in the problem, 1 Check the version of oftware running om each device, ‘serine if something has changed in the network © Verify the integrity of the IP network Sait Spree “a ea teat Tea TSPreparing Your Network for Troubleshooting + Before your nework bocanes operation, you can ake several proactive saps to make toubleshooing easier, eluding Proc mt py gems youl pt scx ‘Te name asigato each mao dove (pest he DNS nae) Portmmbers Syrcroie the dae and tne on a devices Set aco andiogaing eels on ey davies so tha slogrsti aman Before your network becomes operational, you can lke several proactive stp to mike troubleshooting easier, including the following: |= Produce network topology diagrams to help you folate potent sources f problems, 1 Sypetronize the date ad tine on ll ever 1» Set race and loging levels on key devices so that diagnostic information problems occur ilable when ‘One ofthe firs tine of defense i possessing eurent opology information, Oe ofthe most important pices of topology information i deailed network diagram, AL a nin, Jour network topology diagrams should include the following information: © Thenameasigned 1 each major devie (typically the Domain Name Sytem [DNS] name) 15 IP addresses fo al devices inthe network 1 Links buewoun devices 1 Port numbers ‘This information is rita for stating which components are involv in rrr problem. For medium to large-sized networks, you may want to take “layered” approach in Your diagrams. Create a high-level dinra that states the overall physic lout of your network, ineloing al ites apd the inks between them, Then, foreach sit, cate wditional oput. te: SmRCecBmem ne SSC TTEthanalyzer Examples (Cont) ‘The folowing example shows how oespay the content ofa previously captured pap fe: he ile Fr fin analysis itis ao possible to examine the contents of ‘pea file locally using Ethanalyzt. The example inthe fg shows howto dip the ‘contents of cape fle in bootas, Simla he ive eaptring of packets wing, Ethanayze, the detail option fs required to vew tefl packet dso instead of ony the pocket headers. “Ta Tiaiabcng Gaza Bas Cai Una Fab DOUFT) SO 0a GyanLogging “This topic describes how to se he loging ett information fe monitoring and troubleshooting ofthe Co Nets or MDS switches Syste Messages + Caco Nows switchs lg stm messages varus ans, feching ie cone an 2g anh + Notalog messges incest problems: ome massages ae puny ‘somata = fen tena maapes cde ema + Tis example ows te fat We og message: c (ae) (ena oe ‘The system software sends system messages tothe console and oa fog fle in Mash. Optionally, these log messages ean also be sent toa server sing syslog, Nota sytem messages ate a problem with your device, Some messages are prey infrmationa, wile thes might help ‘ingnose problers with nk, itera hardvar,o the device software ach message logget at a speific sever lve, The severity levels hat reused in system smentigesineloe the folowing: . System usable fea: Critica condition 3 error: Exo condition 4-waening: Waring condition '5—noiiaton: Normal but significant conditions {6— Informational: Information message only 7-debugaiog: Appears during debugging only In peer Ine severity number indiana higher etait However, ven low-severty ‘message could indicate normal events suchas anew power supply beng detected afer ‘The log messages follow a specific format and inclode the ellowing Fes: = A month and ine stp that indicates the local switch ine when he message was logged 1 The hostname of the site ‘DBE Cem mememe——SSSCSCSCSCSCSCSCSCSCSCSC TOG TD1 The aly, which indicates the Cisoo NX-OS Software subsystem or Cisco News hardvare component tat generated the mesage Note Tis nto be antiaed wth fahty wav dened nthe og pala The saan {acy sat o oe by tet on Cz Nan the, bt canbe cong 1 The severity, which indents the erica of the mesage teasing that uniquely describes the system message A enon, whic 1% A descition that describes the event in dtl Toto Thermnemenis can be sad tales eseroton ote asus ne ico 1 (08 Srsom MessonesReteenc at hip so coment SHoesunchestaacartrelytem mesiagoshaerenctl n sos, bookin “eats Cho Oa Grr Utd Fae DGUPT aD Sa a SoeLogging Location + By default systom messages are deco to roe efron fcatons: esses of seve 2 (tea) or era eget he sponsor one ‘The ut 100 meecagoe of sevety 261 er ae ogedto he NVA of tho ‘mut sponsor Messages af seve 5 (iit ore peo thes spent +The logging sever forthe console andthe oggng severly, lename, and lester te ge In ash canbe coigred. +The NVRAM oggng i ot configurable Use ne show accountng fog command dp a Htory ofa ‘2nd configuration changes. By det, the Cisco NX-08 Software send log messages fo three ction: 1 Console: Messages of severity 2 (rte) or lower ar logged othe conse by defi “The logan sever lve for the console ca be changed, but to be abl to increase the Jogging lve toa value higher han rte, you must change the caso speed to 38400 bs 1» NVRAM: The device os the mot recent 100 messages of every 2 orlower ol in the NVRAM. You cant congue loging tothe NVRAM. ‘= Log fie: By deft, te sytem logs all messages of severity 5 (alison or lower toa logfile in ash. The log ilename, maxi ile size, and the maximum severly of the messages that are logged are configumbl. Use the show accounting lg command to display a history of logins and configuration anges. ‘The following output shows posible configuration of loging (you canst thatthe configuration of NVRAM is ot possible NOKI-FODI (contig) logging ? coneole. console logging togrite set rile loagina meaule Set modute(sinecard) 1ogging monitor Set terminal 1ine(monitar) logging Level timestamp Set logging Einestanp granularity ‘Sania BoneViewing the Logs + Tovew nolo messges in fe NVRAN, ue he show loging nam + Tvew the log message inthe og len Mash, use the show loging {ogi command To view the log messages inthe NVRAM of the sich, use the show logsing nea [ast nunbee~1ineo} command. The last option can be wed to speciy ta only thelist ruber of ines in the log shoul be displayed ‘To view the log messages in the logfile in Mash se the how Logasng loyéie [atart= ine yyy sn ut Dhenase2} [end-time yyy wn ot hoemné se command, The Start-time and end-time prance allow you To speciya tine range forthe log messages that ‘you are trated in ‘To configure logging, se the following configuration commands: Command Description ‘econ Teging egtie | + Congres he are othe ge ede ae yen Baeraneamvencerfce | “wannges ad meneame Youn sh ‘ptonay spely mous + ewtciconta ogg matte | = Enables module og messogee hat hve paclideaveiy (covey Iolo ihr te sveriy elt seco be deta Sowa ~ pigicntas ear leap tie san i By Soa, he us ae Iinestarp (meena potry ‘msc seco ™ ewichcontgtoggng sever | * Canes a hat to recahe og merge Toateeveryseel tse w- ane acy “Taig en Dt Co Unt Fabs DOUFTSD——————SSCSC RpmOnboard Failure Logging + Gieo NKOS Sofware cides the capa to soe fare and ‘evonmental dala persistent strap ~The formation can bo used to analyzo problems caused by haar or (BFL is enabled by deta + This example shows how to dp OBF infomation for analysis to provi fo Clo TAC: ‘Cisco NX08 Software allows you to log flute data to posistnt store, which you ea retrieve and display for analysis at ate ime. The onboard flr loguing (OBFL) Fate Soret fire and envionment aformation in nonvolatile memory’ onthe mode, The Jnformaton wil blp analyze aed modules. ODF. enabled by deff ll modules The data that ae stored by OBEL ince the following: Tine ont power-on Slot number ofthe module in he chasis Ina termperature of te module Firat, BIOS, ed programmable gat aray (FPGA), and A’ Seal umber of the mode Stack trace for crashes CPU hog information “Memory lek infomation Softwar enor messages Hardware exception logs Environmental history (BFL specific history information ASIC intrapt and enor ttt histoy ASIC ester dumps ‘ODL stores kernel race in ase Cisco NX-OS Software rashesNote Tolnerene dla ite OBFL os, pels nontedge of he pte reed The Irmo tho O8F. os shoul bo resented othe Cis Teco Asitsnce Conte (AG) for ays at of tho woubasootg process. “T3Tiwstoenig Caco Das Cm Und abi(GEuRT So 97 Gen SomCisco Generic Online Diagnostics “This topic deseries howto use Cisco Geri Online Diagnostics (GOLD) tcalet Agnostic esl ad dtiled statistics onthe Cinco Nex or MDS switche, Cisco Generic Online Diagnostics + GOLD provides a faut detection tremework to increase aalbiy: eer Scent cee ear | Maweowosene EEE + GOLD proves troubleshooting tos: coemons RR ‘Cisco GOLD ina suite of diagnostics that verifies thatthe hardware an internal datapaths are ‘operating ss designed. Bootie diagnostics, continuous monitoring, evdemand and ‘shod tests ate prof the Cisco GOLD fete st The diagnostic subsystem allows rapid faut isltion and crtinuous system monitoring. “The dignosti framework can detect hardware ules while the sytem i lie and ‘operational, and eoeative ations ae taken trough isco Embedded vent Manager (EEM) plies, Note Each mode ype asa ren st of eas ‘Samia Goa Spon ToCisco GOLD and Cisco EM Interaction + Cisco GOLD flues tigger predefined system EEM poles isco GOLD uses the Cisco HEM framework to ret o fires, The Cisco Nexus 71000 Series ‘Switches ship with a set of system default Cisco EEM policies that include fe Cisco GOLD. ‘default Cisco EEM, The common default actions fr all Cisco GOLD EEM polices inhale the following: Disable te test ‘+ Trigger the cometive action, For example place the pots inthe ered state or selead the module ‘A separate Cisco GOLD flue teesold sued for triggering syslog and Smt Cal Home, oth thresholds and action can be overridden with user configured policies, ‘Thesstem default Cisco EEM policies canbe examined using the show event manager ‘ystem-poliey command. The following example stows the default system plc ta is invoked if the RewrteEnginelaopback te fils NIIGLF ahow event manager eystan-policy __Rewritainginstoophack Name: _ RowritetngineLoopback Deseesption + bo Calltioms, 1og error and disable further HM testing on affected ports atter 10 consecutive foilures of GOLD “RewritorngineLoopback™ test overriaable + ‘TS Wetishohg is Daa on Vea Fie DOUPTHSO 6a peConfiguring Cisco GOLD Tests By detaut, afl set of COLD tots un at ystem bootup. + This example shows the oplons tat are avalabie forthe bootup dlagnost tts: + Nondrupve tess are scheded to run in the background at equa + This example shows how to adap the schedule forthe heath mentoring stagnostes: Bootup diagnostic are un daring bootup and detec aly hardware before Cisco NX-OS Software brings a module line. Fr example, you insert a faulty maui the device, bootup diagnosis est the module and take one Before the device uses the module to forward trafic, Boop diagnostic also check the connect between the supervisor and ‘mol hardware and the data and con paths fra the ASICs. Boo up diagnosis log Failures othe OBFL at splat gge a diagnostic LED indication. You ean configure the ‘Cisco Nexus switches ier bypass the bot diagnosis oun the complet et of bootup iagosts. Ruptme diagnosis ae also called heath-montoing dlagnosics. These diagnostics provide information abou the health of ve device. They detect ra-time hareware errs, memory ‘ror the degradation of hirdare mols over ine, soare fal, and resource ‘exhaustion, Health monitoring dlagnostis ae nondisaptive and un inthe background 10 ‘ensure the health ofa device thats processing ive netwerk wale. Yon can enable er disable health. monitoring tes or change her sche ‘TRiGes eee ne SSS ang ISTRunning On-Demand GOLD Tests + For oublshootng purposes, specie GOLD ess can be run on ‘demand + Blofore runing the test, you can spect ‘The nue trator deat 1) ‘heaton oko whan aot fs, wl canbe lp he et neta coi ie spodie amt aes have ose oak Slop oe on fue crue + This exarnple shows how o schedule an on-demand test. ‘On-demand tests help to tet specifi hardware components o lsat faults Yow can shee ‘onde diagosties to run ieditly.Altenatively, you can modify the deta iterva Torte corresponding health montoring est ‘You can tart or sop an on-demand diagnostic test. You can optionally md iterations 1 repeat the speifie et andthe action o take i the tes fi, he number of| ‘Tae Watisicg Cas bata Gt Utes Fie (DOUFTHED Geen amaVerifying Cisco GOLD + To very the confgued bootup toe, se + Teves he scheduled background ests, use “The figure shows how to display the curently configured bootp test eve andthe current schedule forthe hel-montring tests. The lags in the show diagno content command indicate the characteristics of the tests, For example, the “Pla in thesecond line dates that the et isa perport est andthe "DoF "Na. tex disruptive or nonisupve. 17 Cac Spies the fourth ine ates wheter theVerifying Cisco GOLD (Cont,) + To oi th scheduled backround tests use: te For a dosent ant, refer the Caco Nenu 7000 Ses COS 5 ‘anaperntGortgraton Gude ga. camenSiSesoneeatiatceen®_xhx- fey managemericaniguratenidln_ gel iw 150 Verifying Cisco GOLD (Cont.) + To examine the results of Claco GOLD tet use oneomand. + This command sts resus fr al yps of tests: bootup, schedule, oF “This figure shows how to verify the results dignost tet. The show dag command shows the results of al ypes of test: bootup et, scheduled ealthmontoring et, fandom demand ets, “Tosbaotny Che ats Coa Unie abs BOUT SO ‘SF Caca BeBlink or Beacon “This ope deserts how to se the blue Beacon to alin troubleshooting o replacement of components inthe Cisco Nexus sith, Blue Beacon Feature + On some laters, you can cause the platform LEDS to ink * This features @ useful way to mark poco of hareware so that Woal ‘sgminstter can qucley Wnty the hardware for Pousloshootng or ‘curonen Cy + ue beacon LEDS atow for easy Monfcaon fr serving, ‘A.sngle blue LED onl he removable pars (fan ays, power supplies, an modules) canbe ‘edt make sue that an operator des to an of replace the Won pat on the Nexus "sytem, The network operations center can tu on the LED via the Cio NX-OS Software and ‘sure that one ofthe commen causes of errs is aeided ‘De ama ne SSC ing TTUsing the Blue Beacon Feature + Totash he LEDS on a haar en, use the following commands: Peer orp | ‘esd Fete can LED Iecatieanrnior secon ce ns letriedmoti set "ase dace noe LED \eaeridpovemey ites poe von fi Feveioenmier ites te cenrnaate + Toiash a eng port LED ona module, use te folowing commana Interface conigtaton mode: lestcled Fetes te race LED To fash the LEDs ona hardware ent oto Mash a single port LED on a mal, use he omamands inthe table shown hee. The LED can be solid ue (operat has Magged this enity for identication) oro (entty ot ages, {Tanning Gs Bia a td Fie OOUFTB ‘Sa as SparseSNMP and RMON This opi dexribes how to use Simple Network Managemeat Protocol SNMP) and Remote “Monitoring (RMON) to monitor and rubleshnt a Cisco Nexus or MDS switch, ‘Simple Network Management Protocol coset i— a ms Te Cisco NX-O5 Software supports the flowing: = SNMPV1, SNMPy26, and SNMP¥3 + SNP over x6 + One sian of the SNMP per VOC on he Cisco News 7000 Sees [SNMP provides a standard framework and common language that ae eed or the monitoring sind management of devices i the network, “The SNMP framework coms ofthe pars: {© SNMP managers Used to contol and monitor the activities of network devices using, SNMP 1 SNMP agent A software component within the managed device tat rsintans the data forthe deve and reports the data to managing systems. The iseoNX-OS Software “spports the agen and MIB, enabling the SNMP agent relationship between the manager andthe agent, which both must be defined {= MIB; Colleton of managed objet on the SNMP agent ‘SNMP notification are used to indicate improper user authentication, restarts the losing of| the connection, the les ofthe connceton toa neighbor route, or ote signiant evens “These notifications are generated by the SNMP agent and sent othe SWMP manager ‘The Cisco NX-O8 Software generates SNMP notations ster trays o informs, A tap is sn asynchronous, unacknowledged message thats sent rom te agento the SNMP managers Tad in the hot rosever table, Informs ar synchronous messages ht ae set Foe the [SNMP agent tothe SNMP manager, which thr mansgrs et sensed Tey vee rein han inform messages because the SNMP manager dacs not sad anyecknowledements ff receip ofthe ap. SNMP managers that receive an inform request knowledge recep: if the Cisco NX-OS Software dacs no eel hat rexp, sends he aor message again ‘Steams SSCS TINGSNMP version 3 (SNMP¥3) provides secure aces o davies by auteatitn Frames over the network. The security fentres provided include the followin encrypting 1% Message integrity: Ensures that a message has aot ben amped wih n-ransie 1% Authentication: Ensures tht the message i frm valid source ‘© Eneryption: Prevents dh message rom bung seen by unauthorized sues 'SNMP\3 provide for scary models and secur level. A security model san ‘authentication strategy that i et up for wes, while the security levels the permite level of Security inside a security model. The combination ofthe security mode and security evel often ‘vatable oot and commands canbe spect tthe Cisco Nexus switches, [Atypical Layer 2 wouotesnoomg process metus me fosowng steps ‘ersingLayer2connectiy baean devices ne sre Layer 2 domain ‘eteminng avn th Layer2 path Btwoen the dovoas “cing ames and deen MAC adresse lng he Layer 2 path Iovatgung tots where the path seems token “Troublestooing Layer 2 problems should be a wel: known proces to a network engineer. The ‘way to approach tis proces is ot fandarntlly diferent on Cisco Nexus switches than tie ‘on any ater type of Layer 2 switch. Usually Layer2 woubleshooting proces consists of ining out ithe problem is speci to two devices, or mre generally affecting multiple devices. Ths will determine the second step. Two specific devices Would not normally indat a Spanning Tre Protocol STP) problem, for ‘example, Next, you rack the path butween two devies in the sme Layer 2 domain, after you have verified tht they cannot communicate. Once you have determined the expected path and the actual path according othe spanningrce topology, you ean st tracking the low ofthe fame trough the switches, One you discover a point where the path seems to be broken, you investigate the suspected lnk oko find th ease ofthe problem, Tiethoing Cas Uta Coe Dod Fare DOUG Sane Ca SowaTypical Layer 2 Troubleshooting Process Alypicel Layer 2 voubleshootng process ncdes the folowing sleps ‘sod commands ‘heck he pat sup an recehing anomalous the show Imeracs th caren Look ey xeon he tertcae— see how interac th ‘A typical Layer 2 roublesooting process saris with checking the infeices. Use the show ot is upand receiving and forwarding tai, and look for any rors on th interlace, Typical Layer 2 Troubleshooting Process (Cont) + Atypical Layer 2 troubleshooting process incu he fling eps and commands: Understand topogy—use he show ep neighbors command Interface ethernet and show Interface ethernet counters commands to check if the The next step in the process of tonbleshootng Layer 2 problems is detemining and verity Ae path betwecn devices. Use the show ep neighbors command to vey the Layer pth between dvies, Ties Facog aa as Sparse‘Typical Layer 2 Troubleshooting Process (Cont.) + Atypical Layer 2trbleshectng procoss includes the folowing sens ‘nd commands: ‘heckitne MAC edresss are boing earned—ute he show mac adress ‘Next rack frames and device MAC adresses long the Layer 2 path Use the show mac ‘addres table to verify ifthe MAC adresses are beng leaned ‘Typical Layer 2 Troubleshooting Process (Cont) + Atypcal Layer 2 wubleshootng processincldes the follwing steps ‘nd commands ‘Check he terface isin SP orang tte ite ong, tho AC ‘divest wi nl beleured}utothe show spanning tee van Vana Investigate the link where the path seems tobe broken. Check ithe nerfs i in STP Forwarding state by using the show spanning-tree vlan von command. the atetac sin the blocking state, the MAC address wll ot be lees ‘Fees Gas Oa Conta Fae DOOPTO———SCSCS~S*«Layer 2 Troubleshooting Process (Cont.) following sep Typi etter ir Seite cmsomer mtnteryepniend Severe etree Seats ‘You cam also check iany of the links are bundled inthe port channel by using the show porte ‘hanmel summary commund. By sig the show ip arp vlan van oma, you ca also heck the proper operation ofthe Address Resolution Protocol (ARP). To confit alg ‘message ntfeaton ofthe MAC adres table if the MAC adress moved use the mae siddres-tnble ntiieation mae-move command ‘aia Ga Spome Taye diene Foaaoing 37VLANs: + The sco Nexus suitchos suppor upto 4084 VLANS in each VOC in ocordance withthe IEEE 80210 standard {51 VLANs In igh oe fe VAN ange: ‘hetyatam and comet ba sed ‘Asoviteh acces port belongs toa VLAN, Unicast broads, and mutcst ackes are forwarded ad flooded ony to end sans in that VLAN. Esch VLAN is considered a logical nctwork Packets tha are destined for station that doesnot belong tothe sane VLAN mus be forwarded vin Lae “The Cisco Nexus 7000 an 5000 Series Switshes support upto 4094 VLANs, which are congaize int ranges fr specific sks {© VLAN 1: The deft VLAN cannot be modifi or deleted {% VLAN2-1005; Normal VLANs tht ean be erated sed, modified, and deleted, f= VLAN 1006-4094: Extended VLANs tht ca be created, named, and wo. The state of. these VLANs is always active, and the VLANS are alas enabled and anno be shut down, 1 VLAN 3968-4007 and 0 hese VLANs ae alloated for inter we ony For Cisco Ness 7000 Series Switches, VLANs 39684047 and 4004 are reserved foriternal tne in cach viral device conten (VDC) fr features that eet use intemal VLANS for thir ‘operation —for example, mulsast and diagnostes. Dye tothe ase of VDC, a VLAN number ‘hn be reused in different VCs, boese each VDC is separate virtual device. The maximum ‘numberof VLANs tht canbe supported sere all VDCS is 16,000. The sare VLANs are ‘reserved for intra se of Cisco Nexus S000 Series Switches, as well Deplayig PVLANs in an enterprise dat centr environment provides an efetive means of sparing IP ares space and conllng Layer 2 access to servers and devs resting within ‘he server frm, The Laver 2 slain tht is provide by PVLANS isan excellent way to ‘plement adios! Layer 3 security thai aready wet protect a particular sever farm "bet. The procedure for roubleshootng PVLANS is the sane es toublestooing VLANS, ‘Fae ss Data CoD Fare OGIO —————S~*« IVIAN Significance + Each VOC nh Co News 7000 sw can suport th ange of ‘toa ane + VLAN win each VOC ae isolated fram VLANS in ther VDC on the same ete, ‘When configuring VLAN, ena that you are inthe correct VDC, ose the steht vie command. VLAN names and IDs canbe repeated in diferent VDC, Is very important ht you confirm the VDC in which you are working \VLANs hive VDC lea significance witha the systom, an witha a VC Tamia Gam Spe me Taye Tee Tecan lerfaces ave local significanceInitial Troub! shooting Checklist + erty the physical connect fr any problem pots or LAN. + erty that you have bth end devices nthe same VLAN, +The follwing CL! commands ace used ouspay VLAN information: show van apo ‘show tech-supprt an ‘Once the VLAN configuration is completed, you can verify the VLAN parameters that aro ‘configu onthe vith with the show commands, The Fels inthe show san command ‘utp are described in the following table. van Nene ‘Ste Te uTu ato Baio Beha Dessrpion AN amber ‘ae ofthe VIAN contd ‘Slats of he VLAN evo o sponded) halo the VLAN eda po ote VIN Senuy asain I vate othe LAN [ing mane fr tne VAAN iaptbie ge nant re VIAN ‘STP ype wed onthe VLAN eabe ‘ign made ol VIAN “ransaton bon “Bia Yesteahoca Gs Os Cn tad Fase DOUFTSO 8 Cano armVLAN and PVLAN Issues scree en pet be ‘SCitntaracfoneorig ‘The igure displays posible symptoms and cause of VLAN nd PVLAN issues. The following provides more deli Symptom: You cannot rete a VLAN, Ponsible Causes: ‘© There are not enough resources in the VDC of isco Nex 7000 switch, — Solution: Use the show ve resource van command t determine ow many "unused VLANs yu can conigre this vale 0, login as network-admin and tse the imit-resoree command in VDC coafguraton mode to add more VLAN resoures to tht VDC. Ona Nex 5000 swith, sete sir command show resource sian, You sre using a eserved VLAN ID. = Solution: VLANs 3968 to 4047 and 4004 ae reserved fo ternal use in each VDC; {you cannot change of use these reserved VLANS, ‘Symptom: You eanot ecatea PVLAN, Pons Cause: The PVLAN feature eno ened Solution: Use the feature prlvate-vlan commind to enable the PVLAN esr. ‘Symptom: The VLAN interface i dwn (a problem when coatigurngthe VLAN interice). Possible Canses: 1b The VLAN does not exist — Solution: Use the show van command to determin if the VLAN exists Use the ‘lan command 10 create the VLAN, ‘92018 Gases ei ng‘= No intrfices onthe VLAN ae inthe STP forwarding tae — Solution: Use the show vam internat ino command to check the operating stat of the STP. Configure STP so hata lens one interface goes into the STP forwarding ste, 1 One or more services prevented the VLAN interface frm coming up. — Solution: Use the show vin internal info command to determine the sat ofthe VLAN interface, I'he states “oper-s", se the show lec-uppartinerface-vaw command gather ore information 18 The VLAN is secondary VLAN, Solution: Use the show via internal inf command to determine the tat ofthe VLAN interface. Change the VLAN ta primary VLAN, 15 The intecficeis inthe wrong ital outing and forwarding (VF) Solution: Use the show vef interface command to determine the interface thatthe ‘VLAN inercefasigned 0 show Commands for PVLANs + Dsl te PLAN conigration ing he show an prvatevian command To diply the slau of the PVLAN, us the show vlan private-vlan and show vlan private ‘lan type commands. ‘aE ca Bana ne‘Switch Virlual Interfaces Routers use interfaces or Cisco Nexus 7000 switches: subinferfaces to interconnect use SVis for routing be:ween ‘multiple VLANs. VLANs, ‘A svtch vial interface (VP) i veal nterfce ta is configured Within a mulayer ‘with. You can eeatan SVI fr any VLAN tha exists onthe switch, Only one SVT can bo ‘ssocited with any one VLAN. An SVI can be configured to operate Layer 2 or Layer 3. ‘An SVE is “virtua” in that there o physial pt thats daicated tothe interfce, yet tea ‘efor the same factions forthe VLAN asa rote interface woul ind can be co ‘much the same way as router iterTace (Padres, inbound or oubourd access con TACLs} and soon), The SVE forthe VLAN provides Layer 3 proestng for packets oan From all sich pot that are asociated with dat VLAN, ‘You configure an SV for & VLAN for several reasons 1 To provide gateway fora VLAN so tht afi can be routed int or ou ofthat VLAN, 1 To provide ulbck bridging if itis required fr nonrouable prooets 1 To provide Layer 31 connectivity to the sich 1 To support routing protocol and bidgng configurations ‘The inerfae-van feature mus be enabled before contiguting the SI Use the show featare ‘commando determine which features ar enable Example witch (contig) ¥ feature snterface-vian Snitch [contig] ¥ show feature ftacace 1 disabled aep 1 enabled private-vian I enabled S101 anabled Fooe 1 disabled fox 1 enabled ‘Domi Caco Syeame eng‘You can use the show interfaces command to display the interface Pade configuration and stats of a Layer 3 SVL The following is an example Hardware is EthersvI, address is 026.5109. 783 Tellability 255/255, teload 1/255, reload 1/255, ing of Yehow intartace* counters never 60 seconds input rate 0 bits/sec, 0 packete/ ses £0 seconde fed Bite/ses, 0 packets/sec nts} inpot! 0 pkts, 0 bytes ~ output: 0 pkts, 0 bytes 1a in Sstohed lucast:'0 pits, 0 bytes ~ acast+ 0 pkts, 0 bytes 0 phte, 0 bytes ‘The SVL nterfce for VLAN I shows a status of piu, because at least one ports tive in VLAN 1. Note tht the hardware is reported a5 “EtheSV," inating the virtual nature ofthe interBce The remainder ofthe outputs sina to what you would eon any route interface. ‘Fidos oes Dt Cala ted FE DOUFTED 776560Troubleshooting VTP “Thistopic explains how troubleshoot the VAN Trunking Protocol (VP). VTP Configuration and Guidelines + VIP will advrtse VLAN 1-1005 ony + VTP updates ae exchanged only across unk inks, * Each switch operates in a gven VTP mode that determines how VIP Updates resent tom and oceved ty that eth + Aswitch may ben ont one VIP domain, © VIP domain may be a smallas one seh + VIP updates wil be exchanged eny with oer switches inthe same ‘The recommended prac so configu all swiches to transparent \VTP mode and manvaly add VLANS as nodes. \VTPallows each router of LAN device to transmit advertisment in fame ots trnk ports, ‘These frames are set toa multicast address where they canbe received by all neighbor deviees. They are no forwarded by normal bridging procedures. An advertisment ists the ‘VTP management domi ofthe seding device, its contin revision nub, the VANS that it knows abot, and certain parameters for each known VLAN. By heating these ‘advertisements al devices in the sme management domain lean abo any new VLANS that ‘ae configured in th transiting device. This proces allows you to eae and configure @ new VLAN only on one device inthe management domain nd then tat information Is automatically earned by all the her devices inthe sare management domain. ‘Once a device leas about a VLAN, the device reeves al frames on hat VLAN fiom any teunk port by default, and if appropiate, forwards them to each fete trunk ports, iy. “This proces proven unnocestry VLAN tic fiom bing si o advice, An extension of \VTPealled VIP pruning has ben defined to mit the soape of broads afi and save tundwith Beginning with Release 5.1), the Cisco Nexts Opeating System (NX-OS) Software saports VTP pruning on Cisco Nexus 1000 Series Switches, isso News 5000 Series Switches donot support VIP pruning \VTP aso publishes information about the domi and the mode ina sired local database that canbe rea by oer process sch as Cisco Discovery Praca VTP s supported inthe following modes: transparent, server, let, al ff ‘Samia Brom Tip Bia Toeaing 218‘You can use a VIP clenvserver mole to automatically propagate VLAN definitions across the switched network. This mode ison used in anew network to file the implementation of ‘new VLANs. However, a the nebwork grows ler, this Bent sn tu int ability. Ia VLAN is deleted by accident om one server, tis deleted thoughout the network. Ifa sich thot already ht a VLAN database defined is inserted into the nctwork, iteamijack the VLAN database by deleting added VLANs. For this reason the recommended prac so configure allswtces to ransparen VTP mode and mannally add VLAN as needed, {VTP has the following configuration guideines and limitations 1 When a switch is configured as a VIP client, you canot erate VLANS on the switch the range of 10 100s, 1 VLAN 1 isrequired on al rk pots that ae use fr switch interconnets VTP i supported in the network Disabling VLAN | from an ofthese ports prevents VTP fom finettoning propery 1 you enable VTP, you must congue iter version I r version 2. Onthe Cisco Nexus 5010 and Nexus $620 sitces, 512 VLANS ate supported. I these swith arin Aisibution network with ther switches, the it retains the sme, Nests 5010 ‘itch or Cisco Next 5020 switch elienserver receives edition VLANs from a VTP server, they tation fo rangparent mode. ‘+The show running-configuration command doesnot show VLAN of VIP configuration information for VEANs 140 100, Use show vipat instead ‘= When deployed with virtual ort channel (VPC), bath VPC switches must be configured ientcaly WPC perfoons a Type 2 consistency check fr VTP coniguation parameters. ‘= VTP advertisements ae ot sent out on Cisco Nexus 200 Series FabvicExtender pots "= When a suite it configured in VIP client o server mode, VLAN 1002 to 1005 are reserved VLANS, (On ech swith, you may configure VTP 1 operate in one af tive modes: severe of ‘eansparent, The default VIP mode is server The mode wll determine wheter VLANS can be created onthe switch and how the swith wll patcipate ia sending and reeving VTP avensements The numberof VLANs that ean be configured ona switch wil vary by mae ‘Fis Wesson Gas Data Cor Ua Fame DODTEO 67GB anaVerifying the VTP Configuration “Thoshow vip status command i the key command for veritying VIP mplementa inal confguring switches na VTP domain, py close tention revision number. Check ose tht Inthe igre, Configuration ls madd by specifies the I address othe switch tat ast updated the VLAN dtabace of his svitch, a. Whe contiguration increases nly when changes are mae at intended VTP Note nis ample, VIP vrsin 2 ratte ar shown bythe "VIF Verso Ina oe put bart enbed fas soun bythe "VIP V2 Med’ oe a). His alvays advisable ous the show van command! on al switches, When a switch sin lent ‘mode, it wll show new VLANs only they were crested nd tranamited orety fou he ‘VIP serve, because creating VLANs on a vith in lint mode ino os, ‘DaaiaGe Siem bea gECommon Problems with VTP Configuration + Missing VLAN Confiraion ha ben ovr by acter VTP devon + Updates not ecaved 2s expected {VTP dom an passed ut a + Too many VLANS ‘Consider ming VP doaln aor “Thetuble describes some unexpected rests that can occur ater VTP confipration, Probie Possible Gauss ‘Upon il congue VIP soe ‘nay hove hd gatial VUAN dbs, elt overoe he esatog. more ‘apt taboos on be ing such, Becoming VTP server has 2 empl AN ‘VLANs were doled he ‘Vitec and those dlosone bo Fopapte ine doa nae ay ach oconng TP saner has @ pli AN a Net Cc os supa te same ‘ended ange VLAN (ove marred Fr han 105) ths ormatons nt teed ropa eV, Ensue at at Caco schon faa ose sme tine pt ‘pected The VP demain naa and pasword do ‘ot nat on an eth econ Updates tom a VIP sever ‘Revdantnnane ene The VIP veson i meompatie wih ‘ter on nt aman, Treen sera domain The ako he VIP sewer ino Fane “er mtb rank nko Toarnary wate ‘more capi tanh a needed by ‘hr snes ee domain ‘Genser he VTP “Zia Teahisenig Caco Das Canis FOUTS ————SCSCS~S*« S00 Cs SaraSummary “This topic summarizes the Key pins that were discussed in this lesson Summary + VLANs canbe vetted using the show vin command use PLANS Be Teatueprvateston cman mst sb ened bal +The show vip statue command ie the koy command for vriyng VIP inemeniaton ‘Swe cem Seem ngSe aLesson 2 Troubleshooting Port Channels and vPCs Overview “This lesson is designed o provide you wit some examples ffs th arrested opt «Sans ar virtual pot chanel (PCS) and show you howto ify and esa these es Objectives ‘Upon completing this leson, you lb ble to deni and resolve iss that are related to Port chants and vPCs You wll beable to mect these objectives: ‘= Explain ow to troubleshoot Ethemet port channels on Cisco News switch ‘= Explain how to troubleshoot LACP ona Cisco Nexus itch 1 Explain how to woubleshot PCs ona isco Nex siteTroubleshooting Port Channels “This topic explains how to troubleshoot Ethernet port channels on a Cio Nexis switch, Port Channel Overview + Port channes combine multiple physical Inks into a sing oil ink. * Header hashing fused to dstibute the afi ver he Inks, + Allport in the pot channel must ben the same VOC. + Alta om the same fw vl ake the same flow based on hash a are aaa Port channels are ne ofthe core technologies that ae ws in sortase networks. To add resleney anit nk falrs and 1o increase the available bandwidth between wo devices, ‘multiple plysial aks canbe provisioned beeen the devices. However, witht port els cont plae protocol, such as Spaning Tree Protocol (STP) eating protocols, twat the inks as vidal Fins, In the ese of STP, this wl result in blocked pots and, although the ational inks ad resleney, the svilable bandwidth betwee the two devices is fot increase, With outing protocols, the aldional links could be used for oad balancing However, this requires a routing adjaconey to be Fed fr every link, whidh increases rating protocol overhead The maximum number of ports ina channe depends on the exact switch harvare and software combination. On the M-seie modules onthe Cisco Nex 70 Series Swihes the ‘maximum is eight ative links pe or channel, Beginning with Cisco Netus Operating System (NX-05) Release 5.1, you ean bundle up to 16 active ports simultaneously no port channel, ‘on the Fseries modules onthe Nexus 7000 Series On the Cisco Nexus 5000 Series Switches, ‘you can bundle up to 16 active inks into a port shane Pot channels can ether be Layer 2 interfaces, o, nthe cas ofthe Cisco Newus $500 and 7000, sich, they canbe Layer’ interfaces, When vital device contests (VDC) ar wed ll Ports ina port chanel must be inthe sme VDC. A poet channel can either be defined statically ‘rnepited dyamialy using Link Aggregation Control Protocol (LACP, The Cisco NX- ‘Os Sonwae perfomsa compatibility check when adding pots to a por chine to ens ha, the port can patspate in the pot channel agareaton, Therefore iis npn ha all physical ports that participate na port chanel ae configured Mentally Al afi frm he ame flow wl ake the same Nl based hash ‘Fat Tsang cs Ot ot ta Fee BOUET GO 6101 Giea tansVerifying Port Channels + Use he show port-channel summary command to very port cxannel operation ‘To dispay por-chamelconiguation information, we one ofthe following commands Command Deseron “Gow irae por Tanna Sarat 7ane —| Desays he dane la potchawel oto oo ‘show port channel compat parameters | says hm pxaetvs ta moto a fate song fe mere pos nao por chame! “pw portchanna astabacsTtartace por: | oysay tne aggapsion star one hae ‘channel eon mba) porto aoe "how portehanne asa ane ToRaraG | ray the ype of ho bolncng wa or pat ok amas” “hed tlesa nore iw Bor Shaan BaF slays eanmany br be pcan ‘iow pacha wae [ Beles te wae ts fr pat chal “ow prt shannaT sage — ~~] py i ange fed and une ‘hana amare aaa seaney ee ae Serer bas tore eee seer ere el ag, Sones Shenataanar eee age onan Seapets Eo ‘pay rematon wn AGP ‘Tania Cae perTroubleshooting LACP ‘This topic explains how to toubleshot LACP ona Cisco Neus switch, LACP Overview + LAGP suppose aulomaticcreton of pot chanel exchanging LACP pactlsbetaon LAN pot + The potcoloams tho copies of LAY pot groups dna ad infos + Ate LACP ris covet matched Etre! ins, oclatae goupig ie {ern pr shana + LAGP stows yout congue up a 18 eras opt cha LACP suppts he automatic cretion of port channels by exchanging LACP packets between TAN ports. The protocol earns the capabilities of LAN port groups dynamically and informs the other LAN pots. After LACP identifies coecty matched ert inks, it fila ‘roping the inks into a pot channel “The figure shows how individ inks canbe combined into LACP port cme and channel groups aswell as function as indivi inks. ‘With LACE, you can bundle upto 16 interes ina channel group the channel group has more tan eight intrces, the remaining ltrfaces ain ht stay fo th port chanel hat isassocined with this channel group. Beginning with Cisco NX-OS Release 5.1, you can bundle up to 16 ative links into a por. channel onthe F-series module, NoteWhen you cee px cham esters aust dalle te asad hana group. Al mabertraces ver oh nga contgun. ‘You cannot dsible LACP while any LACP configurations are present, STF Gaza SteeLACP Channel Modes a Sercoreeremne tae Seren riot ho ACP mote al ca tio nae nega ste Ii prin enon hate pte amg Unc pate o ‘Anat cans ha tne LAC) wn Ins yo tani cane ane maa tarps esig AGRO oro Individual interfaces in port channels ae configured with channel modes. When you rn aie pot cinnets with no aggregation protocol, the channel mode is always st oon. ‘After you enable LACP globally on the device, you enable LACP foreach chanel by sting ‘he chanel mode for each interface to ative or passive, You en configure ether channel ‘mode fo individual aks nthe LACP channel group when you ar acing the inst the channel group. Bath the passive and ative modes slow LACP to negate between past determine if they an fem a port chant tat is based on eriteria such spot speed and the rnking late. The sive mode is useful when you donot know water the remote sso partner, sports ace, Ports can frm an LACP pst chanel when they at in different LACP modes ithe modes are compatible as inthe following examples 1A potin ative mode ca form a pot chamnelscessful sctive mode, wth enter port that is ia ‘A pot in active mode can Frm a port channel with another poet tht isin passive mode |= A porn passive mode canot form a port channel with anther port that is loin passive te, bonis neither port wl inte negotiation, © A port inon mode fs not runing LACP and cant forma por chanel wi thats in ative or passive mode ‘DiGi eeeMonitoring LACP Status + LACP i sable by default you must enable LACP (lature laep command before you beg ary LAGP contguraton, + Use he show lep command 6 mont LAGP acy athe network LACP is diseble by default; you must enable LACP before you bein LACP configuration. Your cannot dissble LACP wile sy LACP configuration present LLACP leans the capabilities of LAN port groups dynamialy and informs the other LAN posts, Once LACP Hentiis comedy matched Ethernet links, ciliates grouping the inks fat port chanel "258 Tutncanng Ca Co Dod Fabs BOUT WS‘Troubleshooting LACP «Uso the show laep counters commando tee LACPDUs set and recewod and packet ros + Use he debug lagp commando to splay LACP contguration ened ‘acto dears + Use the show laep Internal eventhistory Interface x command to ‘tepay event logs of LACP, Use the show lap counters command osc Link Agarogation Control Protocol data units (LACPDUS) set and received, swell pocket errs, aceoos Markor Marker Response LACEDa Channel groups 8 eae eas alee oe oo ° Use the debug Ine command to display LACP configuration and activity dst, Use the show lnep internal even-histry interface. command to display event logs of LACP on a speci imerace “The following example shows how toad an interface toa bundle an atvity details Ket {contig) Sntarface ethernet 1/2 M7K-1 {eonéigrif)¥ ahannel group 5 mode active NIRA eoneig-ie) 8 far 20 17:10:19,057: SLIMK-3-UPDOM: Interface Ettwenet/2, changed state to dom Sar’ 20°17¢10:19.469: ¥C1OK ALARY-6-INFO: ASSERT CRETLEAL wEhA/1 Soe. 20.17:10:13. 4732, CLOK_ALARU-6-INFO: CLEAR CRITTER Eth1/1 Physical Pore Link Down state to up Snax 20°17710:23.413: Ethernet1/1 added as menber~1 to port-channet5 Shae 20 17:10:23,473; SLIMK3-DEDOM:. Interface, PortechonnelSs LiTroubleshooting vPCs “This topic explains how fo woubleshot vPCs on a Cisco Nexus switch Improving Layer 2 Designs with vPC. + Wrhout PC amy Senn STP locks enn pins at Vian teed baanelng Loop elation ae en STP Ptr an nn ea een ewok mon wn vec No blocked sinks er oven sah aged Eternal bod baton = Lecp-esostay Viralizaion technologies suchas VMware ESX Server and clsterng solutions suchas Microsoft Cluster Serve caren require Layer 2 Euhenet connectivity to function properly With the increased ws ofthese types of technologies in datacenters, and now even across dat ener cation, organization ar shifting fom a highly selale Layer 3 network model oa highly salable Layer 2 model. This shi i emsing changes inthe technolo that are wsed to manage lage Layer? network environment. These changes include migraton away frm STP tse primary loop management ecology toward new technologies sich PC and Cisco FabrePath ‘An early enhancement to Layer 2 Ethernet networks was port channel tehnalgy. This “hancement mean that mate inks betwen two patcpating devices cul use all the inks between the devices o forward tafe Trae forwarded by using aloud oaneing igorito that equally balances tlc aos he avaiable inerswich links (SL), while also ‘managing the lop problem by banding the links as one logical link. “The biggs limitation in classe port chanel communication is thatthe por chanel operates ‘only between tw devices, In large networks, the support of mukile devices together is often a ‘design requirement o provide some Frm of hardware ale alternate path, This tera path iseften connected ina way that would case a loop, limiting the bani tha are gained with port channel ecology to single path. To adress this imitation, the Cisco NX-OS Software plitform provides ecology called veal port channel (¥PC).Althougha pair of switches eting as PU per endpoint looks like a spe fogial ent to portenante-tched devices, the to doves that act the logical port channel endpoint are sil two searate devices. This ‘vironment combines the benefits of hardvare redundancy with the Bonet of or channel Toop managenet, The other main bent of migration to ana port channe-based loop ‘management mechanism is that ink eeovery is potentially much Taster. ST can recover fom {link failure in approximately 6 soconds, wile a all-po-channel nse ston has the Potential fr fire recovery ia ess than a second Fea AT i Gee BeDouble-Sided vPC + ¥C is supported on both the Cisco Neus 5000 and Cisco Nexus 7000, Setles Sutches. * YPC can be deployed in mupe layers ofthe daa enter ‘hritaneouy. Acces to eaegson + Doubi-sided veC enabes 2 nique 16a port crane, ‘Can be scl 2 ay part ‘onelswah antes mes ‘PC is supported om both the Cisco Nexus 7000 and 000 Seis Sic, The benefits that ae Provided bythe vPC technology aply to any Layer 2 switched domain Therefore vPC ‘sommonty deployed in both the aguregaton and acces layers ofthe daa cote {PC can be used to crete loop-free loi topology botwoun the acces and aggregation Taye switches, which increases the bsetional bandwidth and improves network stability an convergence. vPC can also be used betwen servers athe acces lye switches to enable Server dul-hoing with dua active connections ‘When the stcesin he aces ad agarepation layers both suport vA, sniqae 16-vay port channel canbe created between he two Iyer, This scenario is cornonly refered 10 a8 ‘dalsided ¥PC. This design provides upto 160 Gs of bandwidth Hoa pai of sess sche othe aggregation lye. Tote 1 Cio Nem 700 Svs Sichs wih Ft aaa mods ro wad on bah ino ‘aided PC, «32a prt conn! canbe cesta a usp apt 20 hs of bandh betwcen te aces nd appegeton ayers. Tes Spare ‘ope ems aang 230vPC Limitations ‘The folloning atone should be considered when deploying vPC: "The PC perk mus cont of 10 Gigabit tere pot + The pears imit un these cade ein (nel dung SSL). + Ca par VOC taneson ‘PC domains caret be sbeched acoss mute VOCS on a sige ee, |AWP cant conan nk that ar femnaadon ferent VOCs on 8 ‘hole ste Each VC tate congue for VPC rue Is cw VPC peri and ‘When deploying VPC, there are some intations tht must be considered ‘Only 10 Gigabit uhernet ports can be we forthe vPC poe ink. Is econmended to use at least two 10 Gigabit Ethemet pots in dedicated mode on tvo diferent VO reds. The ¥PC pers must rn the same code revision except daring the nondianypive upgrade (h- Service Software Upgrade [ISSUD. ‘PC is per-VDC futon onthe Cisco Nexus 7000 Series Switches. VPC cn be configured in ‘multiple VCs, but he coniguraion is emily independent. A separate vPC pet link and ‘PC peer keeplive link ae required for each ofthe VDC. vPC domains cannot be sietched ‘ross multiple VDCs onthe sane swith, ad all ports fra gven VPC mst be in the same ve. SBC SomeVPC Limitations (Cont.) ‘The folowing lations shouldbe considered when deploying VPC: * AYP donin carat cna of mare han ope ec or YOOS, * You canal congue nor than one PC dn pr ah or VOC + AYP ea Layer2 pr canna Dynamic outing to VEC pets arose vPC or acon the WC perk ‘State eating aoe PC an FHRP acssas spot Dynamic rong ato vPC beta wo Layer niches thal et Ptcosing PC suppor, ya rong ecu eneon 0 manbars cons a ead {ler in bette he wo oS members ssa rice Rox 5080 Sora Switches ‘APC domain, by dtiution, consists of pir of switches that ar det by shared PC ‘domain ID not possible fo add more than two swiches oF VCs ton ¥PC domain, (nly one ¥PC domain ID can be configured on single switch of VDC. snot possible for a sich VDC to patcpate in ore than oe vPC domain, [APC is a Layer2 pot channel. vPC does not support the configuration of Layer port ‘channels, Dynamic rating fom the vPC pees to outers connected on 4 9PC ist supported, vis ecommended that rooting adjcencies ae established on separate uted links, Static outing to Firs Hop Redundancy Protocol (FHP) adeeses is spp The FHRP ‘thaeements for VPC enable outing to vital FHRP address eros YPC. ‘A,PC can bo used as Layer? lnk to establish a routing ajcency between two extemal ‘outers. The outing restrictions fr vPC only apply to oating alice between the vPC [eer svtches and outers tht are connected on a VPC ona Cisco Nex 700 switch, Dynamic outing adjacency between vPC members across dediated Layer 3 inkbtween the two VPC members is supported ona Cisco Nexus 5000 switch, ‘Samrz Caco ei ngVerifying vPC ‘Tovey vPC oporaton, use the show vpe brit command ‘Several commands can be used to verily the operation of vPC. The primary command to be ‘sed in initial verification isthe show ype bret command. This command splays the VPC ‘domain ID, the peer-link stats the Kepalve message sas, wheter the caniguation consistency i stccessul, and wheter a per ink is formed. I also displays the status of the JnividualvPCs that are onfiguted onthe with, ncuing the result of the consistency hooks. 352 Teen Ges Gata Crs UeVerifying vPC (Cont) ‘To check fr poeta YPC confguation consistency problems, usethe show vpe consistoney-parameters command: Ifthe show vpe brief command displays fled consistency checks, youcon use the show vpe ‘onsstency-parameters command t Find the specifi parastes that aed the consistency ‘heck to fil. The global epion on this command allows you to verify te consistency ofthe ‘slbal parameters between the to poe switches, The ype or iterface option can be use to ‘verify consistency between the pt channel configurations for wPC menber pots. ‘Alter you enable the ¥PC feature ad configure the per lnk on both vEC per devices, Cisco Fabre Services messages provide a eopy ofthe configuration on the local vPC pee device configuration tothe remote VPC per device. The system then determines wheter any’ of the ‘rac contiguation parameters fern the two devices. ‘Sait ce Opn GEVerifying vPC (Cont.) ‘To check fr potential vPC configuration consistony probloms, use tho show vpe consistency parameters command “The conguation parameters inthis section must be configured identically on both device of | the ¥PC per lino the vPC moves into suspend mode. The deviesautomaially check for ‘ompalily for some of these parameters the VPC interfaces. The pe-inerace parameters ‘aust be consistent pr interface, andthe global parameters must be consistent globally = Portchannl mode: on of, or active Link speed per chanel Duplex mode per chanel ‘Trunk mode per chanel, ictng native VLAN, VLANs allowed on tank, and the lagging of native VLAN teatfic STP mde ‘STP region contigration for Multiple Spanning Tree (MST) Enabled or disabled state pot VLAN, ding bridge asurance setng, port type sting an loop guard ‘STP interface stings, cling port ype setting, lop Maxim ransmission nit MTU) ad, and oot gard 54 Taian Gas bats Cr Un Fabs OCUFH AO ‘SHE Go SeeTroubleshooting vPC Issues + ¥PC alows the creation of HEC between an EtherChannecapate ‘evi and apa of Cisco Nexus ewichos or VOCS. * When you deploy vPC, you can encounter spec problems rele {o he uso of vPC, nation fo regular porschanna ot Layer 2 problems. + Most fhe problems wth vPC are caused by configuration Seanestentis ‘Global contgraton neonate betwen ep feithes htm {PC specie centurtonincnatnco atone oa ae ha ‘Srmita v8 onan og pot chat ncnsinecs ‘PC allows EtherChanel capable ncwork devices o build a Muchas EaherChannet (OMEC) thats teminated on two diferent Cisco Nexus 5000 or 7000 Seis Switches, The pai ‘of VPC per switches present themselves as single device othe devi connected on he Mec. ‘One ofthe most important aspect in rovbleshooting port channels in gone, to ensre tht the confguatonbeswoen the por in the channel s consistent, This principe aso apis wo. ‘PC andi complicated bythe fat tha the configuration now doesnot eed o math oly between ports a single device, but also between the two 9PC per devices, Many common problems wih vPCs ae caused by configuration inconsistencies. Therefore, this iralvays one ofthe primary areas to focus on when troubleshooting. Its aso possible that problems that sem to be ¥PC ives are actually caused by underlying Layer Io Layer 2 problems. ‘Daa Ges pom megvPC Troubleshooting Checklist ‘efor you stat any dead examinaton ofthe vPG contguraton ana ‘operation, perfor hese baie checks: * Vey that te vPC per inks ange apt chanel og ports on eves rons 10 not Ears mocks ts nt alee pe. ‘ery ta a vC mamber inks re ing prs on Maes Fs, tat noting pes ‘ety at you have he 008 management eran: conneceto a Imanagenart ach you ate nal sng. epaaa VA othe pot Feepate in yh ot th area detain? estes wa he oat ape messages re each he VRE at sacs wih he "PC pectccpatte nk + sty ta the peep nk pte binging the ¥PC peek + Yr epert ican aa ye nk ih ry Inany troubleshooting proces, its good to peform a number of basic checks before diving to deeply into a problem. When you ar oubleshooting problems that re elated 1 VPC, 1 Verity thatthe ¥PC poe ink is configured a port channel hat consist ihr of 10 Gigabit Ethernet ports that are terminated on Cise0 Nexus 7000 Mseres UO modules or of 10 Gigabit there poets that are terminated on Cisco Nexus 7000 Fsees VO modules, Ether type of module canbe sed, but you cannot mix both types of prs inte VPC peer Tink port chanel ‘© Verify that all vPC member inks ae using prs on Me-series or F-series on Nexus 7000 but not mixing the types. {© Ifyou donot spe avr roting nd forwarding (VRE) when you oafguethe PC poer-kepalive link, then it willbe placed inthe management VRF by dal In his ase, ou should ensure thatthe oof and (OB) management intrfces ofthe switches are onneced 10 separate management network, Verity 1P connectivity between the IP adeeses tha are used for the ¥PC pee eepalive link, When you est connectivity using the ping command, make sure tht you spi the source IP address and VRF that ar sed forthe poe keepaive ink ‘= The peer-kepative ink neds tobe configured an! operational before the vPC pes ink «am be brought up. Ensure that the peerkeepalive link is operational before coaigring the PC peer ink 1 Verify tht the wPC peer ink configured a an 802.1Q unk and that ony the vPC. LEAR ar allowed on hi tr rd Fae OOOPC Troubleshooting Checklist (Cont.) Before you star any etal exaination ofthe vPC contguaton nad aperaton perform hese base checks * Vey ne PC ret tha you asin othe pot chanel a anesthe dows safe YE pee dss ra on to peor dove + you manwaty cng oytom pty, ety that you seine te ‘etn ey von bP per dees Use re show ype consisteny parameters comman overly at tth ‘We par deans have neal pet promot, ~ yoy tte pray Pt pry SP oad te ean ‘ban WC poors are contigo dana see themes the a. + Chacha ae ary "rp port aneptan pet any por nk ‘inaguedas av tutcarnsa PC VAN, ‘= The ¥PC number thats used fora speci VPC should match on bath vPC per devices, ‘Verity tat the same ¥PC numbers configured on both tho poet chanel interfaces that are pt oF single VPC. The port channel number dos ot need o mash on oth svitces, bu ‘tis recommended to hep it the same and preferably make it the sane as the vPC number. = The VPC system privity neds to be the same on bth YPC per siches. you change it ‘om ne switch, you should change itn an identical manner onthe oer switch, |= There area large number of loa configuration parameters that ned tobe the sae on {wo ¥PC poe svtches for vPC to werk. Use the show vpeconsitney-parametrs glob ‘command to verify that all tbe sted type | parameters match |= Verity that he primary VPC per switch she spunning-tree tot for ll WPC VLANs and that the secondary VPC peer Switch the backap root forall vPC VLANS, Ifyou ‘configured the VPC peerswitch opin, thn both switches should te configured with the {exact same spaning-tee prot. They should both ee themselves asthe ot ofthe Spanning ee Fr all vPC VLAN, ‘© Check f thee ae any "orphan ports." An orphan por any port et onfigured as a ¥PC, but caries vPC VLAN, ‘Sami Caen‘Sample vPC Troubleshooting Commands “Tne folowing commands canbe used during a VPC troubleshooting [verse | \. | vent gt ont vec at nea TESS) | coin ) | Sosy) | “as” ‘The Figure illsratesa generic YPC roblesoting process and some ofthe Cisco NX-0S Cl ‘commands that can be sed during that proses. This ist swt exbastive aad there re many ‘more commands tha could be useful during the vPC troubeshoting proces. “The mos commonly wed Cisco NX-OS VPC troubleshooting commands ae the following f= show vpe peer-Keepalive: This command displays the tat ofthe peer Kepalive Hk, ‘which mst be operational before the vPC pes link cin come p. 1 show vpes This command canbe used o verify that the WPC peer ik operational in ‘ution to vowing the plobal vPC parameters, 1 show ype conssteny-parameters global: This command displays ll‘ releynt global parameters that noe to match om the vPC peas I there are global configuration Inconsistencies, you shouldbe abe spot then in the output of ths command. This ‘command wll ot yield any sei ress unl the poe-ink has been eatblished and onsineney check have been peTormed 1 show running-contig vps: This command is useful to compare the vPC configuration on both per switches and spt potential configuration eros and inconsistencies. By adding the ype keywont to the show running-config command, any non-vPC-lated comands fe left out of the configuration, 1» show vpeconssteney parameters ype: This command canbe usd overly dha the ‘configuration on the vPC pr-chanel is consistent on bath vPC pee switches. the ‘onfigurtion on both pets snot consistent, the VPC wl be suspende. {© show port-channel summary: This command ean be sod to verily dhe tat ofthe prt ‘Shan! inrfaces, bth on the vPC pee sites and on te connected downstream ‘eve, 1 show lacy neighbors: This command can help to oublesoot the negation of pot ‘anne tat are using LACP. Vey the LAP system Wdeniirs ca help to venty ‘hal he individual Fins inte por channel are connected to the correct switches. ‘STG ns ns|m aditin o these vPC specific oubeshootng commands, you may seed owe Layer and Layer? treubeshooting commands to toubleshoot problems with vidal ks. vPC Issues + Unabieo configure PC Poca cause + ¥€C sot nabindor a cuppredin he NXOS release stare thatyor ro renang * Ens that the ico NX.08 race supa PC. espa {Caco x08 Raise 4 endl essen ie ace NOS rs ‘ppt PC thes seth feature pe command ional + ¥eC i blocking stato Pons caus * ABPOU en sonds dala na sage opr chan. i> ‘Surancedputets ele, bon PC moves io Hoc sae Donat enable ie assurance an the ¥PC amber nk you ar unable o configure VPC, a posible cuse that YPC isnt enabled or isnot ‘supported in the Ciseo NOS release of soltware that you ar onning. Ensure thatthe Cisco NX-0S release supports WPC. vPC is suported ir Cisco NX-OS Release ‘A and ln, Ifthe Cisco NX-OS relese supports VPC, then use the command feature of WPC ‘wensbleit ‘A bridge protocol data unit (BPDU) only sends data on a single ink o pot chanel Ifa ‘widge assurance dispate is dteted, ten vPC moves into a blocking sit. To solve this, do mak ‘able bridge assurance onthe wPC link because ofthe following 1 Bridge assurance cannot be used on a spanning re pot type netwer, ‘Bridge assurance prevents you fom encountering SSU ise, It tou only be enabled con the YPC pr link, aia Gas Stone Taye Bie ooaing 258vPC Domain IDs Issues “The vPC poe fink is down ifthe PC domain IDs are configured improperly Compre the vPC omnia 1Ds ofthe two switches and ese that they atch, Example ‘vitchit show vpe brie Legend: “""{s)"= toca vPC Le down, forwarding via vi poor-Link wre keepsalive status * Sispended [Destination 1° not reachable} Conriguration consistency status: success, vic cole! secondary, operational primary Dual-sctive excluded ViAKe ¢ Engends +} "= local vPC Ax dow, forwarding via viC peer-Link wee domain id t 3 We Keopealive state Suspended (Destination IP not reachable) Contiguration consistency status: succass wevrole spiny, ‘Gateway + Disabled ‘Fad Weoaseing Ges Uns Co Uned aS TDOUTIVSO SSCvPC Domain IDs Issues (Cont) ‘The vPC domain Ibs f those Cisco Nexus switches mustbe changed to “The two switches inthis example have different VPC domi IDs. The »PC domain IDs of these Cisco Nexus switches must be changed to match This canbe dons by entering, ‘configuration commands, one pr line, and ending each by pressing CUZ. ‘eviten? (config) wpe domain $00 Changing domain id will flap pees-Link and ECs, Continue (yes/no)? Ine} yes ultch24 show wpe Deiat Tagond: (+) = Local ¥EC {2 down, forwarding vis ¥PC peer-link fer state © pont adjacency formed ok Configuration consistency statuer succes voc role : primary, operational secondary Miner of vBts configured #3 Poor Gateay ¢ Disabled Dual-active excluded VLANs =~ 1 #0500 up 1,19, 91,93, 757 ‘Sateen rgvPC Connectivity Issues + Possible cause PC pss kespal nad enact nue ver igri igh xi + Souton Check ote peekeeptve nr veachiy Iethere are connectivity issues, you should fist chek forthe poe Kepalive mgt reachability, ‘On the peer Cisco Nexus switch enter the command auiteh2# ah run ine aga. 0 "Command: how running-contlg interface nut version 4-2(0)#2(1) Interrace ant fp addeese 112-18,218,162/24 Ensre there is eachabiity from swith: aviten2b ping 172.20.218.162 vet management Pine 192.18.120. 162" (172.10-118,162}7 56 dat 4 from 152.418.120.163: et from 192.48-138-162 et from 172.18.130.162 ls, ianeans thatthe connectivity between both mgmt interfaces does not ens oF that they are not interconnected propel. Make sre the mgm interface isunsut and that you an ping the switch mgt interface, wltchl# sh int br | grep mgnto ‘STE Caco Beeestas shows that ti down, means thee sno physical conncton to mor tha the Jerface isin administrative shutdowa, You need to verify the physical connectivity and tush the pe: owltenit contig & Switch! (contig! F int mgmt 0 Sulteh! (config-if} no. shut Sulton! (eontigeit}# show int Be | grep montd fngnt == up 172-16-110-62 1000. 1500 It pinging the oer switch continues of then there san interconnection issue between the ‘ovo Cisco Nexus switches. ‘Check the networking inbetween the switches ‘+ Switch ierconaectng in acess VLAN aa, ing he sae VLAN fr bth Nex switches. 1 The VLAN is allowed aeos and between the switches. ‘Sao Gnas TGvPG Connectivity Issues (Cont,) + Soon heck conguatn a camete eno ashes at ether are stil connectivity issues, check the vPC con nleses that ae use: witch] show xan dnt agate 0 “Gonmands show ronning-toncig interface ayoto version #,2(2)¥2(1) Sp sdirese 172/18.118,169/24 uation and compare the mgt IP ouitchtt show run vps timer Toe Mar @.03:53057 2011 version #-2(182(1) ‘auitonzh show nun ant gat 0 IGeamands show sunningrenntig interface mnt version 4.210)82(1) Interface mameo Sp address 172,18.130,262/24 Teommand: show running-contia vee [timer Tue Mar 8 o3ro4r03 2012 ‘pe domain 500 peeecteepalive deatination 172.10.112,262 1m this example the destination IP is not comet. The comes Pf 172.1.118.163, which isthe por Pads. ‘Fak —Teaessing Casas Cnr Unie abi DOUFISD———————SSC« TSOvPC Peer-Link Issues + Posse couse “Th pk ol cond + Sotton Coniguete per ink cone soe show ep nighbor commande determine wich phys pats ae ‘aoneddiothe ier Caso Neme sate, Crete of charge a pct cannon he fe ch an aso tne prs comes tote poe ouch, ‘ack nev ogi, you encounter peetink issues, check and verify the per lnk configuration nthe following example, the problem shat the vPC peer ink doe not exist, owitehtt show vpe Brit Legend: """(sy"= Local ¥EC 12 down, forwarding vis ¥RC peex-Link Peer status : peer link not configured Configuration consistency statust failed Contiguration consistency season: VPC peee-Link doce not extete You can use the show ep neighbor command io determine which physical ports are connected tothe oer Cis Next switch suitcht¥ show edp neihbor Capability Codes! R= Router, 1 ~ Trans-Beidge, 8 - Souroe-Route~ Bridge Si Switch, H~ Host, 1 - Lome, r ~ Repeater, ¥ = Yotb"Phone, b= Renotely-Hanaged-Device, Doviceri0 Local Intefce Hdtme Capability Platform Port 20 ‘uiteh2(Ss11324035%) Behi/25 120 £1 NOR-CSO2DP-BE Bth1/25, ‘uiteh2 (9811320033) EEh1/26 128 8 1 NOR-CSOZOP-RE Bthl/26 In this example, ports 25 and 26 connect othe other Cisco News site an shouldbe confgned esa per link. Run the sume command onthe other Cisco Nes swith and observe the pons, suitch2H show edp neighbor Capability Codes: R= Router, T ~ trans-Beidge, ~ Souroe-Route- Bridge B= Seiteh, H- Host, 1 - 164P, x ~ Repeater, V = VorP-Phone, 0 = Ronotely-Kinaged-bevice, DevieerID Local Intréece Widtme Capability Platéarm Port 10 ‘02018 Gene a rgvith [99114150760)Eeh1/25 160 6 1 = NSK-cs0200-BF BL31/25 Suiteht(SS1L4190768)Etn/26 168 § Ts NSK-cs0200-BF Beu1/26 austehZb show run Sint 01/25 Command: show running-config sntezface Ethernet /25 version 5.1 (31821) Interface Eeharnet/25 ‘ultonport node trunk ‘channel-group 300 suitch2¥ show mun ant @1/26 Command: show running-contig interface Bthernet/26 jereion 5.2(3)N2(1) Interface thernee1/26 Eeitcport made rank |i this example, yu can se that pot channe! $00 is sed on the comnetion to switch 0a sviich2, You now nee to determine how port chanel 500s coaigued on swith? auiton2t show ran int po 500 ‘Cenmand: show tunningeeontig interface port-channe1S00 Hnimer Tue ha 04:20:38 2011 version «-2(1182(1} Interface portchennel500 suitenport node trunk wpe peee=link Senming-tste post type network ‘Crate a port channel 500 on switch ad associat othe ports connecting 10 e125 and e/26 ‘on site, ouitent (config) # int po 500 Seiten (oonfigrit)4 Ane 01/25-26 Suitenl [oonfsg-if-range)# channel-group 500 Suitonl (eontigeif-range)# int po 500 Seiten (oonfigeLf)¥ epe poor=Link [Notice hat the spanning ree port type has changed oa network port type 00 the VPC per link “Thienables spanning te bridge assurance on the ¥PC poe ink, provided that STP tidge assurance disabled. (STP bridge assurances enabled by default) Check the vPC again switch] (config-S614 show vpe riot Eagend: (2) = local v#e ia down, forwarding via vIC peer-Link wee domain 1d + 800 Peer statue ® peer adjacency formed ok ste keepeaiive status # peer 9 alle ‘vec rel: primary Number of vets configured : & Poor Gateway: Disabled id pore Status Active viene 1 P0500 up 1,18, 91, 99,757 Port channel 50 ad the pee ink are now up. The YPC is succes, “Fas Teasing Cas Oa Coa Unio FanE(OGUFTIVSO—————SCS~*« ECvPC Consistency Issues + Posse cause Cia operations ype 1 consstony parameter dt rate n Boh ‘tea Neme sates + Soliton Ensue ype coniseney parameters mah {PC is not operational if type I consistency parameters do not match on both Cisco Ness SOOD Sites. You lave to ensure that type consistency parameters mit ‘The posible values for ype are 1,2, oF» Hem that are type | ust mach on both Cisco "Next switches. IF they de nat mail, then VPC ie spended Starting with Release 5.0 onthe "Nexus $000 Series a ype 2 was ioduced lems that ae type 2 dono ave tomate on both [Nex 5000 switches forte vPC tobe operational, The command in the following example displays local nd ocr values. Run the comand on bush switches to ens thatthe fe tems math, To check fora misentch diply the consistency parameters fowltent show ypo consistency-paraneters glcbel ‘Type 1 + VPC Wi11 be suspended in case of mismatch ‘Type tocal Valve oer Value SP HST Region Revision 1 STP HET Region Instance to 1 VAN Mapping SIP Leopguara 1 isabied Disabled sre fort type oem Normal 20,30, 37,99 1710,35-20,20,37,99 1536,38- In this example, all valves match and vPC will be operational ‘Canc Saeehe a BavPC Consistency Issues (Cont.) + Type 2 consistncy checks are meant to pevent undesked warding + Soto Eau ta nae i no VAN math Depending on the severity of the misconfguration, vPC may citer warm the user (ype 2 misconfigiation oe suspend te ort channel type | miscontgration. In he pee case of {VLAN mismatch oly the VLAN that fers between the VPC member psf going tobe spend on all the wPC port channels "easing Cac Ona Co Une Fab HOUT SD ‘STE Gi SsHSRP Gateway Issues + Symptom Hoss tn HSRPglewy anol access beyond th VAN + Possible cause ba ost gpeway MAC adress mapped oe ysis MAC ads of ‘ay ono oth YB poar aes, pocket may gu Sopped dea ese provrdannachan ny. + Soliton ~ Cong tbe per gateway command \When Hot Standby Router Protocol (HSRP) is enabled on both VPC pee devices on & VLAN and hosts on tht VLAN se the HSRP as ther gateway, they may not abl to reach anything ‘outside their own VLAN. ae hos gateway MAC adress is mapped tothe physical MAC addess of ay one of the ‘PC peer devices, packets may get dropped die tothe loop prevention mechanism in VPC. The solution i to map the host gatewsy MAC adress othe HSRP MAC ares and not the physical MAC addres of any one ofthe VPC per devices Using the peer-gatemay command ‘an bea workaround for thi scenario, ‘OR Cassese ngSummary “This topic summarizes the ey points that were discussed in this lesson. Summary Un ts show ines portal bans uma commando ay be ‘ta fp cane fetcn wth show porechanal ona Ecmnatodpy be pected neva ner po can. + Uta tow ep canmend mont LACP acne en ete ebog icy crn Sop UAC angus a sy So ‘beri, pros tome best cacao vey SPC opts ine Be hon ‘Spe bet commana rad Fae OORT RTLesson 3 Troubleshooting Cisco FabricPath Overview “This lesson is designed to provide you with some example of sues that reread o Cisco Fabviath and sow you how to enti and resolve these ses Objectives ‘Upon completing this lesson, you wil beable to deni ad resolve ies that are ated to (Cisco FabiePah. You willbe abl to met these objectives 1 Describe the Cisco FabrcPath contol plane "= Deseribethe Cisco FabvcPah data plane ‘Explain how to troubleshoot CikcoFabriePath on a Cisco Nexus sichCisco FabricPath Control Plane This tpiedeserbes the Cisco FabicPath contol plane. Cisco FabricPath: Ethemet Fabric + Group of char wigan ei tpooay + Eulematy, We fabileoks hea sino swich Seg ap telnet + supprton Ceo Neva 8400 an 7009 Sere Scher Reon Ehoneed.ae 280m ‘ans Tn, vt non Fetes Maes ‘isco FabrcPat san innovative Cisco Nexus Operating System (NX-O8) feature designed to ‘ring the stability and performance of routing to Layer 2. It beings the Bnet of Layer 3 ‘outing io Layer 2 switched networks to build highly esilcnt and scalable Layer 2 abi. isco FabrcPath switching allows multipath networking a the Layer 2 level The Cisco FabicPath network sil delivers packets on a bestffert basis (which sir tthe classic Ethernet network) bt the Ciso FariePathnetvork can use mip paths for Layee 2 ali Ina Cisco FabricPath nctwork, you do not eed to run the Spanning Tree Patcol (STP). Instead, you can us Cisco FabriPath across datacenters Exterally, a fbrictooks tke a single switch, yet nteraly there is gotoco!tat ls fabri side inteligence This intelligence tes the elements ofthe Cisco FariePahnfatractre togetber Frames are forwarded slong the shortest patho their destination, reducing te Intency ofthe cachangesbetwoen end ations when compared oa spain ee-ased Slaton Every interface that is involved in Cisco FabricPath switching fl ino one wo categories: 1 Cisco FabriPath edge port: Cisco Fabrieath edge ports ate interes atthe edge ofthe (Cisco FabrePath dona. Those interfaces run classic Ethernet and behave exaty like normal Ethemet pots. You can attach any classic Ethemet deve to the Cisco PabriePath fabric by connecting it toa Cisco Fabia edge port. Cisco FabricPath switches perform IMAC addres earning on edge port, and frames tha ae tasited on ge ports ate standard IEEE 8021 Ethernet anes. You can configure an edge prt ean access pot or tan IEEE 802,10 trl, ‘Taree Gaza Dt Cantar nts Fae DOURTSO ©2070 ne"© Cisco FabricPath core port isco FuricPah core ports slays Frward Ethernet frames cncapslated ina Cisco FabricPath header. As aru, no MAC adden leaming ours on ‘Cisco FavicPath core pos forwarding decisions occur based excsively on lookups in the switch able. there ames ransited on a Cisco FabicPathintertace aay carry an IEEE 802.10 tag and therefore the pot ean conceptually be crsider trunk pre. In Cisco FabricPath topologies, there are two types of Tunetions” (whi canbe performed by all Cisco FabicPah hava): 15 Eage (or lea devices: These devices have pots that are connect to Casi Ethernet devies servers reall router ports, and soon and port that ars ened tote Cisco FabrcPath lod (rFabvicPath pots. Edge devices are able to mapa MAC aes othe destination site ID. Inerconnec ele deviees. Spine devies switch ively base onthe destination swich 1D, Because Equal. Cast Multipath (ECMDP) canbe used atthe dat pla, he network a se all be between any two davies. Cisco FariPath can perfor 16-2 aa)Cisco FabricPath Control Plane Components +1818 + Ieraction wih STP + FabricPath and clasic Ethernet VLANS + Mutisestinaion tees + FabiPath routing + Conversational MAC faring seer + Mates ‘Tes at the Cisco FabriePath conta plane component: ‘4 15-8: Cisco FabriePath vos the Layer 2 Intermediate System-o-nterwediate System (S- 1S) protocol fora single contol pane that actions for unicast, broadcast, and multicast packets ‘= Interaction with STP: A dese description is provided later in this lesson The STP domains donot eros into the FabeePath network, ‘= Cisco FabriPath and lassie Ethernet VLANs: To interact withthe dsc Ethernet hetwork, you st VLANs to ether classic Ethernet or Ciso FabriPath mod, The lassie Tiherel VLAN cary taf rom te classic Ethemethoss tothe Cissy FabriePath inerttces, ad the Cinco FabricPath VLANs crt afi throughout te Cisco FabviPath topology. All VLANs tha are meant tobe forwarded over the Cisco PabrcPath network ‘st be created a Cisco FaviePath VLANs, By default ll VLANS arin classe Ethernet mode ‘© Multidestiatin tees: When a Cisco FabriePah ede switch receives a muitidestination fame on an edge por, islets one ofthe available mulidestnation esto forward fame. 1 Cinco FubriPath routing: The 18-18 protocol establishes switch ID tales that enable the routing of FabeePath eames though the Cisco FabricPath network, 1 Conversational MAC learning: Cisco FabvicPath introduces new MAC adress learning rules that optimize the erg process within the fabri and lp conserve MAC address {able space onthe edge switches. This technique, which is known as coeversatona Ienning. soca atmateally in VUAN cng for Cisco FubriePh mode|= PCH Viral port chanel pls (9PC') is am extension o vista pt chanel (PC) tha ‘rovdesthe solution by eretting «unique via swith hat appt sparse device to thereto the Cisco FabvicPath network. A VPC proves active-ative Layer 2 pa or

Potrebbero piacerti anche

• It Ends with Us: A Novel

  

  Da Everand

  It Ends with Us: A Novel

  Colleen Hoover

  Valutazione: 4.5 su 5 stelle

  4.5/5 (5838)
• The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life

  

  Da Everand

  The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life

  Mark Manson

  Valutazione: 4 su 5 stelle

  4/5 (5813)
• The Perfect Marriage: A Completely Gripping Psychological Suspense

  

  Da Everand

  The Perfect Marriage: A Completely Gripping Psychological Suspense

  Jeneva Rose

  Valutazione: 4 su 5 stelle

  4/5 (1133)
• • Riviste
  • Podcast
  • Spartito
• The Art of War: A New Translation

  

  Da Everand

  The Art of War: A New Translation

  Sun Tzu

  Valutazione: 4 su 5 stelle

  4/5 (3045)
• The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life

  

  Da Everand

  The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life

  Mark Manson

  Valutazione: 4.5 su 5 stelle

  4.5/5 (20099)
• How to Win Friends and Influence People: Updated For the Next Generation of Leaders

  

  Da Everand

  How to Win Friends and Influence People: Updated For the Next Generation of Leaders

  Dale Carnegie

  Valutazione: 4 su 5 stelle

  4/5 (2327)
• The Handmaid's Tale

  

  Da Everand

  The Handmaid's Tale

  Margaret Atwood

  Valutazione: 4 su 5 stelle

  4/5 (13228)
• Pride and Prejudice: Bestsellers and famous Books

  

  Da Everand

  Pride and Prejudice: Bestsellers and famous Books

  Jane Austen

  Valutazione: 4.5 su 5 stelle

  4.5/5 (20479)
• Remarkably Bright Creatures: A Novel

  

  Da Everand

  Remarkably Bright Creatures: A Novel

  Shelby Van Pelt

  Valutazione: 4.5 su 5 stelle

  4.5/5 (5719)
• Good Omens: A Full Cast Production

  

  Da Everand

  Good Omens: A Full Cast Production

  Neil Gaiman

  Valutazione: 4.5 su 5 stelle

  4.5/5 (10941)
• Never Split the Difference: Negotiating As If Your Life Depended On It

  

  Da Everand

  Never Split the Difference: Negotiating As If Your Life Depended On It

  Chris Voss

  Valutazione: 4.5 su 5 stelle

  4.5/5 (3310)
• The Hobbit

  

  Da Everand

  The Hobbit

  J.R.R. Tolkien

  Valutazione: 4.5 su 5 stelle

  4.5/5 (25200)
• Art of War: The Definitive Interpretation of Sun Tzu's Classic Book of Strategy

  

  Da Everand

  Art of War: The Definitive Interpretation of Sun Tzu's Classic Book of Strategy

  Stephen F. Kaufman

  Valutazione: 4 su 5 stelle

  4/5 (3321)
• American Gods: The Tenth Anniversary Edition

  

  Da Everand

  American Gods: The Tenth Anniversary Edition

  Neil Gaiman

  Valutazione: 4 su 5 stelle

  4/5 (12955)
• Freakonomics Rev Ed

  

  Da Everand

  Freakonomics Rev Ed

  Steven D. Levitt

  Valutazione: 4 su 5 stelle

  4/5 (7866)
• The 7 Habits of Highly Effective People: The Infographics Edition

  

  Da Everand

  The 7 Habits of Highly Effective People: The Infographics Edition

  Stephen R. Covey

  Valutazione: 4 su 5 stelle

  4/5 (2487)
• The Hobbit

  

  Da Everand

  The Hobbit

  J.R.R. Tolkien

  Valutazione: 4.5 su 5 stelle

  4.5/5 (24588)
• The 7 Habits of Highly Effective People

  

  Da Everand

  The 7 Habits of Highly Effective People

  Stephen R. Covey

  Valutazione: 4 su 5 stelle

  4/5 (2571)
• Habit 1 Be Proactive: The Habit of Choice

  

  Da Everand

  Habit 1 Be Proactive: The Habit of Choice

  Stephen R. Covey

  Valutazione: 4 su 5 stelle

  4/5 (2559)
• American Gods [TV Tie-In]: A Novel

  

  Da Everand

  American Gods [TV Tie-In]: A Novel

  Neil Gaiman

  Valutazione: 4 su 5 stelle

  4/5 (12556)
• Habit 3 Put First Things First: The Habit of Integrity and Execution

  

  Da Everand

  Habit 3 Put First Things First: The Habit of Integrity and Execution

  Stephen R. Covey

  Valutazione: 4 su 5 stelle

  4/5 (2507)
• Habit 6 Synergize: The Habit of Creative Cooperation

  

  Da Everand

  Habit 6 Synergize: The Habit of Creative Cooperation

  Stephen R. Covey

  Valutazione: 4 su 5 stelle

  4/5 (2499)
• How To Win Friends And Influence People

  

  Da Everand

  How To Win Friends And Influence People

  Dale Carnegie

  Valutazione: 4.5 su 5 stelle

  4.5/5 (6538)
• Good Omens

  

  Da Everand

  Good Omens

  Neil Gaiman

  Valutazione: 4.5 su 5 stelle

  4.5/5 (12042)
• And Then There Were None

  

  Da Everand

  And Then There Were None

  Agatha Christie

  Valutazione: 4 su 5 stelle

  4/5 (6792)
• Wuthering Heights (Seasons Edition -- Winter)

  

  Da Everand

  Wuthering Heights (Seasons Edition -- Winter)

  Emily Bronte

  Valutazione: 4 su 5 stelle

  4/5 (9974)
• The Iliad: A New Translation by Caroline Alexander

  

  Da Everand

  The Iliad: A New Translation by Caroline Alexander

  Homer

  Valutazione: 4 su 5 stelle

  4/5 (5734)