Error upgrading nexus 1000v: ERROR: Cannot remove system vlans, port-profile currently in use by interface xxx

Answered Question
Jul 24th, 2012

Upgrading the nexus 1000v, we wran the pre-upgrade utility which failed at step 7 with this error:

=========
 CHECK 7:  
=========

Checking for Non-system Native Vlans in System Port-profiles....

Note: The duration of this check depends on the size of the running configuration.

###############################################################################
##                           FAIL                                            ##
##                                                                           ##
## The following list of system port-profiles have respective non-system     ##
## vlan as native vlan:                                                      ##
##                                                                           ##
 1: Port-profile: 'DATA-UPLINK',  Native Vlan: '1'.
##                                                                           ##
## =====================                                                     ##
##  Corrective Measures:                                                     ##
## =====================                                                     ##
## Before upgrading the Nexus1000v to 4.2(1)SV1(4b) user MUST convert the    ##
## above listed non-system native vlans in the respective port-profiles to   ##
## system vlan using the command 'system vlan <vlan-list> '.                 ##
## Please re-run the script after making above changes.                      ##
###############################################################################

Then we tried to fix it as suggested but we got an error message:

ERROR: Cannot remove system vlans, port-profile currently in use by interface  Eth3/1

Could you help us to understandi what happened and solve the problem?
Is strictly necessary to fix the problem showed by pre-upgrade utility?

Thank You


Regards


Mauro

I have this problem too.
0 votes
Correct Answer by sprasath about 3 years 1 month ago

Yes, that is correct. "system vlan 1,3205-3206,3211-3212" is what you would need. This page talks about the guidelines/limitations when dealing with system VLANs:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_a/port_profile/configuration/guide/n1000v_portprof_4system_external_docbase_0900e4b181f8103d_4container_external_docbase_0900e4b1822edb9c.html

It also talks about why you cannot enter just 'system  vlan 1' and end up erasing the other existing ones.

Thanks,
Shankar

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
sprasath Tue, 07/24/2012 - 06:56

Hello Mauro,

The error is reported when the pre-upgrade script detects a non-system native vlan:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_b/upgrade/software/guide/n1000v_upgrade_software.html#wp646262

I believe you have explicitly configured VLAN 1 as the native VLAN on the port-profile named DATA-UPLINK. Please confirm this. If yes, then your options are:

- Configure 'default switchport trunk native vlan' in the port-profile. But this might cause a link flap due to CSCtr97841

- Configure 'system vlan 1,' in the port-profile -> Is this what you are doing?

- Ignore the error as long as you are not using VLAN 1 and config matches on the upstream switchport.

Thanks,

Shankar

maurogatti Tue, 07/24/2012 - 07:15

Hi Sprasath,

I "inerhited" the 1000v configuration so I can't tell you hat they thopught when they configured VLAN1.

Unluckily I'm not a netwrok administrator so I bumped in this problem and I'm trying to deal whith it.

I was trying to configure 'system vlan 1' as suggetsed in the pre-upgrade checking tool pheraphs I didn't undertand command syntax.

Looking at your suggestion I uderstood my error because writing:

"system vlan 1" actually adds system VLAN 1 in the system VLANs but in the meanwhile take off the "unwritten" vlans that I already have configured isn't it?

Looking at the switch configuration I can see:

show port-profile name DATA-UPLINK

port-profile DATA-UPLINK

  description:

  type: ethernet

  status: enabled

  capability l3control: no

  pinning control-vlan: 0

  pinning packet-vlan: 0

  system vlans: 3205-3206,3211-3212

  port-group: DATA-UPLINK

  max ports: -

  inherit:

  config attributes:

    switchport mode trunk

    switchport trunk native vlan 1

    switchport trunk allowed vlan 1,5,8,10,12,2000,3000,3205-3206,3211-3212

    channel-group auto mode on mac-pinning

    no shutdown

  evaluated config attributes:

    switchport mode trunk

    switchport trunk native vlan 1

    switchport trunk allowed vlan 1,5,8,10,12,2000,3000,3205-3206,3211-3212

    channel-group auto mode on mac-pinning

    no shutdown

  assigned interfaces:

    port-channel1

    port-channel2

    port-channel3

    port-channel4

    port-channel5

    port-channel6

    port-channel7

    port-channel8

    Ethernet3/1 (member of port-channel1)

    Ethernet3/2 (member of port-channel1)

    Ethernet4/1 (member of port-channel3)

    Ethernet4/2 (member of port-channel3)

    Ethernet5/1 (member of port-channel4)

    Ethernet5/2 (member of port-channel4)

    Ethernet6/1 (member of port-channel2)

    Ethernet6/2 (member of port-channel2)

    Ethernet7/1 (member of port-channel5)

    Ethernet7/2 (member of port-channel5)

    Ethernet8/1 (member of port-channel6)

    Ethernet8/2 (member of port-channel6)

    Ethernet9/1 (member of port-channel7)

    Ethernet9/2 (member of port-channel7)

    Ethernet10/1 (member of port-channel8)

    Ethernet10/2 (member of port-channel8)

So should the complete command be somethin like:

"system vlan 1,3205-3206,3211-3212"?

Thank You

Regards

Mauro

Correct Answer
sprasath Tue, 07/24/2012 - 09:23

Yes, that is correct. "system vlan 1,3205-3206,3211-3212" is what you would need. This page talks about the guidelines/limitations when dealing with system VLANs:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_a/port_profile/configuration/guide/n1000v_portprof_4system_external_docbase_0900e4b181f8103d_4container_external_docbase_0900e4b1822edb9c.html

It also talks about why you cannot enter just 'system  vlan 1' and end up erasing the other existing ones.

Thanks,
Shankar

Actions

This Discussion

Related Content