Ask the Expert: Cisco Nexus 2000, 5000, and 6000 Series Switches - Page 2

ciscomoderator · ‎06-28-2013

with Cisco Expert Vinayak Sudame

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions how to configure and troubleshoot the Cisco Nexus 2000, 5000 and 6000 Series Switches with Cisco subject matter expert Vinayak Sudame. You can ask any question on configuration, troubleshooting, features, design and Fiber Channel over Ethernet (FCoE).

Vinayak Sudame is a Technical Lead in Data Center Switching Support Team within Cisco's Technical Services in RTP, North Carolina. His current responsibilities include but are not limited to Troubleshooting Technical support problems and Escalations in the areas of Nexus 5000, Nexus 2000, FCoE. Vinayak is also involved in developing technical content for Cisco Internal as well as external. eg, Nexus 5000 Troubleshooting Guide (CCO), Nexus 5000 portal (partners), etc. This involves cross team collaboration and working with multiple different teams within Cisco. Vinayak has also contributed to training account teams and partners in CAE (Customer Assurance Engineering) bootcamp dealing with Nexus 5000 technologies. In the past, Vinayak's responsibilities included supporting MDS platform (Fiber Channel Technologies) and work with EMC support on Escalated MDS cases. Vinayak was the Subject Matter Expert for Santap Technologies before moving to Nexus 5000 support. Vinayak holds a Masters in Electrical Engineering with Specialization in Networking from Wichita State University, Kansas. He also holds Cisco Certification CCIE (#20672) in Routing and Switching.

Remember to use the rating system to let Vinayak know if you have received an adequate response.

Vinayak might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community, Other Data Center Topics discussion forum shortly after the event.

This event last through Friday July 12, 2013. Visit the community often to view responses to youe questions of other community members.

vdsudame · ‎07-11-2013

PF

1. yes you are right. I had put the configs on my lab switch but then modified to customize your config and pasted it but somehow missed putting that command when I copied the config over, sorry about that. Yes you need that command as well on the vlan SVI. Without that neighbor RIP neighbors will not establish and come up.

2. You can connect the two mgmt ports together as vpc peer keepalive for L2, sure. Are you referring to more in relation to running RIP on mgmt ports ? If so, we dont run any routing protocols on mgmt ports. They are just used for out of band connectivity and as vpc peer keepalives for L2.

Thanks, Vinayak

Steviem30 · ‎07-04-2013

Hi Vinayak,

I am planning a Nexus 5k upgrade (5548) and plan to move from our current NX_OS n5000-uk9.5.0.3.N2.1to

5.2.1.N1.3.

There is an alternate option of 5.1(3)N2(1c).

Is there any reason why I should choose one of these options over another. I have examined all the documantation I can find and can see no reason not to move to the 5.2.1x release, is this a sensible course from 5.0.3.N2.1.

Are there any issues with the 5.2 release train when compared to upgrading to the 5.1 release.

Any advice and guidance would be very much appreciated.

Dipesh Patel · ‎07-05-2013

Hello Vinayak,

How can i configure in N5K - NX-OS ?

- Managment ACL which is applied on VTY terminal

- TACACS+ configuration

Regards

vdsudame · ‎07-05-2013

Hi Dipesh

Please check below links for more detailed information about the features you are asking to be configured on the Nexus 5000 switches.

Configuring ACLs on Virtual Terminal Lines:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/security/521_n1_1/b_5k_Security_Config_521N11_chapter_01000.html#task_13C252852D97472F8185DAD714EECB70

Configuring TACACS:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/security/521_n1_1/b_5k_Security_Config_521N11_chapter_0101.html

Thanks, Vinayak

vdsudame · ‎07-05-2013

Hi Steve

I agree with you. 5.2 is our long lived release compared to 5.1. So if you are planning to upgrade, 5.2 would be a better option. Besides that, please check the Caveats section of both 5.1 and 5.2 release notes for open and closed caveats and check if any of them might be impacting to the switch that way you can make a better determination wrt which release you can prefer to go to.

Nexus 5000 Release note documentation:

http://www.cisco.com/en/US/products/ps9670/prod_release_notes_list.html

Our Recommended release in 5.2 is 5.2(1)N1(4)

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/release/recommended_releases/recommended_nx-os_releases.html

If the switch qualifies for ISSU you can upgrade from 5.0(3)N2(1) to 5.2(1)N1(4) without upgrading to intermediate release.

I would definitely suggest checking the Caveats Section for 5.2(1)N1(4) located at:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_5_2_1_N1_1/Nexus5000_Release_Notes_5_2_1_N1.html#wp347580

before you upgrade to new release.

Thanks, Vinayak

Steviem30 · ‎07-05-2013

Thanks Vinayak,

I have read all the docs and I think all wil be OK. Although unfortunatley we can't perform ISSU, due to our spanning tree config.

I am looking into a couple of the Caveats, Our main reason for going for the.3 build not the .4 is that our policy is for releases to have been out 6 months before we role them into any implemenation scheme.

if a caveat is closed in a build, does that mean it is a recognised issue in the previous release.

e.g.

CSCud05886

System restarted due to HA Reset policy.

which is fixed in .4 would this therefore be a problem with .3

Thanks

Steve

vdsudame · ‎07-05-2013

Steve

Yes you can say so. The caveat would be considered as open in earlier release 5.2(1)N1(3). This caveat also impacts earlier 6.0 builds.

Thanks, Vinayak

Steviem30 · ‎07-08-2013

Thanks Vinayak,

Your info has been very useful. I will take a clos look at the Caveats.

Steve

yasamani271 · ‎07-05-2013

Dear Vinayak

does Cisco have any switch or ethernet modules with 40G speed over copper??I know nexuse switches have 40G over fiber optic how about 40G over copper?does Cisco have any product which has this feature?

Regards

vdsudame · ‎07-05-2013

Hello

Our Nexus 6000 Switches offer 40gig Copper capability.

Please check Nexus 6001 and 6004 Data Sheets available at:

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps12806/ps12807/data_sheet_c78-723667.html

Table 1 - Transceiver Support Matrix

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps12806/ps12869/data_sheet_c78-726128.html

Table 2 - Transceiver Support Matrix

Thanks, Vinayak

yasamani271 · ‎07-05-2013

thank you so much for your reply

do you mean:

QSFP Direct-Attach 40 Gigabit Ethernet Copper for In-Rack Cabling???

Actually our structured cabling is based on Nexans Cat7A with GG45 connectors.Does Cisco have any switch which support 40G copper and compatible with Nexans GG45 connecors?

vdsudame · ‎07-08-2013

As I mentioned before we have switches like Nexus 6k which support 40gig environments. You can initiate a request both with Cisco and Nexan Account teams for that, if you have an Account rep like a Cisco Systems Engineer or Advance Services Engineer and do the same with Nexan Product teams. They would be responsible for certifying the products to make sure they work with each other before you deploy them, provided you have that service. This might not be the best forum to initiate a request for something what you are looking for.

Thanks, Vinayak

crtide · ‎07-10-2013

Hello Vinayak,

Does a fex connected to a 5K support etherchannel on the host interfaces. I can see that this is possible on a fex connected to the 7K but I have not seen anything authoritative to say that configuration is not supported on a 5K. However when I try to add a second host interface into an etherchannel, I get an error message that says it is not possible

Steve Fuller · ‎07-10-2013

Hi Bashir,

Assuming by etherchannel you are referring to virtual Port-Channel (vPC) then the answer will depend on the model of Nexus 5K and how the FEX are connected.

If you have Nexus 5010 or 5020 then you can only use port-channel on the host interfaces if the FEX are single homed i.e., only connected to one parent Nexus 5K. If the FEX are dual-homed then vPC is not supported on the FEX host interfaces.

If you have Nexus 5548 or 5596 then you can use use port-channel on the host interfaces if the FEX are single-homed or dual-homed, provided that you are running an NX-OS release 5.1(3)N1 or later. This release added Enhanced vPC which provides support for vPC on host interfaces when the FEX are also dual-homed.

An excellent reference for this is the Topology Choices for Connecting Cisco Nexus 5000 and 2000 Series section on page 75 of the Data Center Access Design with Cisco Nexus 5000 Series Switches and 2000 Series Fabric Extenders and Virtual PortChannels Design Guide.

Regards

crtide · ‎07-10-2013

Hello Steve,

Thanks for your response.