Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Nexus1000v Configuration and Migration from vmware vDS

really need some guidance here....I am trying to deploy the 1000v in l3 mode, which to my understanding using mgmt0 and control0 only. Packet and control traffic are carried on the same interface. So here are my questions:

Do I still need 3 port-groups for mgmt., packet, and control or can I do control and mgmt only?

Do my VSMs still need 3 nic's? If 3 port-groups are not configured but I need 3 nics, do you map two nics to control vlan?

...

I am not using vlan 1 at all, my native vlan is set to 202 in USCM which is the same vlan my ESXi hosts reside in, so therefore the Esxi management port group on my current vDS does not use a vlan ID. Does the vlan 1 in 1000v map to my native vlan of 202 or do I need to configure the 1000v specifically for vlan 202? Examples I am looking at are using vlan 1 everyone and it confuses me.

The vlan that is created for Control0 has to be different than my mgmt0 vlan, but does this vlan need to exist on the links from the FI to 5108 Chassis?

I am getting really lost on the whole native vlan and vlan 1 thing...I have literally been at this for months with many "hand up, give up" moments.

 

 

show run

!Command: show running-config
!Time: Sat Apr 19 01:01:37 2014

version 4.2(1)SV2(2.2)
svs switch edition essential

no feature telnet

username admin password 5 $1$pIdF9m7q$PIhIpsr//2BIkySzd5y9r.  role network-admin

banner motd #Nexus 1000v Switch#

ip domain-lookup
ip host N1KV-01 10.170.202.5
switchname N1KV-01
errdisable recovery cause failed-port-state
vem 3
  host id c4b52629-fbe7-e211-0000-000000000005
snmp-server user admin network-admin auth md5 0x7bfb0100d1a2c5faf79c77aad3c8ecec p
riv 0x7bfb0100d1a2c5faf79c77aad3c8ecec localizedkey
snmp-server community atieppublic group network-operator
ntp server 10.170.5.10

vrf context management
  ip route 0.0.0.0/0 10.170.202.1
vlan 1,5,201-205,900

port-channel load-balance ethernet source-mac
port-profile default max-ports 32
port-profile type ethernet Unused_Or_Quarantine_Uplink
  vmware port-group
  shutdown
  description Port-group created for Nexus1000V internal usage. Do not use.
  state enabled
port-profile type vethernet Unused_Or_Quarantine_Veth
  vmware port-group
  shutdown
  description Port-group created for Nexus1000V internal usage. Do not use.
  state enabled
port-profile type ethernet VM-Sys-Uplink
  vmware port-group
  switchport mode trunk
  switchport trunk allowed vlan 1,5,201-205,900
  switchport trunk native vlan 202
  channel-group auto mode on mac-pinning
  no shutdown
  system vlan 1,5,201-205,900
  state enabled
port-profile type vethernet Mgmt1
  vmware port-group
  switchport mode access
  switchport access vlan 1
  no shutdown
  state enabled
port-profile type vethernet N1KV-Control
  vmware port-group
  switchport mode access
  switchport access vlan 201
  no shutdown
  system vlan 201
  state enabled
port-profile type vethernet vMotion
  vmware port-group
  switchport mode access
  switchport access vlan 203
  no shutdown
  state enabled
port-profile type vethernet Servers-Prod
  vmware port-group
  switchport mode access
  switchport access vlan 5
  no shutdown
  state enabled
port-profile type vethernet N1kV-Mgmt
  vmware port-group
  switchport mode access
  switchport access vlan 202
  no shutdown
  system vlan 202
  state enabled
port-profile type vethernet NS_NI_1_1
  vmware port-group
  switchport mode access
  switchport access vlan 5
  no shutdown
  state enabled
port-profile type vethernet NFS
  vmware port-group
  switchport mode access
  no shutdown
  state enabled
port-profile type vethernet DMZ
  vmware port-group
  switchport mode access

system storage-loss log time 30
vdc N1KV-01 id 1
  limit-resource vlan minimum 16 maximum 2049
  limit-resource monitor-session minimum 0 maximum 2
  limit-resource vrf minimum 16 maximum 8192
  limit-resource port-channel minimum 0 maximum 768
  limit-resource u4route-mem minimum 1 maximum 1
  limit-resource u6route-mem minimum 1 maximum 1


interface mgmt0
  ip address 10.170.202.5/24

interface control0
line console
boot kickstart bootflash:/nexus-1000v-kickstart.4.2.1.SV2.2.2.bin sup-1
boot system bootflash:/nexus-1000v.4.2.1.SV2.2.2.bin sup-1
boot kickstart bootflash:/nexus-1000v-kickstart.4.2.1.SV2.2.2.bin sup-2
boot system bootflash:/nexus-1000v.4.2.1.SV2.2.2.bin sup-2
svs-domain
  domain id 202
  control vlan 201
  packet vlan 201
  svs mode L3 interface mgmt0
svs connection vcenter
  protocol vmware-vim
  remote ip address 10.170.5.35 port 80
  vmware dvs uuid "7a 82 10 50 a3 3c 4c fe-df 91 60 28 66 1d 6f 59" datacenter-nam
e Nashville HQ
  admin user n1kUser
  max-ports 8192
  connect
vservice global type vsg
  tcp state-checks invalid-ack
  tcp state-checks seq-past-window
  no tcp state-checks window-variation
  no bypass asa-traffic
vnm-policy-agent
  registration-ip 0.0.0.0
  shared-secret **********
  log-level


N1KV-01# show vlan br

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active   
5    VLAN0005                         active   
201  VLAN0201                         active   
202  VLAN0202                         active   
203  VLAN0203                         active   
204  VLAN0204                         active   
205  VLAN0205                         active   
900  VLAN0900                         active  

N1KV-01# show mod
Mod  Ports  Module-Type                       Model               Status
---  -----  --------------------------------  ------------------  ------------
1    0      Virtual Supervisor Module         Nexus1000V          ha-standby
2    0      Virtual Supervisor Module         Nexus1000V          active *

Mod  Sw                  Hw     
---  ------------------  ------------------------------------------------ 
1    4.2(1)SV2(2.2)      0.0                                             
2    4.2(1)SV2(2.2)      0.0                                            

Mod  Server-IP        Server-UUID                           Server-Name
---  ---------------  ------------------------------------  --------------------
1    10.170.202.5     NA                                    NA
2    10.170.202.5     NA                                    NA

* this terminal session

  • Unified Computing
1 REPLY
Cisco Employee

Hi Steven,Q: "Do I still need

Hi Steven,

Q: "Do I still need 3 port-groups for mgmt., packet, and control or can I do control and mgmt only?"

A: In reality, everything could be on the same VLAN. But that would be poor practice... So the answer is, control and management should be on two different L2 networks. This means two different port-profiles are needed. For the packet adapter (third adapter), I would assign a dummy port-profile. 

Q: "I am not using vlan 1 at all, my native vlan is set to 202 in USCM which is the same vlan my ESXi hosts reside in, so therefore the Esxi management port group on my current vDS does not use a vlan ID. Does the vlan 1 in 1000v map to my native vlan of 202 or do I need to configure the 1000v specifically for vlan 202? Examples I am looking at are using vlan 1 everyone and it confuses me."

A: VLAN 1 on N1k does not map to Native VLAN 202 on the UCS. You would need to configure N1k specifically. If your vethernet port-profile is config'd for 'sw acc vlan 202' and your uplink port-profile is 'sw tr native vlan 202', the frames will be sent out of n1k untagged. Which is, i think, what you're going for...  

Q: The vlan that is created for Control0 has to be different than my mgmt0 vlan, but does this vlan need to exist on the links from the FI to 5108 Chassis?

A: Yes. The Control0 interface on VSMs are used for HA heartbeats between the two VSMs. The traffic between VSMs is L2. So if the VSMs live on different hosts, that control VLAN needs to be end to end between the hosts.

Feel free to get back with questions and we can try to work through your scenario.

Thanks,

Joe 

60
Views
0
Helpful
1
Replies
This widget could not be displayed.