NXOS » Historique » Version 27
Version 26 (Laurent GUERBY, 15/03/2018 18:09) → Version 27/38 (Laurent GUERBY, 15/03/2018 18:10)
{{>toc}}
h1. NXOS
Cisco Nexus 3064X
version 7.0(3)I4(7)
Voir aussi https://www.grenode.net/Documentation_technique/Machines/kraken/
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/fundamentals/503_U3_1/b_Nexus_3000_Fundamentals_Guide_Release_503_U3_1.pdf
h2. Interface de management out-of-band
* n3064a Adresse: 192.168.129.46
<pre>
interface mgmt0
vrf member management
ip address 192.168.129.46/24
</pre>
h2. Commandes
h3. Sauvegarde config
<pre>
nexus# copy run start
</pre>
Copie via scp
<pre>
nexus# copy run scp://matthieu@192.168.129.1/
</pre>
h3. Passwordless ssh
<pre>
n3064a# show user-account
user:admin
this user account has no expiry date
roles:network-admin
conf t
username admin sshkey ssh-rsa AAAA...
</pre>
Ensuite :
<pre>
(echo conf t;echo int e1/42;echo switchport access vlan 3189) |ssh n3064a
</pre>
h3. Config interface
<pre>
nexus# conf t
nexus(config)# interface ethernet 1/3
nexus(config-if)# switchport mode trunk
nexus(config-if)# exit
nexus(config)# exit
nexus#
</pre>
pour un vlan non taggé
<pre>
nexus(config-if)# switchport access vlan 3131
</pre>
h3. Etat des interfaces
<pre>
nexus# sh int status
nexus# sh int transceiver
nexus# sh int ethernet 1/1
# Afficher le DOM d'une optique
nexus# sh int Eth 1/1 tran de
</pre>
</pre>
h3. Boot
<pre>
nexus# conf t
nexus(config)# boot nxos bootflash:/nxos.7.0.3.I4.7.bin
nexus(config)# boot order bootflash
nexus(config)# exit
nexus#
</pre>
h3. Features et Misc
<pre>
# Pour dire au switch d'accepter n'importe quel type de SFP
service unsupported-transceiver
# Autoriser le switch à avoir une IP sur une interface VLAN
feature interface-vlan
# Activer les features LACP
feature lacp
# Activer la possiblité de faire du LLDP
feature lldp
# Mettre tous les ports en shutdown par défaut (penser à activer le port lors de la configuration avec un 'no shutdown'
system default switchport shutdown
</pre>
h3. Misc
<pre>
no password strength-check
nexus# sh mac address-table
nexus# sh environment
(...)
Temperature:
-------------------------------------------------------------------------
Module Sensor MajorThresh MinorThres CurTemp Status
(Celsius) (Celsius) (Celsius)
-------------------------------------------------------------------------
1 Back-Right (D0) 70 44 33 Ok
1 Back-Left (D1) 70 42 29 Ok
1 Front-Right(D2) 70 47 32 Ok
1 Front-Left (D3) 70 49 30 Ok
nexus# sh int e1/1 cap
nexus# sh int e1/1 tra det
# TODO verifier
conf t
int eth1/4
switchport trunk allowed vlan xxx
switchport trunk native vlan nnn
</pre>
h3. NTP
Client de nagios :
<pre>
conf t
ntp server 192.168.3.7
ntp source-interface Vlan3175
</pre>
h3. 40G
40G <=> 4x10G reboot necessaire
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/interfaces/6_x/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11_chapter_010.html
<pre>
conf t
hardware profile portmode 48x10g+4x40g
exit
reload
</pre>
4x10G :
<pre>
hardware profile portmode 64x10G
</pre>
h3. MPLS
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/label_switching/7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x_chapter_010.html
<pre>
n3064a# show feature-set
Feature Set Name ID State
-------------------- -------- --------
fex 3 uninstalled
mpls 4 uninstalled
fabric 7 uninstalled
fcoe-npv 8 uninstalled
</pre>
Linux
<pre>
20180312 09:09:57<guerby> test du lundi matin sur kernel 4.16-rc4 avec iproute2 4.15.0: ip route add 10.1.1.0/30 encap mpls 200/300 dev eth0 et tcpdump donne
20180312 09:09:59<guerby> 09:07:56.394863 70:85:c2:3a:17:2a > ff:ff:ff:ff:ff:ff, ethertype MPLS unicast (0x8847), length 106: MPLS (label 200, exp 0, ttl 64) (label 300, exp 0, [S], ttl 64) 91.224.148.12 > 10.1.1.1: ICMP echo request, id 25171, seq 37, length 64
</pre>
h2. Infos
<pre>
nexus# sh version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source. This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or
GNU General Public License (GPL) version 3.0 or the GNU
Lesser General Public License (LGPL) Version 2.1 or
Lesser General Public License (LGPL) Version 2.0.
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.
Software
BIOS: version 4.0.0
NXOS: version 7.0(3)I4(7)
BIOS compile time: 12/05/2016
NXOS image file is: bootflash:///nxos.7.0.3.I4.7.bin
NXOS compile time: 6/28/2017 14:00:00 [06/28/2017 21:53:29]
Hardware
cisco Nexus3000 C3064PQ Chassis
Intel(R) Celeron(R) CPU P4505 @ 1.87GHz with 3903284 kB of memory.
Processor Board ID FOC17342TSZ
Device name: nexus
bootflash: 1638000 kB
usb1: 0 kB (expansion flash)
Kernel uptime is 0 day(s), 2 hour(s), 10 minute(s), 12 second(s)
Last reset at 335975 usecs after Wed Feb 14 15:25:27 2018
Reason: Reset Requested by CLI command reload
System version: 7.0(3)I4(7)
Service:
plugin
Core Plugin, Ethernet Plugin
Active Package(s):
nexus# sh inventory all
NAME: "Chassis", DESCR: "Nexus3000 C3064PQ Chassis"
PID: N3K-C3064PQ-10GX , VID: V01 , SN: FOC1734R15F
NAME: "Slot 1", DESCR: "48x10GE + 4x40G Supervisor"
PID: N3K-C3064PQ-10GX , VID: V01 , SN: FOC17342TSZ
NAME: "Power Supply 1", DESCR: "Nexus3000 C3064PQ Chassis Power Supply"
PID: N2200-PAC-400W , VID: V04 , SN: DTN1733P0VH
NAME: "Power Supply 2", DESCR: "Nexus3000 C3064PQ Chassis Power Supply"
PID: N2200-PAC-400W , VID: V04 , SN: DTN1733P0UK
NAME: "Fan 1", DESCR: "Nexus3000 C3064PQ Chassis Fan Module"
PID: N3K-C3064-FAN-F , VID: V00 , SN: N/A
NAME: Ethernet1/1, DESCR: FiberStore
PID: SFP-H10GB-ACU10M , VID: SFP-10G-AOC , SN: F176CO35764-1
nexus# sh license
license_FOC1734R15F_12_1.lic:
SERVER this_host ANY
VENDOR cisco
FEATURE LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-BAS1K9</SKU> \
HOSTID=VDH=FOC1734R15F \
NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>1</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
SIGN=BBF8EBE2F7B6
FEATURE LAN_ENTERPRISE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-LAN1K9</SKU> \
HOSTID=VDH=FOC1734R15F \
NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>2</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
SIGN=FF75EB18A86E
</pre>
h2. Consommation
77 Watt, cos phi 0.92, pas de pic pendant le boot
h1. NXOS
Cisco Nexus 3064X
version 7.0(3)I4(7)
Voir aussi https://www.grenode.net/Documentation_technique/Machines/kraken/
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/fundamentals/503_U3_1/b_Nexus_3000_Fundamentals_Guide_Release_503_U3_1.pdf
h2. Interface de management out-of-band
* n3064a Adresse: 192.168.129.46
<pre>
interface mgmt0
vrf member management
ip address 192.168.129.46/24
</pre>
h2. Commandes
h3. Sauvegarde config
<pre>
nexus# copy run start
</pre>
Copie via scp
<pre>
nexus# copy run scp://matthieu@192.168.129.1/
</pre>
h3. Passwordless ssh
<pre>
n3064a# show user-account
user:admin
this user account has no expiry date
roles:network-admin
conf t
username admin sshkey ssh-rsa AAAA...
</pre>
Ensuite :
<pre>
(echo conf t;echo int e1/42;echo switchport access vlan 3189) |ssh n3064a
</pre>
h3. Config interface
<pre>
nexus# conf t
nexus(config)# interface ethernet 1/3
nexus(config-if)# switchport mode trunk
nexus(config-if)# exit
nexus(config)# exit
nexus#
</pre>
pour un vlan non taggé
<pre>
nexus(config-if)# switchport access vlan 3131
</pre>
h3. Etat des interfaces
<pre>
nexus# sh int status
nexus# sh int transceiver
nexus# sh int ethernet 1/1
# Afficher le DOM d'une optique
nexus# sh int Eth 1/1 tran de
</pre>
</pre>
h3. Boot
<pre>
nexus# conf t
nexus(config)# boot nxos bootflash:/nxos.7.0.3.I4.7.bin
nexus(config)# boot order bootflash
nexus(config)# exit
nexus#
</pre>
h3. Features et Misc
<pre>
# Pour dire au switch d'accepter n'importe quel type de SFP
service unsupported-transceiver
# Autoriser le switch à avoir une IP sur une interface VLAN
feature interface-vlan
# Activer les features LACP
feature lacp
# Activer la possiblité de faire du LLDP
feature lldp
# Mettre tous les ports en shutdown par défaut (penser à activer le port lors de la configuration avec un 'no shutdown'
system default switchport shutdown
</pre>
h3. Misc
<pre>
no password strength-check
nexus# sh mac address-table
nexus# sh environment
(...)
Temperature:
-------------------------------------------------------------------------
Module Sensor MajorThresh MinorThres CurTemp Status
(Celsius) (Celsius) (Celsius)
-------------------------------------------------------------------------
1 Back-Right (D0) 70 44 33 Ok
1 Back-Left (D1) 70 42 29 Ok
1 Front-Right(D2) 70 47 32 Ok
1 Front-Left (D3) 70 49 30 Ok
nexus# sh int e1/1 cap
nexus# sh int e1/1 tra det
# TODO verifier
conf t
int eth1/4
switchport trunk allowed vlan xxx
switchport trunk native vlan nnn
</pre>
h3. NTP
Client de nagios :
<pre>
conf t
ntp server 192.168.3.7
ntp source-interface Vlan3175
</pre>
h3. 40G
40G <=> 4x10G reboot necessaire
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/interfaces/6_x/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11_chapter_010.html
<pre>
conf t
hardware profile portmode 48x10g+4x40g
exit
reload
</pre>
4x10G :
<pre>
hardware profile portmode 64x10G
</pre>
h3. MPLS
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/label_switching/7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x_chapter_010.html
<pre>
n3064a# show feature-set
Feature Set Name ID State
-------------------- -------- --------
fex 3 uninstalled
mpls 4 uninstalled
fabric 7 uninstalled
fcoe-npv 8 uninstalled
</pre>
Linux
<pre>
20180312 09:09:57<guerby> test du lundi matin sur kernel 4.16-rc4 avec iproute2 4.15.0: ip route add 10.1.1.0/30 encap mpls 200/300 dev eth0 et tcpdump donne
20180312 09:09:59<guerby> 09:07:56.394863 70:85:c2:3a:17:2a > ff:ff:ff:ff:ff:ff, ethertype MPLS unicast (0x8847), length 106: MPLS (label 200, exp 0, ttl 64) (label 300, exp 0, [S], ttl 64) 91.224.148.12 > 10.1.1.1: ICMP echo request, id 25171, seq 37, length 64
</pre>
h2. Infos
<pre>
nexus# sh version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source. This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or
GNU General Public License (GPL) version 3.0 or the GNU
Lesser General Public License (LGPL) Version 2.1 or
Lesser General Public License (LGPL) Version 2.0.
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.
Software
BIOS: version 4.0.0
NXOS: version 7.0(3)I4(7)
BIOS compile time: 12/05/2016
NXOS image file is: bootflash:///nxos.7.0.3.I4.7.bin
NXOS compile time: 6/28/2017 14:00:00 [06/28/2017 21:53:29]
Hardware
cisco Nexus3000 C3064PQ Chassis
Intel(R) Celeron(R) CPU P4505 @ 1.87GHz with 3903284 kB of memory.
Processor Board ID FOC17342TSZ
Device name: nexus
bootflash: 1638000 kB
usb1: 0 kB (expansion flash)
Kernel uptime is 0 day(s), 2 hour(s), 10 minute(s), 12 second(s)
Last reset at 335975 usecs after Wed Feb 14 15:25:27 2018
Reason: Reset Requested by CLI command reload
System version: 7.0(3)I4(7)
Service:
plugin
Core Plugin, Ethernet Plugin
Active Package(s):
nexus# sh inventory all
NAME: "Chassis", DESCR: "Nexus3000 C3064PQ Chassis"
PID: N3K-C3064PQ-10GX , VID: V01 , SN: FOC1734R15F
NAME: "Slot 1", DESCR: "48x10GE + 4x40G Supervisor"
PID: N3K-C3064PQ-10GX , VID: V01 , SN: FOC17342TSZ
NAME: "Power Supply 1", DESCR: "Nexus3000 C3064PQ Chassis Power Supply"
PID: N2200-PAC-400W , VID: V04 , SN: DTN1733P0VH
NAME: "Power Supply 2", DESCR: "Nexus3000 C3064PQ Chassis Power Supply"
PID: N2200-PAC-400W , VID: V04 , SN: DTN1733P0UK
NAME: "Fan 1", DESCR: "Nexus3000 C3064PQ Chassis Fan Module"
PID: N3K-C3064-FAN-F , VID: V00 , SN: N/A
NAME: Ethernet1/1, DESCR: FiberStore
PID: SFP-H10GB-ACU10M , VID: SFP-10G-AOC , SN: F176CO35764-1
nexus# sh license
license_FOC1734R15F_12_1.lic:
SERVER this_host ANY
VENDOR cisco
FEATURE LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-BAS1K9</SKU> \
HOSTID=VDH=FOC1734R15F \
NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>1</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
SIGN=BBF8EBE2F7B6
FEATURE LAN_ENTERPRISE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-LAN1K9</SKU> \
HOSTID=VDH=FOC1734R15F \
NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>2</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
SIGN=FF75EB18A86E
</pre>
h2. Consommation
77 Watt, cos phi 0.92, pas de pic pendant le boot