Projet

Général

Profil

NXOS » Historique » Version 29

Version 28 (Laurent GUERBY, 15/07/2018 16:44) → Version 29/38 (Laurent GUERBY, 15/07/2018 16:45)

{{>toc}}

h1. NXOS

Cisco Nexus 3064X
version 7.0(3)I4(7)

Voir aussi https://www.grenode.net/Documentation_technique/Machines/kraken/

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/fundamentals/503_U3_1/b_Nexus_3000_Fundamentals_Guide_Release_503_U3_1.pdf

h2. Interface de management out-of-band

* n3064a Adresse: 192.168.129.46

<pre>
interface mgmt0
vrf member management
ip address 192.168.129.46/24

</pre>

h2. Commandes

h3. Sauvegarde config

<pre>
nexus# copy run start
</pre>

Copie via scp

<pre>
nexus# copy run scp://matthieu@192.168.129.1/
</pre>

h3. Passwordless ssh

<pre>
n3064a# show user-account
user:admin
this user account has no expiry date
roles:network-admin
conf t
username admin sshkey ssh-rsa AAAA...
</pre>

Ensuite :

<pre>
(echo conf t;echo int e1/42;echo switchport access vlan 3189) |ssh n3064a
</pre>

h3. Config interface

<pre>
nexus# conf t
nexus(config)# interface ethernet 1/3
nexus(config-if)# switchport mode trunk
nexus(config-if)# exit
nexus(config)# exit
nexus#
</pre>

pour un vlan non taggé
<pre>
nexus(config-if)# switchport access vlan 3131
</pre>

h3. Etat des interfaces

<pre>
nexus# sh int status
nexus# sh int transceiver
nexus# sh int ethernet 1/1
# Afficher le DOM d'une optique
nexus# sh int Eth 1/1 tran de
</pre>
</pre>

h3. Boot

<pre>
nexus# conf t
nexus(config)# boot nxos bootflash:/nxos.7.0.3.I4.7.bin
nexus(config)# boot order bootflash
nexus(config)# exit
nexus#
</pre>

h3. Features et Misc

<pre>
# Pour dire au switch d'accepter n'importe quel type de SFP
service unsupported-transceiver
# Autoriser le switch à avoir une IP sur une interface VLAN
feature interface-vlan
# Activer les features LACP
feature lacp
# Activer la possiblité de faire du LLDP
feature lldp
# Mettre tous les ports en shutdown par défaut (penser à activer le port lors de la configuration avec un 'no shutdown'
system default switchport shutdown
</pre>

h3. Misc

<pre>
no password strength-check

nexus# sh mac address-table

nexus# sh environment
(...)
Temperature:
-------------------------------------------------------------------------
Module Sensor MajorThresh MinorThres CurTemp Status
(Celsius) (Celsius) (Celsius)
-------------------------------------------------------------------------
1 Back-Right (D0) 70 44 33 Ok
1 Back-Left (D1) 70 42 29 Ok
1 Front-Right(D2) 70 47 32 Ok
1 Front-Left (D3) 70 49 30 Ok

nexus# sh int e1/1 cap
nexus# sh int e1/1 tra det

# TODO verifier
conf t
int eth1/4
switchport trunk allowed vlan xxx
switchport trunk native vlan nnn
</pre>

h3. NTP

Client de nagios :

<pre>
conf t
ntp server 192.168.3.7
ntp source-interface Vlan3175
</pre>

h3. 40G

40G <=> 4x10G reboot necessaire
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/interfaces/6_x/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11_chapter_010.html

<pre>
conf t
hardware profile portmode 48x10g+4x40g
exit
reload
</pre>

4x10G :

<pre>
hardware profile portmode 64x10G
</pre>

h3. MPLS

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/label_switching/7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x_chapter_010.html
<pre>
n3064a# show feature-set
Feature Set Name ID State
-------------------- -------- --------
fex 3 uninstalled
mpls 4 uninstalled
fabric 7 uninstalled
fcoe-npv 8 uninstalled
</pre>

Linux
<pre>
20180312 09:09:57<guerby> test du lundi matin sur kernel 4.16-rc4 avec iproute2 4.15.0: ip route add 10.1.1.0/30 encap mpls 200/300 dev eth0 et tcpdump donne
20180312 09:09:59<guerby> 09:07:56.394863 70:85:c2:3a:17:2a > ff:ff:ff:ff:ff:ff, ethertype MPLS unicast (0x8847), length 106: MPLS (label 200, exp 0, ttl 64) (label 300, exp 0, [S], ttl 64) 91.224.148.12 > 10.1.1.1: ICMP echo request, id 25171, seq 37, length 64
</pre>

h2. Infos

<pre>
nexus# sh version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source. This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or
GNU General Public License (GPL) version 3.0 or the GNU
Lesser General Public License (LGPL) Version 2.1 or
Lesser General Public License (LGPL) Version 2.0.
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.

Software
BIOS: version 4.0.0
NXOS: version 7.0(3)I4(7)
BIOS compile time: 12/05/2016
NXOS image file is: bootflash:///nxos.7.0.3.I4.7.bin
NXOS compile time: 6/28/2017 14:00:00 [06/28/2017 21:53:29]

Hardware
cisco Nexus3000 C3064PQ Chassis
Intel(R) Celeron(R) CPU P4505 @ 1.87GHz with 3903284 kB of memory.
Processor Board ID FOC17342TSZ

Device name: nexus
bootflash: 1638000 kB
usb1: 0 kB (expansion flash)

Kernel uptime is 0 day(s), 2 hour(s), 10 minute(s), 12 second(s)

Last reset at 335975 usecs after Wed Feb 14 15:25:27 2018

Reason: Reset Requested by CLI command reload
System version: 7.0(3)I4(7)
Service:

plugin
Core Plugin, Ethernet Plugin

Active Package(s):

nexus# sh inventory all
NAME: "Chassis", DESCR: "Nexus3000 C3064PQ Chassis"
PID: N3K-C3064PQ-10GX , VID: V01 , SN: FOC1734R15F

NAME: "Slot 1", DESCR: "48x10GE + 4x40G Supervisor"
PID: N3K-C3064PQ-10GX , VID: V01 , SN: FOC17342TSZ

NAME: "Power Supply 1", DESCR: "Nexus3000 C3064PQ Chassis Power Supply"
PID: N2200-PAC-400W , VID: V04 , SN: DTN1733P0VH

NAME: "Power Supply 2", DESCR: "Nexus3000 C3064PQ Chassis Power Supply"
PID: N2200-PAC-400W , VID: V04 , SN: DTN1733P0UK

NAME: "Fan 1", DESCR: "Nexus3000 C3064PQ Chassis Fan Module"
PID: N3K-C3064-FAN-F , VID: V00 , SN: N/A

NAME: Ethernet1/1, DESCR: FiberStore
PID: SFP-H10GB-ACU10M , VID: SFP-10G-AOC , SN: F176CO35764-1

nexus# sh license
license_FOC1734R15F_12_1.lic:
SERVER this_host ANY
VENDOR cisco
FEATURE LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-BAS1K9</SKU> \
HOSTID=VDH=FOC1734R15F \
NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>1</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
SIGN=BBF8EBE2F7B6
FEATURE LAN_ENTERPRISE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-LAN1K9</SKU> \
HOSTID=VDH=FOC1734R15F \
NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>2</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
SIGN=FF75EB18A86E

</pre>



h2. Boot log

screen /dev/ttyUSB0 9600 8n1

A la question entrer "skip" puis login "admin" password vide.

<pre>
Press ctrl L to go to loader prompt in 2 secs

Booting kickstart image: bootflash:/nxos.7.0.3.I7.2.bin
CardIndex = 11060
Image valid
graphics_set_kernel_params enter:
Installing klm_card_index
done
INIT: version 2.88 booting
Skipping ata_piix install for n3k.
Unsquashing rootfs ...
Removing libcrdcfgdata and linking libcrdcfgdata3nk
Installing isan procfs ... done.
Installing SSE module with card index 11060 ... done.
Creating SSE device node 246 ... done.
Loading I2C driver ... done.
Installing CCTRL driver for card_type 30 without NEED_GEM ... done.
10.20: Interrupt throttling disabled. No cctrl irq detected.
Loading IGB driver ... done.

Checking all filesystems.Current boot disk sda3..

Installing SPROM driver ... IS_N3K done.
Skipping installing default sprom values for N3k...
Installing pfmsvcs module with SPROM card index 11060 ... done.
Installing nvram module ... done.
Installing if_index module with port mode 1 ... done.
Installing fcfwd stub
Installing RNI lcnd ... done
Installing LC netdev ... done
Installing psdev module ... done.
Installing veobc module ... done.
Inserting OBFL module ... done.
Making OBFL character devices
Mounting OBFL pstore for mtd
Starting OpenBSD Secure Shell server: sshd ... done.
Trim files after extracting TOR files ...
tune2fs 1.42.1 (17-Feb-2012)
Setting reserved blocks percentage to 0% (0 blocks)
Starting portmap daemon...
creating NFS state directory: done
starting 8 nfsd kernel threads: done
starting mountd: done
starting statd: done
Saving image for img-sync ...
Loading system software
Installing local RPMS
Patch Repository Setup completed successfully
Creating /dev/mcelog
Starting mcelog daemon
Removing dme lib
Moving N3K specific syslog config file
INIT: Entering runlevel: 3
Running S93thirdparty-script...

Populating conf files for hybrid sysmgr ...
Removing bios-imgs and /lcimages
Starting hybrid sysmgr ...
inserting /isan/lib/modules/klm_cisco_nb.o ... done
Executing Prune clis.
2012 Jul 17 16:09:10 %$ VDC-1 %$ %USER-0-SYSTEM_MSG: pfm_init; line 1496 - pfm
2012 Jul 17 16:09:11 %$ VDC-1 %$ %PLATFORM-2-PS_FAIL: Power supply 1 failed or shut down (Serial number DTN1710P431)
2012 Jul 17 16:09:11 %$ VDC-1 %$ %PLATFORM-2-PS_OK: Power supply 2 ok (Serial number DTN1801P09K)
2012 Jul 17 16:09:11 %$ VDC-1 %$ %PLATFORM-2-PS_FANOK: Fan in Power supply 2 ok
2012 Jul 17 16:09:11 %$ VDC-1 %$ %PLATFORM-2-PS_ABSENT: Power supply 1 is absent/shutdown, ps-redundancy might be affected
2012 Jul 17 16:09:11 %$ VDC-1 %$ %PLATFORM-2-PS_RED_MODE_CHG: Power supply operational redundancy mode changed to non-redundant
2012 Jul 17 16:09:11 %$ VDC-1 %$ %PLATFORM-2-FANMOD_FAN_OK: Fan module 1 (Fan1(sys_fan1) fan) ok
2012 Jul 17 16:09:11 %$ VDC-1 %$ %USER-0-SYSTEM_MSG: before access to bkout_cfg - clis
2012 Jul 17 16:09:17 %$ VDC-1 %$ netstack: Registration with cli server complete
2012 Jul 17 16:09:32 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: ssnmgr_app_init called on ssnmgr up - aclmgr
2012 Jul 17 16:09:41 %$ VDC-1 %$ %USER-0-SYSTEM_MSG: end of default policer - copp
2012 Jul 17 16:09:52 %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online
Waiting for system online status before starting POAP ...
Starting Power On Auto Provisioning...2012 Jul 17 16:10:21 switch %$ VDC-1 %$ %ASCII-CFG-2-CONF_CONTROL: System ready
Done

Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 2012 Jul 17 16:10:25 switch %$ VDC-1 %$ %POAP-2-POAP_INITED: [FOC1636R174-6C:20:56:E6:D4:01] - POAP process initialized
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
2012 Jul 17 16:10:48 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
2012 Jul 17 16:10:53 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
2012 Jul 17 16:10:59 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
skip
!!! NOTE: You have selected skip option. POAP will be aborted and password configuration will be skipped !!!
Disabling POAP.......2012 Jul 17 16:11:05 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
Disabling POAP
2012 Jul 17 16:11:08 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]:
skip
Enabling feature lldp by default
Basic configuration has been skipped!
Applying default configuration
N3K:Applying Default CoPP configuration

User Access Verification
login: admin
Password:

Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source. This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or
GNU General Public License (GPL) version 3.0 or the GNU
Lesser General Public License (LGPL) Version 2.1 or
Lesser General Public License (LGPL) Version 2.0.
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.
switch#
</pre>

<pre>
switch# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source. This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or
GNU General Public License (GPL) version 3.0 or the GNU
Lesser General Public License (LGPL) Version 2.1 or
Lesser General Public License (LGPL) Version 2.0.
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.

Software
BIOS: version 4.5.0
NXOS: version 7.0(3)I7(2)
BIOS compile time: 11/09/2017
NXOS image file is: bootflash:///nxos.7.0.3.I7.2.bin
NXOS compile time: 11/22/2017 13:00:00 [11/22/2017 21:55:29]

Hardware
cisco Nexus3000 C3064PQ Chassis
Intel(R) Celeron(R) CPU P4505 @ 1.87GHz with 3902872 kB of memory.
Processor Board ID FOC16382AE1

Device name: switch
bootflash: 1635720 kB
usb1: 0 kB (expansion flash)

Kernel uptime is 0 day(s), 0 hour(s), 7 minute(s), 5 second(s)

Last reset
Reason: Unknown
System version: 7.0(3)I7(2)
Service:

plugin
Core Plugin, Ethernet Plugin

Active Package(s):

switch#

</pre>

h2. Consommation

77 Watt, cos phi 0.92, pas de pic pendant le boot