Projet

Général

Profil

NXOS » Historique » Version 30

« Précédent - Version 30/38 (diff) - Suivant » - Version actuelle
Laurent GUERBY, 15/07/2018 16:46


NXOS

Cisco Nexus 3064X
version 7.0(3)I4(7)

Voir aussi https://www.grenode.net/Documentation_technique/Machines/kraken/

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/fundamentals/503_U3_1/b_Nexus_3000_Fundamentals_Guide_Release_503_U3_1.pdf

Interface de management out-of-band

  • n3064a Adresse: 192.168.129.46
interface mgmt0
  vrf member management
  ip address 192.168.129.46/24

Commandes

Sauvegarde config

nexus# copy run start

Copie via scp

nexus# copy run scp://matthieu@192.168.129.1/

Passwordless ssh

n3064a# show user-account 
user:admin
        this user account has no expiry date
        roles:network-admin 
conf t
username admin sshkey ssh-rsa AAAA...

Ensuite :

(echo conf t;echo int e1/42;echo switchport access vlan 3189) |ssh n3064a

Config interface

nexus# conf t
nexus(config)# interface ethernet 1/3
nexus(config-if)# switchport mode trunk
nexus(config-if)# exit
nexus(config)# exit
nexus#

pour un vlan non taggé

nexus(config-if)# switchport access vlan 3131

Etat des interfaces

nexus# sh int status
nexus# sh int transceiver
nexus# sh int ethernet 1/1
# Afficher le DOM d'une optique
nexus# sh int Eth 1/1 tran de

Boot

nexus# conf t
nexus(config)# boot nxos bootflash:/nxos.7.0.3.I4.7.bin 
nexus(config)# boot order bootflash
nexus(config)# exit
nexus#

Features et Misc

# Pour dire au switch d'accepter n'importe quel type de SFP
service unsupported-transceiver
# Autoriser le switch à avoir une IP sur une interface VLAN
feature interface-vlan
# Activer les features LACP
feature lacp
# Activer la possiblité de faire du LLDP
feature lldp
# Mettre tous les ports en shutdown par défaut (penser à activer le port lors de la configuration avec un 'no shutdown'
system default switchport shutdown

Misc

no password strength-check

nexus# sh mac address-table 

nexus# sh environment
(...) 
Temperature:
-------------------------------------------------------------------------
Module  Sensor             MajorThresh   MinorThres   CurTemp     Status 
                           (Celsius)     (Celsius)   (Celsius)           
-------------------------------------------------------------------------
1        Back-Right (D0)   70            44            33         Ok             
1        Back-Left  (D1)   70            42            29         Ok             
1        Front-Right(D2)   70            47            32         Ok             
1        Front-Left (D3)   70            49            30         Ok         

nexus# sh int e1/1 cap
nexus# sh int e1/1 tra det

# TODO verifier
conf t
int eth1/4
switchport trunk allowed vlan xxx
switchport trunk native vlan nnn

NTP

Client de nagios :

conf t
ntp server 192.168.3.7
ntp source-interface  Vlan3175

40G

40G <=> 4x10G reboot necessaire
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/interfaces/6_x/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11/b_Cisco_n3k_Interfaces_Configuration_Guide_602_U11_chapter_010.html

conf t
hardware profile portmode 48x10g+4x40g
exit
reload

4x10G :

hardware profile portmode 64x10G

MPLS

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/label_switching/7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x/b_Cisco_Nexus_3000_Series_NX-OS_Label_Switching_Configuration_Guide_7x_chapter_010.html

n3064a# show feature-set 
Feature Set Name      ID        State   
--------------------  --------  --------
fex                    3          uninstalled
mpls                   4          uninstalled
fabric                 7          uninstalled
fcoe-npv               8          uninstalled

Linux

20180312 09:09:57<guerby> test du lundi matin sur kernel 4.16-rc4 avec iproute2 4.15.0:  ip route add 10.1.1.0/30 encap mpls 200/300 dev eth0 et tcpdump donne
20180312 09:09:59<guerby> 09:07:56.394863 70:85:c2:3a:17:2a > ff:ff:ff:ff:ff:ff, ethertype MPLS unicast (0x8847), length 106: MPLS (label 200, exp 0, ttl 64) (label 300, exp 0, [S], ttl 64) 91.224.148.12 > 10.1.1.1: ICMP echo request, id 25171, seq 37, length 64

Infos

nexus# sh version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source.  This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or 
GNU General Public License (GPL) version 3.0  or the GNU
Lesser General Public License (LGPL) Version 2.1 or 
Lesser General Public License (LGPL) Version 2.0. 
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.

Software
  BIOS: version 4.0.0
  NXOS: version 7.0(3)I4(7)
  BIOS compile time:  12/05/2016
  NXOS image file is: bootflash:///nxos.7.0.3.I4.7.bin
  NXOS compile time:  6/28/2017 14:00:00 [06/28/2017 21:53:29]

Hardware
  cisco Nexus3000 C3064PQ Chassis 
  Intel(R) Celeron(R) CPU        P4505  @ 1.87GHz with 3903284 kB of memory.
  Processor Board ID FOC17342TSZ

  Device name: nexus
  bootflash:    1638000 kB
  usb1:               0 kB (expansion flash)

Kernel uptime is 0 day(s), 2 hour(s), 10 minute(s), 12 second(s)

Last reset at 335975 usecs after  Wed Feb 14 15:25:27 2018

  Reason: Reset Requested by CLI command reload
  System version: 7.0(3)I4(7)
  Service: 

plugin
  Core Plugin, Ethernet Plugin

Active Package(s):

nexus# sh inventory all
NAME: "Chassis",  DESCR: "Nexus3000 C3064PQ Chassis"             
PID: N3K-C3064PQ-10GX    ,  VID: V01 ,  SN: FOC1734R15F          

NAME: "Slot 1",  DESCR: "48x10GE + 4x40G Supervisor"            
PID: N3K-C3064PQ-10GX    ,  VID: V01 ,  SN: FOC17342TSZ          

NAME: "Power Supply 1",  DESCR: "Nexus3000 C3064PQ Chassis Power Supply" 
PID: N2200-PAC-400W      ,  VID: V04 ,  SN: DTN1733P0VH          

NAME: "Power Supply 2",  DESCR: "Nexus3000 C3064PQ Chassis Power Supply" 
PID: N2200-PAC-400W      ,  VID: V04 ,  SN: DTN1733P0UK          

NAME: "Fan 1",  DESCR: "Nexus3000 C3064PQ Chassis Fan Module"  
PID: N3K-C3064-FAN-F     ,  VID: V00 ,  SN: N/A                  

NAME: Ethernet1/1,  DESCR: FiberStore                              
PID: SFP-H10GB-ACU10M    ,  VID: SFP-10G-AOC     ,  SN: F176CO35764-1    

nexus# sh license 
license_FOC1734R15F_12_1.lic:
SERVER this_host ANY
VENDOR cisco
FEATURE LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
        VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-BAS1K9</SKU> \
        HOSTID=VDH=FOC1734R15F \
        NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>1</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
        SIGN=BBF8EBE2F7B6
FEATURE LAN_ENTERPRISE_SERVICES_PKG cisco 1.0 permanent uncounted \
        VENDOR_STRING=<LIC_SOURCE>NEXUS_PRODUCTION</LIC_SOURCE><SKU>N3K-LAN1K9</SKU> \
        HOSTID=VDH=FOC1734R15F \
        NOTICE=<LicFileID>20131030222602000</LicFileID><LicLineID>2</LicLineID><PAK>N3K-C3064PQ-10GXFOC1734R15F</PAK> \
        SIGN=FF75EB18A86E

Boot log

screen /dev/ttyUSB0 9600 8n1

A la question entrer "skip" puis login "admin" password vide.

Press  ctrl L to go to loader prompt in 2 secs

Booting kickstart image: bootflash:/nxos.7.0.3.I7.2.bin
CardIndex = 11060
 Image valid
graphics_set_kernel_params enter: 
Installing klm_card_index
done
INIT: version 2.88 booting
Skipping ata_piix install for n3k.
Unsquashing rootfs ...
Removing libcrdcfgdata and linking libcrdcfgdata3nk
Installing isan procfs ... done.
Installing SSE module with card index 11060 ... done.
Creating SSE device node 246 ... done.
Loading I2C driver ... done.
Installing CCTRL driver for card_type 30 without NEED_GEM ... done.
10.20: Interrupt throttling disabled. No cctrl irq detected.
Loading IGB driver ... done.

Checking all filesystems.Current boot disk sda3..

Installing SPROM driver ... IS_N3K done.
Skipping installing default sprom values for N3k...
Installing pfmsvcs module with SPROM card index 11060 ... done.
Installing nvram module ... done.
Installing if_index module with port mode 1 ... done.
Installing fcfwd stub
Installing RNI lcnd ... done
Installing LC netdev ... done
Installing psdev module ... done.
Installing veobc module ... done.
Inserting OBFL module ... done.
Making OBFL character devices
Mounting OBFL pstore for mtd
Starting OpenBSD Secure Shell server: sshd ... done.
Trim files after extracting TOR files ...
tune2fs 1.42.1 (17-Feb-2012)
Setting reserved blocks percentage to 0% (0 blocks)
Starting portmap daemon...
creating NFS state directory: done
starting 8 nfsd kernel threads: done
starting mountd: done
starting statd: done
Saving image for img-sync ...
Loading system software
Installing local RPMS
Patch Repository Setup completed successfully
Creating /dev/mcelog
Starting mcelog daemon
Removing dme lib
Moving N3K specific syslog config file
INIT: Entering runlevel: 3
Running S93thirdparty-script...

Populating conf files for hybrid sysmgr ...
Removing bios-imgs and /lcimages
Starting hybrid sysmgr ...
inserting /isan/lib/modules/klm_cisco_nb.o ... done
Executing Prune clis.
2012 Jul 17 16:09:10  %$ VDC-1 %$ %USER-0-SYSTEM_MSG:  pfm_init; line 1496   - pfm
2012 Jul 17 16:09:11  %$ VDC-1 %$ %PLATFORM-2-PS_FAIL: Power supply 1 failed or shut down (Serial number DTN1710P431)
2012 Jul 17 16:09:11  %$ VDC-1 %$ %PLATFORM-2-PS_OK: Power supply 2 ok (Serial number DTN1801P09K)
2012 Jul 17 16:09:11  %$ VDC-1 %$ %PLATFORM-2-PS_FANOK: Fan in Power supply 2 ok
2012 Jul 17 16:09:11  %$ VDC-1 %$ %PLATFORM-2-PS_ABSENT: Power supply 1 is absent/shutdown, ps-redundancy might be affected
2012 Jul 17 16:09:11  %$ VDC-1 %$ %PLATFORM-2-PS_RED_MODE_CHG: Power supply operational redundancy mode changed to non-redundant
2012 Jul 17 16:09:11  %$ VDC-1 %$ %PLATFORM-2-FANMOD_FAN_OK: Fan module 1 (Fan1(sys_fan1) fan) ok
2012 Jul 17 16:09:11  %$ VDC-1 %$ %USER-0-SYSTEM_MSG:  before access to bkout_cfg  - clis
2012 Jul 17 16:09:17  %$ VDC-1 %$ netstack: Registration with cli server complete
2012 Jul 17 16:09:32  %$ VDC-1 %$ %USER-2-SYSTEM_MSG: ssnmgr_app_init called on ssnmgr up - aclmgr
2012 Jul 17 16:09:41  %$ VDC-1 %$ %USER-0-SYSTEM_MSG: end of default policer - copp
2012 Jul 17 16:09:52  %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online 
Waiting for system online status before starting POAP ...
Starting Power On Auto Provisioning...2012 Jul 17 16:10:21 switch %$ VDC-1 %$ %ASCII-CFG-2-CONF_CONTROL: System ready
Done

Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 2012 Jul 17 16:10:25 switch %$ VDC-1 %$ %POAP-2-POAP_INITED: [FOC1636R174-6C:20:56:E6:D4:01] - POAP process initialized                                                                                                                                                                                                                                                   
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:10:46 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
2012 Jul 17 16:10:48 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:10:51 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
2012 Jul 17 16:10:53 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:10:57 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
2012 Jul 17 16:10:59 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
2012 Jul 17 16:11:03 switch %$ VDC-1 %$ %POAP-2-POAP_FAILURE: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP discover phase failed
skip
!!! NOTE: You have selected skip option. POAP will be aborted and password configuration will be skipped !!!
Disabling POAP.......2012 Jul 17 16:11:05 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
Disabling POAP
2012 Jul 17 16:11:08 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB Initializing Success
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ %POAP-2-POAP_INFO: [FOC1636R174-6C:20:56:E6:D4:01] - USB disk not detected
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ last message repeated 1 time
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ %POAP-2-POAP_DHCP_DISCOVER_START: [FOC1636R174-6C:20:56:E6:D4:01] - POAP DHCP Discover phase started
2012 Jul 17 16:11:09 switch %$ VDC-1 %$ %POAP-2-POAP_INFO:   - Abort Power On Auto Provisioning [yes - continue with normal setup, skip - bypass password and basic configuration, no - continue with Power On Auto Provisioning] (yes/skip/no)[no]: 
skip
Enabling feature lldp by default
Basic configuration has been skipped!
Applying default configuration
N3K:Applying Default CoPP configuration

User Access Verification
 login: admin
Password: 

Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source.  This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or 
GNU General Public License (GPL) version 3.0  or the GNU
Lesser General Public License (LGPL) Version 2.1 or 
Lesser General Public License (LGPL) Version 2.0. 
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.
switch# 
switch# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2017, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under their own
licenses, such as open source.  This software is provided "as is," and unless
otherwise stated, there is no warranty, express or implied, including but not
limited to warranties of merchantability and fitness for a particular purpose.
Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or 
GNU General Public License (GPL) version 3.0  or the GNU
Lesser General Public License (LGPL) Version 2.1 or 
Lesser General Public License (LGPL) Version 2.0. 
A copy of each such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://opensource.org/licenses/gpl-3.0.html and
http://www.opensource.org/licenses/lgpl-2.1.php and
http://www.gnu.org/licenses/old-licenses/library.txt.

Software
  BIOS: version 4.5.0
  NXOS: version 7.0(3)I7(2)
  BIOS compile time:  11/09/2017
  NXOS image file is: bootflash:///nxos.7.0.3.I7.2.bin
  NXOS compile time:  11/22/2017 13:00:00 [11/22/2017 21:55:29]

Hardware
  cisco Nexus3000 C3064PQ Chassis 
  Intel(R) Celeron(R) CPU        P4505  @ 1.87GHz with 3902872 kB of memory.
  Processor Board ID FOC16382AE1

  Device name: switch
  bootflash:    1635720 kB
  usb1:               0 kB (expansion flash)

Kernel uptime is 0 day(s), 0 hour(s), 7 minute(s), 5 second(s)

Last reset 
  Reason: Unknown
  System version: 7.0(3)I7(2)
  Service: 

plugin
  Core Plugin, Ethernet Plugin

Active Package(s):

switch# 

Consommation

77 Watt, cos phi 0.92, pas de pic pendant le boot