Monday, September 7, 2015

Single slide for cisco vpn technologies matrix .


Posted by at No comments:

Sunday, September 6, 2015

Configuration Examples for ITD (NX-OS Intelligent Traffic Director)

Configuration Examples for ITD (NX-OS Intelligent Traffic Director)

Configuration Example: One-Arm Deployment Mode




Step 1: Define the device group.
switch(config)# itd device-group DG
switch(config-device-group)# node ip 210.10.10.11
switch(config-device-group)# node ip 210.10.10.12
switch(config-device-group)# node ip 210.10.10.13
switch(config-device-group)# node ip 210.10.10.14
switch(config-device-group)# probe icmp

Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 1
switch(config-itd)# device-group DG
switch(config-itd)# no shutdown

Configuration Example: One-Arm Deployment Mode with vPC




Device 1

Device 2
Step 1: Define the device group.
switch(config)# itd device-group DG
switch(config-device-group)# node ip 210.10.10.11
switch(config-device-group)# node ip 210.10.10.12
switch(config-device-group)# node ip 210.10.10.13
switch(config-device-group)# node ip 210.10.10.14
switch(config-device-group)# probe icmp
 
Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 1
switch(config-itd)# device-group DG
switch(config-itd)# no shutdown
Step 1: Define the device group.
switch(config)# itd device-group DG
switch(config-device-group)# node ip 210.10.10.11
switch(config-device-group)# node ip 210.10.10.12
switch(config-device-group)# node ip 210.10.10.13
switch(config-device-group)# node ip 210.10.10.14
switch(config-device-group)# probe icmp
 
Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 2
switch(config-itd)# device-group DG
switch(config-itd)# no shutdown


Configuration Example: Sandwich Deployment Mode

 

Device 1
Device 2
Step 1: Define the device group.
switch(config)# itd device-group DG
switch(config-device-group)# node ip 210.10.10.11
switch(config-device-group)# node ip 210.10.10.12
switch(config-device-group)# node ip 210.10.10.13
switch(config-device-group)# node ip 210.10.10.14
switch(config-device-group)# probe icmp
 
Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 1
switch(config-itd)# device-group DG
switch(config-itd)# load-balance method src ip
switch(config-itd)# no shutdown
Step 1: Define the device group.
switch(config)# itd device-group DG
switch(config-device-group)# node ip 220.10.10.11
switch(config-device-group)# node ip 220.10.10.12
switch(config-device-group)# node ip 220.10.10.13
switch(config-device-group)# node ip 220.10.10.14
switch(config-device-group)# probe icmp
 
Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 2
switch(config-itd)# device-group DG
switch(config-itd)# load-balance method dst ip
switch(config-itd)# no shutdown

 

 


Configuration Example: Server Load-Balancing Deployment Mode


Step 1: Define the device group.
switch(config)# itd device-group DG
switch(config-device-group)# node ip 210.10.10.11
switch(config-device-group)# node ip 210.10.10.12
switch(config-device-group)# node ip 210.10.10.13
switch(config-device-group)# node ip 210.10.10.14
switch(config-device-group)# probe icmp

Step 2: Define the ITD service.
switch(config)# itd HTTP
switch(config-itd)# ingress interface port-channel 1
switch(config-itd)# ingress interface port-channel 2
switch(config-itd)# ingress interface port-channel 3
switch(config-itd)# device-group DG
Switch(config-itd)# virtual ip 210.10.10.100 255.255.255.255
switch(config-itd)# no shutdown

Posted by at No comments:

PowerOn Auto Provisioning for Nexus 9K




PowerOn Auto Provisioning for Nexus 9K

PowerOn Auto Provisioning (POAP) automates the process of upgrading software images and installing configuration files on devices that are being deployed in the network for the first time.

When a device with the POAP feature boots and does not find the start-up configuration, the device enters POAP mode, locates a DHCP server, and bootstraps itself with its interface IP address, gateway, and DNS server IP addresses. The device also obtains the IP address of a TFTP server or the URL of an HTTP server and downloads a configuration script that enables the switch to download and install the appropriate software image and configuration file.

Network Requirements for POAP

POAP requires the following network infrastructure:

1.       A DHCP server to bootstrap the interface IP address, gateway address, and Domain Name System (DNS) server.
2.       A TFTP server that contains the configuration script used to automate the software image installation and configuration process.
3.       One or more servers that contains the desired software images and configuration files.

POAP Process

The POAP process has the following phases:

1.       Power up
2.       DHCP discovery
3.       Script execution
4.       Post-installation reload






Posted by at No comments:
Labels: ,
Location: Singapore

Cisco Nexus 2000 Series Fabric Extender

Cisco Nexus 2000 Series Fabric Extender

The Fabric Extender integrates with its parent switch, which is a Cisco Nexus Series device, to allow automatic provisioning and configuration taken from the settings on the parent device.

The Fabric Extender and its parent switch enable a large multipath, loop-free data centre topology without the use of the Spanning Tree Protocol (STP).
The Cisco Nexus 2000 Series Fabric Extender forwards all traffic to its parent Cisco Nexus Series device over 10-Gigabit Ethernet fabric uplinks, which allows all traffic to be inspected by policies established on the Cisco Nexus Series device.
No software is included with the Fabric Extender. The software is automatically downloaded and upgraded from its parent device.

Do not connect a bridge or switch to a host interface. These interfaces are designed to provide end host or server connectivity.

Host Interfaces

All Fabric Extender host interfaces run as spanning tree edge ports with BPDU Guard enabled and you cannot configure them as spanning tree network ports.

Any device that is running spanning tree connected to a Fabric Extender host interface results in that host interface being placed in an error-disabled state when a BPDU is received.
Fabric Extenders support the host vPC feature where a server can be dual-attached to two different FEXs through a port channel. You must configure parent switches that connect each Fabric Extender (one parent switch per FEX) in a vPC domain.

Minimum Number of Links on a Fabric Port Channel

In a network configuration of dual-homed hosts (active/standby), you can configure the Fabric Extender to support a minimum number of links for fabric port channels (FPCs) with the port-channel min-links command.

When the number of FPC links falls below the specified threshold, the host-facing Cisco Nexus 2000 interfaces are brought down. This process allows for a NIC switchover on the connection between the host and the FEX.

The automatic recovery of Cisco Nexus 2000 Series interfaces to the standby FEX is triggered when the number of FPC links reaches the specified threshold

Load Balancing Using Host Interface Port Channels

You can configure the load-balancing mode to apply to all Fabric Extenders or to specified ones. If load-balancing mode is not configured, Fabric Extenders use the default system configuration. The per-FEX configuration takes precedence over the load-balancing configuration for the entire system. You cannot configure the load-balancing method per port channel.

Switched Port Analyzer
You can configure the host interfaces on the Fabric Extender as Switched Port Analyzer (SPAN) source ports. You cannot configure Fabric Extender ports as a SPAN destination. Up to four SPAN sessions for host interfaces are supported on the same or different Fabric Extenders. Ingress source (Rx) monitoring is supported.


Management Model
The Cisco Nexus 2000 Series Fabric Extender is managed by its parent switch over the fabric interfaces through a zero-touch configuration model. The switch discovers the Fabric Extender by detecting the fabric interfaces of the Fabric Extender.

After discovery, if the Fabric Extender has been correctly associated with the parent switch, the following operations are performed:

  1.  The switch checks the software image compatibility and upgrades the Fabric Extender if necessary.
  2.  The switch and Fabric Extender establish in-band IP connectivity with each other.
  3.  The switch pushes the configuration data to the Fabric Extender. The Fabric Extender does not store any configuration locally.
  4.  The Fabric Extender updates the switch with its operational status. All Fabric Extender information is displayed using the switch commands for monitoring and troubleshooting.

Sample Commands:-

switch# configure terminal
switch(config)# feature-set fex
switch(config)# interface port-channel 4
switch(config-if)# switchport mode fex-fabric
switch(config-if)# fex associate 101
switch# show interface port-channel 4 fex-intf


Command or Action
Purpose
show environment fex {all | FEX-number} [temperature | power |fan]
Displays the environmental sensor status.
show inventory fex FEX-number
Displays inventory information for a Fabric Extender.
show module fex FEX-number
Displays module information about a Fabric Extender.
show sprom fex FEX-number {all | backplane | powersupply ps-num} | all
Displays the contents of the serial PROM (SPROM) on the Fabric Extender.

Posted by at No comments:
Subscribe to: Posts (Atom)

Search This Blog