Fabricpath FAQs

1. What is the unique mac address used in unknown Unicast.
Answer:- 01:0F:FF:C1:01:C0

2. What is STP bridge ID used by all Fabricpath edge devices?
Answer:- C84C.75FA.6000

3. What is the maximum number of VPC+ port channel support?
Answer: - 244

Note: - On F2/F2E line card, we can increase the maximum number of VPC+ port-channel support by using no port-channel limit commands.

4. What is the default value Root priority?
Answer: - 64 ( It can be between 0 to 255)

5. What is the default TTL value set for all frames?
Answer: 32.

Note:-We can use the command fabricpath ttl to configure the TTL Value.

6. Does VPC+ support static port-channel?
Answer: - Yes, it supports both LACP and Static port-channels.

7. Is fabricpath supported on M cards?
Answer:- No. Fabricpath is only supported on F series.

8. Which license is required for Fabricpath?
Answer:- Enhanced Layer 2 Package

9. What is ethertype value of Fabricpath frame?
Answer:- 0x8903

10. What is order of preference for root election?
Answer:- Root priority-> System ID->Switch ID

Note:- Higher is better.

11. Is the mac addresses are advertised by fabricpath IS-IS like in OTV?

Answer :- No, Fabricpath IS-IS will not advertise any mac address.

F1 Vs. F2 Vs. F2E Vs. F3 - Cisco Nexus 7000

There are four types of F line cards available. Below is the difference between F1, F2, F2e and F3.

F1 Card:-

• Only perform Layer-2 task.
• No interface can be converted to Layer3.
• M and F1 card can coexist in a chassis

F2 line card:-

• Interface can be used as L2 or L3
• M and F2 card cannot coexist in a chassis.
• Don’t support OTV,MPLS and LISP

F2E line card:-

• Interface can be used as L2 or L3
•  M and F2E card can coexist in a chassis but in L2 mode only.
•  Don’t support OTV,MPLS and LISP

F3 line cards:-

• Interface can be used as L2 or L3
• M and F3 card can coexist in a chassis
• Support OTV, MPLS and LISP features.

Nexus 7000 License

1. Enterprise Services Package –  LAN_ENTERPRISE_SERVICES_PKG

- To enable Routing protocols like BGP,OSPF,EIGRP etch.

2. Advanced Services Package:- LAN_ADVANCED_SERVICES_PKG

-Without it one only one default VDC can be in use. BY installing Advance service license  4 VDC can be created on SUP1/SUP2 and SUP 2E.

In case of SUP-2E we need another VDC Licenses to support eight VDCs

3.Transport Services Package :-LAN_TRANSPORT_SERVICES_PKG 

To enable OTV and LISP

4. Scalable Services Package :-  SCALABLE_SERVICES_PKG

-A single license per system enables all XL-capable I/O modules to operate in XL mode

5. Enhanced Layer 2 Package:- ENHANCED_LAYER2_PKG 

- To enable FabricPath on F modules.

6. MPLS Services Package :- MPLS_PKG

- It is used to enable advance feature like MPLS, VPN, EoMPLS etc.

7. Storage Enterprise Package:- STORAGE_ENT

- It is require to enable IVR

8. FCoE Services Package :-  FCOE_PKG

It is the only license which is enabled on module bases. There are two different Licenses for F1 and F2 module.

FCOE_PKG- For F1 card

FCOE_F2 - F2 seires

Ethertype values

Switch identifies the type of frame by looking at the ethertype vlaue. Below are some common values and related technologies:-

Nexus port-profile

Port-profile is the way to configure the configuration template and to apply configuration on the multiple interfaces at the same time.

The entire configuration is done under port-profile and it gets replicated on the interfaces as soon as port-profile is mapped to the interface. All the configuration changes in port-profile will be replicated in the interface. It is not an initial template but an updating template which always attached to the interface.

Port-profile is used when the same configuration needs to be done on many interfaces.

There are below types of Port-profiles:-

•    Ethernet: - It is used when port-profile applied on the physical interfaces.
•    Port-channel:- Used in case of port-channel
•    Interface-vlan: - When port-profile is applied on the SVI.

Below is the process used to configure and apply the port-profiles:-

Step1. Create the port-profile based on the type of interface it is getting mapped. There are four types of port-profile like Ethernet, interface-vlan, port-channel and tunnel-te.

Note:- Ethernet is the default port-profile.

N7K-1(config)# port-profile type ?   ethernet        Ethernet type  ----------<<<<<< Default   interface-vlan  Interface-vlan type   port-channel    Port-channel type   tunnel-te       Tunnel-te type N7K-1(config)# port-profile test N7K-1# sh run port-profile test !Command: show running-config port-profile test !Time: Wed Sep 17 18:46:58 2014 version 5.2(1) port-profile type ethernet test  ------------<<<<<<Default

Step2. Configure the port-profile as per the requirement.

Note: - Please keep in mind port-profile name is case sensitive. It can be seen that same name with different case, will create two different port-profiles.

N7K-1(config)# port-profile type ethernet Access_PORT N7K-1(config-port-prof)# switchport mode access N7K-1(config-port-prof)# switchport access vlan 100 N7K-1(config-port-prof)# spanning-tree port type edge N7K-1(config)# port-profile type ethernet ACCESS_PORT N7K-1(config-port-prof)# switchport N7K-1(config-port-prof)#   switchport mode access N7K-1(config-port-prof)#   switchport access vlan 100 N7K-1(config-port-prof)#   spanning-tree port type edge N7K-1(config)# sh run port-profile !Command: show running-config port-profile !Time: Wed Sep 17 16:49:36 2014 version 5.2(1) port-profile type ethernet Access_PORT   switchport   switchport mode access   switchport access vlan 100   spanning-tree port type edge port-profile type ethernet ACCESS_PORT   switchport   switchport mode access   switchport access vlan 100   spanning-tree port type edge

Step 3. Verify the port-profile configuration.

N7K-1(config)# sh run port-profile port-profile type ethernet ACCESS_PORT   switchport   switchport mode access   switchport access vlan 100   spanning-tree port type edge

Step4. Once the configuration verification is done, enable the port profile.

N7K-1(config)# port-profile type ethernet ACCESS_PORT N7K-1(config-port-prof)#   state enabled N7K-1(config-port-prof)# exit

Step5. Apply port-profile on the physical interface which inherits the configuration of port-profile.

N7K-1(config)#Interface Eth1/1 N7K-1(config)#inherit port-profile ACCESS_PORT

N7K-1(config)# int eth1/21 N7K-1(config-if)# inherit port-profile access_port ERROR: No profile matching given profile name - - - <<This error is encountered when the port-profile name give is not correct or with different case.

Step6.  Show run interface command will not show the complete switchport configuration as shown below.

N7K-1(config)# sh run int eth1/21 !Command: show running-config interface Ethernet1/21 !Time: Wed Sep 17 16:51:12 2014 version 5.2(1) interface Ethernet1/21   inherit port-profile ACCESS_PORT

Use the below command to check the entire configuration associated to the switchport:-

N7K-1(config)# sh port-profile expand-interface name ACCESS_PORT port-profile ACCESS_PORT  Ethernet1/21   switchport   switchport mode access   switchport access vlan 100   spanning-tree port type edge

Step7.  Below command can be used to find what all interfaces as well as configuration associated to the port-profiles.

N7K-1# show port-profile name ACCESS_PORT port-profile ACCESS_PORT  type: Ethernet  description:  status: enabled  max-ports: 512  -----------------------<<<<<<<<<<<<<<  inherit:  config attributes:  ------------<<<<<<<<<<<<<<<<<<<<<   switchport   switchport mode access   switchport access vlan 100   spanning-tree port type edge  evaluated config attributes:   switchport   switchport mode access   switchport access vlan 100   spanning-tree port type edge  assigned interfaces:   Ethernet1/21  ------------------<<<<<<<<<<<<<<<<<<<<

Step8. Configuration done on the interface will take preference over the port-profile.

In the below output, Eth1/21 is configured as trunk which override the access port configuration in the port-profile.

N7K-1(config)#  int eth1/21 N7K-1(config-if)# switchport mode trunk N7K-1(config-if)# end N7K-1# sh run int eth1/21 !Command: show running-config interface Ethernet1/21 !Time: Wed Sep 17 19:03:34 2014 version 5.2(1) interface Ethernet1/21   inherit port-profile ACCESS_PORT   switchport mode trunk N7K-1# sh int eth1/21 switchport vdc 4 vlan 100Name: Ethernet1/21   Switchport: Enabled   Switchport Monitor: Not enabled   Operational Mode: trunk  ---------------<<<<<<<<<<<<<<   Access Mode VLAN: 100 (Vlan not created)   Trunking Native Mode VLAN: 1 (default)   Trunking VLANs Allowed: 1-4094   FabricPath Topology List Allowed: 0   Administrative private-vlan primary host-association: none   Administrative private-vlan secondary host-association: none   Administrative private-vlan primary mapping: none   Administrative private-vlan secondary mapping: none   Administrative private-vlan trunk native VLAN: none   Administrative private-vlan trunk encapsulation: dot1q   Administrative private-vlan trunk normal VLANs: none   Administrative private-vlan trunk

Step9. NO command is used to delete the port-profile. It also deletes the entire port-profile related configuration from the switchport whereas the configuration done inside the interface will not be removed.

N7K-1(config)# no port-profile ACCESS_PORT Profile is applied on some interfaces. Do you want to continue (y/n)? [n] y N7K-1(config)#sh run int eth1/21 !Command: show running-config interface Ethernet1/21 !Time: Wed Sep 17 19:08:33 2014 version 5.2(1) interface Ethernet1/21

Why we need Nexus 2K ( FEX) ?

 To understand the need to Nexus 2000, we must know the Datacenter architecture designs.

There are two types of design architecture:-

1.       TOP (Top of Rack) :-

2.       EOR (End of Row ):

Each above method has its own pros n corns. Please go through the below blog to find more details about the methods.

http://netterrene.blogspot.in/2014/09/top-of-rack-vs-end-of-row.html

Below are the disadvantages of both the designs:-

TOP (Top of Rack) :-

Disadvantage:-

·         Switch management: - As each Rack requires one or two switch, the management of the switch becomes an overhead. Which requires not only extra IPs but also management tool configuration is required which has its own capability to monitor the maximum number of devices. More devices in the network, more license cost etc.

EOR (End of Row) :

  

Disadvantage:-

·         Cable requirement: - As cable runs between each server and network switch, located in different racks, increases of cable requirement and add cost to the deployment and maintenance.

·         Cable management: - More resources and skill required for cable management. It increases the overall budget of the project.

·         Time to make changes: - As more cabling infrastructure is involved, modification not only becomes tedious but also require more time.

N2K not only increases the access port for end host connection but also reduces the major disadvantages of both TOR and EOR as discussed below:-

1.       Unlike EOR, it reduces the number of cable between network and server rack as there are only few uplinks between 2k and its parent switch i.e. 5k/7k. Less cable means low cable management and procurement cost. It also in turns increases the efficiency.

2.       Cisco nexus 2000 cannot work standalone. It needs either N5k or N7k as the parent and hence it reduces the management overburden unlike TOR. Less management require less number of IP address ,network resources as well as inventory and configuration management server license.

  

Apart from the above advantages, cisco 2k has few disadvantages as well which are mentioned below:-

1.       It doesn’t perform local switching. Two servers connected to same FEX cannot communicate directly. The traffic from server-1 will go to the parent switch i.e. 5k/7K and then come back to the server-2 connected to the same Fex.

  

Default Vs. Admin VDC in Nexus 7000

Both are used for the management of the complete switch and are used to assign interfaces to other non-default VDCs. Also global parameters like COPP etc. are only configured in default/admin VDC. So what is the difference?

Below is the difference between default and admin VDC.

Default VDC:-

In nexus, default VDC ( VDC-1) performs below two functions:-

1.       Default vdc can be used for the management of all the VDCs in the chassis. From default VDC, network-admin user creates, delete or modify other non-default VDCs.  It can allocate the interfaces to other non-default VDCs.

2.       Interface can be allocated to default VDC and then it can handle user traffic similar to the non-default VDC.

Admin VDC:-

Admin VDC can be created from the initial configuration wizard. It is only used for the management of the complete chassis and associated non-default VDCs. No interface can be allocated to admin VDC and hence it cannot handle user traffic.

Before 6.2(2), it is not available in SUP-1. In 6.2(2) version it is available on all supervisor modules.

Note: - Default and admin VDC cannot coexist at the same time. VDC 1 can either configure as default or Admin.

We can convert default VDC to admin by using below two commands:-

·         System admin-vdc :- When it is applied on default VDC, all the non-global configuration ( VDC specific)  will be removed.  And hence need to apply with caution otherwise the default VDC user traffic will be impacted.  It is generally applied during the initial configuration.

·         System admin-vdc migrate new-vdc-name :- It creates a new VDC and then migrate all configuration ,specific to the default VDC, to the new VDC except few configuration like management IP address, NTP address etc.

              All global configurations, like COPP, load balance methods etc., will remain in the admin                   VDC.