HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
NX-OS and Cisco Nexus Switching
Next-Generation Data Center Architectures
The complete guide to planning, configuring, managing, and troubleshooting NX-OS in enterprise environments
Kevin Corbin, CCIE® No. 11577
Ron Fuller, CCIE No. 5851
David Jansen, CCIE No. 5952
Cisco® Nexus switches and the new NX-OS operating system are rapidly becoming the new de facto standards for data center distribution/aggregation layer networking. NX-OS builds on Cisco IOS to provide advanced features that will be increasingly crucial to efficient data center operations. NX-OS and Cisco Nexus Switching is the definitive guide to utilizing these powerful new capabilities in enterprise environments.
In this book, three Cisco consultants cover every facet of deploying, configuring, operating, and troubleshooting NX-OS in the data center. They review the key NX-OS enhancements for high availability, virtualization, In-Service Software Upgrades (ISSU), and security. In this book, you will discover support and configuration best practices for working with Layer 2 and Layer 3 protocols and networks, implementing multicasting, maximizing serviceability, providing consistent network and storage services, and much more.
The authors present multiple command-line interface (CLI) commands, screen captures, realistic configurations, and troubleshooting tips—all based on their extensive experience working with customers who have successfully deployed Nexus switches in their data centers.
Kevin Corbin, CCIE® No. 11577, is a Technical Solutions Architect for Cisco, specializing in data center technologies. Kevin works with enterprise customers to help them develop their next-generation data center architectures. Kevin has more than 14 years of server and networking experiencing including routing, switching, security, and content networking.
Ron Fuller, CCIE No. 5851 (Routing and Switching/Storage Networking), is a Technical Solution Architect for Cisco with 19 years of experience in the industry. His focus is working with enterprise customers to address their challenges with comprehensive end-to-end data center architectures.
David Jansen, CCIE No. 5952, is a Technical Solutions Architect for Cisco’s U.S. Enterprise Segment, where he works with enterprise customers to address end-to-end data center architectures. David has more than 20 years experience in the information technology industry.
This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
Download the sample pages (includes Chapter 1 and Index)
Foreword xiv
Introduction xv
Chapter 1 Introduction to Cisco NX-OS 1
NX-OS Overview 1
NX-OS Supported Platforms 3
Cisco NX-OS and Cisco IOS Comparison 3
NX-OS User Modes 5
EXEC Command Mode 6
Global Configuration Command Mode 6
Interface Configuration Command Mode 7
Management Interfaces 8
Controller Processor (Supervisor Module) 8
Connectivity Management Processor (CMP) 9
Telnet 11
SSH 12
XML 14
SNMP 14
DCNM 19
Managing System Files 20
File Systems 21
Configuration Files: Configuration Rollback 25
Operating System Files 27
Virtual Device Contexts (VDCs) 28
VDC Configuration 29
Troubleshooting 33
show Commands 33
debug Commands 34
Topology 34
Further Reading 35
Chapter 2 Layer 2 Support and Configurations 37
Layer 2 Overview 37
Store-and-Forward Switching 38
Cut-Through Switching 38
Fabric Extension via the Nexus 2000 38
Configuring Nexus 2000 Using Static Pinning 39
Nexus 2000 Static Pinning Verification 41
Configuring Nexus 2000 Using Port-Channels 45
Nexus 2000 Static Pinning Verification 46
L2 Forwarding Verification 48
Layer 2 Forwarding on a Nexus 7000 48
VLANs 50
Configuring VLANs 50
VLAN Trunking Protocol 51
Assigning VLAN Membership 52
Verifying VLAN Configuration 53
Private VLANs 54
Configuring PVLANs 55
Verifying PVLAN Configuration 58
Spanning Tree Protocol 59
Rapid-PVST+ Configuration 60
MST Configuration 65
Additional Spanning-Tree Configuration 69
Spanning-Tree Toolkit 72
Spanning-Tree Port Types 77
Configuring Layer 2 Interfaces 78
Virtualization Hosts 78
Virtual Port Channels 87
VPC Peer-Gateway 94
Unidirectional Link Detection 94
Summary 96
Chapter 3 Layer 3 Support and Configurations 97
EIGRP 97
EIGRP Operation 98
Configuring EIGRP 99
EIGRP Summarization 103
EIGRP Stub Routing 106
Securing EIGRP 107
EIGRP Redistribution 109
OSPF 114
OSPFv2 Configuration 114
OSPF Summarization 120
OSPF Stub Routing 123
Securing OSPF 127
OSPF Redistribution 129
BGP 137
BGP Configuration 137
BGP Neighbors 141
Securing BGP 144
BGP Peer Templates 146
Advertising BGP Networks 148
Modifying BGP Routing Metrics 150
Verifying BGP-Specific Configuration 151
First Hop Redundancy Protocols (FHRP) 152
HSRP 152
VRRP 158
GLBP 163
Summary 170
Chapter 4 IP Multicast Configuration 171
Multicast Operation 171
Multicast Distribution Trees 172
Reverse Path Forwarding 174
Protocol Independent Multicast (PIM) 174
RPs 176
PIM Configuration on Nexus 7000 177
Configuring Static RPs 180
Configuring BSRs 182
Configuring Auto-RP 184
Configuring Anycast-RP 186
Configuring SSM and Static RPF 188
IGMP Operation 189
IGMP Configuration on Nexus 7000 190
IGMP Configuration on Nexus 5000 194
IGMP Configuration on Nexus 1000V 195
MSDP Configuration on Nexus 7000 197
Summary 199
Chapter 5 Security 201
Configuring RADIUS 202
RADIUS Configuration Distribution 205
Configuring TACACS+ 211
Enabling TACACS+ 212
Configuring SSH 221
Configuring Cisco TrustSec 224
Layer 2 Solutions Between Data Centers 231
Configuring IP ACLs 232
Configuring MAC ACLs 234
Configuring VLAN ACLs 236
Configuring Port Security 237
Security Violations and Actions 240
Configuring DHCP Snooping 242
Configuring Dynamic ARP Inspection 246
Dynamic ARP Inspection Trust State 247
Configuring IP Source Guard 250
Configuring Keychain Management 252
Configuring Traffic Storm Control 253
Configuring Unicast RPF 255
Configuring Control Plane Policing 257
Configuring Rate Limits 266
SNMPv3 271
Summary 278
Chapter 6 High Availability 279
Physical Redundancy 279
Redundant Power Supplies 280
Redundant Cooling System 282
Redundant Supervisors 285
Redundant Ethernet Out-of-Band (EOBC) 286
Redundant Fabric Modules 286
Generic Online Diagnostics 287
Bootup Diagnostics 288
Runtime Diagnostics 289
On-Demand Diagnostics 294
NX-OS High-Availability Architecture 295
Process Modularity 295
Process Restart 297
Stateful Switchover 297
Nonstop Forwarding 299
In-Service Software Upgrades 299
Summary 309
Chapter 7 Embedded Serviceability Features 311
SPAN 311
SPAN on Nexus 7000 312
Configuring SPAN on Nexus 7000 313
SPAN on Nexus 5000 318
Configuring SPAN on Nexus 5000 319
SPAN on Nexus 1000V 323
Configuring SPAN on Nexus 1000V 324
ERSPAN on Nexus 1000V 326
Embedded Analyzer 331
Smart Call Home 342
Smart Call Home Configuration 347
Configuration Checkpoint and Rollback 350
Checkpoint Creation and Rollback 351
NetFlow 353
Configuring NetFlow on Nexus 7000 354
Configuring NetFlow on Nexus 1000V 357
Summary 360
Chapter 8 Unified Fabric 361
Unified Fabric Overview 361
Enabling Technologies 362
10-Gigabit Ethernet 362
Fibre Channel over Ethernet 364
Nexus 5000 Unified Fabric Configuration 364
N-Port Virtualization (NPV) 367
N-Port Identification Virtualization 368
FCoE Configuration 369
Summary 373
Chapter 9 Nexus 1000V 375
Hypervisor and vSphere Introduction 375
Nexus 1000V System Overview 376
Nexus 1000V Switching Overview 379
Nexus 1000V Manual Installation 382
Nexus 1000V VSM Installation 382
Nexus 1000V GUI Installation 399
Creating the Uplink Profile 405
Adding the VEM to a ESX vSphere 4 Host 406
Enabling the Telnet Server Process 414
Changing the VSM Hostname 414
Layer 3 Control 414
VSM High Availability: Adding a Secondary VSM 421
Nexus 1000V Port Profiles 429
Summary 439
Index 440