cisco nexus 7009 overview
DESCRIPTION
IntroTRANSCRIPT
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 1
Cisco Nexus 7009 switch
Eng.Hamza Al-Qudah
9-10-2012
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 2
Agenda
Day 1 :
Introducing Cisco Nexus Family
The Nexus switches family range
Nexus VS 65XX
The Cisco Nexus 7000 Series
Nexus 7000 Hw specifications
Nexus 7009 specifications
Day 2 :
XOS vs IOS
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 3
Introducing Cisco Nexus Family:
Nexus is a modular network switch introduced on January 28, 2008
Designed for the data center (optimized for high-density 10 Gigabit Ethernet.)
Its throughput is beyond 15 Tbps.
It has a modular NX-OS firmware/operating system
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 4
The Nexus switches family range:
- Nexus 1000v virtual switch
- Nexus 2000 fabric extender
- Nexus 3000 series
- Nexus 4000 IBM Blade Center switch
- Nexus 5000 series
- Nexus 7000 series modular datacenter switches
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 5
The Cisco Nexus 7000 Series
The Cisco Nexus 7000 Series was designed around three principles:
1- Infrastructure scalability: Virtualization, efficient power and cooling, high density, and performance all support efficient data center infrastructure growth.
2-Operational continuity: The Cisco Nexus design integrates hardware, NX-OS software features, and management to support zero-downtime environments.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 6
3-Transport flexibility: You can incrementally and cost-effectively adopt new networking innovations and technologies, such as:
Cisco Overlay Transport Virtualization (OTV)
Cisco FabricPath
Fibrer Channel over Ethernet (FCoE)
Cisco IOS Multiprotocol Label Switching (MPLS)
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 7
Over 1513 Patents Pending/Issued on Data
Center Technologies
Over $1B in Overall Data Center Researchand Development
Cisco Nexus Consists of Multiple Products with a Data Center Class OS
Cisco Nexus
Infrastructure Scalability
OperationalContinuity
TransportFlexibility
Cisco® Nexus Delivers a Unified Fabric and I/O for
the DC
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 8
Nexus VS 65XX :
- Virtual port channel (VPC) : VPC is similar to VSS of the 65K's.
- Virtual device context (VDC) :With VDC you virtually divide your switch up to 4 different virtual switches and allocate hardware resources to them
- 65K's can perform all the functions... Nexus still doesn't support service modules like FWSM, load balancers etc...
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 9
Cisco Overlay Transport Virtualization (OTV):
- It makes multiple DC as one Dc.- The NX7k switch has MAC add table for each NX7k switch- The MAC add tables are automatically shared- It stops spanning tree protocol- In multicast : Just one copy sent to the core
Cisco FabricPath :- Combines the simplicity of L2 domain with scalability of L3 domain , Creates (L2 routing tables)- No blocking , send through all links, down link will be excluded.- Shortest path will be used
- Add fabricpath Switch destination header- Add server any where in the dc
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 10
Fiber Channel over Ethernet (FCoE) :
- Allow the server to connect to the San and the LAN through one link
Hitless software upgrade by :
- In Service Software Upgrade (ISSU)
Cisco Data Center Network Manager:
- Management tool
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 11
Nexus 7000 Hw specifications :
- Delivers high-density 10, 40, and 100 Gigabit Ethernet
- provide parallel fabric channels to each I/O and supervisor module slot
- Up to five simultaneously active fabric modules work together delivering up to 230 Gbps per slot46 Gbps per slot per fabric ( 46*5 fabric = 230 Gbps per slot ) - 46 is for fabric 1 , in fabric 2 its 110 per slot- With 550G per slot, scales to more than 17 Tbps switching capacity
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 12
Catalyst and Nexus: Complementary Focus for Broad Deployments
Cisco® Nexus 7000
Cisco Catalyst® 65002 Terabit ScalabilityUnified Network Access
15 Terabit ScalabilityUnified Fabric
100GbE
40GbE
Transport Flexibility
Operational Continuity
10GbE
1GbE
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 13
New Nexus 7000 Supervisor Engines :
- Cisco Nexus 7000 Series Supervisor 2 and 2E Modules deliver increased control plane performance and system scalability
- Cisco Nexus 7000 Series Supervisor 2 has twice the CPU performance of the Supervisor 1 Module
- Cisco Nexus 7000 Series Supervisor 2E performance is Four times the CPU performance of the Supervisor 1 Module
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 14
Nexus 7000 series :
Nexus 7000 chassis now includes 9, 10 and 18 slot chassis
New Innovation Cisco Nexus 7004 Chassis
As with the Nexus 5000 series the Nexus 2000 Fabric Extenders can act as a remote line card on the 7000 series.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 15
Extending the Cisco Nexus FamilyData Center Class Switches
Simpler More Stable Layer 2 Network Highly Available Platform Preserves operational best practices
FCoE based Unified Fabric Virtualization Optimized Networking Support for GE, FCoE, DCE, and FC
Reduces power, cooling, cabling Up to 52 non-blocking 10GbE Up to 1.2 Tbps capacity
Infrastru
cture
Scalab
ilityT
ransp
ort
Flexib
ilityO
peratio
nal
Co
ntin
uity
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 16
Nexus 7009 :
9 slots: 3-9 are line card slots, 1-2 are supervisor slots
Supports 336 10Gbit/s and/or 1Gbit/s
Air flow is side to side (right to left)
Up to 5 Crossbar Fabric Modules
Up to 2 power supplies
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 17
Day 2:
IOS VS XOS
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 18
NX-OS :
- NX-OS two images kickstart image and system image.
- Not all the features are enabled by default... for example if you want to use OSPF... you firstly have to enable the feature. ... (feature ospf)
- All the features are licensed... This is not very bad... considering that an enterprise licenses gets almost all of your features running.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 19
You don't have to prefix "do" in front of your "privilege level show commands" if you are in configuration mode
The routing protocol configuration is more on the interface level like in IPV6... ipv6 enable
NX-OS CANNOT NAT"; no NAT command on NX-OS... unusual as it is one of the common L3 feature on any cisco device.
No F and GE in the commands … all are Ethernet
There aren't any speed designations in the interface name.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 20
no "write" command you have to use the big old "copy run start“
The " sh tech-support" gives you never ending data... its HUGE MB's of data
Supports VTP only in transparent mode
- Doesn't support PAGP supports only LACP
- It doesn't support EIGRP unicast neighborship...
The "sh run" has a lot of minor components which makes it easier to look at the configuration... like "sh run rpm"(route processor module) : gives you all the route policy config like route-maps and prefix lists
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 21
sh module :N7K-ABCDEF-GH
A : F (forwarding engine) or M (Multi purpose forwarding engine )
B : Model of forwarding engine : 1 or 2
C & D : Number of ports
E : Speed : X (10 gig ) or G (1 gig)
F : Connector Type : P (sfp+) or T ( RJ )
G : Generation of fabric : 1 ( 1’st ) or 2 (2nd)
H : Number of channels of 40 gig : 1 (40 gig) or 2 (80 gig)
show module xbar : to show switch fabric
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 22
Day 3:
Continue IOS VS XOS
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 23
Base services: The default license that ships with NX-OS covers Layer 2 protocols including such features such as Spanning Tree, virtual LANs (VLAN), Private VLANS, and Unidirectional Link Detection (UDLD).
Enterprise Services Package: Provides Layer 3 protocols such as Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Intermediate System-to-Intermediate System (ISIS), Enhanced Interior Gateway Routing Protocol (EIGRP), Policy-Based Routing (PBR), Protocol Independent Multicast (PIM), and Generic Routing Encapsulation (GRE).
Advanced Services Package: Provides Virtual Device Contexts (VDC)
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 24
license file is obtained from Cisco.com and copied to flash, install it on the chassis.
Show license host-id :host-id for License File Creation on Cisco.com (serial number)
Install license bootflash:license_file.lic
NX-OS offers feature testing for a 120-day grace period ...fully operate a feature without the need for a license to be purchased
The last 6 days it will start send notifications
#()license grace-period
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 25
NX-OS has a setup utility that enables a user to specify the system defaults, perform basic configuration, and apply a predefined Control Plane Policing (CoPP) security policy.
Two preconfigured instances of VPN Routing Forwarding (VRF) by default (management, default).
By default, all Layer 3 interfaces and routing protocols exist in the default VRF.
The mgmt0 interface exists in the management VRF and is accessible from any VDC.
Each VDC has a unique IP address for the mgmt0 interface.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 26
Default login administrator user is admin; a password has to be specified when the system is first powered up.
you cannot disable the username and password login.
The default Spanning Tree mode in NX-OS is Rapid-PVST+.
When u disable a feature all relevant commands are removed from the running configuration.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 27
Show environment power :
power requested in the max appear cisco power calc
Telnet is disabled by def , ssh is enabled
Sh vrf :
vrf managment : def route
vrf context managment ip route 0.0.0.0 /0 gw
int mgmt 0 ip add /24 def in mgmt vrf dedicated for it
Sh vrf managment int
Int ethe x/x :
vrf member managmenet ...refused
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 28
ping gw ..no u have to determine vrf
sh run | grep -a 3 –n mgmt 0 :
rollbased access control : rback
sh role : admin : read write operator : read
sh role feature-group
feature group ...ex pre def l3 feature group
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 29
role name ...
rule 1 permit read
rule 2 permit read-write feature cdp
rule 3 permit command ping *
rule 4 permit command config t : interface *
interface policy deny
permit interface eth 2/1
sh role name ....
user ... pass ... role ....
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 30
? the available commands will be limited
debug ? only cdp ( write allowd for cdp only)
? In config mode :cdp or interface ( interface only eth 2/1 )
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 31
rollback :
checkpoint .... ( up to 10)
sh checkpoint summary
sh checkpoint ... : the config of checkpoint
rollback running-config checkpoint ...
config s (session) : till now just for acl
To check the resource availability for a certain feature
config s ...
verify
show config session
Commit , abort
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 32
-if : ip ospf hello-interval 2
ip ospf network point-to-point
ip router ospf 1 area 0 : activate osfp in interface
statefull process restart : l2 process and ospf : safe the processes
int .. : sh no sh
load bootflash:dd.plgin
(linux) kill 6255 sh process | inc ospf
int e2/1, 2/2-4
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 33
netflow :
feature nerflow
flow record ....
match ipv4 dest add
matc ipv4 souse add
match ip protocol
collect transport tcp flags ( collect is the info need to be exported)
collect routing forwarding-status
flow exporter ....
description ....
destination x.x.x.x vrf
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 34
source loobback 0
transport udp port 12345
version 5
Now apply netflow for interface by config flow monitor with connect exporter with recored
flow monitor ...
record ....
exporter ... up to 2 diff export per monitor
sh run config netflow
int .. : ip flow monitor ... input (igress)
sh sys internal flow
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 35
Ethenizer for wire shark
Ethanalyzer local interface (mgmt or input ) brief limit-captured-frame 5 write bootflash:cap1
Its for control plane traffic
Data plane traffic captured by netflow or span
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 36
vdc :
sh vdc
n7k : def
sh vdc membership :( interfaces )
vdc ... create vdc
allocate interface x : config will be lost
ha-policy (dual-sup (bring-down or restart or switchover)
single sup) bring-down or restart or reload : reload : the sup restart : restart the vdc
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 37
limit resources vrf min x max y
limit resources vlan min x max y
limit resources port-channel min0 max 0
sh vdc ... detail
sh vdc ... membership
sh vdc ...resources
switch to vdc ...
password : create one
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 38
The End
Hamza Al-Qudah