h1

The Fabric ERA

May 25, 2012

“Fabric” is a loosely used term, which today creates more confusion instead of offering direction.

What exactly is a Fabric often called a Switch Fabric?

Greg Ferro did a post here explaining how Ethernet helped the layer 2 switch fabric evolve. Sadly the use of switch fabric did not stop there. And this is the part where the confusion trickles in.

The term fabric has been butchered (mostly by marketing people) to incorporate just about any function these days. A fabric today (in the networking industry) is a broad term used to describe among others the following:

  • The structure of an ASIC, e.g., the cross bar silicon fabric.
  • The hardware forwarding architecture used within layer2 bridges or switches.
  • The hardware forwarding architecture used with routers, e.g., the Cisco CRS and its 3-stage Benes switch fabric.
  • Storage topologies like the fabric-A and fabric-B SAN architecture.
  • Holistic Ethernet technologies like TRILL, Fabric-Path, Short-Path Bridging, Q-Fabric, etc.
  • A port extender device that is marketed as a fabric extender (a.k.a. FEX) namely the Cisco Nexus 2000 series.

In short, a Fabric is basically the interconnection of points with the purpose to transport data from one point to another. These points, as evolved with time, could represent anything from an ASIC, to a port, to a device, to an entire architecture.

Cisco added a whole new dimension to this by marketing a Port Extender device as a Fabric Extender and doing so with different FEX architectures namely VM-FEX and Adapter FEX…. More on that in the next post. :)

Posted in CCIE DC, Cisco Nexus, Switching | Tagged , | Leave a Comment »

h1

What is a Fabric Extender

May 16, 2012

In this post I would like to cover the base of what is needed to know about the Cisco Fabric Extender that ships today as the Nexus 2000 series hardware.

The Modular Switch

The concept is easy to understand referencing existing knowledge. Everybody is familiar with the distributed switch architecture commonly called a modular switch:

Consider the typical components:

  • Supervisor module/s are responsible for the control and management plane functions.
  • Linecards or I/O modules, offers physical port termination taking care of the forwarding plane.
  • Connections between the supervisors and linecards to transport frames e.g., fabric cards, or backplane circuitry.
  • Encapsulating mechanism to identify frames that travel between the different components.
  • Control protocol used to manage the linecards e.g., MTS on the catalyst 6500.

Most linecards nowadays have dedicated ASICs to make local hardware forwarding decisions, e.g., Catalyst 6500 DFCs (Distributed Forwarding Cards).

Cisco took the concept of removing the linecards from the modular switch and boxing them with standalone enclosures. These linecards could then be installed in different locations connected back to the supervisors modules using standard Ethernet. These remote linecards are called Fabric Extenders (a.k.a. FEXs).

Three really big benefits are gained by doing this.

  1. The reduction of the number of management devices in a given network segment since these remote linecards are still managed by the supervisor modules.
  2. The STP footprint is reduced since STP is unaware of the co-location in different cabinets.
  3. Another benefit is the cabling reduction to a distribution switches. I’ll cover this in a later post. Really awesome for migrations.

Lets take a deeper look at how this is done. Read the rest of this entry »

Posted in CCIE DC, Switching | Tagged , , | 3 Comments »

h1

N5K Stuck in Boot Mode

May 8, 2012

Another trivial post. The upcoming posts following this one will take a more in-depth look at the Nexus technologies.

So you do an non-ISSU NX-OS upgrade on a Nexus 5000 switch and something goes wrong. After reload you get the following prompt:

...Loader Version pr-1.3
loader>

The switch did not successfully boot from the images it was suppose to. How to go about restoring it?

Read the rest of this entry »

Posted in Switching | Tagged , | Leave a Comment »

h1

Load-Sharing across ASICs

April 26, 2012

Port-channels have become an acceptable solution in data centers to both mitigate STP footprints and extend physical interface limits.

One of the biggest drawbacks with port-channels is the single point of failure.

Scenario 1- Failure of an ASIC on one switch, which could potentially bring the port-channel down, if all member interfaces were connected on one ASIC.

Scenario 2- Failure of one switch on either side. The obvious solution available today is multi-chassis port-channels which addresses the problem 95%.

Consider the following topology:

Even with multi-chassis port-channel there is the still the possibility of an ASIC failure.  Although not as detrimental as Scenario-1, there will still be some impact (depending on the traffic load) if both interfaces on one switch happen to connect to the same ASIC.

Thus it only makes sense that the ports used on the same switch, uses different ASICs. How would confirm this on the Nexus 5000 and Nexus 7000?

Read the rest of this entry »

Posted in Hardware, Switching | Tagged , , | 2 Comments »

h1

New CCIE Data Center Track

March 22, 2012

Wow, it is a good week indeed. I have been so busy with the Handbooks, I missed the official announcement of the Cisco CCIE Data Center to be launched later this year.

I have been waiting for this for a very long time, and if permitted I will seriously look into this as the next track. But only after the SP handbook, so don’t worry :)

Read the rest of this entry »

Posted in CCIE DC | Tagged | 1 Comment »

h1

Routing-Bits Handbook R&S v4.41 now available

March 21, 2012

After many months of long hours, I am pleased to announce the next set of updates have arrived, with the first update now available.

Released now is the Routing-Bits Handbook RS v4.41. Being a major release the amount of content updated and changed is considerable. The handbook format and the whole delivery system has been updated, to streamline more frequent updates, and additionally allow for a better reading experience. The fonts and layouts were specifically designed to be print as well as be e-book friendly.

Routing-Bits Handbook RS v4.3 had 356 pages, which has been updated to 390 pages with another 35 pages to come with the future chapter releases.

Some statistics of Routing-Bits Handbook RS v4.41:

  • 139000+ Words.
  • 390 Pages.
  • 120 Configuration Sets.
  • 171 DOC-CD References.
  • 818 Show, Debug Commands.
  • 1725 Configuration Commands.
  • 342 Troubleshooting Steps.

Buyers of a previous v4.x major release, should receive an email at their registered email address in the next day or two with download instructions. If your original registered email address have changed, please send me an email.

Posted in CCIE R&S | Tagged , , | 13 Comments »

h1

Nexus Accounting Log

March 18, 2012

Perhaps another trivial post, but if you don’t know about it, you might find it extremely useful.

Cisco NX-OS has an on-device log file of the exec level configuration commands entered successfully. Obviously similar informational can be obtained from the TACACS logs, but there is a certain benefit in having directly on CLI.

The command is:

#show accounting log

Read the rest of this entry »

Posted in Cisco Nexus | Tagged , , | Leave a Comment »

h1

Nexus load intervals

March 7, 2012

This is a interesting but a trivial post. Everybody know about the interface command “load-interval” that changes the time period over which the interface packet-rate and throughput statistics are averaged.

I discovered an addition to this command on the Nexus the other day while poking around. NX-OS allows multiple counter intervals to be configured on the same interface. This allows different sampled intervals to be listed at the same time.

The configuration is easy:

#interface Ethernet1/19
  load-interval counter 1 40
  load-interval counter 2 60
  load-interval counter 3 180

Read the rest of this entry »

Posted in General info | Tagged | 1 Comment »

h1

Cisco Nexus 7000 upgrade to 8Gb

February 27, 2012

When upgrading a Nexus 7000 to NX-OS version 5.2 (using more than 1 VDC) or to NX-OS v6+, Cisco claims the need to upgrade the system memory to 8Gb.

Note I have run on v5.2 using only 4Gb per SUP using 2 VDCs and it has worked just fine, but I should mention that the box was not under heavy load.

See how much memory your N7K has on a SUP by using the following command:

N7K# show system resources
Load average:   1 minute: 0.47   5 minutes: 0.24   15 minutes: 0.15
Processes   :   959 total, 1 running
CPU states  :   3.0% user,   3.5% kernel,   93.5% idle
Memory usage:   4115776K total,   2793428K used,   1322348K free

The upgrade per SUP would need the Cisco Bundle upgrade package (Product code: N7K-SUP1-8GBUPG=). One package has one 4Gb module. (see picture below) If you have two SUPs you would need two bundles. Notice the 8Gb sticker on module in the red block.

Read the rest of this entry »

Posted in Hardware | Tagged , , | 2 Comments »

h1

Omnigraffle Stencil for Cisco Nexus

February 10, 2012

I am a MAC user and I have been looking but could not find a OmniGraffle Stencil with the Cisco Nexus icons, so I ended making one.

I have also submitted the stencil to Graffletopia.com

Feel free to download it and from Graffletopia or Mediashare:Cisco Nexus Hardware.gstencil.zip

Posted in General info | Tagged , , | 2 Comments »

h1

Congrats to Drikus Brits, CCIE #34275

February 2, 2012

Almost two years after I passed my first CCIE,  an old colleague passed his CCIE with the numbers having increased by just over a 1000. Drikus then was part of our Mobility team, before he moved on to chase the big IE too.  It is really good to see that new fathers are tackling the CCIE and showing other it can be done. Despite the amount that passed since I sat down at the Cisco mobile lab,  Drikus earned his number after month of hard work.

A huge congratulations are most definitely still in order!

Drikus was kind enough to share the following:

“About a week ago I went for my CCIE exam in the hopes of getting my unique number. I passed the lab and became the proud owner of CCIE # 34275. A lot of studying went into this exam, and would like to thank beautiful and understanding wife & 2 kids. They provided me with the time and motivation to push through and getting it done, and a huge thanks goes to the Almighty up above. Secondly, a huge thanks to Ruhann’s RB Handbook. I purchased them back in the day when the short-notes just started out, and it has proved invaluable time after time again. The following should sum it up :

INE Routing and Switching  = $400
ipexpert Routing and Switching  = $400
Other available Courses  = $300
Ruhann’s R&S Handbook = Priceless”

Posted in CCIE R&S, Non Tech stuff | 1 Comment »

h1

Cisco and their inconsistencies

January 30, 2012

Cisco is known for the inconsistencies between platforms and different IOS versions. I came across another that was rather annoying. Now between linecards.

Trying to configuring the following standard sub-interface Ethernet AToM tunnel on a Cisco 7606 with a ES+ linecard:

pseudowire-class CISCO
 encapsulation mpls
!
interface Te2/2.2
 encapsulation dot1Q 2
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 xconnect 10.5.0.99 12345 encap mpls pw-class CISCO

Yields the following misleading error…

7606(config)#int te2/2.2
7606(config-subif)# xconnect 10.5.0.99 12345 encap mpls pw-class CISCO
MPLS encap is not supported on this circuit

Read the rest of this entry »

Posted in CCIE SP, MPLS | Tagged , , | 2 Comments »

h1

BGP between Cisco Nexus and Fortigate

October 12, 2011

It is not uncommon to find that different vendors have slightly different implementations when it comes to standards technologies that should work seamless.

I recently came across a BGP capability negotiation problem between a Nexus 7000 and a client Fortigate. Today’s post is not teaching about any new technologies, but instead showing the troubleshooting methodology I used to find the problem.

The setup is simple. A Nexus 7000 and a Fortigate connected via nexus layer2 hosting infrastructure, to peer with BGP.
At face value the eBGP session between Nexus 7000 and the Fortigate never came up:

N7K# sh ip bgp summary | i 10.5.0.20
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.5.0.20   4 65123     190     190        0    0    0 0:12:30  Idle

The first steps should verify the obvious.

  •  Configuration! This check should included checking the ASNs, the peering IP addresses, source-interfaces and passwords matching.

Read the rest of this entry »

Posted in BGP, Cisco Nexus | Tagged , , | 1 Comment »

h1

Congrats to Jarrod Daniel, CCIE #30080

September 26, 2011

So we all knew this day will come, when the CCIE numbers would breach 30000. And this happened two weeks ago already. But the importance for those passing is not the region of the number, but the fact that hard work for them paid of as it did for the many before them.

One such individual is a fellow colleague of mine. Jarrod has been truly determined in obtaining his number. This is what he had to say:

“About week back I managed to conquer the lab exam and achieve number #30080. I am grateful to the almighty lord for providing me with the strength to push on through the past 2 years. I’ve come to learn that the number is just a reward and it’s the journey to obtaining that number which reminds me of what it means to earn a CCIE. I also realized that the journey never ends, obtaining the number is just the start. I am now equipped with sufficient knowledge to branch out into understanding and troubleshooting larger networks.

Having a strong support structure from family and friends plays a massive role in achieving this cert and you definitely played a major role in this space. I’ve had the privilege of working with you and having immediate access to a knowledgeable individual like yourself is a benefit on its own. Thanks to you Ruhann, for your guidance and your book which brought everything together the last 2-3 days before the exam. As always, concise and straight to the point.

Your dedication and contribution to the CCIE world is invaluable and much appreciated. Really looking forward to the SPv3 edition of your book.”

Posted in CCIE R&S, Non Tech stuff | 3 Comments »

h1

Cisco Nexus User Roles using TacPlus

August 28, 2011

I previously wrote a post about the Nexus Roles and how they integrate with a TACACS server.

Cisco Documentation shows the following format to issue multiple roles from a TACACS/RADIUS server.:

shell:roles="network-admin vdc-admin"

We are using Shrubbery TACPLUS, instead of the Cisco ACS software. Last week I noticed that only one role was assigned when multiples should be assigned. Multiple roles are required when using one TACACS server to issue roles for VDC and non-VDC Nexus switches since they need different default User-Roles.

This was tested on a Nexus 5000, a Nexus 7000 and VDC on the same Nexus 7000. Different codes were tried. This was not a NX-OS bug.

Upon further investigation it was obvious, that the syntax above as provided by Cisco was specific their TACACS software, being the ACS software. But I still required multiple Roles to be assigned for my single TACACS configuration to work across multiple Nexus devices. First attempt was the lazy method. Ask uncle Google for any such encounters with a solution. That yielded no practical results. I then contacting Shrubbery for the solution, after that it became clear that possibly nobody else have experienced this problem before.

So the hunt began to find out exactly what was so different in the AAA response from the Cisco ACS software to the TACPLUS software that it did not yield the required results.

Read the rest of this entry »

Posted in General info, Cisco Nexus | Tagged , , , | 1 Comment »

Older Entries »
Follow

Get every new post delivered to your Inbox.

Join 671 other followers