This is a interesting but a trivial post. Everybody know about the interface command “load-interval” that changes the time period over which the interface packet-rate and throughput statistics are averaged.
I discovered an addition to this command on the Nexus the other day while poking around. NX-OS allows multiple counter intervals to be configured on the same interface. This allows different sampled intervals to be listed at the same time.
The configuration is easy:
load-interval counter 1 40
load-interval counter 2 60
load-interval counter 3 180
Continue reading “Nexus load intervals”
I am a MAC user and I have been looking but could not find a OmniGraffle Stencil with the Cisco Nexus icons, so I ended making one.
I have also submitted the stencil to Graffletopia.com
Feel free to download it and from Graffletopia or Mediashare:Cisco Nexus Hardware.gstencil.zip
I previously wrote a post about the Nexus Roles and how they integrate with a TACACS server.
Cisco Documentation shows the following format to issue multiple roles from a TACACS/RADIUS server.:
We are using Shrubbery TACPLUS, instead of the Cisco ACS software. Last week I noticed that only one role was assigned when multiples should be assigned. Multiple roles are required when using one TACACS server to issue roles for VDC and non-VDC Nexus switches since they need different default User-Roles.
This was tested on a Nexus 5000, a Nexus 7000 and VDC on the same Nexus 7000. Different codes were tried. This was not a NX-OS bug.
Upon further investigation it was obvious, that the syntax above as provided by Cisco was specific their TACACS software, being the ACS software. But I still required multiple Roles to be assigned for my single TACACS configuration to work across multiple Nexus devices. First attempt was the lazy method. Ask uncle Google for any such encounters with a solution. That yielded no practical results. I then contacting Shrubbery for the solution, after that it became clear that possibly nobody else have experienced this problem before.
So the hunt began to find out exactly what was so different in the AAA response from the Cisco ACS software to the TACPLUS software that it did not yield the required results.
Continue reading “Cisco Nexus User Roles using TacPlus”
The Cisco Nexus Series platform has some good things going. Having spent much of my time recently using them, I have come to appreciate some very neat improvements NX-OS is offering over standard IOS. For the most part driving NX-OS is very similar to IOS, but it’s been greatly improved.
One such example is the output from the most used IOS command “show ip int brief”, which on NX-OS only shows ‘IP’ (being layer 3) interfaces. To see the brief state of all types of interfaces use “sh int brief” instead.
N5K-2(config)# sh ip int brief
IP Interface Status for VRF "default"(1)
Interface IP Address Interface Status
Vlan19 10.1.19.6 protocol-up/link-up/admin-up
Vlan22 10.1.22.6 protocol-up/link-up/admin-up
N5K-2(config)# sh int brief
Ethernet VLAN Type Mode Status Reason Speed Port
Interface Ch #
Eth1/1 1 eth trunk up none 1000(D) 51
Eth1/2 22 eth access up none 10G(D) -
Eth1/3 1 eth trunk down SFP not inserted 10G(D) 50
Eth1/4 1 eth trunk down SFP not inserted 10G(D) 50
Eth1/5 1 eth trunk down SFP not inserted 10G(D) -
Eth1/6 19 eth access down SFP not inserted 10G(D) -
Eth1/7 1 eth trunk down Link not connected 10G(D) 5
Eth1/8 1 eth trunk down Link not connected 10G(D) 5
Eth1/9 1 eth fabric down Administratively down 10G(D) 9
Eth1/10 1 eth fabric down FEX identity mismatch 10G(D) 7
Eth1/11 1 eth fabric down vpc peerlink is down 10G(D) 34
Eth1/12 1 eth fabric down SFP not inserted 10G(D) 12
Eth1/13 1 eth fabric up none 10G(D) 15
Eth1/14 1 eth fabric down Administratively down 10G(D) 9
Continue reading “Nexus’ improved CLI”
November last year, a pair of Cisco Nexus 5010 switches, suddenly started rebooting randomly without user intervention. Since these boxes were a front to a VM environment, stability were of urgent concern. But in order to stabilize the environment, the root cause of the reboots had to be isolated, and quickly.
The Cisco Nexus platform might not be as mature as many would like, but it is quickly becoming a very needed switch in Next-Generation datacenters. Of the things I like most about the Nexus boxes are the readily available local reporting and intuitive system checks. Obviously there are many other features which is making the platform so popular. I’ll cover some of these in time.
Coming back to the rebooting issue. Unlike IOS devices that looses all local logging info, unless a crash dump was saved to NVRAM, the Nexus writes most of its log information to disk. Thus even after the reboot, you have all the information.
Continue reading “Troubleshooting random Nexus reboots”
I frequently use my iPad to console onto routers as per my earlier post. But there are so much more functionality here. The iPhone can be used as a Out-of-Band device.
Why? Because it occasionally happens that a router has no device near it that can provide console access. And if you doing risky changes, this beats having to sit next to the device while doing the changes.
- A serial connector cable (30-pin Apple to male DB9 pin RS-232).
- A rollover cable.
- A jailbroken iPhone.
- Terminal application.
- Software that supports serial communication.
- Inbound connectivity to iPhone Sim.
Steps 1-5 is the same as my previous post. Only difference is with step-4. The app iSSH is not needed here as the SSH connection will not be made locally from the device. So once SSH is loaded via Cydia move along to Step-5.
The last step required is having inbound access to the cellular data IP on your iPhone. This varies between cellular providers. Some providers block inbound access, others allow it by default. If your cellular provider is blocking inbound access, you will have to request them to allow it for you SIM.
All that is left to do, is plugging your phone into the distant router, (preferably locked in the cabinet, to prevent it from being stolen). From you desk SSH to the iPhone and use Minicom to reverse console into your router.
A quick post. I’ve had many requests from guys asking details surrounding my studies and preparation. As always I am more than happy to help and aid other candidates where I can. After all I did not get this far on my own.
So first off I have create a new page called CCIE BOOKLIST (on the right) of books I bought and used for both the R&S and SP. I have added a small review of most of them.
In the next week or two, I will post the methods I used to get through the theory, labs, my approach and lab strategies etc.