Post on 09-Oct-2014
transcript
© 2008 Cisco Systems, Inc. All rights reserved 1 of 52
Nexus 5020 Lab Guide
Overview
This lab guide describes the lab activities that are included in the course,
“Implementing and Configuring Nexus 5000 Switches.” This lab guide
describes each activity and provides step- by-step instructions for completing
each exercise.
Lab List
This guide includes these activities:
� Lab 1: Analyzing FCoE Packet Traces
� Lab 2: Configuring the FCoE and Switch Mode
� Lab 3: NPV
� Lab 4: QOS Lab
� Lab 5a: Trace Tools
� Lab 5b: Trace Tools
© 2008 Cisco Systems, Inc. All rights reserved 2 of 52
Lab Topology
Pods 1-4
© 2008 Cisco Systems, Inc. All rights reserved 3 of 52
Pods 5-8
IP address assignments
© 2008 Cisco Systems, Inc. All rights reserved 4 of 52
Password: Terminal server Login password: labops. Enable password: nuovanuova
Nexus 5000: admin/nbv12345
Windows Server: administrator/nuovanuova
Fabric Manager: admin/password
© 2008 Cisco Systems, Inc. All rights reserved 5 of 52
Fabric Manager – Switch Mode View
LUN Mapping
FC 1/17 target has 11 g lun number 1 for server 1
FC 1/18 target has 12 g lun number 1 for server 2
FC 1/19 target has 13 g lun number 1 for server 3
FC 1/20 target has 14 g lun number 1 for server 4
FC 1/21 target has 15 g lun number 1 for server 5
FC 1/22 target has 16 g lun number 1 for server 6
FC 1/23 target has 17 g lun number 1 for server 7
FC 1/8 target has luns for server 8
Students will use Remote Desktop to access the Servers
© 2008 Cisco Systems, Inc. All rights reserved 6 of 52
Student Lab
� Student has PC with one embedded Gigabit NIC and one 2 port CNA
� Nexus 5020 Switch
� Cat 6500 Chassis (shared)
� MDS 9134 (shared)
� 1 LUN of Storage (Pod 8 will have more)
Pod Layout (Pod 3)
1/3 2/3
VSAN 13
Server
CNA port 1
CNA port 2
JBOD for Pod 8 FC 1/8 & 1/16
HP array Storage for Pods 1-7
© 2008 Cisco Systems, Inc. All rights reserved 7 of 52
Cat6500
© 2008 Cisco Systems, Inc. All rights reserved 8 of 52
Lab 1: Analyzing FCoE Packet Traces
Activity Objective
In this exercise, you will analyze a canned FCoE trace using Wireshark. After
completing this exercise, you will be able to meet these objectives:
� Use Wireshark to identify the components of an FCoE frame
Activity Procedure
Connect to the server in your POD using Remote Desktop with
username/password of administrator/nuovanuova. Complete these steps:
Step 1 Launch the Wireshark application.
Step 2 Open a canned FCoE traffic buffer.
The filename is fcoe-t11.cap.
© 2008 Cisco Systems, Inc. All rights reserved 9 of 52
Step 3 Review an FCoE frame.
© 2008 Cisco Systems, Inc. All rights reserved 10 of 52
Step 4 Find the Ethertype of the FCoE frame.
© 2008 Cisco Systems, Inc. All rights reserved 11 of 52
Step 5 Find the start of frame of the FCoE frame.
Step 6 Find the CRC of the FCoE frame.
© 2008 Cisco Systems, Inc. All rights reserved 12 of 52
Step 7 Find the end of frame of the FCoE frame.
© 2008 Cisco Systems, Inc. All rights reserved 13 of 52
Lab 2: Configuring FCoE in Switch Mode
Activity Objective
In this exercise you will configure basic connectivity to the switch, 802.1q trunking, LACP
Port Channels, Fibre Channel Port Channels, and FCoE connectivity. Note: The exercises in the lab were performed on POD 1. Please use the correct switches, VSANs, VLANs, IP addresses, storage ports, and host associated with your assigned POD.
Activity Procedure
For this first part of the lab you will need to Telnet into the Terminal Server and access the
console of the N5K, as remote access through the management port has not been setup.
Step 1.
Telnet to 128.107.65.194, sign on with a password of labops
Issue the show host command:
Nuova_TermServer>show host
[snip]
Host Port Flags Age Type
Address(es)
tm1 2033 (perm, OK) 21 IP 1.1.1.1
tm2 2034 (perm, OK) 21 IP 1.1.1.1
tm3 2035 (perm, OK) 21 IP 1.1.1.1
tm4 2036 (perm, OK) 21 IP 1.1.1.1
tm5 2037 (perm, OK) 21 IP 1.1.1.1
tm6 2038 (perm, OK) 21 IP 1.1.1.1
tm7 2039 (perm, OK) 21 IP 1.1.1.1
tm9 2044 (perm, OK) 21 IP 1.1.1.1
tm8 2040 (perm, OK) 21 IP 1.1.1.1
© 2008 Cisco Systems, Inc. All rights reserved 14 of 52
tm6500 2042 (perm, OK) 21 IP 1.1.1.1
mds 2047 (perm, OK) 21 IP 1.1.1.1
Console in to the 5020 for your pod, for example, POD 1 would be TM1
Nuova_TermServer>tm1
Translating "tm1"
Trying tm1 (128.107.65.194, 2033)...
% Connection refused by remote host
Deleting login session
If you see the above error message you will need to get enable access to the
terminal server and clear the line as shown below. The enable password is
nuovanuova. If you do not see the error message above you can proceed to step 2
Nuova_TermServer>ena
Password:
Nuova_TermServer#clear line 33
[confirm] <- Hit enter
[OK]
Nuova_TermServer#tm1
Translating "tm1"
Trying tm1 (128.107.65.194, 2033)... Open ���� Hit enter
here
switch# <- Should see this prompt
Step 2. Configure the switch name for the 5020 in your pod, management
VRF, enable SSH server, and verify connectivity through the management port.
switch# configure
switch(config)# switchname TM1 ���� POD Specific
TM1(config)# vrf context management
TM1(config-vrf)# ip route 0.0.0.0/0 128.107.65.193
© 2008 Cisco Systems, Inc. All rights reserved 15 of 52
TM1(config-vrf)# exit
TM1(config)# ssh key rsa 1024
TM1(config)# ssh server enable
Verify you can now telnet and SSH into the 5020 for your POD.
Step 3. Using Telnet or SSH, configure the switch for 802.1q trunking and
LACP port channels. Please use the VLAN specific to your POD.
TM1(config)# vlan 21x ���� VLAN for your POD. Replace x
with your POD number.
TM1(config-vlan)# name podx_VLAN ���� Again POD specific
TM1(config-vlan)# exit
TM1(config)# feature lacp
TM1(config)# interface port-channel x ���� Again POD
specific
TM1(config-if-range)# exit
TM1(config)# interface ethernet 1/3-4
TM1(config-if-range)# channel-group x mode active ���� Again
POD specific
Ethernet1/3 Ethernet1/4 added to port-channel1
TM1(config-if-range)# interface port-channel x ���� Again POD
specific
TM1(config-if)# switchport mode trunk
TM1(config-if)# switchport trunk allowed vlan 21x ���� Again
POD specific
TM1(config-if)# no shut
Verify the Port channel is up and both interfaces are up and active in the
port channel
TM1# sh port-channel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
© 2008 Cisco Systems, Inc. All rights reserved 16 of 52
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
--------------------------------------------------------------
-------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------
-------------
1 Po1(SU) Eth LACP Eth1/3(P) Eth1/4(P)
Step 4. In this next step you will configure SAN Port Channels and VSANs
First turn on the FCoE feature. This will require a reboot of the switch to go into
effect.
TM1(config)# feature fcoe
2008 Aug 13 22:56:01 switch %$ VDC-1 %$ %PFMA-2-
FC_LICENSE_DESIRED: FCoE/FC feature will be enabled after
the configuration is saved followed by a reboot
TM1# copy run startup-config
[########################################] 100%
Packaging and storing to flash: \
TM1# reload
Once the switch comes back up create the vsan needed for your POD
TM1#configure
TM1(config)# vsan data
TM1(config-vsan-db)# vsan 1x ���� VSAN for your POD.
Replace x with your POD number.
TM1(config-vsan-db)# exit
© 2008 Cisco Systems, Inc. All rights reserved 17 of 52
Next create the SAN port channel, prune it for the correct VSANs
(VSAN 1 and your POD VSAN #) and add the FC interfaces.
TM1(config)# interface san-port-channel 1x ���� POD
specfic. Replace x with your POD number.
TM1(config-if)# switchport trunk allowed vsan 1
TM1(config-if)# switchport trunk allowed vsan add
1x
TM1(config-if)# interface fc3/3-4
TM1(config-if)# channel-group 1x force
fc3/3 fc3/4 added to san-port-channel 11 and
disabled
please do the same operation on the switch at the
other end of the channel, then do "no shutdown" at
both ends to bring them up
TM1(config-if)# no shut
TM1(config)# interface san-port-channel 1x
TM1(config-if)# no shut
TM1(config-if)# end
Verify the SAN Port Channel is up and Trunking.
TM1# show interface san-port-channel 1x
san-port-channel 11 is trunking
Hardware is Fibre Channel
Port WWN is 24:0b:00:0d:ec:6d:90:40
Admin port mode is auto, trunk mode is on
snmp link state traps are enabled
Port mode is TE
Port vsan is 1
© 2008 Cisco Systems, Inc. All rights reserved 18 of 52
Speed is 8 Gbps
Trunk vsans (admin allowed and active) (1,11)
Trunk vsans (up) (1,11)
Trunk vsans (isolated) ()
Trunk vsans (initializing) ()
[snip]
TM1# sh san-port-channel summary
--------------------------------------------------------------
------------
Group Port Type Protocol Status Member
Ports
Channel
--------------------------------------------------------------
------------
11 san-port-channel 11 FC NONE U fc3/3
(P)
fc3/4
(P)
Step 5. In this next step you will configure a VLAN to be a FCoE capable VSAN. This is
VLAN to VSAN mapping. Create virtual FC interface, assign to Ethernet interface and add
the vfc to the VSAN
Configure the Virtual Interface Group, and bind it to the real ethernet interface of your
host.
TM1(config)# vlan 21x
TM1(config-vlan)# fcoe vsan 1x
Create the virtual Fibre Channel interface, and move it to the VSAN assigned to your
pod. (VSAN 11 = Pod1, VSAN 12 = Pod2…)
TM1(config-if)# interface vfc28
© 2008 Cisco Systems, Inc. All rights reserved 19 of 52
TM1(config-if)# no shut
TM1(config-if)# bind interface Ethernet1/28
Add Virtual Fibre Channel (vfc) Interface to the VSAN database
TM1 (config-vsan-db)#vsan database
TM1 (config-vsan-db)#vsan 1x interface vfc 28
Add the Ethernet interface to your FCoE vlan
TM1(config)# int ethernet 1/28
TM1(config-if)# switchport access vlan 21x
Note: The vFC interface will be down awaiting the VLAN
assignment vfc27 is down (STP not forwarding in FCoE
Mapped VLAN)
Verify your CNA host is logged into the fabric and
registered with the name server
TM1# sh flogi data vsan 1x
---------------------------------------------------------
-----------
INTERFACE VSAN FCID PORT NAME
NODE NAME
-----------------------------------------------------
-------------
vfc28 11 0x2e0001 21:01:00:1b:32:36:a2:ed
20:01:00:1b:32:36:a2:ed
Total number of flogi = 1.
TM1# sh fcns database vsan 1x
VSAN 11:
© 2008 Cisco Systems, Inc. All rights reserved 20 of 52
-----------------------------------------------------------
---------
FCID TYPE PWWN (VENDOR)
FC4-TYPE:FEATURE
-----------------------------------------------------------
---------
0x080000 N 50:06:0b:00:00:26:10:b4 (HP)
scsi-fcp:target
0x2e0001 N 21:01:00:1b:32:36:a2:ed
scsi-fcp:init
Total number of entries = 2
Step 6. Understanding what is zoned in your Nexus 5020. Actual zoning is not
done in the lab for it is all pre-provisioned in the core MDS and applied when the
ISL’s are connected from your Nexus 5020 in your pod
Current zoning pushed out by the 9134 Core switch to all
Pods, taken from MDS 9134
GOLD-LAB-MDS9134# sh zoneset active
zoneset name ZS_V11 vsan 11
zone name Z_V11 vsan 11
* fcid 0x2e0001 [pwwn 21:01:00:1b:32:36:a2:ed]
* fcid 0x5c0400 [pwwn 50:06:0b:00:00:1e:8a:a9]
zoneset name ZS_V12 vsan 12
zone name Z_V12 vsan 12
* fcid 0x710001 [pwwn 21:01:00:1b:32:36:b2:ed]
* fcid 0x8d0600 [pwwn 50:06:0b:00:00:26:10:b5]
zoneset name ZS_V13 vsan 13
zone name Z_V13 vsan 13
© 2008 Cisco Systems, Inc. All rights reserved 21 of 52
* fcid 0x030100 [pwwn 50:06:0b:00:00:1e:89:89]
* fcid 0xa50001 [pwwn 21:01:00:1b:32:36:12:ec]
zoneset name ZS_V14 vsan 14
zone name Z_V14 vsan 14
* fcid 0x410001 [pwwn 10:00:00:00:c9:3c:cc:cf]
* fcid 0xd40100 [pwwn 50:06:0b:00:00:1e:89:6c]
zoneset name ZS_V15 vsan 15
zone name Z_V15 vsan 15
* fcid 0x680002 [pwwn 21:01:00:1b:32:36:06:ec]
* fcid 0x780500 [pwwn 50:06:0b:00:00:1e:89:88]
zoneset name ZS_V16 vsan 16
zone name Z_V16 vsan 16
* fcid 0x1e0002 [pwwn 21:01:00:1b:32:36:07:ec]
* fcid 0xa70600 [pwwn 50:06:0b:00:00:1e:8a:a8]
zoneset name ZS_V17 vsan 17
zone name Z_V17 vsan 17
* fcid 0xd90000 [pwwn 21:01:00:1b:32:36:1d:ec]
* fcid 0xc70900 [pwwn 50:06:0b:00:00:26:10:b4]
Verify your pod zoneset is active on your Nexus 5020 (example showing pod 13
zone)
TM3(config)# show zoneset active
© 2008 Cisco Systems, Inc. All rights reserved 22 of 52
zoneset name ZS_V13 vsan 13
zone name Z_V13 vsan 13
* fcid 0x030100 [pwwn
50:06:0b:00:00:1e:89:89] � LUN
* fcid 0xa50001 [pwwn
21:01:00:1b:32:36:12:ec] � CNA
Step 7. Remote desktop into the server for your POD and verify the host can
see storage. Server1 should have an 11G disk defined, Server2 should have a
12G disk defined, and so on..
© 2008 Cisco Systems, Inc. All rights reserved 23 of 52
Step 8. Open Disk Management.
Step 9. Find the LUN allocated for your server based on the size.
© 2008 Cisco Systems, Inc. All rights reserved 24 of 52
Step 10. Verify Ethernet and FC devices are viewable in Device Manager.
© 2008 Cisco Systems, Inc. All rights reserved 25 of 52
Step 11. Load the SANSurfer or HBAnywhere utility and get familiar with
the parameters available for the CNA
© 2008 Cisco Systems, Inc. All rights reserved 26 of 52
Step 12. The next step will be to configure an IP address on the CNA and see if
you can ping through the 5K Port Channel, to the VLAN interface configured for
your POD on the CAT6k. If you can’t identify the correct CNA port to use ask your
instructore for help. For example, POD1:
Pod1: CAT VLAN 211 IP Address = 11.1.1.1/24 Server IP Address =
11.1.1.5/24
Pod2: CAT VLAN 212 IP Address = 11.1.2.1/24 Server IP Address =
11.1.2.5/24
Pod3: CAT VLAN 213 IP Address = 11.1.3.1/24 Server IP Address =
11.1.3.5/24
Pod4: CAT VLAN 214 IP Address = 11.1.4.1/24 Server IP Address =
11.1.4.5/24
Pod5: CAT VLAN 215 IP Address = 11.1.5.1/24 Server IP Address =
11.1.5.5/24
Pod6: CAT VLAN 216 IP Address = 11.1.6.1/24 Server IP Address =
11.1.6.5/24
Pod7: CAT VLAN 217 IP Address = 11.1.7.1/24 Server IP Address =
11.1.7.5/24
Pod8: CAT VLAN 218 IP Address = 11.1.8.1/24 Server IP Address =
11.1.8.5/24
© 2008 Cisco Systems, Inc. All rights reserved 27 of 52
© 2008 Cisco Systems, Inc. All rights reserved 28 of 52
Lab 3: Configuring NPV
Note to instructor:
The Lab instructor will need to delete the port-channels from the core MDS9134, and set all F-ports going to the N5K’s from E to auto, assign the ports to proper VSANs.
Activity Objective
In this exercise you will configure FCoE with the N5K running in NPV mode.
Note: The exercises in the lab were performed on POD 1. Please use the correct switches, VSAN, storage port, and host associated with your assigned POD.
Activity Procedure
Step 1 For this first part of the lab you will need to Telnet into the Terminal Server and
access the console of the N5K, as NPV will do a write erase and reboot the switch.
Telnet to 128.107.65.194, sign on with a password of labops
Issue the show host command:
Nuova_TermServer>show host
[snip]
Host Port Flags Age Type
Address(es)
tm1 2033 (perm, OK) 21 IP
1.1.1.1
tm2 2034 (perm, OK) 21 IP
1.1.1.1
tm3 2035 (perm, OK) 21 IP
1.1.1.1
tm4 2036 (perm, OK) 21 IP
1.1.1.1
tm5 2037 (perm, OK) 21 IP
1.1.1.1
© 2008 Cisco Systems, Inc. All rights reserved 29 of 52
tm6 2038 (perm, OK) 21 IP
1.1.1.1
tm7 2039 (perm, OK) 21 IP
1.1.1.1
tm9 2044 (perm, OK) 21 IP
1.1.1.1
tm8 2040 (perm, OK) 21 IP
1.1.1.1
tm6500 2042 (perm, OK) 21 IP
1.1.1.1
mds 2047 (perm, OK) 21 IP
1.1.1.1
Console in to the 5020 for your pod, for example, POD 1 would be TM1
Nuova_TermServer>tm1
Translating "tm1"
Trying tm1 (128.107.65.194, 2033)...
% Connection refused by remote host
Deleting login session
If you see the above error message you will need to get enable access to the terminal
server and clear the line as shown below. The enable password is nuovanuova. If you do
not see the error message above you can proceed to step 2
Nuova_TermServer>ena
Password:
Nuova_TermServer#clear line 33
[confirm] <- Hit enter
[OK]
Nuova_TermServer#tm1
Translating "tm1"
Trying tm1 (128.107.65.194, 2033)... Open ���� Hit enter here
switch# <- Should see this prompt
© 2008 Cisco Systems, Inc. All rights reserved 30 of 52
Step 2 Configure the switch for NPV mode.
TM1(config)# npv enable
Verify that boot variables are set and the changes are saved.
Changing to npv mode erases the current configuration and
reboots the switch in npv mode. Do you want to continue?
(y/n):y
When the switch boots, you will notice the following:
Verify you can now telnet and SSH back into the 5020 for your POD. Notice that all IP
and boot imformation was retained. Same is true for management VRF, switchname,
and the FCoE feature that you enabled in the previous lab. Note however, that all the
Ethernet Port channel, VLAN, VSAN, VIG, zoning, and SAN port channel infromation
is gone.
Notice your FC ports now default to NP ports:
TM1# sh int brief
---------------------------------------------------------------------------
Interface Vsan Admin Admin Status SFP Oper Oper Port
Mode Trunk Mode Speed Channel
Mode (Gbps)
----------------------------------------------------------------------
-----
fc3/1 1 NP -- sfpAbsent -- --
--
fc3/2 1 NP -- sfpAbsent -- --
--
POST is completed Checking all filesystems..... done. . Loading system software Uncompressing system image: bootflash:/n5000-uk9.4.0.0.N1.2.475.bin n_port virtualizer mode.n_port virtualizer mode.
© 2008 Cisco Systems, Inc. All rights reserved 31 of 52
fc3/3 1 NP -- down swl --
--
fc3/4 1 NP -- down swl --
--
Step 3 In this next step you will configure the VSAN for your POD, assign the NP ports
to this VSAN, no shut the ports, and verify. Ask the instructor to do the same on the MDS
core switch.
TM1# configure
TM1(config)# vsan data
TM1(config-vsan-db)# vsan 1x ���� Again POD specific
TM1(config-vsan-db)# vsan 1x interface fc3/3-4 ���� Again
POD specific
TM1(config-vsan-db)# show vsan mem
vsan 1 interfaces:
fc3/1 fc3/2
vsan 11 interfaces:
fc3/3 fc3/4
vsan 4094(isolated_vsan) interfaces:
TM1(config-vsan-db)# int fc3/3-4
TM1(config-if)# no shut
TM1(config-if)# sh int brief
[snip]
fc3/3 11 NP -- up swl
NP 4
fc3/4 11 NP -- up swl
NP 4
TM1(config-if)# exit
© 2008 Cisco Systems, Inc. All rights reserved 32 of 52
Step 4 In this next step you will configure your host with CNA for FCoE connectivity. All
hosts should be connected to port 1/28.
Configure the Virtual Interface Group, and bind it to the real ethernet interface of your
host.
TM1(config)# vlan 21x
TM1(config-vsan-db)# fcoe vsan 1x
Create the virtual Fibre Channel interface, and move it to the VSAN assigned to your
pod. (VSAN 11 = Pod1, VSAN 12 = Pod2…)
TM1(config-if)# interface vfc28
TM1(config-if)# no shut
TM1(config-if)# bind interface Ethernet1/28
Add Virtual Fibre Channel (vfc) Interface to the VSAN database
TM1 (config-vsan-db)#vsan database
TM1 (config-vsan-db)#vsan 1x interface vfc 28
Add the Ethernet interface to your FCoE vlan
TM1(config)# int ethernet 1/28
TM1(config-if)# switchport access vlan 21x
Note: The vFC interface will be down awaiting the VLAN
assignment vfc27 is down (STP not forwarding in FCoE
Mapped VLAN)
Verify your CNA host is logged into the fabric
TM1# sh npv flogi-table
-------------------------------------------------------------------
-------------
SERVER
EXTERNAL
© 2008 Cisco Systems, Inc. All rights reserved 33 of 52
INTERFACE VSAN FCID PORT NAME NODE NAME
INTERFACE
-------------------------------------------------------------------
-------------
vfc28 11 0x080101 21:01:00:1b:32:36:a2:ed
20:01:00:1b:32:36:a2:ed fc3/3
Total number of flogi = 1.
Step 5 The zoning should be in place from the previous lab, work with your instructor to
verify and correct as needed if this is not the case. You will not be able to verify
zoning on the NPV N5K switch.
Verify zoneset is active on core switch
MDS(config)# show zoneset active vsan 1x
zoneset name pod1_fcoe_zs vsan 11
zone name pod1_fcoe_zone vsan 11
* fcid 0x080000 [pwwn 50:06:0b:00:00:26:10:b4]
* fcid 0x2e0001 [pwwn 21:01:00:1b:32:36:a2:ed]
zone name $default_zone$ vsan 11
© 2008 Cisco Systems, Inc. All rights reserved 34 of 52
Step 6 Remote desktop into the server for your POD and verify the host can
see storage. Server1 should have an 11G disk defined, Server2 should have a
12G disk defined, and so on.
Step 7 Start Computer Management and select Disk Management.
© 2008 Cisco Systems, Inc. All rights reserved 35 of 52
© 2008 Cisco Systems, Inc. All rights reserved 36 of 52
Step 8 Find the LUN allocated for your server based on the size. For POD 1, the size of
the LUN is 10.99GB. For POD 2, the size of the LUN is 11.99GB and so on.
Step 9 Verify Ethernet and FC devices are viewable in Device Manager.
© 2008 Cisco Systems, Inc. All rights reserved 37 of 52
© 2008 Cisco Systems, Inc. All rights reserved 38 of 52
Step 10 Load the SANSurfer or HBAnywhere utility and get familiar with the
parameters available for the CNA
Step 11 Run the following NPV commands on the N5K and verify all is
working.
TM1# show npv internal errors
TM1# show npv internal info external-interface all
TM1# show npv internal info server-interface all
TM1# show npv internal info vsan (podvsan)
TM1# sh npv status vsan (podvsan)
© 2008 Cisco Systems, Inc. All rights reserved 39 of 52
Lab 4: QOS lab
Section Objective: Configure and setup System Policies and QOS mapping. marked End results will be to set jumbo support for a marked COS value
At the end of the session, the participants should be able to:
• Define NX5000 System Classes
• Understand Configuration Steps based on MQC
• Configure Class-map
• Configure Policy-map
• Apply Policy to System
• Apply Policy to Ingress Interface
• Apply Policy to Egress Interface
The platform has four default classes:
� class-fcoe—Cannot be deleted, but can be modified
� Sup-Hi-Ethernet—Cannot be deleted or modified
� Sup-Lo-Ethernet—Cannot be deleted or modified
� class-default—Best-effort class
� Up to four custom classes can be added
Note: The system jumbo mtu default and minimum are both 2214 bytes; the maximum is 9 K
Lab Configuration Steps to set Jumbo frames for COS 2 across complete system
© 2008 Cisco Systems, Inc. All rights reserved 40 of 52
1) Create Class Map to have traffic with cos 2 use class-map test1
TM3(config)#class-map test1
match cos 2
2) Create Policy Map for the cos 2 traffic to use MTU Jumbo & no-drop
policy-map training class test1 mtu 9216 pause no-drop
3) Apply Policy to System QOS for use by complete switch
TM3(config)# system qos TM3(config-sys-qos)# service-policy training
Applying a Policy to Egress interface – police limit of 20 percent for cos 4
1) Create the map name you will use to look for the COS marking class-map map1 match cos 4 2) Create a policy map name to assign your class map to and apply the options for the policy policy-map egress1 class map1 bandwidth percent 20
© 2008 Cisco Systems, Inc. All rights reserved 41 of 52
class class-default � need to reduce the class-default from the default of 50 to 30 to fit the 20% for class map1
bandwidth percent 30 3) Go back into the existing policy map used by system and add the new class-map policy-map training class test1 mtu 9216 These are all ready applied pause no-drop class map1
4) Apply the policy-map that is use to police COS 4 to 20 percent of bandwidth
interface Ethernet1/1 service-policy output egress1
Show commands for verification
Show class-map Show policy-map interface sho int priority-flow-control
show system qos TM1# sh class-map Class Map test1 Match cos 2 Class Map map1 Match cos 4 Class Map testing Match none Class Map class-fcoe
© 2008 Cisco Systems, Inc. All rights reserved 42 of 52
Match cos 3 Class Map class-default Match any TM1# show system qos System QoS configuration ------------------------ System qos service-policy : training TM1# sh policy-map interface ethernet 1/1 Ethernet1/1 Service-policy system: training class-map: map1 Statistics: Pkts received over the port : 0 Ucast pkts sent to the cross-bar : 0 Ucast pkts received from the cross-bar : 0 Pkts sent to the port : 0 Pkts discarded on ingress : 0 Per-priority-pause status : Rx (Inactive), Tx (Inactive)
© 2008 Cisco Systems, Inc. All rights reserved 43 of 52
Lab 5a: Trace Tools
Activity Objective
� In this exercise, you will use the span/monitor function of the N5K to direct
Fibre Channel frames (source) to a 10GE port (destination) connected to a
host running WireShark and equiped with a CNA.
Activity Procedure
Step 1. Configure the span session on the N5K. You must choose a port that
is currently not being used for FCoE or you will see an error message and the
configuration wont take. In our case we will us ethe second port of the CNA.
First setup the monitor port using the second “unbound” CNA port.
TM1(config)# interface ethernet 1/27
TM1(config-if)# switchport monitor
TM1(config-if)# no shut
Create the monitor session, using the VFC interface you setup previously as
the source and the monitor port you configured above as the detsination.
TM1(config-if)# monitor session 1
TM1(config-monitor)# source interface vfc28?
<CR>
, Comma
- Hyphen
both both
rx ingress
tx egress
TM1(config-monitor)# source interface vfc28 both
© 2008 Cisco Systems, Inc. All rights reserved 44 of 52
TM1(config-monitor)# destination interface ethernet
1/27
TM1(config-monitor)# no shut
Verify the monitor session is up
TM1(config-monitor)# sh monitor session 1
session 1
---------------
type : local
state : up
source intf :
rx : vfc28
tx : vfc28
both : vfc28
source VLANs :
rx :
source VSANs :
rx :
destination ports : Eth1/27
Step 2. Remote desktop to the server in your POD and open Wireshark.
© 2008 Cisco Systems, Inc. All rights reserved 45 of 52
Step 3. Prepare the interface.
Step 4. Find and select the correct adaptor to the WireShark. Start capture
packets on the interface that is not being used for FCoE, which is the
interface that doesn’t have the address 11.1.X.5(X is your POD number).
© 2008 Cisco Systems, Inc. All rights reserved 46 of 52
Step 5. Remove any filter, and un-check the Update list of packets in real
time and Hide capture info dialog boxes.
© 2008 Cisco Systems, Inc. All rights reserved 47 of 52
Step 6. Flap the VFC port that you used as a source port, and stop the trace
when the device FLOGIs back into the switch
TM1(config-monitor)# int vfc28
TM1(config-if)# shut
TM1(config-if)# no shut
TM1(config-if)# sh npv flogi-table
No flogi sessions found.
TM1(config-if)# sh npv flogi-table
-----------------------------------------------------------
----------------
INTERFACE VSAN FCID PORT NAME
NODE NAME
-----------------------------------------------------------
----------------
vfc28 11 0x2e0001 21:01:00:1b:32:36:a2:ed
20:01:00:1b:32:36:a2:ed
Total number of flogi = 1.
Step 7. Filter the PAUSE frames to make the trace readable.
© 2008 Cisco Systems, Inc. All rights reserved 48 of 52
Step 8. You should see your Fibre Channel Frames, decodes as pre FC-
T11
© 2008 Cisco Systems, Inc. All rights reserved 49 of 52
© 2008 Cisco Systems, Inc. All rights reserved 50 of 52
Lab 5b: Trace Tools
Activity Objective
� In this exercise, you will use Ethanalyzer feature to capture a CNA logging into
the N5K.
Step 1. Configure the EthAnalyzer function to capture a fabric login of your host.
For this exercise you will need two SSH or Telnet connections to the switch. You will
configure Ethanalyzer in one session, and shut/ no shut the VFC interface in the
other.
Telnet Session 1
TM1(config-if)# shut
TM1(config-if)# no shut
TM1(config-if)# sh npv flogi-table
---------------------------------------------------------------
------------
INTERFACE VSAN FCID PORT NAME NODE
NAME
---------------------------------------------------------------
------------
vfc28 11 0x2e0001 21:01:00:1b:32:36:a2:ed
20:01:00:1b:32:36:a2:ed
Total number of flogi = 1.
Telnet Session2
Once you see the VFC interface logged in in the FLOGI database display in
Telnet session 1, press Ctrl-C in this Telnet session.
TM1(config)# ethanalyzer local interface inbound-hi brief
limit-captured-frames 0
2008-08-14 05:12:09.133555 00:0d:ec:6d:90:40 ->
0e:fc:00:ff:ff:fd 6 0 ff.ff.fd -> ff.ff.fd 0x510
0xffff SW_ILS HLO
© 2008 Cisco Systems, Inc. All rights reserved 51 of 52
2008-08-14 05:12:09.134230 00:0d:ec:6d:90:40 ->
aa:bb:cc:dd:01:04 6 0 ff.ff.fd -> ff.ff.fd 0x510
0x43b FC Link Ctl, ACK1
2008-08-14 05:12:09.383471 00:0d:ec:6d:90:40 ->
0e:fc:00:ff:ff:fd 4 0 ff.ff.fd -> ff.ff.fd 0x156c
0xffff SW_ILS HLO
2008-08-14 05:12:09.384203 00:0d:ec:6d:90:40 ->
aa:bb:cc:dd:01:04 4 0 ff.ff.fd -> ff.ff.fd 0x156c
0xd6ec FC Link Ctl, ACK1
2008-08-14 05:12:09.653732 00:0d:ec:6d:90:63 ->
01:80:c2:00:00:00 5 0 00:0d:ec:6d:90:63 ->
01:80:c2:00:00:00 0x0 0x0 STP RST. Root =
4096/00:11:bc:52:20:d3 Cost = 1 Port = 0x8081
2008-08-14 05:12:09.762873 00:1e:be:b0:45:68 ->
01:00:0c:cc:cc:cd 5 0 00:1e:be:b0:45:68 ->
01:00:0c:cc:cc:cd 0x0 0x0 STP RST. Root =
4096/00:11:bc:52:20:d3 Cost = 0 Port = 0x8681
[snip]
2008-08-14 05:12:13.625256 00:c0:dd:0a:a4:d9 ->
0e:fc:00:ff:ff:fe 6 0 00.00.00 -> ff.ff.fe 0x5 0xffff
FC ELS FLOGI
2008-08-14 05:12:13.645838 00:0d:ec:6d:90:40 ->
00:c0:dd:0a:a4:d9 6 0 ff.ff.fe -> 2e.00.01 0x5 0x513
FC ELS ACC (FLOGI)
2008-08-14 05:12:13.646026 00:0d:ec:6d:90:40 ->
aa:bb:cc:dd:01:04 6 0 2e.00.01 -> ff.ff.fc 0x6 0xffff
FC ELS PLOGI
2008-08-14 05:12:13.646116 00:0d:ec:6d:90:40 ->
0e:fc:00:2e:00:01 6 0 ff.ff.fc -> 2e.00.01 0x6 0x514
FC ELS ACC (PLOGI)
2008-08-14 05:12:13.646028 00:0d:ec:6d:90:40 ->
aa:bb:cc:dd:01:04 6 0 2e.00.01 -> ff.ff.fd 0x7 0xffff
FC ELS SCR
2008-08-14 05:12:13.646395 00:0d:ec:6d:90:40 ->
0e:fc:00:2e:00:01 6 0 ff.ff.fd -> 2e.00.01 0x7 0x515
FC ELS ACC (SCR)
2008-08-14 05:12:13.646985 00:0d:ec:6d:90:40 ->
0e:fc:00:ff:fc:08 6 0 ff.fc.2e -> ff.fc.08 0x516
0xffff SW_ILS SW_RSCN
[snip]
© 2008 Cisco Systems, Inc. All rights reserved 52 of 52
153 packets captured