2.1(1a) UCSM zoning?

I just finished my upgrade to 2.1(1a) and need help.  I have a NAS server, attached to the FI and configured as a storage FCoE port.  I also have a Compellent SAN directly related to the FI.  We don't all have switches upstream for zoning or anything like that.  Before the upgrade, I had disabled on my VSAN zoning and everything worked fine. I just did on the side of SAN LUN masking for secure access to the LUNS.  Since the upgrade and have zoning now active on the VSAN my NAS is no longer able to see the SAN.  I know that it is because there is no area created for her, as there is of my blades.  My question is how can I create a box for the SIN so that she can access it's LUN on the SAN again?  I looked through the CLI and the functionality is not in the NXOS.  Any help would be greatly appreciated.

Thank you

Don

Expected a direct attach NAS to see a live table attach is not supported.   You were probably default profit of zoning that allows you to "see everything for everything."  As you say that you relied on the masking of security.

We have voluntarily removed this feature (default zoning) due to problems, we've been see.  Features fc of zoning is intended for blade <->communications target only, no NAS or other directly connect <->target zoning.

Kind regards

Robert

Tags: Cisco DataCenter

Similar Questions

  • 2.0(1t) UCSM dislikes Java 1.7

    Guys,

    I have no chance whatsoever with UCSM 2.0(1t) departure on a Windows 2003 R2 (32-bit) machine: it says "Java detected 1.7, Java 1.6 (or MORE) required.

    The notes say: "the Cisco UCS Manager GUI is a Java application that requires Sun JRE 1.6 or higher.

    So what's the bottom line - will I expect UCSM 2.0 to work with Java 1.7, or not?

    Kind regards

    Radek

    Javea 1.7 is supported on version 2.0 (3) and newer.  2.0 (3) is currently available for download from EAC.

    Kind regards

    Robert

  • How to check on UCSM NTP synchronization?

    Hi all

    Just my feet wet with UCS and have our first basically installation system.

    However, I have defined 2 NTP servers in UCSM but it doesn't seem to work.   I have hunted for an equivalent display status ntp IOS, but so far, have not found a.

    Is there a way to check the status of time synchronization? Or would be seized errors in a newspaper anywhere?

    Thank you

    Anthony

    Anthony

    YEW running that controls several aircraft viz NXOS and UCSM local administration.

    UCSM is the only way to configure the system while others are read-only.

    You can check the status of the plan NXOS ntp.

    To do this, ssh for the VIP.

    connect nxos

    At this point, you are connected to the NXOS plan and view orders / debugs are applicable.

    'See the ntp?' and you will see the options as the State and peers.

    Thank you

    -Matt

  • UCSM showing the reason: NHS source pinning failed.

    Hello

    I have UCSM 2.2.3g and B200M4 with UCS FI 6248.

    I'm getting NHS source pinning is not...

    How can I solve this problem...

    Please see attached screenshot for details...

    Unless you configure VLAN disjoint, all the VLANS defined on UCS FI are included automatically in the trunks ethernet to the North; nothing special to do.

    See also

    http://ciscoquicklinks.com/Tip-Datacenter-UCS-uplink-port-configuration-...

  • Stop the service UCSM on FI

    Anyone know how to stop the UCSM service on a financial institution active to force the failover? Either from the FI

    CLI or the UCSM?

    Deliver the cluster host and verify that HA is running and that is main first, then plug it local-mgmt [has | b] command

    In the example below, the A is initailly primary, after the main group b, B is the main

    FI6100-1A # show cluster extended State
    The ID of the cluster: 0x79c0e920540811e0-0x9239000decd35dc4

    Start time: Sat Mar 26 02:35:30 2011
    Last election: Sat Mar 26 02:35:57 2011

    A: UPWARD ELEMENTARY SCHOOL
    B: UP, SUBORDINATE

    A: Member State UP, lead, State State PRIMARY, mgmt services: UP
    B: Member State UP, lead SUBORDINATES, mgmt services state: to the TOP
    State of PRIMARY_OK heartbeat

    INTERNAL NETWORK INTERFACES:
    eth1, up to
    eth2, up to

    HA READY
    Detailed statement of the unit selected for storage HA:
    Chassis, serial: FOX1326G5KH, status: Active

    FI6100-1A # local-mgmt to connect a
    FI6100-1-A(local-Mgmt) # cluster lead
    a and b
    FI6100-1-A(local-Mgmt) # cluster lead b
    The ID of the cluster: 0x79c0e920540811e0-0x9239000decd35dc4
    FI6100-1-A(local-Mgmt) # connection to 172.25.183.132 closed by the remote host.
    Connection to 172.25.183.132 closed.

    Check

    FI6100-1-B # show cluster extended State
    The ID of the cluster: 0x79c0e920540811e0-0x9239000decd35dc4

    Start time: Sat Mar 26 02:36:43 2011
    Last election period: Sun Apr 5 00:32:55 2011

    B: UPWARD, PRIMARY
    R: UP, SUBORDINATE

    B: Member State UP, lead, State State PRIMARY, mgmt services: UP
    A: Member State UP, lead SUBORDINATES, mgmt services state: to the TOP
    State of PRIMARY_OK heartbeat

    INTERNAL NETWORK INTERFACES:
    eth1, up to
    eth2, up to

    HA READY
    Detailed statement of the unit selected for storage HA:
    Chassis, serial: FOX1326G5KH, status: Active

  • List UCSM offshore all Webinterface .jar files / McAfee blocked ccore.jar

    Hi guys,.

    I'm looking for a list of all the .jar files UCSM loads at startup, basically the folder/ucsm/unpacked.

    We are using MCafee Enterprise 8.8 AV and it seems to block access to the ccore.jar file.

    I'm trying to get a rule file for exclusion from our IT for management servers, and I was wondering if someone could give me a list of these files.

    If you know of a fix for the issue that has no exception rules you are welcome to help me

    Kind regards

    Constantin

    If you open the file ucsm.jnlp (the file that will be downloaded on your machine when you try to launch UCSM GUI) in a text editor, then you will see entries like:

    and this will give you the complete list of jar files downloaded from the switch on your machine for the launch of GUI de UCSM.

    for example

    http://java.sun.com/products/autodl/j2se' java-vm-args = "" - Dsun.java2d.d3d = false - XX: + HeapDumpOnOutOfMemoryError - XX: MaxPermSize = 256 m "initial heap size ="128 M"max-heap-size ="768 M"/ >"

    Thank you
    Varun

  • UCSM integration with the series C - non-nexus 2 k for the management?

    Is it possible to integrate the grid of series C rises (particularly C250 M2) with UCSM without using the 2248 management in accordance with this article for the C200 http://www.cisco.com/en/US/docs/unified_computing/ucs/c/hw/C200M1/install/ucsm-integration.html

    I guess we would be able to plug ports LOM on the C250 on a different switch IE of 3750 which would be connected by uplink to the FI 61xx. The ANC on the C250 map would be connected directly to the FI 61xx. Would this work?

    The integration guide refers only to the Nexus 2248 FEX which we do not have and I can find no confirmation elsewhere.

    Thanks in advance

    Tim

    Of course, the Nexus 2 k is similar to the IOM module (2104) in 5108 chassis.

    To keep the same logic of control plan the Nexus 2 k provides similar functionality.

    All under the Nexus 2 k will have a chassis 'rack mount '. The nexus 2 k is not a switch by saying but a 'slave' off the parent device "switch / stop host mode" (6100). A normal switch / normal typical would not work in this case.

  • UCSM / VMware vCenter Server dependencies for vDS

    I'm still trying to wrap my head around the differences between the vDS created via UCSM / VMware vCenter integration and the traditional N1K.

    If correctly, the vDS UCSM (1.4) does not require the VSM device which is necessary with the N1K.  And if that is correct, is there any dependency on vCenter?  If vCenter falls down the vDS will continue to operate normally as made them act as the VSM?

    Pete,

    There is a dependency on vCenter, similar to N1kv (software) and UCSM vDS (hardware), applies to both methods of implementation. However, if vCenter goes down the current state of the operation continues. When a change occurs on the virtual machine, that is where should be upward a vCenter race.

    Concerning best practices, I was that it is better to have everything on the vDS for operational reasons. You can then apply and manage the kernal ports in the same case that VM vNIC. QoS, etc... There is a nice documentation on www.cisco.com/go/designzone data Center on this topic.

    HTH

    Thank you

    Eric

  • Only access via UCSM KVM

    I am able to restrict users to the KVM console only in UCSM?

    What are the roles I have to assign to the user to ensure that all they can do is access the KVM Console?

    It is not a huge problem if they get the UCSM itself read-only rights.

    Create a role called "KVM-Only" or similar and affect only the privilege of "service-profile-server-oper.  Then, create a user as "KVM User" and him given that the role of KVM only.  They will be able to launch the full UCSM or KVM Launcher, but only have privileges access KVM.

    Alternative if you want to only grant access KVM while preventing access by connection/UCSM.     Configure an IPMI profile with ipmi-user named something like 'helpdesk' for example. Creating 'helpdesk' offer the privilege of ipmi admin. assign this IPMI-profile to the profile of your server service.      Then use the following link on your browser

    http:///ucsm/kvm.jnlp

    or

    http:///ucsm/kvm.jnlp?kvmIpAddr=w.x.y.z (where w.x.y.z is the Management IP
    
of the blade or Service profile you wish to provide access to)

    It will open a KVM connection screen. Enter the username 'helpdesk' and assigned password and the MMIC-server you have configured IP address.  Address IP of MMIC lie on the Hardware tab, by selecting the blade, then the right selection inventory - MMIC.  The MMIC IP is listed under the section "Management Interface."             This will open the KVM from that server. Also, the ipmi vinay-kvm user only WILL NOT be able to connect to regular UCSM GUI Note that in version 1.3 - MMIC IP is static and will remain with the hardware of server/slot.  In the latest version 1.4, you can join the IP of CIMC/IPMI address your service profile so that it will follow him around everywhere where the profile is associated with.

    Kind regards

    Robert

  • UCSM VM - FEX create when port-profile name cannot be used. (dot)

    UCSM q with 6120XP 2.01

    I can create using port-profile. (dot) for example "VLAN30 - 192.168.1", but it causes a warning message (pictured below)

    so I try to change the name of VLAN30-192-168-1 it can work very well

    My question is can I use. (point) in my profile of the port name?

    PS. I checked the manual of cisco

    This name can be between 1 and 31 ASCII alphanumeric. You can not

    Use spaces or other special characters as - (dash) _

    (underscore character). (period), and: (colon), and you cannot change this name

    Once the object has been saved.

    Thank you

    We have logged a bug for this CSCtw50228 - thanks to Yasmin!

    Our developers have confirmed that while other objects have name validation, virtual computer Port profiles are not, who raises the error you see because NXOS cannot process ".» (periods).  The names of service profiles are another matter that NXOS has no knowledge of these objects.

    The solution is to avoid using periods in the VM profile names.  Use a dashboard.

    Kind regards

    Robert

  • Masking vs. zoning for UCS and NetApp storage LUNS

    I know it's more a matter of Cisco MDS/storage, but nobody knows masking the LUNS and zoning, which one would be the most preferred method? I have two switches Cisco fabric 9148, two controllers SAN Netapp FAS3210 1 UCS chassis with 4 blades B200 M2. I said that I should not connect the Cisco UCS fabric interconnect directly at the back of the NetApp SAN and configure with LUN masking, but I rather configure a fabric zoning on switches Cisco 9148 MDS. Normally, this wouldn't be a problem but we have an offsite location where we have not all DMS switches to, and I would like to connect them directly to the San.

    I was told that this could lead to corruption if misconfigured dsik and point of view of Cisco is to use a zoning by some type of switch Cisco Fabric. Of course, I have of course this Cisco advises anyone to manage this type of configuration through their facilities instead of on the SAN. Does anyone have an opinion on the matter?

    Zoning and masking are two completely different characteristics.

    Zoning occurs on your storage switches and is the equivalent of an ACL (Access Control List).  It limits who may be considering other targets and/or initiators.  (Who I see?)

    Occurs on your storage array and masking limits what initiator LUN has access to.  (What do I see?)

    * UCS is not supported to directly connect a storage array in the interconnection of fabric, at least to have a storage upstream switch (MDS or equivalent) to push the zoning.  The use of zoning prevents a faulty initiator potentially impacting on the operation of the others by limiting what they can see in the fabric.

    If you happen to have a Nexus 5 K by chance, they can also work as your storage switch.  The N5K is able to perform almost all of the same services as MDS fabric and is fully supported.

    Kind regards

    Robert

  • Out of the understanding of: ucsm-B (nxos) # sh int br

    Hi all

    Could you please help me understand the output of the following command:

    ucsm-B (nxos) # sh int br

    I have a few questions about the number of interfaces eth1/1/1 to 1/1/8 eth:

    What governs the convetion of naming used for the ethernet ports from eth1/1/1 to 9/1/eth1?

    If I connect another chassis to YEW, he will start by eth2/1/1?

    I would like to understand how Eth1/x/x or x/x/Eth2 is decided by the UCS to name...

    --------------- truncated -----------------------------------------------------------------------------------------------------

    -------------------------------------------------------------------------------

    Vsan Admin Admin Port SFP Oper Oper status interface

    Mode Trunk Channel Speed Mode

    Mode                                 (Gbps)

    -------------------------------------------------------------------------------

    vfc684 102 F trunking - auto TF-

    vfc688 102 F trunking - auto TF-

    --------------------------------------------------------------------------------

    Ethernet port VLAN Mode State reason speed Type

    Interface                                                                   Ch #

    --------------------------------------------------------------------------------

    Vntag eth eth1/1/1 1 place no 10G (D)-

    Vntag eth 1 eth1/1/2 room no 10G (D)-

    Vntag eth eth1/1/3 1 place no 10G (D)-

    Eth1/1/4 1 eth access down administratively 10G (D).

    Eth1/1/5 1 eth access down administratively 10G (D).

    Eth1/1/6 1 eth access down administratively 10G (D).

    Eth1/1/7 1 eth access down administratively 10G (D).

    Eth1/1/8 1 eth access down administratively 10G (D).

    Trunk eth 4044 eth1/1/9 up to 10G (D) none-

    Hi Vikas,

    These are interfaces of hosts (HIF) / backplane ports on the FEX / IOM linking the impeller.

    ETH.

    "view details of fex" would provide additional information on ports FEX.

    The ninth interface offers a MMIC connectivity to blades,

    HTH

    Padma

  • How to clear faults on UCSM 1.4(3q)

    Hello

    I run a 1.4(3q) platform and I would erase all faults displayed on the UCSM.

    How can I do?

    I would like to remove the flaws because in some cases it very old flaws.

    All faults are Acknoledged but I can't delete it.

    Thank you

    Can you make a screenshot of the fault or the details of the flaws of the CLI and fix here.

    as well as a screenshot of the backup jobs.

    One quick thing, you can try, if its for a job back that is still present in the UCSM: try to delete the job and that should fix the problem. You can then recreate the work once the problem is resolved.

    . / Afonso

  • Improved zoning (MDS-6248)

    Hello

    I read the forums and advice, and I want to configure Enhanced zoning on my canvases.
    Can someone confirm that Cisco 6248 s can work in enhanced mode of zoning?
    Whenever I set it up, it fails to activate on the VSAN - even if the MDS status is activated and distributed.
    So when I trying to box through the device alias, that it throws an error that comes up to say that enhanced zoned devices cannot operate in basic mode.
    Seeing that the SDM is certainly Enahnced mode it takes the 6248 but I find no material command or the reference on how to activate it on the 6248.

    Does anyone have this working?

    I know that the 6248 s do not support zonign without switch upstream so I wonder if that is the question.

    Steve.

    You will not be able to use zoning improved on MDS switches, providing the zoning to the 6248 s. Improved zoning is more useful in a multiswitch fabric or tissue where there are several SAN admins that could be potentially make zoning changes at the same time. When the first admin initiates a change of area, the fabric is locked and no one else can make a change until the admin hired their change.

    In the case of a 6248 you can't configure it which means you can't use it on the MDS, connected to the 6248.

  • FCoE directly connect to VNX5300 with no switch zoning

    I was wondering if anyone has any experience with this unit or a similar facility. I find no decent documentation to help us decide if it is a legitimate set upward for a production of about 16 servers 3 chassis environment. Our expert Cisco has ever put up a UCS environment with a direct connection to the San via FCoE and intuitively is against it, as we do not expect to use a switch to zoning.  Is there a real risk in the present? It will support in the future?

    Hi Henry,.

    If you look at the following document:

    http://www.Cisco.com/en/us/docs/switches/Datacenter/MDS9000/interoperability/matrix/Matrix8.html

    See point number 3, the direct model to support tethering still requires a SDM or N5k upstream to provide this information.

    . / Afonso

Maybe you are looking for