Nexus 1000v - this config makes sense?
Hello
I started to deploy the Nexus 1000v at a 6 host cluster, all running vSphere 4.1 (vCenter and ESXi). The basic configuration, license etc. is already completed and so far no problem.
My doubts are with respect to the actual creation of the uplink system, port-profiles, etc. Basically, I want to make sure I don't make any mistakes in the way that I want to put in place.
My current setup for each host is like this with standard vSwitches:
vSwitch0: 2 natachasery/active, with management and vMotion vmkernel ports.
vSwitch1: natachasery 2/active, dedicated to a storage vmkernel port
vSwitch2: 2 natachasery/active for the traffic of the virtual machine.
I thought that translate to the Nexus 1000v as this:
System-uplink1 with 2 natachasery where I'm putting the ports of vmk management and vMotion
System-uplink2 with 2 natachasery for storage vmk
System-uplink3 with 2 natachasery for the traffic of the virtual machine.
These three system uplinks are global, right? Or I put up three rising system unique for each host? I thought that by making global rising 3 would make things a lot easier because if I change something in an uplink, it will be pushed to 6 guests.
Also, I read somewhere that if I use 2 natachasery by uplink system, then I need to set up a channel of port on our physical switches?
At the moment the VSM has 3 different VLAN for the management, control and packet, I want to migrate the groups of 3 ports on the standard switch to the n1kv itself.
Also, when I migrated to N1Kv SVS management port, host complained that there no redundancy management, even if the uplink1 where mgmt-port profile is attached, has 2 natachasery added to it.
While the guys do you think? In addition, any other best practices are much appreciated.
Thanks in advance,
Yes, uplink port-profiles are global.
What you propose works with a warning. You cannot superimpose a vlan between these uplinks. So if your uplink management will use vlan 100 and your uplink of VM data must also use vlan 100 which will cause problems.
Louis
Tags: VMware
Similar Questions
-
Remove the ' system VLAN "Nexus 1000V port-profile
We have a Dell M1000e blade chassis with a number of Server Blade M605 ESXi 5.0 using the Nexus 1000V for networking. We use 10 G Ethernet fabric B and C, for a total of 4 10 cards per server. We do not use the NIC 1 G on A fabric. We currently use a NIC of B and C fabrics for the traffic of the virtual machine and the other card NETWORK in each fabric for traffic management/vMotion/iSCSI VM. We currently use iSCSI EqualLogic PS6010 arrays and have two configuration of port-groups with iSCSI connections (a physical NIC vmnic3 and a vmnic5 of NIC physical).
We have added a unified EMC VNX 5300 table at our facility and we have configured three VLANs extra on our network - two for iSCSI and other for NFS configuration. We've added added vEthernet port-profiles for the VLAN of new three, but when we added the new vmk # ports on some of the ESXi servers, they couldn't ping anything. We got a deal of TAC with Cisco and it was determined that only a single port group with iSCSI connections can be bound to a physical uplink both.
We decided that we would temporarily add the VLAN again to the list of VLANS allowed on the ports of trunk of physical switch currently only used for the traffic of the VM. We need to delete the new VLAN port ethernet-profile current but facing a problem.
The Nexus 1000V current profile port that must be changed is:
The DenverMgmtSanUplinks type ethernet port profile
VMware-port group
switchport mode trunk
switchport trunk allowed vlan 2308-2306, 2311-2315
passive auto channel-group mode
no downtime
System vlan 2308-2306, 2311-2315
MGMT RISING SAN description
enabled state
We must remove the list ' system vlan "vlan 2313-2315 in order to remove them from the list" trunk switchport allowed vlan.
However, when we try to do, we get an error about the port-profile is currently in use:
vsm21a # conf t
Enter configuration commands, one per line. End with CNTL/Z.
vsm21a (config) #-port ethernet type DenverMgmtSanUplinks profile
vsm21a(config-port-Prof) # system vlan 2308-2306, 2311-2312
ERROR: Cannot delete system VLAN, port-profile in use by Po2 interface
We have 6 ESXi servers connected to this Nexus 1000V. Originally they were MEC 3-8 but apparently when we made an update of the firmware, they had re - VEM 9-14 and the old 6 VEM and associates of the Channel ports, are orphans.
By example, if we look at the port-channel 2 more in detail, we see orphans 3 VEM-related sound and it has no ports associated with it:
Sho vsm21a(config-port-Prof) # run int port-channel 2
! Command: show running-config interface port-canal2
! Time: Thu Apr 26 18:59:06 2013
version 4.2 (1) SV2 (1.1)
interface port-canal2
inherit port-profile DenverMgmtSanUplinks
MEC 3
vsm21a(config-port-Prof) # sho int port-channel 2
port-canal2 is stopped (no operational member)
Material: Port Channel, address: 0000.0000.0000 (bia 0000.0000.0000)
MTU 1500 bytes, BW 100000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA
Port mode is trunk
Auto-duplex, 10 Gb/s
Lighthouse is off
Input stream control is turned off, output flow control is disabled
Switchport monitor is off
Members in this channel: Eth3/4, Eth3/6
Final cleaning of "show interface" counters never
102 interface resets
We can probably remove the port-channel 2, but assumed that the error message on the port-profile in use is cascading on the other channel ports. We can delete the other port-channel 4,6,8,10 orphans and 12 as they are associated with the orphan VEM, but we expect wil then also get errors on the channels of port 13,15,17,19,21 and 23 who are associated with the MEC assets.
We are looking to see if there is an easy way to fix this on the MSM, or if we need to break one of the rising physical on each server, connect to a vSS or vDS and migrate all off us so the Nexus 1000V vmkernel ports can clean number VLAN.
You will not be able to remove the VLAN from the system until nothing by using this port-profile. We are very protective of any vlan that is designated on the system command line vlan.
You must clean the canals of old port and the old MEC. You can safely do 'no port-channel int' and "no vem" on devices which are no longer used.
What you can do is to create a new port to link rising profile with the settings you want. Then invert the interfaces in the new port-profile. It is generally easier to create a new one then to attempt to clean and the old port-profile with control panel vlan.
I would like to make the following steps.
Create a new port-profile with the settings you want to
Put the host in if possible maintenance mode
Pick a network of former N1Kv eth port-profile card
Add the network adapter in the new N1Kv eth port-profile
Pull on the second NIC on the old port-profile of eth
Add the second network card in the new port-profile
You will get some duplicated packages, error messages, but it should work.
The other option is to remove the N1Kv host and add it by using the new profile port eth.
Another option is to leave it. Unless it's really bother you no VMs will be able to use these ports-profile unless you create a port veth profile on this VLAN.
Louis
-
Nexus 1000v - a pair of VSMs by cluster?
Hello
I'll start migrating some of our groups to Nexus 1000v pretty soon. The environment consists of two data centers at least 2 groups in each SC. In total, we have 5 clusters in different places.
I plan on the deployment of the N1Kv in pairs for HA. Do I need a pair of N1Kv by cluster, or can I use the same for the different clusters?
Thank you
If this post was useful/solved your problem, please mark the points of wire and price as seem you. Thank you!
I would deffinitely go with multiple VSM in a scenario HA. You mention different places and several clusters by DC. Here's what I'd do.
First a Nexus 1000v VSM gets tied to a domain controller from VMware. You can have a Nexus 1000V manage multiple clusters as long as they are under the same VMware domain controller. You can add up to 64 ESX host to a single Nexus 1000V VSM.
So I do a VSM HA pair by DC and did manage multiple clusters. If your clusters have a large number of ESX host it might make sense to use two independent installations of 1000V Nexus by DC. When I say large I mean 32 hosts per cluster.
When you say that the clusters are in several places. I take that to mean different physical data centers. In this case I highly recommend that you install a Nexus 1000V at each location.
Louis
-
I'm working on the Cisco Nexus 1000v deployment to our ESX cluster. I have read the Cisco "Start Guide" and the "installation guide" but the guides are good to generalize your environment and obviously does not meet my questions based on our architecture.
This comment in the "Getting Started Guide" Cisco makes it sound like you can't uplink of several switches on an individual ESX host:
«The server administrator must assign not more than one uplink on the same VLAN without port channels.» Affect more than one uplink on the same host is not supported by the following:
A profile without the port channels.
Port profiles that share one or more VLANS.
After this comment, is possible to PortChannel 2 natachasery on one side of the link (ESX host side) and each have to go to a separate upstream switch? I am creating a redundancy to the ESX host using 2 switches but this comment sounds like I need the side portchannel ESX to associate the VLAN for both interfaces. How do you manage each link and then on the side of the switch upstream? I don't think that you can add to a portchannel on this side of the uplink as the port channel protocol will not properly negotiate and show one side down on the side ESX/VEM.
I'm more complicate it? Thank you.
Do not portchannel, but it is possible the channel port to different switches using the pinning VPC - MAC mode. On upstream switches, make sure that the ports are configured the same. Same speed, switch config, VLAN, etc (but no control channel)
On the VSM to create a unique profile eth type port with the following channel-group command
port-profile type ethernet Uplink-VPC
VMware-port group
switchport mode trunk
Automatic channel-group on mac - pinning
no downtime
System vlan 2.10
enabled state
What that will do is create a channel port on the N1KV only. Your ESX host will get redundancy but your balancing algorithm will be simple Robin out of the VM. If you want to pin a specific traffic for a particular connection, you can add the "pin id" command to your port-type veth profiles.
To see the PIN, you can run
module vem x run vemcmd see the port
n1000v-module # 5 MV vem run vemcmd see the port
LTL VSM link PC - LTL SGID Vem State Port Admin Port
18 Eth5/2 UP UP FWD 1 305 vmnic1
19 Eth5/3 UP UP FWD 305 2 vmnic2
49 Veth1 UP UP 0 1 vm1 - 3.eth0 FWD
50 Veth3 UP UP 0 2 linux - 4.eth0 FWD
Po5 305 to TOP up FWD 0
The key is the column SGID. vmnic1 is SGID 1 and vmnic2 2 SGID. Vm1-3 VM is pinned to SGID1 and linux-4 is pinned to SGID2.
You can kill a connection and traffic should swap.
Louis
-
How change 1010 Nexus and Nexus 1000v IP address
Hi Experts,
We run two VSM and a NAM in the Nexus 1010. The version of Nexus 1010 is 4.2.1.SP1.4. And the Nexus 1000v version is 4.0.4.SV1.3c. Now we need to change the IP address of management in the other. Where can I find the model SOP or config? And nothing I need to remember?
If it is only the mgmt0 you IP address change, you can simply enter the new address under the mgmt0 interface. It automatically syncs with the VC.
I guess you are trying to change the IP address of the VC and the management VLAN. One way to do this is:
-From the Nexus 1000v, disconnect the connection to the VC (connection svs-> without logging)
-Change the IP address of the VC and connect (connection-> remote ip address svs)
-Change the address for mgmt0 Nexus 1000v
-Change the mgmt VLAN on the 1010
-Change the address of the 1010 mgmt
-Reconnect the Nexus 1000v to VC (connection-> connect svs)
Therefore, to change the configuration of VLANS on the switch upstream, more connection to the VC as well.
Thank you
Shankar
-
Replacement of failing on Nexus 1000v VEM
I was curious how others accomplish the replacement of a failed ESXi host who is an on the Nexus 1000v VEM. I did this procedure once and it seemed endless. The goal is to make the swap of the transparent to the Nexus 1000v (VEM even #, just different VMware UUID)
-Transition to the standard vSwitches home
-Remove the switch distributed via vCenter host (host of right click and delete)
-Swap physically on the chassis
-Find the UUID for new host (got esxcfg-info)
-Install new MEC in the 1000v with this UUID
-Host of replacement over 1000v that assumes the number of Vincent who was installed just to migrate
Ben,
Note - 1000v in relationship issues are better posted in the «Server network» forum This forum is specific to the UCS.
https://supportforums.Cisco.com/community/NetPro/data-center/server-network?view=discussions
The procedure that you use is the right. Another method is to remove the host of 1000v with elegance, then issue a 'no vem X"that removes the MEC does record from the MSM. Exchange your hosts, then add back to the 1000v. Is there a reason that you need the same UUID?
Kind regards
Robert
-
VXLAN on UCS: IGMP with Catalyst 3750, 5548 Nexus, Nexus 1000V
Hello team,
My lab consists of Catalyst 3750 with SVI acting as the router, 5548 Nexus in the vpc Setup, UCS in end-host Mode and Nexus 1000V with segmentation feature enabled (VXLAN).
I have two different VLAN for VXLAN (140, 141) to demonstrate connectivity across the L3.
VMKernel on VLAN 140 guests join the multicast fine group.
Hosts with VMKernel on 141 VLAN do not join the multicast group. Then, VMs on these hosts cannot virtual computers ping hosts on the local network VIRTUAL 140, and they can't even ping each other.
I turned on debug ip igmp on the L3 Switch, and the result indicates a timeout when he is waiting for a report from 141 VLAN:
15 Oct 08:57:34.201: IGMP (0): send requests General v2 on Vlan140
15 Oct 08:57:34.201: IGMP (0): set the report interval to 3.6 seconds for 224.0.1.40 on Vlan140
15 Oct 08:57:36.886: IGMP (0): receipt v2 report on 172.16.66.2 to 239.1.1.1 Vlan140
15 Oct 08:57:36.886: IGMP (0): group record received for group 239.1.1.1, mode 2 from 172.16.66.2 to 0 sources
15 Oct 08:57:36.886: IGMP (0): update EXCLUDE group 239.1.1.1 timer
15 Oct 08:57:36.886: IGMP (0): add/update Vlan140 MRT for (*, 239.1.1.1) 0
15 Oct 08:57:38.270: IGMP (0): send report v2 for 224.0.1.40 on Vlan140
15 Oct 08:57:38.270: IGMP (0): receipt v2 report on Vlan140 of 172.16.66.1 for 224.0.1.40
15 Oct 08:57:38.270: IGMP (0): group record received for group 224.0.1.40, mode 2 from 172.16.66.1 to 0 sources
15 Oct 08:57:38.270: IGMP (0): update EXCLUDE timer group for 224.0.1.40
15 Oct 08:57:38.270: IGMP (0): add/update Vlan140 MRT for (*, 224.0.1.40) by 0
15 Oct 08:57:51.464: IGMP (0): send requests General v2 on Vlan141<----- it="" just="" hangs="" here="" until="" timeout="" and="" goes="" back="" to="">
15 Oct 08:58:35.107: IGMP (0): send requests General v2 on Vlan140
15 Oct 08:58:35.107: IGMP (0): set the report interval to 0.3 seconds for 224.0.1.40 on Vlan140
15 Oct 08:58:35.686: IGMP (0): receipt v2 report on 172.16.66.2 to 239.1.1.1 Vlan140
15 Oct 08:58:35.686: IGMP (0): group record received for group 239.1.1.1, mode 2 from 172.16.66.2 to 0 sources
15 Oct 08:58:35.686: IGMP (0): update EXCLUDE group 239.1.1.1 timer
15 Oct 08:58:35.686: IGMP (0): add/update Vlan140 MRT for (*, 239.1.1.1) 0
If I do a show ip igmp interface, I get the report that there is no joins for vlan 141:
Vlan140 is up, line protocol is up
The Internet address is 172.16.66.1/26
IGMP is enabled on the interface
Current version of IGMP host is 2
Current version of IGMP router is 2
The IGMP query interval is 60 seconds
Configured IGMP queries interval is 60 seconds
IGMP querier timeout is 120 seconds
Configured IGMP querier timeout is 120 seconds
Query response time is 10 seconds max IGMP
Number of queries last member is 2
Last member query response interval is 1000 ms
Access group incoming IGMP is not defined
IGMP activity: 2 joints, 0 leaves
Multicast routing is enabled on the interface
Threshold multicast TTL is 0
Multicast designated router (DR) is 172.16.66.1 (this system)
IGMP querying router is 172.16.66.1 (this system)
Multicast groups joined by this system (number of users):
224.0.1.40 (1)
Vlan141 is up, line protocol is up
The Internet address is 172.16.66.65/26
IGMP is enabled on the interface
Current version of IGMP host is 2
Current version of IGMP router is 2
The IGMP query interval is 60 seconds
Configured IGMP queries interval is 60 seconds
IGMP querier timeout is 120 seconds
Configured IGMP querier timeout is 120 seconds
Query response time is 10 seconds max IGMP
Number of queries last member is 2
Last member query response interval is 1000 ms
Access group incoming IGMP is not defined
IGMP activity: 0 joins, 0 leaves
Multicast routing is enabled on the interface
Threshold multicast TTL is 0
Multicast designated router (DR) is 172.16.66.65 (this system)
IGMP querying router is 172.16.66.65 (this system)
No group multicast joined by this system
Is there a way to check why the hosts on 141 VLAN are joined not successfully? port-profile on the 1000V configuration of vlan 140 and vlan 141 rising and vmkernel are identical, except for the different numbers vlan.
Thank you
Trevor
Hi Trevor,
Once the quick thing to check would be the config igmp for both VLAN.
where did you configure the interrogator for the vlan 140 and 141?
are there changes in transport VXLAN crossing routers? If so you would need routing multicast enabled.
Thank you!
. / Afonso
-
[Nexus 1000v] Vincent can be add in VSM
Hi all
due to my lab, I have some problems with Nexus 1000V when VEM cannot add in VSM.
+ VSM has already installed on ESX 1 (stand-alone or ha) and you can see:
See the Cisco_N1KV module.
Status of Module Type mod Ports model
--- ----- -------------------------------- ------------------ ------------
1 active 0 virtual supervisor Module Nexus1000V *.
HW Sw mod
--- ---------------- ------------------------------------------------
1 4.2 (1) SV1(4a) 0.0
MOD-MAC-Address (es) series-Num
--- -------------------------------------- ----------
1 00-19-07-6c-5a-a8 na 00-19-07-6c-62-a8
Server IP mod-Server-UUID servername
--- --------------- ------------------------------------ -------------------
1 10.4.110.123 NA NA
+ on ESX2 installed VEM
[[email protected] / * / ~] status vem #.
VEM modules are loaded
Switch name Num used Ports configured Ports MTU rising ports
128 3 128 1500 vmnic0 vSwitch0
VEM Agent (vemdpa) is running
[[email protected] / * / ~] #.
all advice to do this.
Thank you very much
Doan,
Need more information.
The reception was added via vCenter to DVS 1000v successfully?
If so, there is probably a problem with your control communication VLAN between the MSM and VEM. Start here and ensure that the VIRTUAL local area network has been created on all intermediate switches and it is allowed on each end-to-end trunk.
If you're still stuck, paste your config running of your VSM.
Kind regards
Robert
-
Hello
I have an ESXi 5 but only NIC I am migrating the VSS for Nexus 1000v. I installed Nexus VEM correctly and do primary and secondary, VSMs configured uplink port groups all according to the guides from Cisco. When I try to add a host under the link, I have first to migrate the vnic0 for the Group of appropriate uplink ports and it then asks me to migrate the management port (I think it is vmk0) so if I create a group of ports on Nexus to migrate a management port or do not migrate at all I always lose connectivity to ESXi.
Can someone please share the configs of the Nexus 1000v and how to migrate properly vnic0 and vmk0 (with a single physical NETWORK adapter) so that I do not lose connectivity?
Thanks in advacne.
Remi
control is vlan 152 and package is 153.
You can make same vlan. We have supported using the same vlan for the control and the package for several years now.
Louis
-
In the last two weeks, whenever I run Firefox, a grandeur nature pop-under ad is also launched, regardless of which site I am browsing.
The original ad was for a survey on You Tube and contains a link to coupondropdown.com, where there is a menu option for uninstalling. The uninstall instructions don't make sense, they do not mention what ad - control ads, and I can't work out what is responsible for the ads of my very basic range of ad - ons.
The reason why I write, it is that ads increased by annoying but harmless, dangerous. The announcement today was conceived as a pop-up warning text says, ' detection: immediate Action required.» Fatal error in registry... click on 'Repair All' to eliminate all possible threats and clean your PC". I have screenshots of all the foregoing.
I'm worried that another user, my son or mother, might take this warning seriously and install malware by accident. What can I do to prevent these ads? I expect this type of advertising malware on dubious websites, I get them when I try to access Hotmail, news, etc., so it is not the site that is originally.
Sometimes a problem with Firefox can be a result of malware installed on your computer, you may not be aware of.
You can try these free programs to search for malicious software that work with your existing anti-virus software:
- Microsoft safety scanner
- MalwareBytes' Anti-Malware
- TDSSKiller - AntiRootkit utility
- Hitman Pro
- ESET Online Scanner
Microsoft Security Essentials is a good permanent antivirus for Windows 7/Vista/XP, if you do not already have one.
More information can be found in the article troubleshooting Firefox problems caused by malware .
See also
-
How is it I can no longer edit/rename bookmarks to something that makes sense to me?
How is it I can no longer edit/rename bookmarks to something that makes sense to me? Before I updated to this version, that I could mention, for example, www.blahbankingblah, 'my automatic monthly payments.
You can rename a bookmark in bookmarks (library) Manager in the details pane lower right, after selecting a bookmark.
You can also do it in the bookmarks bar (view > sidebar) through the context menu > properties.
"Bookmarks > organize bookmarks ' has been renamed to"show all bookmarks"in Firefox 4 and later versions.
-
Does make sense to upgrade to improve CPU E4500?
Just more curious than what anyone whether or not it makes sense to upgrade the E4500 processor to something better in my HP Compaq DC7800 minitour.
I just noticed there are a lot of new processors socket 775 as my E4500 processor, which is 2.2 Ghz, 2 MB cache L2, FSB FSB 8oo.
I mostly use this computer for some average games (mostly 'source' based Steam games, which are not as intense graphics, as much recent games) as well as some general image processing. Also want to do as well light video editing.
I wonder if anything under $100 would make a significant difference, or whether to just save for a newer computer.
Thanks in advnace.
Hello:
I have a dc7800 with processor E8300 (stock entry) and I like the additional performance due to the larger cache.
I don't know how the FSB of 1333 MHz plays in the equasion, because the memory at 800 MHz is a bottleneck.
And HP installed memory PC2-5300 in most dc7800 who makes it worse to 667 MHz unless you put all chips from 800 MHz to your PC, as I did.
If you want to upgrade, I'd go to E8600 and which should be a nice improvement.
I also maxed out the memory to 2 x 2 GB PC2 - 6400, running W7 Pro 64 bit.
You can buy a used, but tested and functional E8600 for $48.00 on eBay.
I'm sure that you will need to install the latest firmware update for not having any processor microcode error.
I would also add that if you do not have a dedicated graphics card then, it will do much more for you than upgrading the processor, what about the graphics performance is concerned.
I put a Radeon HD 6570 in my dc7800 CMT and it works just great.
You can do an update of the video card for $75 or less.
Just about everything with a 400W or card should less work.
It's the one I got. I love the fanless models because it does not add noise and Fanless do fall on you.
http://www.Newegg.com/product/product.aspx?item=N82E16814161390
-
Cisco Nexus 1000V Virtual Switch Module investment series in the Cisco Unified Computing System
Hi all
I read an article by Cisco entitled "Best practices in Deploying Cisco Nexus 1000V Switches Cisco UCS B and C Series series Cisco UCS Manager servers" http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/white_paper_c11-558242.htmlA lot of excellent information, but the section that intrigues me, has to do with the implementation of module of the VSM in the UCS. The article lists 4 options in order of preference, but does not provide details or the reasons underlying the recommendations. The options are the following:
============================================================================================================================================================
Option 1: VSM external to the Cisco Unified Computing System on the Cisco Nexus 1010In this scenario, the virtual environment management operations is accomplished in a method identical to existing environments not virtualized. With multiple instances on the Nexus 1010 VSM, multiple vCenter data centers can be supported.
============================================================================================================================================================Option 2: VSM outside the Cisco Unified Computing System on the Cisco Nexus 1000V series MEC
This model allows to centralize the management of virtual infrastructure, and proved to be very stable...
============================================================================================================================================================Option 3: VSM Outside the Cisco Unified Computing System on the VMware vSwitch
This model allows to isolate managed devices, and it migrates to the model of the device of the unit of Services virtual Cisco Nexus 1010. A possible concern here is the management and the operational model of the network between the MSM and VEM devices links.
============================================================================================================================================================Option 4: VSM Inside the Cisco Unified Computing System on the VMware vSwitch
This model was also stable in test deployments. A possible concern here is the management and the operational model of the network links between the MSM and VEM devices and switching infrastructure have doubles in your Cisco Unified Computing System.
============================================================================================================================================================As a beginner for both 100V Nexus and UCS, I hope someone can help me understand the configuration of these options and equally important to provide a more detailed explanation of each of the options and the resoning behind preferences (pro advantages and disadvantages).
Thank you
PradeepNo, they are different products. vASA will be a virtual version of our ASA device.
ASA is a complete recommended firewall.
-
Nexus 1000v, UCS, and Microsoft NETWORK load balancing
Hi all
I have a client that implements a new Exchange 2010 environment. They have an obligation to configure load balancing for Client Access servers. The environment consists of VMware vShpere running on top of Cisco UCS blades with the Nexus 1000v dvSwitch.
Everything I've read so far indicates that I must do the following:
1 configure MS in Multicast mode load balancing (by selecting the IGMP protocol option).
2. create a static ARP entry for the address of virtual cluster on the router for the subnet of the server.
3. (maybe) configure a static MAC table entry on the router for the subnet of the server.
3. (maybe) to disable the IGMP snooping on the VLAN appropriate in the Nexus 1000v.
My questions are:
1. any person running successfully a similar configuration?
2 are there missing steps in the list above, or I shouldn't do?
3. If I am disabling the snooping IGMP on the Nexus 1000v should I also disable it on the fabric of UCS interconnections and router?
Thanks a lot for your time,.
Aaron
Aaron,
The steps above you are correct, you need steps 1-4 to operate correctly. Normally people will create a VLAN separate to their interfaces NLB/subnet, to prevent floods mcast uncessisary frameworks within the network.
To answer your questions
(1) I saw multiple clients run this configuration
(2) the steps you are correct
(3) you can't toggle the on UCS IGMP snooping. It is enabled by default and not a configurable option. There is no need to change anything within the UCS regarding MS NLB with the above procedure. FYI - the ability to disable/enable the snooping IGMP on UCS is scheduled for a next version 2.1.
This is the correct method untill the time we have the option of configuring static multicast mac entries on
the Nexus 1000v. If this is a feature you'd like, please open a TAC case and request for bug CSCtb93725 to be linked to your SR.This will give more "push" to our develpment team to prioritize this request.
Hopefully some other customers can share their experience.
Regards,
Robert
-
VM - FEX and Nexus 1000v relationship
Hello
I'm new in the world of virtulaization and I need to know what the relationship between Cisco Nexus 1000v and Cisco VM - FEX? and when to use VM - FEX and when to use Nexus 1000v.
Concerning
Ahmed,
Nexus 1000v is a Distributed Switch that allows you to manage your VEM, see this relationship as a supervisor-LineCard relationship.
VM - FEX gives you the opportunity to bypass the vSwitch embarked on each host ESXi (VEM) for example.
With VM - FEX, you see the virtual machines as if they were directly connected to the Parent switch (N7K / 5K for example), making it the parent spend management (cause there is more no vSwitch in the middle).
This is a good topic that can be discussed and is difficult to summarize in a few lines, you read something in particular? any questions or doubts we can help clarify?
-Kenny
Maybe you are looking for
-
Just about 3 months ago I broke my iPhone 6, while I was getting the money together, I discovered that I had to find my I phone off. When I went to do it I realized that I had my very old apple account I remember that nothing is nail until the cload,
-
I have 2 older Macbooks and love them both 17 inches. I have been informed by Apple, do not update beyond Mt. Lion. Now that we are 2 updates beyond mount Lion I wonder what this will mean for my old machines. They will stop working? How far behin
-
error message regsvr32... C:\Windows\System32\wuang.dll'failed
I've been blocked?
-
Uninstall the Pavilion d4650e Xp
On HP Pavilion d4640e of operating system XP Pro Sp3. need to uninstall reinstall but no disc, no internet access and no HP tools or PC help & tools. To make it worse, I can not F10 to work. I just get a screen back (no command sends me options to co
-
Reference Dell 8700 Sound only via HDMI, no catches
Brand new Dell 8700, I can get sound via the HDMI connection but nothing since the headset plugs or the Green and black plugs on the back of the computer. Control Panel - sounds I can only see NVIDIA HDMI no options, Realtek no option at all. I tried