larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

NX-OS and Cisco Nexus Switching: Next-Generation Data Center Architectures

Book

  • Sorry, this book is no longer in print.
Not for Sale
  • Description
  • Sample Content
  • Updates
  • Copyright 2010
  • Edition: 1st
  • Book
  • ISBN-10: 1-58705-892-8
  • ISBN-13: 978-1-58705-892-9

NX-OS and Cisco Nexus Switching

Next-Generation Data Center Architectures

The complete guide to planning, configuring, managing, and troubleshooting NX-OS in enterprise environments

Kevin Corbin, CCIE® No. 11577

Ron Fuller, CCIE No. 5851

David Jansen, CCIE No. 5952

Cisco® Nexus switches and the new NX-OS operating system are rapidly becoming the new de facto standards for data center distribution/aggregation layer networking. NX-OS builds on Cisco IOS to provide advanced features that will be increasingly crucial to efficient data center operations. NX-OS and Cisco Nexus Switching is the definitive guide to utilizing these powerful new capabilities in enterprise environments.

In this book, three Cisco consultants cover every facet of deploying, configuring, operating, and troubleshooting NX-OS in the data center. They review the key NX-OS enhancements for high availability, virtualization, In-Service Software Upgrades (ISSU), and security. In this book, you will discover support and configuration best practices for working with Layer 2 and Layer 3 protocols and networks, implementing multicasting, maximizing serviceability, providing consistent network and storage services, and much more.

The authors present multiple command-line interface (CLI) commands, screen captures, realistic configurations, and troubleshooting tips—all based on their extensive experience working with customers who have successfully deployed Nexus switches in their data centers.

Kevin Corbin, CCIE® No. 11577, is a Technical Solutions Architect for Cisco, specializing in data center technologies. Kevin works with enterprise customers to help them develop their next-generation data center architectures. Kevin has more than 14 years of server and networking experiencing including routing, switching, security, and content networking.

Ron Fuller, CCIE No. 5851 (Routing and Switching/Storage Networking), is a Technical Solution Architect for Cisco with 19 years of experience in the industry. His focus is working with enterprise customers to address their challenges with comprehensive end-to-end data center architectures.

David Jansen, CCIE No. 5952, is a Technical Solutions Architect for Cisco’s U.S. Enterprise Segment, where he works with enterprise customers to address end-to-end data center architectures. David has more than 20 years experience in the information technology industry.

  • Learn how Cisco NX-OS builds on and differs from IOS
  • Work with NX-OS user modes, management interfaces, and system files
  • Configure Layer 2 networking: VLANs/private VLANs, STP, virtual port channels, and unidirectional link detection
  • Configure Layer 3 EIGRP, OSPF, BGP, and First Hop Redundancy Protocols (FHRPs)
  • Set up IP multicasting with PIM, IGMP, and MSDP
  • Secure NX-OS with SSH, Cisco TrustSec, ACLs, port security, DHCP snooping, Dynamic ARP inspection, IP Source Guard, keychains, Traffic Storm Control, and more
  • Build high availability networks using process modularity and restart, stateful switchover, nonstop forwarding, and in-service software upgrades
  • Utilize NX-OS embedded serviceability, including Switched Port Analyzer (SPAN), Smart Call Home, Configuration Checkpoint/Rollback, and NetFlow
  • Use the NX-OS Unified Fabric to simplify infrastructure and provide ubiquitous network and storage services
  • Run NX-OS on Nexus 1000V server-based software switches

This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

Online Sample Chapter

Introduction to Cisco NX-OS

Sample Pages

Download the sample pages (includes Chapter 1 and Index)

Table of Contents

Foreword xiv

Introduction xv

Chapter 1 Introduction to Cisco NX-OS 1

NX-OS Overview 1

    NX-OS Supported Platforms 3

    Cisco NX-OS and Cisco IOS Comparison 3

NX-OS User Modes 5

    EXEC Command Mode 6

    Global Configuration Command Mode 6

    Interface Configuration Command Mode 7

Management Interfaces 8

    Controller Processor (Supervisor Module) 8

    Connectivity Management Processor (CMP) 9

    Telnet 11

    SSH 12

    XML 14

    SNMP 14

    DCNM 19

Managing System Files 20

    File Systems 21

    Configuration Files: Configuration Rollback 25

    Operating System Files 27

Virtual Device Contexts (VDCs) 28

    VDC Configuration 29

Troubleshooting 33

    show Commands 33

    debug Commands 34

Topology 34

Further Reading 35

Chapter 2 Layer 2 Support and Configurations 37

Layer 2 Overview 37

    Store-and-Forward Switching 38

    Cut-Through Switching 38

    Fabric Extension via the Nexus 2000 38

    Configuring Nexus 2000 Using Static Pinning 39

    Nexus 2000 Static Pinning Verification 41

    Configuring Nexus 2000 Using Port-Channels 45

    Nexus 2000 Static Pinning Verification 46

    L2 Forwarding Verification 48

    Layer 2 Forwarding on a Nexus 7000 48

VLANs 50

    Configuring VLANs 50

    VLAN Trunking Protocol 51

    Assigning VLAN Membership 52

    Verifying VLAN Configuration 53

Private VLANs 54

    Configuring PVLANs 55

    Verifying PVLAN Configuration 58

Spanning Tree Protocol 59

    Rapid-PVST+ Configuration 60

    MST Configuration 65

    Additional Spanning-Tree Configuration 69

    Spanning-Tree Toolkit 72

    Spanning-Tree Port Types 77

    Configuring Layer 2 Interfaces 78

    Virtualization Hosts 78

Virtual Port Channels 87

    VPC Peer-Gateway 94

Unidirectional Link Detection 94

Summary 96

Chapter 3 Layer 3 Support and Configurations 97

EIGRP 97

    EIGRP Operation 98

    Configuring EIGRP 99

    EIGRP Summarization 103

    EIGRP Stub Routing 106

    Securing EIGRP 107

    EIGRP Redistribution 109

OSPF 114

    OSPFv2 Configuration 114

    OSPF Summarization 120

    OSPF Stub Routing 123

    Securing OSPF 127

    OSPF Redistribution 129

BGP 137

    BGP Configuration 137

    BGP Neighbors 141

    Securing BGP 144

    BGP Peer Templates 146

    Advertising BGP Networks 148

    Modifying BGP Routing Metrics 150

    Verifying BGP-Specific Configuration 151

First Hop Redundancy Protocols (FHRP) 152

    HSRP 152

    VRRP 158

    GLBP 163

Summary 170

Chapter 4 IP Multicast Configuration 171

Multicast Operation 171

    Multicast Distribution Trees 172

    Reverse Path Forwarding 174

    Protocol Independent Multicast (PIM) 174

    RPs 176

PIM Configuration on Nexus 7000 177

    Configuring Static RPs 180

    Configuring BSRs 182

    Configuring Auto-RP 184

    Configuring Anycast-RP 186

    Configuring SSM and Static RPF 188

IGMP Operation 189

IGMP Configuration on Nexus 7000 190

IGMP Configuration on Nexus 5000 194

IGMP Configuration on Nexus 1000V 195

MSDP Configuration on Nexus 7000 197

Summary 199

Chapter 5 Security 201

Configuring RADIUS 202

    RADIUS Configuration Distribution 205

Configuring TACACS+ 211

    Enabling TACACS+ 212

Configuring SSH 221

Configuring Cisco TrustSec 224

    Layer 2 Solutions Between Data Centers 231

Configuring IP ACLs 232

Configuring MAC ACLs 234

Configuring VLAN ACLs 236

Configuring Port Security 237

    Security Violations and Actions 240

Configuring DHCP Snooping 242

Configuring Dynamic ARP Inspection 246

    Dynamic ARP Inspection Trust State 247

Configuring IP Source Guard 250

Configuring Keychain Management 252

Configuring Traffic Storm Control 253

Configuring Unicast RPF 255

Configuring Control Plane Policing 257

Configuring Rate Limits 266

SNMPv3 271

Summary 278

Chapter 6 High Availability 279

Physical Redundancy 279

    Redundant Power Supplies 280

    Redundant Cooling System 282

    Redundant Supervisors 285

    Redundant Ethernet Out-of-Band (EOBC) 286

    Redundant Fabric Modules 286

Generic Online Diagnostics 287

    Bootup Diagnostics 288

    Runtime Diagnostics 289

    On-Demand Diagnostics 294

NX-OS High-Availability Architecture 295

Process Modularity 295

Process Restart 297

Stateful Switchover 297

Nonstop Forwarding 299

In-Service Software Upgrades 299

Summary 309

Chapter 7 Embedded Serviceability Features 311

SPAN 311

    SPAN on Nexus 7000 312

    Configuring SPAN on Nexus 7000 313

    SPAN on Nexus 5000 318

    Configuring SPAN on Nexus 5000 319

    SPAN on Nexus 1000V 323

    Configuring SPAN on Nexus 1000V 324

ERSPAN on Nexus 1000V 326

Embedded Analyzer 331

Smart Call Home 342

    Smart Call Home Configuration 347

Configuration Checkpoint and Rollback 350

    Checkpoint Creation and Rollback 351

NetFlow 353

    Configuring NetFlow on Nexus 7000 354

    Configuring NetFlow on Nexus 1000V 357

Summary 360

Chapter 8 Unified Fabric 361

Unified Fabric Overview 361

Enabling Technologies 362

    10-Gigabit Ethernet 362

    Fibre Channel over Ethernet 364

Nexus 5000 Unified Fabric Configuration 364

N-Port Virtualization (NPV) 367

    N-Port Identification Virtualization 368

FCoE Configuration 369

Summary 373

Chapter 9 Nexus 1000V 375

Hypervisor and vSphere Introduction 375

Nexus 1000V System Overview 376

Nexus 1000V Switching Overview 379

    Nexus 1000V Manual Installation 382

Nexus 1000V VSM Installation 382

    Nexus 1000V GUI Installation 399

    Creating the Uplink Profile 405

    Adding the VEM to a ESX vSphere 4 Host 406

    Enabling the Telnet Server Process 414

    Changing the VSM Hostname 414

    Layer 3 Control 414

    VSM High Availability: Adding a Secondary VSM 421

Nexus 1000V Port Profiles 429

Summary 439

Index 440

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.

Overview

Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security

Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children

This site is not directed to children under the age of 13.

Marketing

Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out

Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links

This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020