# Cisco Nexus

Some Commands

- Hardware

NX-7K-1# show inventory ! display chassis components
NX-7K-1# show redundancy status ! determine active supervisor
NX-7K-1# show module ! display individual modules
NX-7K-1# show environment ! display clock, fan, temperature, power
NX-7K-1(config)# power redundancy-mode ?

- System utilization

NX-7K-1# show system resources

- Piping

NX-7K-1# show run | ? ! last, tail, egrep, no-more, ...

- Running config

NX-7K-1# show running-config ?
NX-7K-1# show running-config all ! display configuration with defaults

- Interface ranges

NX-7K-1(config)# int e2/4, e3/1-2 ! no range command

- Shared or dedicated

NX-7K-1(config)# int e2/1, e2/3, e2/5, e2/7
NX-7K-1(config-if)# shutdown
NX-7K-1(config)# int e2/1
NX-7K-1(config-if)# rate-mode dedicated
NX-7K-1(config-if)# no shutdown

- Licencing

NX-7K-1# show license host-id
NX-7K-1# install license bootflash: NX7K-1234.lic
NX-7K-1# show license usage

- Modules

NX-7K-1# reload module ?
NX-7K-1# attach module ?

Virtual Device Context (VDC)

Four VDCs: Default VDC1 and 3 additional VDCs.

NX-7K-1(config)# vdc VDC2 id 2
NX-7K-1(config-vdc)# allocate interface e3/1-24
NX-7K-1(config)# vdc VDC3 id 3
NX-7K-1(config-vdc)# allocate interface e3/25-48
NX-7K-1# show vdc
NX-7K-1# show vdc membership
NX-7K-1# show run vdc
NX-7K-1# switchto vdc VDC2
NX-7K-1-VDC2# switchback
NX-7K-1#

Virtual Port Channel (VPC)

NX-7K-1(config)# feature vpc
NX-7K-1(config)# vpc domain 10
NX-7K-1(config-domain)# peer-switch
NX-7K-1(config-domain)# peer-keepalive destination 10.10.10.2
NX-7K-1# show vpc role
NX-7K-1# show vpc peer-keepalive
NX-7K-1(config)# interface port-channel 10
NX-7K-1(config-if)# switchport mode trunk
NX-7K-1(config-if)# switchport trunk allowed vlan 100-105 ! vPC VLANs
NX-7K-1(config-if)# switchport trunk native 100
NX-7K-1(config-if)# vpc peer-link
NX-7K-1# show vpc brief
NX-7K-1(config)# interface ethernet 1/1-2
NX-7K-1(config-if-range)# channel-group 11 mode active
NX-7K-1(config)# interface port-channel 11
NX-7K-1(config-if)# switchport mode trunk
NX-7K-1(config-if)# vpc 11
NX-7K-2(config)# feature vpc
NX-7K-2(config)# vpc domain 10
NX-7K-2(config-domain)# peer-switch
NX-7K-2(config-domain)# peer-keepalive destination 10.10.10.1
NX-7K-2(config)# interface port-channel 10
NX-7K-2(config-if)# switchport mode trunk
NX-7K-2(config-if)# switchport trunk allowed vlan 100-105 ! vPC VLANs
NX-7K-2(config-if)# switchport trunk native 100
NX-7K-2(config-if)# vpc peer-link
NX-7K-2(config)# interface ethernet 2/7-8
NX-7K-2(config-if-range)# channel-group 11 mode active
NX-7K-2(config)# interface port-channel 11
NX-7K-2(config-if)# switchport mode trunk
NX-7K-2(config-if)# vpc 11
NX-7K-2# show vpc consistency-parameters global

Fabric EXtenders (FEX) ~ Nexus 2000 series

Deployment models:

- Static pinning (Nexus 5000 series)

NX-5K-1(config)# feature fex
NX-5K-1(config)# fex 100
NX-5K-1(config-fex)# pinning max-links 4
NX-5K-1(config)# int ethernet 1/1-4
NX-5K-1(config-if)# switchport mode fex-fabric
NX-5K-1(config-if)# fex associate 100
NX-5K-1# show fex 100
NX-5K-1# show fex detail
NX-5K-1# show module fex

- Dynamic pinning (Nexus 5000 and 7000 series)

NX-5K-1(config)# feature fex
NX-5K-1(config)# fex 101
NX-5K-1(config-fex)# pinning max-links 1
NX-5K-1(config)# int ethernet 1/9-12
NX-5K-1(config-if)# switchport mode fex-fabric
NX-5K-1(config-if)# channel-group 11
NX-5K-1(config)# int port-channel 11
NX-5K-1(config-if)# fex associate 101
NX-5K-1# show int port-channel 11 fex-intf
NX-5K-1# show module fex

- vPC (Nexus 5000 series)

NX-5K-1(config)# feature fex
NX-5K-1(config)# fex 102
NX-5K-1(config-fex)# pinning max-links 1
NX-5K-1(config)# int ethernet 1/17-20
NX-5K-1(config-if)# switchport mode fex-fabric
NX-5K-1(config-if)# channel-group 12
NX-5K-1(config)# feature vpc
! vPC domain configuration
NX-5K-1(config)# int port-channel 12
NX-5K-1(config-if)# vpc 12
NX-5K-1(config-if)# fex associate 102
NX-5K-1# show int port-channel 12 fex-intf
NX-5K-1# show module fex

Configuration Rollback

NX-7K-1# checkpoint CP1 description First checkpoint
NX-7K-1# show checkpoint summary
NX-7K-1# rollback running-config checkpoint CP1

Role-Based Access Control (RBAC)

NX-7K-1(config)# role name L3-admin
NX-7K-1(config-role)# rule 1 permit read-write feature-group L3
NX-7K-1(config-role)# vlan policy deny
NX-7K-1(config-role-vlan)# permit vlan 1-100
NX-7K-1(config-role)# vrf policy deny
NX-7K-1(config-role-vlan)# permit vrf VRF1
NX-7K-1(config-role-vlan)# permit vrf VRF2 
NX-7K-1# show role 

Ethanalyzer ~ a wrapper over tshark

NX-7K-1# ethanalyzer local interface inband brief limit-captured-frames 10
NX-7K-1# ethanalyzer local interface inband limit-captured-frames 1

VRF

NX-7K-1# show ip int brief ! default VRF
NX-7K-1# show ip int brief vrf management
NX-7K-1# ping 10.1.1.1 vrf management
NX-7K-1# routing-context vrf management
NX-7K-1%management# ping 10.1.1.1
NX-7K-1%management# routing-context vrf default
NX-7K-1#

Config-sync

NX-7K-1# configure sync
NX-7K-1(config-sync)# switch-profile PROFILE1
NX-7K-2# configure sync
NX-7K-2(config-sync)# switch-profile PROFILE1
NX-7K-2(config-sync-sp)# import interface po10
NX-7K-2(config-sync-sp-import)# verify
NX-7K-2(config-sync-sp-import)# show switch-profile PROFILE1 buffer
NX-7K-2(config-sync-sp-import)# show switch-profile PROFILE1 status
NX-7K-2(config-sync-sp-import)# commit
NX-7K-1(config-sync-sp)# sync-peers destination 10.0.0.2
NX-7K-2(config-sync-sp)# sync-peers destination 10.0.0.1
NX-7K-2(config-sync-sp)# int po10
NX-7K-2(config-sync-sp-if)# spanning-gree port type edge trunk
NX-7K-2(config-sync-sp)# verify
NX-7K-2(config-sync-sp)# commit
NX-7K-2# show running-config switch-profile

In-Service Software Upgrade (ISSU)

NX-7K-2# show incompatibility system n7000.bin
NX-7K-2# install all kickstart n7000-kickstart.bin system n7000.bin
NX-7K-2# system switchover
NX-7K-1# show incompatibility system n7000.bin
NX-7K-1# install all kickstart n7000-kickstart.bin system n7000.bin
NX-7K-1# system switchover

No comments: