Cisco MDS 9000 series Configuration Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. MDS 9000 Series
  6. Configuration manual
Cisco MDS 9000 series Configuration Manual

Cisco MDS 9000 series Configuration Manual

Nx-os ip services multilayer switches
Hide thumbs Also See for MDS 9000 series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Troubleshooting Manual, Configuration Manual
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Cisco MDS 9000 Family NX-OS IP Services
Configuration Guide
Cisco MDS NX-OS Release 4.2(1)
August 2009
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

Advertisement

Table of Contents
loading

Related Manuals for Cisco MDS 9000 series

Summary of Contents for Cisco MDS 9000 series

  • Page 1 Configuration Guide Cisco MDS NX-OS Release 4.2(1) August 2009 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 2 Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks;...
  • Page 3 IPv4 and IPv6 Configuring FCIP C H A P T E R About FCIP FCIP Concepts FCIP and VE Ports FCIP Links FCIP Profiles FCIP Interfaces Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 4: Table Of Contents

    Configuring FCIP Tape Acceleration 2-32 Displaying Tape Acceleration Activity Information 2-33 FCIP Compression 2-34 Configuring FCIP Compression 2-36 Displaying FCIP Compression Information 2-36 Default Settings 2-37 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 5 Fibre Channel Zoning-Based Access Control 4-20 iSCSI-Based Access Control 4-21 Enforcing Access Control 4-22 iSCSI Session Authentication 4-23 Configuring Authentication Mechanism 4-24 Configuring Local Authentication 4-24 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 6 4-54 Enabling VRRP for Load Balancing 4-54 Verifying iSLB VRRP Load Balancing Configuration 4-54 Displaying iSLB VRRP Information 4-54 About iSLB Configuration Distribution Using CFS 4-55 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 7 Configuring the ESI Retry Count 4-85 Configuring the Registration Period 4-86 iSNS Client Registration and Deregistration 4-86 Target Discovery 4-86 Verifying the iSNS Server Configuration 4-87 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 8 Verifying IPv4 Static Route Information 5-11 Displaying and Clearing ARPs 5-11 Overlay VSANs 5-12 About Overlay VSANs 5-12 Configuring Overlay VSANs 5-12 Configuring Multiple VSANs 5-14 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide viii OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 9 Configuring Ethernet PortChannels Configuring CDP Displaying Statistics Displaying Gigabit Ethernet Interface Statistics Displaying Ethernet MAC Statistics 6-10 Displaying DMA-Bridge Statistics 6-10 Displaying TCP Statistics 6-11 Default Settings 6-13 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 10 Global Addresses Link-Local Address IPv6 Address Type: Multicast ICMP for IPv6 Path MTU Discovery for IPv6 IPv6 Neighbor Discovery IPv6 Neighbor Solicitation and Advertisement Messages Router Discovery Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 11 Verifying IPv6 Static Route Configuration and Operation 8-17 Gigabit Ethernet IPv6-ACL Guidelines 8-18 Transitioning from IPv4 to IPv6 8-19 Displaying IPv6 8-19 Default Settings 8-20 N D E X Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 12 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family NX-OS IP Services Configuration Guide...

  • Page 13: New And Changed Information

    For a complete list of document titles, see the list of Related Documentation in the “Preface.” To find additional information about Cisco MDS NX-OS Release 4.2(x), see the Cisco MDS 9000 Family Release Notes available at the following Cisco Systems website: http://www.cisco.com/en/US/products/ps5989/prod_release_notes_list.htm...
  • Page 14 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family NX-OS IP Services Configuration Guide...
  • Page 15 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Preface This preface describes the audience, organization, and conventions of the Cisco MDS 9000 Family NX-OS IP Services Configuration Guide. It also provides information on how to obtain related documentation.

  • Page 16: Document Conventions

    Means reader take note. Notes contain helpful suggestions or references to material not covered in the Note manual. Means reader be careful. In this situation, you might do something that could result in equipment Caution damage or loss of data. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 17: Related Documentation

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Related Documentation The documentation set for the Cisco MDS 9000 Family includes the following documents. To find a document online, use the Cisco MDS NX-OS Documentation Locator at: http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/roadmaps/doclocater.htm...

  • Page 18: Cisco Fabric Manager

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family Storage Services Module Software Installation and Upgrade Guide •...

  • Page 19: Troubleshooting And Reference

    Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html...
  • Page 20 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family NX-OS IP Services Configuration Guide...
  • Page 21 C H A P T E R IP Services Overview The Cisco MDS 9000 NX-OS software provides features such as FCIP, SAN Extension Tuner, iSCSI, IP storage, IPv4, and IPv6 in a single platform. These IP services simplify SAN provisioning by automatically distributing configuration information to all the switches in a storage network.
  • Page 22 SAN islands over extended distances. The IPS module and the MPS-14/2 module allow you to use FCIP and iSCSI features. Both modules integrate seamlessly into the Cisco MDS 9000 Family, and support the full range of features that are available on other switching modules, including VSANs, security, and traffic management.
  • Page 23 Chapter 7, “Configuring IPv4 for Gigabit Ethernet Interfaces.” For more information on configuring IPv6 for Gigabit Ethernet interfaces, see Chapter 8, “Configuring IPv6 for Gigabit Ethernet Interfaces.” Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 24 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family NX-OS IP Services Configuration Guide...

  • Page 25: About Fcip

    C H A P T E R Configuring FCIP Cisco MDS 9000 Family IP storage (IPS) services extend the reach of Fibre Channel SANs by using open-standard, IP-based technology. The switch can connect separated SAN islands using Fibre Channel over IP (FCIP).

  • Page 26: Fcip Concepts

    A virtual ISL is established over an FCIP link and transports Fibre Channel traffic. Each associated virtual ISL looks like a Fibre Channel ISL with either an E port or a TE port at each end (see Figure 2-2). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 27 When the FCIP link comes up, the VE ports at both ends of the FCIP link create a virtual Fibre Channel (E)ISL and initiate the E port protocol to bring up the (E)ISL. By default, the FCIP feature on any Cisco MDS 9000 Family switch creates two TCP connections for each FCIP link: One connection is used for data frames.

  • Page 28: Fcip High-Availability Solutions

    The following high-availability solutions are available for FCIP configurations: Fibre Channel PortChannels, page 2-5 • FSPF, page 2-5 • VRRP, page 2-6 • Ethernet PortChannels, page 2-6 • Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 29: Fibre Channel Portchannels

    Each FCIP link is a separate (E)ISL. The FCIP links can connect to different switches across two SAN islands. • The Fibre Channel traffic is load balanced across the FCIP link. • Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 30: Vrrp

    The Gigabit Ethernet link-level redundancy ensures a transparent failover if one of the Gigabit • Ethernet links fails. Two Gigabit Ethernet ports in one Ethernet PortChannel appear like one logical Gigabit Ethernet • link. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 31: Ethernet Portchannels And Fibre Channel Portchannels

    Gigabit Ethenet link To configure Fibre Channel PortChannels, see the Cisco MDS 9000 Family NX-OS Interfaces Configuration Guide. To configure Ethernet PortChannels, see the Cisco MDS 9000 Family NX-OS High Availability and Redundancy Configuration Guide. Configuring FCIP This section describes how to configure FCIP and includes the following topics: Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 32: Enabling Fcip

    To begin configuring the FCIP feature, you must explicitly enable FCIP on the required switches in the fabric. By default, this feature is disabled in all switches in the Cisco MDS 9000 Family. The configuration and verification commands for the FCIP feature are only available when FCIP is enabled on a switch.

  • Page 33: Creating Fcip Profiles

    Displaying FCIP Profile Information Example 2-1 Displays FCIP Profiles switch# show fcip profile ------------------------------------------------------------------------------- ProfileId Ipaddr TcpPort ------------------------------------------------------------------------------- 10.10.100.150 3225 10.10.100.150 3226 40.1.1.2 3225 100.1.1.2 3225 200.1.1.2 3225 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 34: Creating Fcip Links

    Step 2 Creates an FCIP interface (51). switch1(config)# interface fcip 51 switch1(config-if)# Step 3 Assigns the profile (10) to the FCIP interface. switch1(config-if)# use-profile 10 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-10 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 35: Advanced Fcip Profile Configuration

    Command Purpose Step 1 Associates the profile with the local port number (5000). switch(config-profile)# port 5000 Reverts to the default 3225 port. switch(config-profile)# no port Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-11 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 36: Configuring Tcp Parameters

    1-second intervals. If no response is received for these eight probes and the connection remains idle throughout, that FCIP link is automatically closed. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-12 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 37 TCP sender can only learn about a single lost packet per round trip. A selective acknowledgment (SACK) mechanism helps overcome the limitations of multiple lost packets during a TCP transmission. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-13 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 38 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m The receiving TCP sends back SACK advertisements to the sender. The sender can then retransmit only the missing data segments. By default, SACK is enabled on Cisco MDS 9000 Family switches. To configure SACK, follow these steps:...
  • Page 39 Due to network congestion, improper queuing, or configuration errors, this steady stream can become lumpy, or the delay between each packet can vary instead of remaining constant. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-15 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 40: Displaying Fcip Profile Configuration Information

    You can configure the maximum estimated jitter in microseconds by the packet sender. The estimated variation should not include network queuing delay. By default, this parameter is enabled in Cisco MDS switches when IPS modules or MPS-14/2 modules are present.

  • Page 41: Advanced Fcip Interface Configuration

    To establish an FCIP link with the peer, you can use the peer IP address option. This option configures both ends of the FCIP link. Optionally, you can also use the peer TCP port along with the IP address. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-17...

  • Page 42: Assigning A Peer Ip Address

    Ensure that both ends of the FCIP link are not configured as passive mode. If both ends are configured Note as passive, the connection is not initiated. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-18 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 43: Enabling Time Stamp Control

    Otherwise, it is dropped. By default, time stamp control is disabled in all switches in the Cisco MDS 9000 Family. If a packet arrives within a 2000 millisecond interval (+ or –2000 msec) from the network time, that packet is accepted.
  • Page 44 E ports, and are therefore incompatible. This is reflected by the terminology used in FC-BB-2: while VE ports establish a virtual ISL over an FCIP link, B ports use a B access ISL. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-20...
  • Page 45 B access ISL FCIP interface The B port feature in the IPS module and MPS-14/2 module allows remote B port SAN extenders to communicate directly with a Cisco MDS 9000 Family switch, eliminating the need for local bridge devices. Configuring B Ports When an FCIP peer is a SAN extender device that only supports Fibre Channel B ports, you need to enable the B port mode for the FCIP link.

  • Page 46: Quality Of Service

    Cisco MDS 9000 Family NX-OS Fabric Configuration Guide. Fibre Channel domains (fcdomains) • see the Cisco MDS 9000 Family NX-OS System Management Configuration Guide. • Importing and exporting the zone database from the adjacent switch see the Cisco MDS 9000 Family NX-OS System Management Configuration Guide.
  • Page 47 Current Send Buffer Size: 206463 KB, Requested Send Buffer Size: 429496728 3 KB CWM Burst Size: 49344 KB 5 minutes input rate 491913172779207224 bits/sec, 61489146597400903 bytes/se c, 0 frames/sec Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-23 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 48: Advanced Fcip Features

    Frames ------------------------------------------------------------------------------- fcip3 Advanced FCIP Features You can significantly improve application performance by configuring one or more of the following options for the FCIP interface: Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-24 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 49: Fcip Write Acceleration

    FCIP link of the WRITE command and Transfer Ready. It also eliminates the delay caused by multiple Transfer Readys needed for the exchange going over the FCIP link. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-25 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 50 Channel write acceleration can be used with Port Channels. Also, FCIP write acceleration can be used in Port Channels configured with channel mode active or constructed with Port Channel Protocol (PCP). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-26...

  • Page 51: Configuring Fcip Write Acceleration

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m In Cisco MDS SAN-OS Release 2.0(1b) and later and NX-OS Release 4.x, FCIP write acceleration with...

  • Page 52: Fcip Tape Acceleration

    Acting as a proxy for the remote tape drives, the local Cisco MDS switch proxies a transfer ready to signal the host to start sending data. After receiving all the data, the local Cisco MDS switch proxies the successful completion of the SCSI WRITE operation.
  • Page 53 SCSI read operations from the host, sends out SCSI read operations on its own to the tape drive. The prefetched read data is cached at the local Cisco MDS switch. The local Cisco MDS switch on receiving SCSI read operations from the host, sends out the cached data. This method results in more data being sent over the FCIP tunnel in the same time period compared to the time taken to send data without read acceleration for tapes.
  • Page 54 In tape acceleration for writes, after a certain amount of data has been buffered at the remote Cisco MDS switch, the write operations from the host are flow controlled by the local Cisco MDS switch by not proxying the Transfer Ready.
  • Page 55 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m amount of data has been buffered at the local Cisco MDS switch, the read operations to the tape drive are flow controlled by the remote Cisco MDS switch by not issuing any further reads.

  • Page 56: Configuring Fcip Tape Acceleration

    To enable FCIP tape acceleration, follow these steps: Command Purpose Step 1 Enters configuration mode. switch1# config terminal switch(config)# Step 2 Creates an FCIP interface (5). switch1(config)# interface fcip 5 switch1(config-if)# Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-32 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 57: Displaying Tape Acceleration Activity Information

    Flags 0x0, FSM state Non TA Mode Cached Reads 0 First index 0xfffffff7, Last index 0xfffffff7, RA index 0x0000f99a Current index=0xfffffffe, Els Oxid 0xfff7 Hosts 1 FCID 0x770100 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-33 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 58: Fcip Compression

    By default the FCIP compression is disabled. When enabled, the software defaults to using the auto mode (if a mode is not specified). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-34 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 59 If both ends of the FCIP link are running Cisco SAN-OS Release 2.0(1b) or later and NX-OS Release 4.x and you enable compression at one end of the FCIP tunnel, be sure to enable it at the other end of the link.

  • Page 60: Configuring Fcip Compression

    Compression stats 0 input bytes, 0 output compressed bytes 0 input pkts, 0 output compressed pkts Decompression stats 0 input compressed bytes, 0 output bytes Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-36 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 61: Default Settings

    Active mode is enabled special-frame Disabled FCIP timestamp Disabled acceptable-diff range to accept packets +/– 2000 msec B port keepalive responses Disabled Write acceleration Disabled Tape acceleration Disabled Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-37 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 62 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 2-38 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 63: Configuring The San Extension Tuner

    C H A P T E R Configuring the SAN Extension Tuner The SAN Extension Tuner (SET) feature is unique to the Cisco MDS 9000 Family of switches. This feature helps you optimize FCIP performance by generating either direct access (magnetic disk) or sequential access (magnetic tape) SCSI I/O commands and directing such traffic to a specific virtual target.

  • Page 64: San Extension Tuner Setup

    N ports are created on ports that are not a part of the FCIP link for which the throughput and latency is measured. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 65: Data Pattern

    FCIP links. You can also use Canterbury corpus or artificial corpus files for benchmarking purposes. License Prerequisites To use the SET, you need to obtain the SAN_EXTN_OVER_IP license (see the Cisco MDS 9000 Family NX-OS Licensing Guide). Configuring the SAN Extension Tuner This section includes the following topics: •...

  • Page 66: Tuning The Fcip Link

    One scenario that may require additional N ports is if you use FCIP PortChannels. Enabling the Tuner The tuning feature is disabled by default in all switches in the Cisco 9000 Family. When you enable this feature, tuning is globally enabled for the entire switch.

  • Page 67: Configuring The Virtual N Port

    22:22:22:22:22:22:22:22 transfer-size with two outstanding I/Os in the write 512000 outstanding-ios 2 num-transactions command received by the target. The total 5000000 number of I/Os is 5,000,000 bytes. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 68 22:22:22:22:22:22:22:22 transfer-size with two outstanding I/Os in the write 512000 outstanding-ios 2 num-transactions command received by the target. The total 5000000 number of I/Os is 5,000,000 bytes. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 69: Assigning Scsi Tape Read/Write

    Step 7 Clears the counters associated with this N switch(san-ext-nport)# clear counters port. Step 8 Exits the SAN extension tuner submode. switch(san-ext-nport)# end switch# Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 70: Configuring A Data Pattern

    I/Os. The total number of I/Os 512000 outstanding-ios 2 num-transactions is 5,000,000 bytes. 5000000 Step 5 Stops the command with the specified ID. switch(san-ext-nport)# stop command-id 100 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 71: Verifying The San Extension Tuner Configuration

    Exits the SAN extension tuner submode. switch(san-ext-nport)# end switch# Verifying the SAN Extension Tuner Configuration The show commands display the current SAN extension tuner settings for the Cisco MDS switch (see Examples to 3-6). Example 3-1 Displays Entries in the FLOGI Database...

  • Page 72: Default Settings

    Disabled Transfer ready size Same as the transfer size in the SCSI write command Outstanding I/Os Number of transactions Data generation format All-zero format filemark-frequency Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 3-10 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 73: Configuring Iscsi

    IP-based technology. The switch allows IP hosts to access Fibre Channel storage using the iSCSI protocol. The iSCSI feature is specific to the IPS module and is available in Cisco MDS 9200 Switches or Cisco Note MDS 9500 Directors.

  • Page 74: Chapter 4 Configuring Iscsi

    The iSCSI feature consists of routing iSCSI requests and responses between iSCSI hosts in an IP network and Fibre Channel storage devices in the Fibre Channel SAN that are accessible from any Fibre Channel interface of the Cisco MDS 9000 Family switch (see Figure 4-1).
  • Page 75 FCP (the Fibre Channel equivalent of iSCSI) carries SCSI commands over a Fibre Channel SAN. Refer to the IETF standards for IP storage at http://www.ietf.org for information on the iSCSI protocol. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 76: About Iscsi Configuration Limits

    The maximum number of iSCSI and iSLB targets supported in a fabric is 6000. • Configuring iSCSI This section describes how to configure iSCSI on the Cisco MDS 9000 Family switches. This section includes the following sections: • Enabling iSCSI, page 4-4 •...

  • Page 77: Creating Iscsi Interfaces

    The IPS module or MPS-14/2 module does not import Fibre Channel targets to iSCSI by default. Either dynamic or static mapping must be configured before the IPS module or MPS-14/2 module makes Fibre Channel targets available to iSCSI initiators. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 78: Dynamic Mapping

    If you have not configured a switch name, the management IP address is used. With this convention, each IPS port in a Cisco MDS 9000 Family switch creates a unique iSCSI target node name for the same Fibre Channel target port in the SAN.

  • Page 79: Static Mapping

    Removes this interface from the list of interfaces from switch(config-iscsi-tgt)# no advertise interface GigabitEthernet 2/5 which this target is advertised. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 80: Iscsi Virtual Target Configuration Examples

    28:00:01:02:03:04:05:06 fc-lun 0 iscsi-lun 0 iscsi virtual-target name iqn.1987-02.com.cisco.target-2 pWWN 28:00:01:02:03:04:05:06 fc-lun 1 iscsi-lun 0 iscsi virtual-target name iqn.1987-02.com.cisco.target-3 pWWN 28:00:01:02:03:04:05:06 fc-lun 2 iscsi-lun 0 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 81: Presenting Iscsi Hosts As Virtual Fibre Channel Hosts

    IP addresses and you want to provide different service-based on the IP address used by the host. It is also easier to get the IP address of a host compared to getting the iSCSI Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 82: Initiator Presentation Modes

    See the “Changing iSCSI Interface Parameters and the Impact on Load Balancing” section on page 4-51. The Cisco MDS switches support the following iSCSI session limits: • The maximum number of iSCSI sessions on a switch is 5000. •...
  • Page 83 Fibre Channel target. There is one Fibre Channel session from each of the three virtual Fibre Channel hosts to the target. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-11 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 84 This configuration is distributed using CFS. Note Configuring dynamic initiator modes is supported only through the CLI, not through Device Manager or Fabric Manager. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-12 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 85 Channel WWN pool and keep the mapping in its configuration. We recommend using the system-assign option. If you manually assign a WWN, you must ensure its uniqueness (see the Cisco MDS 9000 Family NX-OS Fabric Configuration Guide for more information). You should not use any previously assigned WWNs.
  • Page 86 “Dynamic Mapping” section on page 4-12). You cannot convert a dynamic iSCSI initiator to a static iSLB initiator or a dynamic iSLB initiator to a Note static iSCSI initiator. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-14 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 87 WWNs assigned to static iSCSI initiators by the system can be inadvertently returned to the system when an upgrade fails or you downgrade the system software (manually booting up an older Cisco MDS SAN-OS release without using the install all command). In these instances, the system can later assign those WWNs to other iSCSI initiators (dynamic or static) and cause conflicts.
  • Page 88 Similar to transparent initiator mode, the user can provide a pWWN and nWWN or request a system assigned WWN for the proxy initiator N port. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-16 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 89: Vsan Membership For Iscsi

    VSAN Membership for iSCSI Hosts Individual iSCSI hosts can be configured to be in a specific VSAN. The specified VSAN overrides the iSCSI interface VSAN membership. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-17 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 90: Example Of Vsan Membership For Iscsi Devices

    Example of VSAN Membership for iSCSI Devices Figure 4-12 provides an example of VSAN membership for iSCSI devices: • iSCSI interface 1/1 is a member of VSAN Y. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-18 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 91: Advanced Vsan Membership For Iscsi Hosts

    The following topics are included in this section: Fibre Channel Zoning-Based Access Control, page 4-20 • • iSCSI-Based Access Control, page 4-21 Enforcing Access Control, page 4-22 • Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-19 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 92: Fibre Channel Zoning-Based Access Control

    SAN. Common mechanisms for identifying members in a Fibre Channel zone are the following (see the Cisco MDS 9000 Family NX-OS Fabric Configuration Guide for details on Fibre Channel zoning): •...

  • Page 93: Iscsi-Based Access Control

    Command Purpose Step 1 Enters configuration mode. switch# config terminal switch(config)# Step 2 Creates the iSCSI target name switch(config)# iscsi virtual-target name iqn.1987-02.com.cisco.initiator iqn.1987-02.com.cisco.initiator. switch(config-iscsi-tgt)# Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-21 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 94: Enforcing Access Control

    FC4-feature field of the FCNS entry. (If a device does not register as either initiator or target in the FC4-feature field, the IPS module or MPS-14/2 module will advertise it). It then Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-22...

  • Page 95: Iscsi Session Authentication

    CHAP authentication. For CHAP user name or secret validation, you can use any method supported and allowed by the Cisco MDS AAA infrastructure (see the Cisco MDS 9000 Family NX-OS Security Configuration Guide for more information).

  • Page 96: Configuring Authentication Mechanism

    Configuring Local Authentication See the Cisco MDS 9000 Family NX-OS Security Guide to create the local password database. To create users in the local password database for the iSCSI initiator, the iSCSI keyword is mandatory.

  • Page 97: Restricting Iscsi Initiator Authentication

    In addition to the IPS module or MPS-14/2 module authentication of the iSCSI initiator, the IPS module or MPS-14/2 module also supports a mechanism for the iSCSI initiator to authenticate the Cisco MDS switch’s iSCSI target during the iSCSI login phase. This authentication requires the user to configure a user name and password for the switch to present to the iSCSI initiator.

  • Page 98: Iscsi Immediate Data And Unsolicited Data Features

    Immediate Data and Unsolicited Data Features Cisco MDS switches support the iSCSI immediate data and unsolicited data features if requested by the initiator during the login negotiation phase. Immediate data is iSCSI write data contained in the data segment of an iSCSI command protocol data unit (PDU), such as combining the write command and write data together in one PDU.

  • Page 99: Iscsi Listener Port

    Step 2 Selects the iSCSI interface on the switch. switch(config)# interface iscsi 4/1 switch(config-if)# Cisco MDS switches support the following advanced features for iSCSI interfaces: • iSCSI Listener Port, page 4-27 TCP Tuning Parameters, page 4-27 • Setting QoS Values, page 4-28 •...

  • Page 100: Setting Qos Values

    5 with DSCP value 0). iSCSI Routing Modes Cisco MDS 9000 Family switches support multiple iSCSI routing modes. Each mode negotiates different operational parameters, has different advantages and disadvantages, and is suitable for different usages. Pass-thru mode •...
  • Page 101 Data digest cannot be used. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-29 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 102: Displaying Iscsi Information

    Number of iSCSI session: 0 (discovery session: 0) Number of TCP connection: 0 Configured TCP parameters Local Port is 3260 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-30 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 103: Displaying Iscsi Statistics

    LUN mapping fail, Data CRC error, or unexpected Immediate or Unsolicited data. These statistics are helpful for debugging purposes when the feature is not working as expected. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-31...
  • Page 104 Command:Target down 0, Task in progress 0, LUN map fail 0 CmdSeqNo not in window 0, No Exchange ID 0, Reject 0 No task:0 Data-Out:0, Data CRC Error:0 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-32 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 105: Displaying Proxy Initiator Information

    Admin port mode is ISCSI Port mode is ISCSI Speed is 1 Gbps iSCSI initiator is identified by name Number of iSCSI session: 0, Number of TCP connection: 0 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-33 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 106: Displaying Global Iscsi Information

    Displays Brief Information of All iSCSI Sessions switch# show iscsi session Initiator iqn.1987-05.com.cisco:02.3021b0f2fda0.avanti12-w2k Initiator ip addr (s): 10.10.100.116 Session #1 Discovery session, ISID 00023d000043, Status active Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-34 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 107 AuthMethod none, HeaderDigest None (len 0), DataDigest None (len 0) Version Min: 2, Max: 2 FC target: Up, Reorder PDU: No, Marker send: No (int 0) Received MaxRecvDSLen key: No Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-35 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 108: Displaying Iscsi Initiators

    Number of connection: 1 TCP parameters Local 10.10.100.200:3260, Remote 10.10.100.116:4190 Path MTU: 1500 bytes Retransmission timeout: 310 ms Round trip time: Smoothed 160 ms, Variance: 38 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-36 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 109 (vendor) :22:04:00:05:30:00:35:e1 (Cisco) node-wwn :22:03:00:05:30:00:35:e1 class :2,3 node-ip-addr :10.2.2.12 <--- iSCSI initiator's IPv4 address :ff ff ff ff ff ff ff ff fc4-types:fc4_features:scsi-fcp:init iscsi-gw symbolic-port-name Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-37 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 110 Node name is 10.10.100.199 Member of vsans: 1, 5 Node WWN is 22:03:00:05:30:00:10:e1 No. of PWWN: 4 Port WWN is 22:00:00:05:30:00:10:e1 Port WWN is 22:09:00:05:30:00:10:e1 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-38 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 111: Displaying Iscsi Virtual Targets

    Initiator configuration using static pWWN and VSAN. Zoning configuration for initiators and targets. – Optional create virtual target and give access to the initiator. – Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-39 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 112: About Islb Configuration Limits

    Before configuring iSLB, you must enable iSCSI (see the “Enabling iSCSI” section on page 4-4). Note For iSLB, all switches in the fabric must be running Cisco MDS SAN-OS Release 2.1(1a) or later. Note About iSLB Configuration Limits iSLB configuration has the following limits: •...

  • Page 113: Islb Configuration Prerequisites

    Configure the VRRP groups (see the “Configuring Load Balancing Using VRRP” section on page 4-54). Configure and activate a zone set (see the Cisco MDS 9000 Family NX-OS Fabric Configuration • Guide for more information). Enable CFS distribution for iSLB (see the “Enabling iSLB Configuration Distribution”...

  • Page 114: Configuring Islb Initiator Names Or Ip Addresses

    2001:0DB8:800:200C::417A address of the initiator node and enters iSLB initiator switch(config-islb-init)# configuration submode. Deletes the configured iSLB initiator. switch(config)# no islb initiator ip-address 2001:0DB8:800:200C::417A Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-42 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 115: Assigning Wwns To Islb Initiators

    4-12. We recommend using the SystemAssign system-assign option. If you manually assign a WWN, you must ensure its uniqueness (see the Cisco MDS 9000 Family NX-OS Fabric Configuration Guide for more information). You should not use any previously assigned WWNs.

  • Page 116: Assigning Vsan Membership For Islb Initiators

    Individual iSLB hosts can be configured to be in a specific VSAN (similar to the DPVM feature for Fibre Channel; see Cisco MDS 9000 Family NX-OS Fabric Configuration Guidefor more information. The specified VSAN overrides the iSCSI interface VSAN membership.

  • Page 117: Configuring Metric For Load Balancing

    You can configure initiator targets using the device alias or the pWWN. You can also optionally specify one or more of the following optional parameters: • Secondary pWWN Secondary device alias • LUN mapping • • VSAN identifier • Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-45 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 118: Configuring And Activating Zones For Islb Initiators And Initiator Targets

    You can configure a zone name where the iSLB initiators and initiator targets are added. If you do not specify a zone name, the IPS manager creates one dynamically. iSLB zone sets have the following considerations: Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-46 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 119 The following example shows the show zoneset active command output when the configured zone name IslbZone is used. switch# show zoneset active zoneset name zoneset-1 vsan 1 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-47 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 120: Configuring Islb Session Authentication

    None authentication of iSCSI initiators. If authentication is always used, you must configure the switch to allow only CHAP authentication. For CHAP user name or secret validation you can use any method supported and allowed by the Cisco MDS AAA infrastructure (see the Cisco MDS 9000 Family NX-OS Security Configuration Guide for more information).

  • Page 121: Verifying Islb Authentication Configuration

    About Load Balancing Using VRRP You can configure Virtual Router Redundancy Protocol (VRRP) load balancing for iSLB. Figure 4-14 shows an example of load balancing using iSLB. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-49 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 122 For example, you can increase the load metric of the iSLB initiator with more targets to 3000 from the default value of 1000. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-50...

  • Page 123: Changing Iscsi Interface Parameters And The Impact On Load Balancing

    -------------------------------------------------------------------------------- VR Id VRRP IP Switch WWN Ifindex Load -------------------------------------------------------------------------------- 10.10.122.115 20:00:00:0b:5f:3c:01:80 GigabitEthernet2/1.441 10.10.122.115 20:00:00:0b:5f:3c:01:80 GigabitEthernet2/2.441 1000 10.10.122.115 20:00:00:0c:ce:5c:5b:c0 GigabitEthernet1/1.441 1000 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-51 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 124 The following example output shows the initial load distribution for three initiators with one initiator having load metric of 3000 and the remaining initiator with the default metric value: switch# show islb vrrp summary Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-52 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 125 1 10.10.122.115 20:00:00:0c:ce:5c:5b:c0 GigabitEthernet1/1.441 iqn.cisco.test-linux.init5 1 10.10.122.115 20:00:00:0c:ce:5c:5b:c0 GigabitEthernet1/2.441 iqn.cisco.test-linux.init6 1 10.10.122.115 20:00:00:0c:ce:5c:5b:c0 GigabitEthernet1/1.441 iqn.cisco.test-linux.init7 1 10.10.122.115 20:00:00:0c:ce:5c:5b:c0 GigabitEthernet1/2.441 iqn.cisco.test-linux.init8 1 10.10.122.115 20:00:00:0b:5f:3c:01:80 GigabitEthernet2/1.441 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-53 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 126: Configuring Load Balancing Using Vrrp

    Configured Status ------------------------------------------------------------------------------------------ IPv4 Enabled -- Interfaces For Load Balance -- ------------------------------------------------------------------------------------------ VR Id VRRP IP Switch WWN Ifindex Load ------------------------------------------------------------------------------------------ 192.168.30.40 20:00:00:0d:ec:02:cb:00 GigabitEthernet3/1 2000 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-54 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 127: About Islb Configuration Distribution Using Cfs

    Configuration for iSLB initiators and initiator targets on an MDS switch can be distributed using the Cisco Fabric Services (CFS). This feature allows you to synchronize the iSLB configuration across the fabric from the console of a single MDS switch. The iSCSI initiator idle timeout, iSCSI dynamic initiator mode, and global authentication parameters are also distributed.

  • Page 128: Enabling Islb Configuration Distribution

    At any time, you can discard the pending changes to the iSLB configuration and release the fabric lock. This action has no affect on the active configuration on any switch in the fabric. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-56...

  • Page 129: Clearing A Fabric Lock

    10 islb initiator ip-address 10.1.1.1 static pWWN 23:01:00:0c:85:90:3e:82 static pWWN 23:06:00:0c:85:90:3e:82 username test1 islb initiator ip-address 10.1.1.2 static nWWN 23:02:00:0c:85:90:3e:82 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-57 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 130: Displaying Islb Cfs Status

    User intervention is not required when the same iSLB initiator has a different set of non-conflicting initiator targets. The merged configuration is the union of all the initiator targets. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-58 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 131: Iscsi High Availability

    In this scenario, the host has four iSCSI sessions. There are two iSCSI sessions from each host NIC to the two IPS ports. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-59 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 132: Iscsi Ha With Host Not Having Any Multi-Path Software

    3 and 4 are still available. If the storage port 1 fails, then the IPS ports will terminate sessions 1 and 3 (put iSCSI virtual target iqn.com.cisco.mds-5.1-2.p1 and iqn-com.cisco.mds-5.1-1.p1 in offline state). But sessions 2 and 4 are still available.
  • Page 133 To create a static iSCSI virtual target, follow these steps: Command Purpose Step 1 Enters configuration mode. switch# config terminal switch(config)# Step 2 Creates the iSCSI target name switch(config)# iscsi virtual-target name iqn.1987-02.com.cisco.initiator iqn.1987-02.com.cisco.initiator. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-61 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 134: Lun Trespass For Storage Port Failover

    Fibre Channel target with redundant ports. When the active port fails, the passive port becomes active, and if the trespass feature is enabled, the Cisco MDS switch sends a request to the target to move the LUs on the new active port. The iSCSI session switches to use the new...

  • Page 135: Multiple Ips Ports Connected To The Same Ip Network

    Multiple IPS Ports Connected to the Same IP Network Figure 4-18 provides an example of a configuration with multiple Gigabit Ethernet interfaces in the same IP network. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-63 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 136: Vrrp-Based High Availability

    If one Gigabit Ethernet interface fails, the host multi-pathing software is not affected because it can use the second path. VRRP-Based High Availability Figure 4-19 provides an example of a VRRP-based high availability iSCSI configuration. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-64 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 137: Ethernet Portchannel-Based High Availability

    All iSCSI data traffic for one iSCSI link is carried on one TCP connection. Consequently, the aggregated Note bandwidth is 1 Gbps for that iSCSI link. Figure 4-20 provides a sample Ethernet PortChannel-based high availability iSCSI configuration. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-65 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 138: Iscsi Authentication Setup Guidelines And Scenarios

    Changing the authentication of an iSCSI interface that is part of an iSLB VRRP group impacts load Caution balancing on the interface. See the “Changing iSCSI Interface Parameters and the Impact on Load Balancing” section on page 4-51. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-66 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 139: Configuring No Authentication

    Step 3 switch(config)# username iscsi-user password abcd iscsi Note If you do not specify the iscsi option, the user name is assumed to be a Cisco MDS switch user instead of an iSCSI user. Verify the global iSCSI authentication setup.

  • Page 140: Iscsi Transparent Mode Initiator

    To configure an iSCSI RADIUS server, follow these steps: Step 1 Configure the RADIUS server to allow access from the Cisco MDS switch's management Ethernet IP address. Configure the shared secret for the RADIUS server to authenticate the Cisco MDS switch.
  • Page 141 To configure scenario 1 (see Figure 4-21), follow these steps: Configure null authentication for all iSCSI hosts in Cisco MDS switches. Step 1 switch(config)# iscsi authentication none Configure iSCSI to dynamically import all Fibre Channel targets into the iSCSI SAN using Step 2 auto-generated iSCSI target names.
  • Page 142 Create a zone set and add the two zones as members. Step 10 switch(config)# zoneset name zoneset-iscsi vsan 1 switch(config-zoneset)# member iscsi-zone-1 switch(config-zoneset)# member iscsi-zone-2 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-70 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 143 VSAN 1, ISID 00023d000001, Status active, no reservation Initiator 10.11.1.10 <-----------------------------------Host 1 Initiator name iqn.1987-05.com.cisco:01.e41695d16b1a Session #1 Target iqn.1987-05.com.cisco:05.172.22.92.166.07-01.21000020376ffd97 VSAN 1, ISID 00023d000001, Status active, no reservation Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-71 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 144 (VENDOR) FC4-TYPE:FEATURE -------------------------------------------------------------------------- 0x6d0001 21:00:00:20:37:6f:fd:97 (Seagate) scsi-fcp:target 0x6d0101 21:00:00:20:37:6f:fe:54 (Seagate) scsi-fcp:target 0x6d0201 21:00:00:20:37:a6:a6:5d (Seagate) scsi-fcp:target 0x6d0300 20:03:00:0b:fd:44:68:c2 (Cisco) scsi-fcp:init isc..w 0x6d0301 20:05:00:0b:fd:44:68:c2 (Cisco) scsi-fcp:init isc..w Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-72 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 145: Target Storage Device Requiring Lun Mapping

    • There is target-based LUN mapping or LUN masking. There is no iSCSI authentication (none). • The iSCSI initiator is assigned to different VSANs. • Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-73 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 146 7/5 switch(config-if)# switchport initiator id ip-address switch(config-if)# no shutdown Add static configuration for each iSCSI initiator. Step 7 <-----Host 2 switch(config)# iscsi initiator name iqn.1987-05.com.cisco:01.e41695d16b1a Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-74 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 147 2 Zoneset activation initiated. check zone status switch# show zoneset active vsan 2 zoneset name iscsi-zoneset-v2 vsan 2 zone name iscsi-zone-2 vsan 2 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-75 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 148 VSAN 1: ----------------------------------------------------------------- FCID TYPE PWWN (VENDOR) FC4-TYPE:FEATURE ----------------------------------------------------------------- 0x680001 NL 21:00:00:20:37:6f:fd:97 (Seagate) scsi-fcp:target <--- 0x680102 N 20:02:00:0b:fd:44:68:c2 (Cisco) scsi-fcp:init iscw iSCSI initiator in name server Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-76 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 149 1 zoneset name iscsi-zoneset-v1 vsan 1 zone name iscsi-zone-1 vsan 1 * fcid 0x680001 [pwwn 21:00:00:20:37:6f:fd:97] * fcid 0x680102 [pwwn 20:02:00:0b:fd:44:68:c2] Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-77 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 150 :ff ff ff ff ff ff ff ff fc4-types:fc4_features:scsi-fcp:init iscsi-gw symbolic-port-name symbolic-node-name :10.15.1.11 port-type port-ip-addr :0.0.0.0 fabric-port-wwn :21:91:00:0b:fd:44:68:c0 hard-addr :0x000000 Total number of entries = 1 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-78 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 151: Isns

    A Cisco MDS 9000 Family switch can act as an iSNS client and register all available iSCSI targets with an external iSNS server. All switches in the Cisco MDS 9000 Family with IPS modules or MPS-14/2 modules installed support iSNS server functionality.

  • Page 152: Creating An Isns Client Profile

    Purpose Step 1 Enters configuration mode. switch# config t switch(config)# Step 2 Removes a configured iSNS profile called switch(config)# no isns profile name OldIsns OldIsns. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-80 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 153: Verifying Isns Client Configuration

    Use the show isns profile counters command to view all configured profiles with the iSNS PDU statistics for each tagged interface (see Example 4-21 Example 4-22). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-81 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 154 Hardware is GigabitEthernet, address is 0005.3000.ae94 Internet address is 10.10.100.201/24 MTU 1500 bytes Port mode is IPS Speed is 1 Gbps Beacon is turned off Auto-Negotiation is turned on Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-82 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 155: About Isns Server Functionality

    0 carrier errors About iSNS Server Functionality When enabled, the iSNS server on the Cisco 9000 Family MDS switch tracks all registered iSCSI devices. As a result, iSNS clients can locate other iSNS clients by querying the iSNS server. The iSNS...

  • Page 156: Configuring Isns Servers

    Change Notification (SCN) message to the initiator so that the initiator can remove the session. Configuring iSNS Servers This section describe how to configure an iSNS server on a Cisco MDS 9000 Family switch. This section includes the following topics: Enabling the iSNS Server, page 4-85 •...

  • Page 157: Enabling The Isns Server

    This allows the iSNS server running on any switch to provide a querying iSNS client a list of iSCSI devices available anywhere on the fabric. For information on CFS, see the Cisco MDS 9000 Family NX-OS System Management Configuration Guide.

  • Page 158: Configuring The Registration Period

    DevAttrQuery to determine target and portal details, such as the IP address or port number to which to connect. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-86 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 159: Verifying The Isns Server Configuration

    Example 4-25). Example 4-25 Displays the iSNS Server Configuration of ESI Interval and Database Contents switch# show isns config Server Name: switch1(Cisco Systems) Up since: Fri Jul 30 04:08:16 2004 Index: 1 Version: 1 TCP Port: 3205 fabric distribute (remote sync): ON...
  • Page 160 ESI Port: 4180 SCN Port: 4180 Example 4-28 displays the virtual targets entries on the current switch. Note The local option is only available for virtual targets. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-88 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 161 Node Index: 0x80000003 WWN(s): 22:00:00:20:37:39:dc:45 VSANS: Portal IP Address: 192.168.100.5 TCP Port: 3205 Entity Index: 1 Portal Index: 3 Portal IP Address: 192.168.100.6 TCP Port: 3205 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-89 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 162 Node Name: iqn.com.cisco.ipdisk Entity Index: 1 Node Type: Target(1) Node Index: 0x80000002 Configured Switch WWN: 20:00:00:0d:ec:01:04:40 WWN(s): 22:00:00:20:37:5a:70:1a VSANS: iSCSI Node Name: iqn.isns-first-virtual-target Entity Index: 1 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-90 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 163 192.168.100.5 3205 192.168.100.6 3205 Example 4-37 Displays Detailed Information for the Virtual Portals in the Specified Switch switch# show isns portal virtual switch 20:00:00:0d:ec:01:04:40 detail Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-91 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 164 Example 4-42 Displays Virtual Entities switch# show isns entity virtual Entity Id: isns.entity.mds9000 Index: 1 Last accessed: Thu Aug 5 00:58:50 2004 Entity Id: dp-204 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-92 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 165: Isns Cloud Discovery

    Displaying Cloud Discovery Statistics, page 4-96 About Cloud Discovery Note iSNS Cloud Discovery is not supported on the Cisco Fabric Switch for IBM BladeCenter and Cisco Fabric Switch for HP c-Class BladeSystem. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-93 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 166: Configuring Isns Cloud Discovery

    For CFS distribution to operate correctly for iSNS cloud discovery, all switches in the fabric must be Note running Cisco SAN-OS Release 3.0(1) or NX-OS 4.1(1b) and later. Configuring iSNS Cloud Discovery This section describes how to configure iSNS cloud discovery and includes the following topics: Enabling iSNS Cloud Discovery, page 4-94 •...

  • Page 167: Initiating On-Demand Isns Cloud Discovery

    Configuring iSNS Cloud Discovery Message Types You can configure iSNS cloud discovery the type of message to use. By default, iSNS cloud discovery uses ICMP. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-95 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 168: Verifying Cloud Discovery Status

    Number of cloud discovery (ping) messages sent = 1 Number of cloud discovery (ping) success Default Settings Table 4-2 lists the default settings for iSCSI parameters. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-96 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 169 60 sec (not configurable) iSNS registration interval retries Fabric distribution Disabled Table 4-3 lists the default settings for iSLB parameters. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-97 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 170 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Table 4-3 Default iSLB Parameters Parameters Default Fabric distribution Disabled Load balancing metric 1000 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 4-98 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 171: Configuring Ip Services

    C H A P T E R Configuring IP Services Cisco MDS 9000 Family switches can route IP traffic between Ethernet and Fibre Channel interfaces. The IP static routing feature is used to route traffic between VSANs. To do so, each VSAN must be in a different IP subnetwork.

  • Page 172: Traffic Management Services

    MDS management port coming up due to delay from Ethernet spanning tree processing that the Ethernet switch would run if enabled. For Cisco Ethernet switches, use either the switchport host command in Cisco IOS is or the set port host command in the Catalyst OS. Refer to the configuration guide for your Ethernet switch.

  • Page 173: Default Gateway

    Step 4 Enables the interface. switch(config-if)# no shutdown Default Gateway You can configure a default gateway IPv4 address on your Cisco MDS 9000 Family switch. This section includes the following topics: About the Default Gateway, page 5-3 • Configuring the Default Gateway, page 5-4 •...

  • Page 174: Configuring The Default Gateway

    Every interface connected to this VSAN should be configured with the VSAN IPv4 address of the gateway switch as shown in Figure 5-2. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 175: Ipfc

    Ethernet network. Once the VSAN interface is created, you can specify the IP address for that VSAN. You can assign an IPv4 address or an IPv6 address. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 176: Ipfc Configuration Guidelines

    1 vsan1 is down (Administratively down) WWPN is 10:00:00:0c:85:90:3e:85, FCID not assigned Internet address is 10.0.0.12/24 MTU 1500 bytes, BW 1000000 Kbit Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 177: Enabling Ipv4 Routing

    IP address: 10.1.1.2 IP subnet: 255.0.0.0 IP subnet: 255.0.0.0 Switch_3 Switch_2 The following steps show how to configure Switch_1 in the example network in Figure 5-3: Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 178 Configure the IP address and subnet mask. Step 3 switch_2(config-if)# ip address 10.1.1.2 255.0.0.0 Enable the VSAN interface and exit interface configuration submode. Step 4 switch_2(config-if)# no shutdown switch_2(config-if)# exit switch_2(config)# Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 179 Enable the VSAN interface and exit interface configuration submode. switch_3(config-if)# no shutdown switch_3(config-if)# exit switch_3(config)# Enable IPv4 routing. Step 4 switch_3(config)# ip routing switch_3(config)# exit switch_3# Display the routes. Step 5 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 180: Ipv4 Static Routes

    IPv4 routing is disabled by default on any gateway switch between the out-of-band management interface and the default VSAN, or between directly connected VSANs. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-10 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 181: Configuring Ipv4 Static Routes

    Displaying and Clearing ARPs Address Resolution Protocol (ARP) entries in Cisco MDS 9000 Family switches can be displayed, deleted, or cleared. The ARP feature is enabled on all switches. Use the show arp command to display the ARP table.

  • Page 182: Overlay Vsans

    Configure a default route on every switch in the Fibre Channel fabric pointing to the switch that provides NMS access. Configure the default gateway (route) and the IPv4 address on switches that point to the NMS (see Step 4 Figure 5-4). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-12 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 183 Creates a VSAN interface (VSAN 10). switch(config)# interface vsan 10 switch(config-if)# Step 6 Assigns an IPv4 address and subnet mask for switch(config-if)# ip address 10.10.10.0 netmask 255.255.255.0 this switch. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-13 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 184: Configuring Multiple Vsans

    Assign an IP address on every VSAN interface on the same subnet as the corresponding VSAN. Step 3 Define the multiple static routes on the Fibre Channel switches and the IP cloud (see Figure 5-5). Step 4 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-14 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 185 Step 5 Defines the VSAN in the VSAN database switch-config-vsan-db# vsan 11 name MGMT_VSAN_11 switch-config-vsan-db# on all of the switches in VSAN 11. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-15 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 186: Virtual Router Redundancy Protocol

    11.11.11.35 subnet 11. Virtual Router Redundancy Protocol Cisco MDS 9000 Family switches are compliant with RFC 2338 standards for Virtual Router Redundancy Protocol (VRRP) features. This section provides details on the VRRP feature. This section includes the following topics: •...

  • Page 187: About Vrrp

    VR 1 and the FC interface is in VR 2. Each virtual router is uniquely identified by the VSAN interface and the VR ID. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-17 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 188: Configuring Vrrp

    The total number of VRRP groups that you can configure on a Gigabit Ethernet port, including main Note interfaces and subinterfaces, cannot exceed seven. This limitation applies to both IPv4 and IPv6 groups. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-18 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 189: Virtual Router Initiation

    By using the secondary option to the virtual router IPv4 address, the VRRP router will accept these packets when it is the master. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-19 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 190 IPv6 address, this switch is automatically the owner of this IPv6 address. Removes the IPv6 address for the selected VR. switch(config-if-vrrp-ipv6)# no address 2001:0db8:800:200c::417a Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-20 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 191: Setting The Priority For The Virtual Router

    To set the time interval for advertisement packets for a virtual router using IPv4, follow these steps: Command Purpose Step 1 Enters configuration mode. switch# config t Step 2 Configures a VSAN interface (VSAN 10). switch(config)# interface vsan 10 switch(config-if)# Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-21 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 192: Configuring Or Enabling Priority Preemption

    This preemption does not apply to the primary IP Note address. Disables (default) the preempt option and allows the master switch(config-if-vrrp)# no preempt to keep its priority level. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-22 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 193: Setting Virtual Router Authentication

    Step 2 Configures a VSAN interface (VSAN 1). switch(config)# interface vsan 1 switch(config-if)# Step 3 Creates a virtual router. switch(config-if)# vrrp 250 switch(config-if-vrrp)# Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-23 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 194: Tracking The Interface Priority

    Configures a VSAN interface (VSAN 12). switch(config)# interface vsan 12 switch(config-if)# Step 3 Creates a virtual router. switch(config-if)# vrrp ipv6 200 switch(config-if-vrrp-ipv6)# Step 4 Enables priority preemption. switch(config-if-vrrp-ipv6)# preempt Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-24 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 195: Displaying Ipv4 Vrrp Information

    Priority 0 Received 0 Priority 0 Sent 0 Invalid Type 0 Mismatch Address List 0 Invalid Authentication Type 0 Mismatch Authentication 0 Invalid Packet Length 0 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-25 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 196: Displaying Ipv6 Vrrp Information

    Mismatch Address List 0 Invalid Packet Lenght 0 Displaying VRRP Statistics Use the show vrrp statistics command to display configured IPv6 VRRP information (see Example 5-9). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-26 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 197: Clearing Vrrp Statistics

    When accessing a Telnet host, if the DNS server is not reachable (for any reason) the switch login prompt Note may take a longer time to appear. If so, verify that the DNS server is accurately configured and reachable. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-27 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 198: Displaying Dns Host Information

    Any IP host name that does not contain a domain name (that is, any name without a dot) will have the dot and cisco.com appended to it before being added to the host table. Disables (default) the domain name.

  • Page 199: Default Settings

    100 for switch with secondary IP addresses 255 for switches with the primary IP address Priority interface state tracking Disabled Advertisement interval 1 second for IPv4 100 centiseconds for IPv6 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-29 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 200 S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 5-30 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 201: Configuring Ip Storage

    IP-based technology. The switch connects separated SAN islands using Fibre Channel over IP (FCIP), and it allows IP hosts to access Fibre Channel storage using the iSCSI protocol. FCIP and iSCSI features are specific to the IPS module and are available in Cisco MDS 9200 Switches Note or Cisco MDS 9500 Directors.

  • Page 202: Module Status Verification

    IPS module provides IP hosts access to Fibre Channel storage devices. The IP host • sends SCSI commands encapsulated in iSCSI protocol data units (PDUs) to a Cisco MDS 9000 Family switch IPS port over a TCP/IP connection. At this point, the commands are routed from an IP network into a Fibre Channel network and forwarded to the intended target.

  • Page 203: Ips Module Upgrade

    Gigabit Ethernet ports where each module in a given switch can only be upgraded in sequence. To guarantee a stable state, each MPS-14/2 module in a switch requires a 5-minute delay before the next module is upgraded. Cisco Fabric Manager IP Services Configuration Guide OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 204: Supported Hardware

    (OS) unexpectedly resets, it is useful to obtain a copy of the memory image (called a IPS core dump) to identify the cause of the reset. Under that condition, the IPS module sends the core dump to the supervisor module for storage. Cisco MDS switches have two levels of IPS core dumps: Partial core dumps (default)—Each partial core dump consists of four parts (four files).

  • Page 205: Configuring Gigabit Ethernet High Availability

    Ethernet PortChannels and PortChannel subinterfaces • You can configure no more than seven VRRP groups, both IPv4 and IPv6, on a Gigabit Ethernet Note interface, including the main interface and all subinterfaces. Cisco Fabric Manager IP Services Configuration Guide OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 206: Configuring Vrrp For Gigabit Ethernet Interfaces

    IPv6 addresses. If this IPv6 address is the same as the physical Note IPv6 address, this switch is automatically the owner of this IPv6 address. Cisco Fabric Manager IP Services Configuration Guide OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 207: About Ethernet Portchannel Aggregation

    If you configure secondary VRRP IPv6 addresses on an IPFC VSAN interface, before a downgrading to Note a release prior to Cisco Release 3.0(1), you must remove the secondary VRRP IPv6 addresses. This is required only when you configure IPv6 addresses.

  • Page 208: Configuring Ethernet Portchannels

    Step 4 Enables the interface. switch(config-if)# no shutdown Step 5 Configures the specified Gigabit Ethernet switch(config)# interface gigabitethernet 9/3 switch(config-if)# interface (slot 9, port 3). Cisco Fabric Manager IP Services Configuration Guide OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 209: Configuring Cdp

    - The interface already has an associated IPv4-ACL rule and the PortChannel does not. Configuring CDP The Cisco Discovery Protocol (CDP) is supported on the management Ethernet interface on the supervisor module and the Gigabit Ethernet interfaces on the IPS module or MPS-14/2 module.

  • Page 210: Displaying Ethernet Mac Statistics

    0 code error, 0 align error, 0 oversize error Software Counters 3429 received frames, 237 transmit frames 0 frames soft queued, 0 current queue, 0 max queue 0 dropped, 0 low memory Cisco Fabric Manager IP Services Configuration Guide 6-10 OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 211: Displaying Dma-Bridge Statistics

    Segment stats 163 received, 355 sent, 0 retransmitted 0 bad segments received, 0 reset sent TCP Active Connections Local Address Remote Address State Send-Q Recv-Q 0.0.0.0:3260 0.0.0.0:0 LISTEN Cisco Fabric Manager IP Services Configuration Guide 6-11 OL-19524-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 212 ICMP Statistics for port GigabitEthernet2/1 0 ICMP messages received 0 ICMP messages dropped due to errors ICMP input histogram 0 destination unreachable 0 time exceeded 0 parameter problem Cisco Fabric Manager IP Services Configuration Guide 6-12 OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 213: Default Settings

    0 address mask reply Default Settings Table 6-2 lists the default settings for IP storage services parameters. Table 6-1 Default Gigabit Ethernet Parameters Parameters Default IPS core size Partial Cisco Fabric Manager IP Services Configuration Guide 6-13 OL-19524-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 214 S e n d d o c u m e n t a t i o n c o m m e n t s t o f m - d o c f e e d b a c k @ c i s c o . c o m Cisco Fabric Manager IP Services Configuration Guide 6-14 OL-19524-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 215: About Ipv4

    C H A P T E R Configuring IPv4 for Gigabit Ethernet Interfaces Cisco MDS 9000 Family supports IP version 4 (IPv4) on Gigabit Ethernet interfaces. This chapter describes how to configure IPv4 addresses and other IPv4 features. This chapter includes the following topics: About IPv4, page 7-1 •...

  • Page 216: Basic Gigabit Ethernet Configuration For Ipv4

    Ethernet spanning tree processing that the Ethernet switch would run if enabled. For Cisco Ethernet switches, use either the switchport host command in Cisco IOS or the set port host command in the Catalyst OS.

  • Page 217: Configuring Interface Descriptions

    Configuring Promiscuous Mode, page 7-4 • Configuring Interface Descriptions See the Cisco MDS 9000 Family NX-OS Interfaces Configuration Guide for details on configuring the switch port description for any interface. Configuring Beacon Mode See the Cisco MDS 9000 Family NX-OS Interfaces Configuration Guide for details on configuring the beacon mode for any interface.

  • Page 218: Configuring Promiscuous Mode

    IP address that you specify (see the “Using the ping and ping ipv6 Commands” section on page 2-15). Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 219: Vlans

    VLAN. Note If the IPS module or MPS-14/2 module is connected to a Cisco Ethernet switch, and you need to have traffic from multiple VLANs coming to one IPS port, verify the following requirements on the Ethernet...

  • Page 220: Configuring The Vlan Subinterface

    The mgmt0 interface cannot be configured in the same subnet as the Gigabit Ethernet interfaces or mgmt0 Gigabit Ethernet 1/1 subinterfaces. The configuration requirements in Table 7-1 also apply to Ethernet PortChannels. Note Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 221: Configuring Static Ipv4 Routing

    Gigabit Ethernet IPv4-ACL Guidelines, page 7-7 • Applying IPv4-ACLs on Gigabit Ethernet Interfaces, page 7-8 • For information on creating IPv4-ACLs, see the Cisco MDS 9000 Family NX-OS Security Configuration Note Guide. Gigabit Ethernet IPv4-ACL Guidelines Follow these guidelines when configuring IPv4-ACLs for Gigabit Ethernet interfaces: Only use Transmission Control Protocol (TCP) or Internet Control Message Protocol (ICMP).

  • Page 222: Applying Ipv4-Acls On Gigabit Ethernet Interfaces

    Gigabit Ethernet 3/1 for egress traffic (if the association does not exist already). ARP Cache Cisco MDS NX-OS supports ARP cache for Gigabit Ethernet interface configured for IPv4. This section includes the following topics: Displaying ARP Cache, page 7-9 •...

  • Page 223: Displaying Arp Cache

    Ethernet interface as a parameter and returns the IPv4 statistics for that interface. See Example 7-6. Use the physical interface, not the subinterface, to displayIPv4 statistics. Note Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 224: Default Settings

    IPv4 parameters. Table 7-2 Default IPv4 Parameters Parameters Default IPv4 MTU frame size 1500 bytes for all Ethernet ports Autonegotiation Enabled Promiscuous mode Disabled Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 7-10 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 225: About Ipv6

    • • Default Settings, page 8-27 For Cisco NX-OS features that use IP addressing, refer to the chapters in this guide that describe those Note features for information on IPv6 addressing support. To configure IP version 4 (IPv4) on a Gigabit Ethernet interface, see Chapter 7, “Configuring IPv4 for...

  • Page 226: Extended Ipv6 Address Space For Unique Addresses

    The hexadecimal letters in IPv6 addresses are not case-sensitive. Note Table 8-1 Compressed IPv6 Address Formats IPv6 Address Type Uncompressed Format Compressed Format Unicast 2001:0DB8:800:200C:0:0:0:417A 2001:0DB8:800:200C::417A Multicast FF01:0:0:0:0:0:0:101 FF01::101 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 227: Ipv6 Address Prefix Format

    An IPv6 unicast address is an identifier for a single interface on a single node. A packet that is sent to a unicast address is delivered to the interface identified by that address. The Cisco MDS NX-OS supports the following IPv6 unicast address types: Global addresses •...

  • Page 228: Link-Local Address

    S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m Cisco MDS NX-OS supports IEEE 802 interface types (for example, Gigabit Ethernet interfaces). The...

  • Page 229: Ipv6 Address Type: Multicast

    (See Figure 8-5.) For example, the solicited-node multicast address corresponding to the IPv6 address 2037::01:800:200E:8C6C is FF02::1:FF0E:8C6C. Solicited-node addresses are used in neighbor solicitation messages. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-12 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 230: Icmp For Ipv6

    Figure 8-6 IPv6 ICMP Packet Header Format Next header = 58 IPv6 basic header ICMPv6 packet ICMPv6 packet ICMPv6 type ICMPv6 code Checksum ICMPv6 data Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-13 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 231: Path Mtu Discovery For Ipv6

    IPv6 address of the destination node. The neighbor solicitation message also includes the link-layer address of the source node. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-14 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 232 The return of a solicited neighbor advertisement message from the neighbor is a positive Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-15 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 233: Router Discovery

    RA messages are sent periodically and in response to router solicitation messages, which are sent by hosts at system startup. (See Figure 8-8.) Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-16 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 234: Dual Ipv4 And Ipv6 Protocol Stacks

    A new API has been defined to support both IPv4 and IPv6 addresses and DNS requests. An application can be upgraded to the new API and still use only the IPv4 protocol stack. The Cisco MDS NX-OS supports the dual IPv4 and IPv6 protocol stack technique. When an interface is configured with both an IPv4 and an IPv6 address, the interface will accept and process both IPv4 and IPv6 traffic.

  • Page 235: Configuring Basic Connectivity For Ipv6

    The ipv6-prefix argument in the ipv6 address command must be in the form documented in RFC 2373, where the address is specified in hexadecimal using 16-bit values between colons. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-18 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 236 IPv6 processing. The link-local address can be used only to communicate with nodes on the same link. Step 4 Enables the interface. switch(config-if)# no shutdown Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-19 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 237: Configuring Ipv4 And Ipv6 Protocol Addresses

    Configuring IPv4 and IPv6 Protocol Addresses When an interface in a Cisco networking device is configured with both an IPv4 and an IPv6 address, the interface can send and receive data on both IPv4 and IPv6 networks. To configure an interface in a Cisco networking device to support both the IPv4 and IPv6 protocol stacks,...

  • Page 238: Example Output For The Show Ipv6 Interface Command

    100 total, 0 errors, 0 unreachables, 0 time exceeded 0 too big, 0 param probs, 0 admin prohibs 0 echos, 0 echo reply, 0 redirects Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-21 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 239: Clearing Ipv6 Neighbor Discovery Cache

    Purpose Step 1 Enters configuration mode. switch# config t switch(config)# Step 2 Specifies an interface and enters interface switch(config)# interface gigabitethernet 3/1 switch(config-if)# configuration submode. Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-22 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 240: Reachability Time

    0 mgmt0 is up IPv6 is enabled Global address(es): 2003::1/64 Link-local address(es): fe80::205:30ff:fe00:533e ND DAD is enabled, number of DAD attempts: 5 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-23 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 241: Configuring Ipv6 Static Routes

    ND retransmission time is 3000 milliseconds Stateless autoconfig for addresses disabled Configuring IPv6 Static Routes Cisco MDS NX-OS supports static routes for IPv6. This section includes the following topics: Configuring a IPv6 Static Route, page 8-24 • Verifying IPv6 Static Route Configuration and Operation, page 8-24 •...

  • Page 242: Gigabit Ethernet Ipv6-Acl Guidelines

    Gigabit Ethernet IPv6-ACL Guidelines If IPv6-ACLs are already configured in a Gigabit Ethernet interface, you cannot add this interface to a Ethernet PortChannel group. See the Cisco MDS 9000 Family NX-OS Security Configuration Guide for information on configuring IPv6-ACLs. Follow these guidelines when configuring IPv6-ACLs for Gigabit Ethernet interfaces: •...

  • Page 243: Transitioning From Ipv4 To Ipv6

    Cisco MDS NX-OS does not support any transitioning mechanisms from IPv4 to IPv6. However, you can use the transitioning schemes in the Cisco router products for this purpose. For information on configuring Cisco routers to transition your network, refer to the “Implementing Tunneling for IPv6”...

  • Page 244: Default Settings

    Default IPv6 Parameters Parameters Default IPv6 processing Disabled Duplicate address detection 0 (neighbor discovery disabled) attempts Reachability time 1000 milliseconds Retransmission time 30000 milliseconds IPv6-ACLs None Cisco MDS 9000 Family NX-OS IP Services Configuration Guide 8-27 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

  • Page 245: I N D E X

    4-67 4-23, 4-48 iSCSI setup configuring for iSCSI 4-66 4-67 local CHAP challenge 4-24 4-25 5-23 CHAP response 4-25 mechanism 4-24 CHAP user name 4-25 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-1 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 246 IP storage services support dynamic mapping 4-6, 4-43 link failures dynamic mappingiSCSI MPS-14/2 module dynamic mappingiSCSI tape acceleration 2-28 to 2-34 static mappingstatic mapping time stamps 2-19 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-2 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 247 Gigabit Ethernet interfaces FCIP tape acceleration configuring configuring 2-32 configuring auto-negotiation description 2-28 to 2-32 configuring high availability 6-5 to 6-9 displaying information 2-33 configuring IPv4 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-3 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 248 VRRP 5-20 Internet Control Message Protocol. See ICMP configuring in VSANs Internet Storage Name Service. See iSNS configuring IPv6 and IPV6 protocol stacks 8-20 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-4 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 249 4-22 enhancements over IPv4 iSCSI ICMP 8-13 access control 4-19 to 4-23 IPv6-ACL guidelines 8-25 add initiator to zone database 4-21 neighbor discovery 8-14 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-5 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 250 4-13, 4-14 authentication 4-25 displaying information 4-36 to 4-39 routing displaying proxy information 4-33 routing modes chartrouting modes chart for iSCSI 4-29 dynamic mapping 4-12 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-6 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 251 4-42 static importing configuring zones 4-46 static importingstatic mappingiSCSI targets description 4-41 static mapping dynamic initiator mapping 4-43 transparent failover 4-59 to 4-63 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-7 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 252 4-45 initiating on-demand 4-95 load metric 4-45 verifying configuration 4-95 lock the fabric 4-56 verifying membership 4-96 verifying status 4-96 LUN mapping 4-61 iSNS profiles Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-8 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 253 IPv6 solicited-node format, figure 8-13 IQN formats multi-path software example 4-60 load balancing (example) multiple VSANs member combinations configuring 5-14 redundancy Multiprotocol Services modules. See MPS-14/2 modules Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-9 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 254 2-6, 2-7 subnet masks Fibre Channel PortChannels configuring IPv4 routes 5-11 VRRP subnets router discovery requirements IPv6 8-16 switch management RSCNs 4-12 in-band switchovers VRRP Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-10 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 255 5-22 adding primary IP addresses 5-20 security authentication 5-23 authentication 5-23 setting priorities 5-21 configuring for IPv4 5-19 setting priority 5-21 configuring for IPv6 5-19 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-11 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)
  • Page 256 4-45 iSLB 4-45, 4-46 zoning based access control configuring for iSCSI 4-20 configuring for iSCSIiSCSI configuring zoning based access control 4-20 Cisco MDS 9000 Family NX-OS IP Services Configuration Guide IN-12 OL-19525-01,Cisco MDS NX-OS Release 4.2(1)

Table of Contents