Network Visibility using Advanced Analytics in Nexus Switches
|
|
- Harold Morris
- 6 years ago
- Views:
Transcription
1
2 Network Visibility using Advanced Analytics in Nexus Switches Oliver Ziltener - Technical Marketing Engineer BRKDCT-1890
3 Session Abstract Session ID : BRKDCT 1890 Title : Network visibility using advanced Analytics in Nexus switches Abstract: Learn how to get the most visibility from your Nexus-based network with new monitoring capabilities and advanced enhancements to traditional features like SPAN, ERSPAN and NetFlow. We will delve deeper into platform specific features like ERSPAN, Virtual SPAN to leverage multi destination SPAN, SPAN filters, In-Band SPAN, Extended SPAN/ERSPAN, Rule based SPAN, SPAN with MTU truncation, SPAN rate limiting, Exception SPAN on Nexus 7000 & Microburst monitoring, latency monitoring, line rate SPAN, SPAN on drop, SPAN on latency, buffer usage histogram etc. in Nexus 5000/6000. NetFlow and its unique aspects on Nexus switches will be discussed as well. These features help you understand the network and the applications running on the network better, and quickly pinpoint trouble spots in the network. We will go over what each feature is capable of, what proper real world use cases are, proper configurations, how to interpret the outputs and use the data collected. This session will focus on analytics and monitoring. It will not focus on other management aspects like SNMP, Syslog, RMON etc. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 3
4 Session Goal Create awareness of the Analytics and Monitoring tools available in the Nexus family (N3k, N5K, N6K, N7K and N9K) in NX-OS standalone mode Provide the ability to choose the right tool to analyze, which helps in timely resolution of the problem It will NOT focus on other management aspects like SNMP, Syslog, RMON, troubleshooting, QOS, architecture and packet flows Reference Slide BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 4
5 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion
6 Network Bandwidth Explosion IP Traffic Global IP traffic will grow 3X to 1.4 zettabytes annually by 2017 Cloud Global cloud traffic will grow 6X by 2016 Video By 2017, the world will reach 3 trillion Internet video minutes per month 4G Mobile Adoption 4G will account for 45% of global mobile data traffic M2M Trillions of new connected events will occur over IP networks throughout the next decade BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 6
7 If not handled well... Degrading performance Difficulty to troubleshoot Improper planning of resources BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 7
8 What is Analytics? Studying past historical data to research potential trends Discovery and communication of meaningful patterns in data The systematic computational analysis of data or statistics statistics. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 8
9 Advanced Analytics on Nexus Switches Collection of various features and enhancements to the traditional monitoring tools Latency Monitoring, Buffer Monitoring, SPAN-on-drop, Exception SPAN, SPAN filters, Microburst Monitoring and a LOT MORE! Advantages: Microbursts, Congestion, find malicious source, filter SPAN packets etc... BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion
11 Nexus Switches Family Nexus 2300 Nexus 3100 Nexus 5600/6000 Nexus 7000 Nexus 7700 Nexus 9000 Nexus 1000V Nexus 2000 Nexus 3000 Nexus 5000 Nexus 3500 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 11
12 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion
13 Latency Monitoring
14 Why do we need to correct latency problems? Many applications can get impacted because of high latency Website download Video streaming Video conferencing Online gaming Banking Airline reservation Stock Market Web hosting BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15 How does Latency Monitoring work? Packet Packet Time T1 INGRESS TIMESTAMPING EGRESS TIMESTAMPING Packet Time T2 Packet Latency Monitoring Feature measure: T2 T1 in ns BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 15
16 How does Latency Monitoring work? Latency Monitoring provides {min, average, max} latency between a specified port pair and also maintains latency histogram (accuracy in few nanoseconds) By default instantaneous Latency Monitoring is enabled between pair of ports Latency Histogram can be enabled for specific port-pair to provide histogram instead of instantaneous mode Measures switch latency for each packet, no sampling required Fully implemented in HW, no CPU impact, no traffic impact BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 16
17 Modes of Latency monitoring Instantaneous - Enabled by default on all pairs of ports No configuration required Egress Interface Ingress Interface NEXUS# show hardware profile latency monitor interface e1/7 interface ethernet 1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Inst Minimum Maximum Average cnt The latency measured is after the packet enters Port ASIC (Bigsur) cnt denotes the latency of packets entering e1/14 and egressing e1/7 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18 Modes of Latency Monitoring Custom histogram Counts packets in defined range. Needs below configurations Egress Interface Ingress Interface Time in nano seconds NEXUS(config)# interface e1/3 NEXUS(config-if)# packet latency interface e1/1 mode custom low-latency 800 high-latency NEXUS# show hardware profile latency monitor interface e1/3 interface e1/ Egress Port: Ethernet1/3 Ingress Port: Ethernet1/1 Mode: Custom Histogram Range 800 <= Latency < > Latency >= cnt cnt denotes the number of packet in the specific range BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 18
19 Microburst monitoring
20 Microburst A Concern Spike of high activity Passes under the radar of traditional loadmonitoring tools Traffic spike that causes that system to saturate How short and how high? Capacity of worst system in N/W BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21 Microburst in Reality UW-Madison & Microsoft Research Paper: Understanding Data Center Traffic Characteristics Results: we find only a small fraction of losses do not belong to any microburst. This indicates that, more often that not, when losses happen at the edge or aggregation links, they happen in bursts. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22 Challenge: It s Very Hard to see Microbursts NEXUS# show interface ethernet 1/2 Ethernet1/2 is up [ ] Last clearing of "show interface" counters 00:00:58 0 interface resets 30 seconds input rate bits/sec, 1331 packets/sec 30 seconds output rate 0 bits/sec, 0 packets/sec Load-Interval #2: 5 minute (300 seconds) input rate Mbps, 1.05 Kpps; output rate 0 bps, 0 pps RX unicast packets 0 multicast packets 0 broadcast packets input packets bytes jumbo packets 0 storm suppression bytes 0 runts 0 giants 0 CRC 0 no buffer [ ] BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 22
23 Solution: Burst Monitoring Configure your own burst filter per port per direction This command essentially enables micro burst detection on a port burst threshold {ingress egress} {limit percent size max_bytes} interval interval_time This command defines the maximum number of bursts that should happen over a time window before firing an syslog [no] burst maximum {ingress egress} burst-count max-burst BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24 Feature guideline Supported on physical ports, port-channel members, and FEX fabric ports Not supported on sub interfaces, FEX HIF ports and port-channels BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 24
25 Burst Monitoring CLI To monitor bursts show interface [ethernet slot/port]] burst-counters Example: NEXUS# show interface e1/14 burst-counters Interface Ingress Bursts Egress Bursts Total Bursts Ethernet1/ To clear counters: clear burst-counters [interface {all ethernet interface}] {both egress ingress } BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 25
26 Real World Example Troubleshooting Methodology: Detect micro bursty traffic Enable Micro burst detection to provide syslog notification limit: Threshold size as percentage of link speed size: Threshold size in bytes interface Ethernet1/13 burst threshold ingress size interval 100 burst maximum ingress burst-count 100 burst threshold egress size interval 100 burst maximum egress burst-count 100! Time in micro seconds Define how many bursts to be detected, before send syslog 2016 Feb 8 12:10:05 NEXUS %$ VDC-1 %$ %USER-2-SYSTEM_MSG: Micro Burst has been detected on ingress side on Ethernet1/13 - bigsurusd Both commands are recommend per direction BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 26
27 Buffer monitoring
28 Why do we need to monitor buffers? Is my network congested? Can I add a new server? Will the performance be impacted? Why are the drops happening? BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 28
29 What is Buffer monitoring on Nexus? Buffer utilization is on a per port basis Buffer utilization shows buffer for unicast traffic in ingress and unicast and multicast in egress directions Histogram mode slow (1sec) or fast (250ms) sampling BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 29
30 Feature Guideline Supported on physical ports, port-channel members, and FEX fabric ports Not supported on sub interfaces, FEX HIF ports and port-channels BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 30
31 Configuration Buffer utilization must be enabled on interface NEXUS(config)# inter e1/10 NEXUS(config-if)# hardware profile buffer monitor NEXUS(config-if)# Fast sampling must be enabled in global configuration mode NEXUS(config)# hardware profile buffer monitor sampling fast NEXUS(config)# Default sampling is slow = 1 second BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 31
32 Configuration To see buffer utilization and/or the buffer utilization histogram*, the next command must be executed show hardware profile buffer monitor { interface <ifid> all } history { brief detail } To clear buffer utilization history use clear hardware profile buffer monitor [ interface <ifid> ] *History up to 1 hour BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 32
33 Output of Buffer Monitoring tool NEXUS# show hardware profile buffer monitor interface ethernet 1/21 history brief Interface : Eth1/ Sampling Mode : Slow (1 second) Ingress Buffer Utilization Detected(in KB) Per asic Ingress Total Usage ( MB) sec 5 sec 1 min 5 min 1 hour Egress Buffer Utilization Detected(Unicast Multicast)(in KB) Per asic Egress Total Usage ( MB) sec 5 sec 1 min 5 min 1 hour BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 33
34 Real World Example Slow Application Response Port Oversubscription Interface and queueing statistics verification ingress discards due oversubscription egress port Check buffer utilization Determine the egress port that is congested using virtual output queue (VoQ) statistics Destination e1/4 10G e1/5 10G e1/25 10G BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 34
35 Real World Example Slow Application Response Port Oversubscription We spot input discards on interfaces NEXUS#show inter e1/25 Ethernet1/25 is up ---snip--- RX unicast packets 0 multicast packets 0 broadcast packets NEXUS#show inter e1/ input packets bytes Ethernet1/5 is up 0 jumbo packets 0 storm suppression bytes ---snip--- 0 runts 0 giants 0 CRC 0 no buffer RX 0 input error 0 short frame 0 overrun 0 underrun 0 ignored unicast packets 0 multicast packets 0 broadcast packets 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop input packets bytes 0 jumbo packets 0 storm 0 suppression input with bytes dribble input discard 0 runts 0 giants 0 CRC 0 0 Rx no pause... buffer 0 input error 0 short frame 0 overrun 0 underrun 0 ignored 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop 0 input with dribble input discard 0 Rx pause... BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 35
36 Real World Example Slow Application Response Port Oversubscription We spot ingress discards on interface (RX queuing) NEXUS#show queuing interface e1/5 Ethernet1/5 queuing information: TX Queuing qos-group sched-type oper-bandwidth 0 WRR 100 Only default queue is used (default) here RX Queuing qos-group 0 q-size: , HW MTU: 1500 (1500 configured) drop-type: drop, xon: 0, xoff: 0 Statistics: Pkts received over the port : Ucast pkts sent to the cross-bar : Mcast pkts sent to the cross-bar : 0 Ucast pkts received from the cross-bar : 0 Pkts sent to the port : 0 Pkts discarded on ingress : Per-priority-pause status : Rx (Inactive),Tx(Inactive) BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 36
37 Real World Example Slow Application Response Port Oversubscription Egress interface is ok NEXUS#show inter e1/4 Ethernet1/4 is up ---snip--- TX unicast packets 262 multicast packets 3 broadcast packets output packets bytes 0 jumbo packets 0 output error 0 collision 0 deferred 0 late collision 0 lost carrier 0 no carrier 0 babble 0 output discard 0 Tx pause BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 37
38 Real World Example Slow Application Response Port Oversubscription What is about buffer utilization? NEXUS# show hardware profile buffer monitor interface e1/ Instant Ingress Buffer utilization per class per port. Every line displays the number of cells utilized for a given port for each class One cell represents 320 bytes Interface : Eth1/ Total Port Instant Usage ( MB) Remaining Asic Instant Usage ( MB) Per asic ingress cell count ( MB) port class0 class1 class2 class3 class4 class5 class6 class Eth1/ snip--- Note: Class0 is control traffic Class1 is internetwork control traffic Class2 is FCoE traffic Class3 is QoS group 0 (default queue) Class4-7 are QoS group 2-5 sequentially Real-time buffer/cell allocation of buffer/cell at ingress BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public
39 Real World Example Slow Application Response Port Oversubscription To get additional information about the oversubscribed port, we will need to look at the virtual output queue (VoQ) statistics for the ingress ASIC group ASIC group is the NEXUS# show platform fwm info pif e1/5 grep global_asic_num «global_asic_num» Eth1/5 pd: slot 0 logical port num 4 slot_asic_num 1 global_asic_num 1 fw_inst 4 phy_fw_inst 1 fc 0 NEXUS# show platform fwm info pif e1/25 grep global_asic_num Eth1/25 pd: slot 0 logical port num 24 slot_asic_num 3 global_asic_num 3 fw_inst 0 phy_fw_inst 0 fc 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 39
40 Real World Example Slow Application Response Port Oversubscription VoQ statistics indicates that QUEUE-3 of Eth1/4 is oversubscribed (tail drops) NEXUS# show platform software qd info counters voq asic-num port TRANSMIT TAIL DROP HEAD DROP Egress Interface Eth1/4 QUEUE QoS Group 0 ---snip NEXUS# show platform software qd info counters voq asic-num port TRANSMIT TAIL DROP HEAD DROP Eth1/4 QUEUE snip Note: Internal queue numbers are mapped as follows: QUEUE-0 is control traffic QUEUE-1 is internetwork control traffic QUEUE-2 is FCoE traffic QUEUE-3 is QoS group 0 (default queue) QUEUE 4-7 are QoS group 2-5 sequentially BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 40
41 Real World Example Slow Application Response Port Oversubscription The same drops on the egress interface using the following command: NEXUS# show platform software qd info counters voq interface e1/ slot asic TRANSMIT TAIL DROP HEAD DROP snip QUEUE QUEUE The output indicates that ASIC1 and ASIC3 are dropping traffic destined to Eth1/4 as seen in the initial VoQ output BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 41
42 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion
43 Switch Port Analyzer (SPAN) A SPAN session is an association of source ports/vlans to one or more destination ports SPAN all the packets ingressing e1/1 Once the traffic is identified for replication, switch copies the matching traffic to the SPAN destination port(s) Host A e1/1 e5/1 e2/1 Host B The SPAN (copied) packets are created in hardware without overloading the CPU SPAN Source SPAN Destination Spanned (copied) traffic Sniffer Device BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 43
44 SPAN Sources Switchports Access ports Trunk ports Private VLAN ports Port-channels Routed interfaces Physical interfaces Port-channels VLANs and PVLANs Supervisor inband interface Up to 128 physical interfaces and/or up to 32 VLANs per session Mix of interface types allowed in single session For example, SPAN source of VLAN 10 and interface e1/1 in same session Individual subinterfaces cannot be SPAN source BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 44
45 Encapsulated Remote SPAN (ERSPAN) ERSPAN supports source and destinations on different switches* It uses a GRE tunnel to carry traffic Packets replicated in hardware Packets are replicated and GRE encapsulated at ERSPAN source device At ERSPAN Destination device, GRE packet is decapsulated Sniffer Device Layer 3 Network ERSPAN Source ERSPAN Destination *Not all HW supports ERSPAN destination, e.g. N9272 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 45
46 N5K-C56-72UP ID STAT N5K-C56-72UP ID STAT ERSPAN with IEEE1588 timestamp Find Network Latency PTP messages Data ERSPAN type III GPS PTP grandmaster Switch A Sniffer Latency from Switch A to Switch N = T2 T1 Switch N BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 46
47 ERSPAN Type III Packet Capture Example Timestamp information in the Type III header to be used to calculate the packet latency Time Stamps Direction (0xxx) and Granularity x10x = 1588* ERSPAN Type III use a new GRE Protocol Type 0x22EB ERSPAN II use 0x88BE monitor session 1 type erspan-source header-type 3 erspan-id 1 vrf default destination ip source interface ethernet1/1 both rate-limit auto no shut! monitor erspan granularity 1588 *This wireshark version does not decode properly BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 47
48 ERSPAN Type III Configuration Example (N7700) Layer 3 Network e1/3 e1/19 ERSPAN hostname Node1 interface loopback0 ip address /32! monitor session 2 type erspan-source header-type 3 erspan-id 1 vrf default destination ip source interface Ethernet1/3 both rate-limit auto no shut!! Admin VDC monitor erspan origin ip-address global monitor erspan granularity 1588 hostname Node3 interface loopback0 ip address /32! monitor session 2 type erspan-destination erspan-id 1 vrf default source ip destination interface Ethernet1/19 no shut *only the relevant configuration is shown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 48
49 x FEX Nexus 2000 (FEX) with Nexus Parent Switch Parent Switch support: please check latest release notes Parent Switch Nexus 2000 Fabric Extenders + BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 49
50 SPAN with FEX FEX Host ports can be SPAN source ports* FEX Fabric ports can be SPAN source ports with all parent switches FEX Host ports can be SPAN destination port with Nexus 5K** Nexus Parent Switch Sniffer Device Nexus Fabric Extender Host A **Supported since NX-OS 7.2 *Except Nexus 7000 parent switch with F2/F2e Line card BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 50
51 Nexus 5600/6000 SPAN Features
52 Use Case - Packet Drops What packets are dropped? e1/5 10G NEXUS#show inter e1/5 Ethernet1/5 is up ---snip--- RX unicast packets 0 multicast packets 0 broadcast packets input packets bytes 0 jumbo packets 0 storm suppression bytes 0 runts 0 giants 0 CRC 0 no buffer 0 input error 0 short frame 0 overrun 0 underrun 0 ignored 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop 0 input with dribble input discard 0 Rx pause... BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 52
53 SPAN-on-Drop SPAN-on-Drop allows SPAN ning of the packets which were dropped due to unavailable buffer on ingress SPAN-on-Drop Tail-Drop Ingress Data Buffer Dedicated SPAN Buffer N5600/N6000 Port 3 is congested Sniffer Device BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 53
54 SPAN-on-Drop Information Works for unicast packets only Supports both local SPAN and ERSPAN One SPAN-on-Drop session is supported Can have multiple source ports, and multiple destination ports Source port(s) can be a part of a SPAN-on-Drop session, and a local SPAN session simultaneously Note: SPAN-on-Drop is supported on N9K since 7.0(3)I4(1) on 2nd Generation N9K (N9200-X and N9200-Q/C). Hardware support N9300-EX, as Standalone NX-OS is not shipped yet. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 54
55 SPAN-on-Drop Configuration The source interface is the ingress port for which we want to monitor drops NEXUS(config)# monitor session 1 type span-on-drop NEXUS(config-span-on-drop)# source interface e1/1 rx NEXUS(config-span-on-drop)# source interface e1/2 rx NEXUS(config-span-on-drop)# destination interface e1/4 Always Rx : Ingress interface Packets dropped at ingress NEXUS(config)# monitor session 2 type span-on-drop-erspan NEXUS(config-span-on-drop-erspan)# source interface e1/1 rx NEXUS(config-span-on-drop-erpsan)# source interface e1/2 rx NEXUS(config-span-on-drop-erspan)# destination ip BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 55
56 SPAN-on-Drop Guidelines The source interfaces can only be Ethernet. They can be port-channel members, but port-channel as source is not supported Fabric extender (HIF) interfaces are not supported as sources; however, fabric (NIF) interfaces are supported. Setting a fabric interface as a source allows SPAN-on-Drop to be enabled on all fabric extender ports associated with that fabric interface. One SPAN-on-drop or SPAN-on-drop ERSPAN session can be active at a time BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 56
57 Use Case Identify delayed flows Is a packet delayed? e1/7 10G e1/14 10G BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 57
58 SPAN-on-Latency Data Timestamp Data N5600/N6000 Port 3 is congested Latency monitoring If Latency Threshold > 10 usec: SPAN to 4 Sniffer Device BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 58
59 SPAN-on-Latency Information Replicated traffic uses the SPAN buffer so it doesn't impact the production traffic Supports both local SPAN and ERSPAN Latency threshold is per-port One SPAN-on-Latency session is supported in hardware BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 59
60 SPAN-on-Latency Configuration SPAN-on-Latency session makes a copy of all high-latency packets egressing on this port, coming from any ingress port NEXUS(config)# monitor session 1 type span-on-latency NEXUS(config-span-on-latency)# source interface Ethernet1/7 tx NEXUS(config-span-on-latency)# destination interface Ethernet1/23 interface Ethernet1/7 packet latency threshold interface Ethernet1/23 switchport monitor Always Tx: packets egressing on 1/7 (any source) with latency >10us will be replicated to the SPAN destination 1/23 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 60
61 SPAN-on-Latency Guideslines Support for one SPAN-on-latency session Multiple sources can be configured latency threshold is per SPAN-on-drop TX source port A SPAN-on-Latency source port cannot be in another SPAN session BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 61
62 SPAN-on-Latency Guideslines Source port can be an regular Ethernet port, not a port-channel. Can be a portchannel member Source port cannot be FEX HIF port. But FEX fabric port is supported Destination is only a single Ethernet port, not port-channel BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 62
63 Real World Example Slow Download Rate Troubleshooting Methodology Verification of interface errors and Switch CPU Maybe congestion? Use Analytics Latency monitoring & Span-on-Latency e1/7 10G e1/14 10G BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 63
64 Real World Example Slow Download Rate Instantaneous Latency Monitoring (no configuration required) NEXUS# show hardware profile latency monitor interface e1/7 interface ethernet 1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Inst When heavy congestion Minimum Maximum Average on e1/ cnt NEXUS# show hardware profile latency monitor interface e1/7 interface ethernet 1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Inst When no congestion Minimum Maximum Average on e1/ cnt BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 64
65 Real World Example Slow Download Rate Optional: Configure Latency Monitoring Egress Interface Ingress Interface NEXUS(config)#interface Ethernet1/7 NEXUS(config-if)# packet latency int e1/14 mode custom low-latency 800 high-latency NEXUS#show hardware profile latency monitor interface e1/7 interface e1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Custom Histogram Range 800 <= Latency < > Latency >= cnt Out of the required latency > 10us BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 65
66 Real World Example Slow Download Rate Find which application is impacted - SPAN-on-Latency NEXUS(config)# monitor session 1 type span-on-latency NEXUS(config-span-on-latency)# source interface Ethernet1/7 tx NEXUS(config-span-on-latency)# destination interface Ethernet1/23 interface Ethernet1/7 packet latency threshold interface Ethernet1/23 switchport monitor Always Tx: packets egressing on 1/7 (any source) with latency >10us will be replicated to the SPAN destination 1/23 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 66
67 SPAN with ACL filter Selectively monitor traffic in a SPAN session using Access-Control-List (ACL) to avoid destination sniffer overload SPAN session ignores any permit/deny actions specified in the ACL SPANs packets that match (permit) the ACL filter criteria NEXUS(config)# ip access-list ACL-IP-01 NEXUS(config-acl)# 10 permit ip host host NEXUS(config-acl)# end NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface ethernet 1/3 NEXUS(config-monitor)# destination interface ethernet 1/9 NEXUS(config-monitor)# filter access-group ACL-IP-01 NEXUS(config-monitor)# no shut *Supported with SPAN local and ERSPAN BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 67
68 Nexus 7000/9000 SPAN Features
69 SPAN VLAN Filters VLAN filters allow monitoring subset of VLANs on trunk ports Filter specifies list of VLANs to capture Traffic for other VLANs not sent to SPAN destination NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface e1/17 both NEXUS(config-monitor)# destination interface e1/32 NEXUS(config-monitor)# filter vlan 77,88 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 69
70 SPAN ACL Filtering Nexus 9000 Configuration Example NEXUS(config)# ip access-list match_my_pkts NEXUS(config-acl)# permit ip any NEXUS(config)# vlan access-map span_filter 5 NEXUS(config-access-map)# match ip address match_my_pkts NEXUS(config-access-map)# action forward NEXUS(config)# monitor session 1 NEXUS(config-monitor)# filter access-group span_filter BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 70
71 Multi-Destination Virtual SPAN Use Case:«Breakout» high speed source Multiple SPAN destination configured as trunk and allow vlan list SPAN Destination 802.1Q, Allowed VLAN 10 monitor session 1 source interface e2/1 both destination interface e1/1 destination interface e1/2 destination interface e1/3 destination interface e1/4 filter vlan e2/ Q Trunk VLANs High-speed Interface e1/1 e1/2 e1/3 e1/4 SPAN Destination 802.1Q, Allowed VLAN 11 SPAN Destination 802.1Q, Allowed VLAN 12 SPAN Destination 802.1Q, Allowed VLAN 13 To monitor multiple VLAN sources and choose only VLANs of interest to transmit on multiple destination ports BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 71
72 SPAN with ACL Capture Selectively monitor traffic on an interface or VLAN Packets that match ACL rule are permitted or denied and/or sent to an monitor destination NEXUS(config)# monitor session 1 type acl-capture NEXUS(config-acl-capture)#destination interface Ethernet1/32 NEXUS(config-acl-capture)#no shut NEXUS# show monitor session 1 session type : acl-capture state : up destination ports : Eth1/32 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 72
73 SPAN with ACL Capture Enable a capture session for an ACL's access control entries (ACEs) and then apply the ACL to an interface or VLAN filter-list (VACL) Capture session ID matches with the monitor session ID An example with the capture option applied to a VLAN-List ip access-list MY-ACL 10 permit udp any any capture session 1 vlan access-map MY-VACL 10 match ip address MY-ACL action forward vlan filter MY-VACL vlan-list 77 Note: The ACL rule with the capture option can be also applied to an interfaces BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 73
74 SPAN with ACL Capture The ACL Capture filter feature requires to enable hardware access-list command in the admin VDC or default VDC* hardware access-list capture *ACL capture is not supported with ACL logging BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 74
75 Packet Injection Allows device connected to SPAN destination interface to inject traffic into the network Specify input packets option when configuring SPAN destination: Normal SPAN session Allow inject packets, but do not learn the MAC NEXUS(config)# interface ethernet 1/2 NEXUS(config-if)# switchport monitor NEXUS(config-if)# interface ethernet 1/3 NEXUS(config-if)# switchport monitor ingress NEXUS(config-if)# interface ethernet 1/4 NEXUS(config-if)# switchport monitor ingress learning interface MAC Table e1/3 Learned MAC e1/ Allow inject packets and learn MAC e1/2 X switchport monitor SMAC: switchport monitor ingress e1/3 SMAC: switchport monitor ingress learning e1/4 SMAC: BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 75
76 Inband SPAN Monitor control traffic Supervisor CPU sends/receives traffic via dedicated interface to Fabric using inband interface Monitoring direction is from perspective of switch fabric, not CPU Tx SPAN monitors traffic from switch fabric to CPU Rx SPAN monitors traffic from CPU to switch fabric One Inband SPAN session per switch supported NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface sup-eth 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 76
77 Inband SPAN Monitor control traffic Inband SPAN Packet Trace Example monitor session 1 source interface sup-eth0 both rate-limit auto destination interface Ethernet1/32 no shut interface Ethernet1/32 switchport switchport monitor speed 1000 no shutdown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 77
78 Real World Example High CPU Use INBAND SPAN to find out! NEXUS# show processes cpu sort CPU utilization for five seconds: 100%/100%; one minute: 99%; five minutes:98% PID Runtime(ms) Invoked usecs 5Sec 1Min 5Min TTY Process % 77.12% 76.35% - X % 14.13% 14.59% - Y NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface sup-eth 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 78
79 Rule Based SPAN SPAN-Filter Filter applied selectively on a session results in desired subset of traffic Filter by L2/L3/L4 fields BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 79
80 Rule Based SPAN SPAN-Filter Configure a filter within the session configuration mode Simple SPAN-Filter Configuration: monitor session 1 source interface Ethernet1/17 both rate-limit auto destination interface Ethernet1/32 filter frame-type ipv4 src-ip /32 filter frame-type ipv4 dest-ip /32 no shut Boolean AND between different filters BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 80
81 Rule Based SPAN SPAN-Filter How is ACL different from SPAN-Filter? ACL Applied on interfaces & vlans Requires large TCAM size SPAN-Filter Applied on a SPAN session Limited TCAM space BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 81
82 SPAN Filters, ACL etc Confused? Nexus 5600/6000 : ACL Filters for SPAN (Use Access lists to filter SPAN) Nexus 7000/7700 : VLAN filters (Filter by VLAN) Rule based SPAN (Filter by L2/L3/L4 fields) Nexus 3100/9200/9300/9500 : VLAN filters (Filter by VLAN) ACL Filters for SPAN (Use Access lists to filter SPAN) BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 82
83 SPAN Rate Limiting Limits the number of SPAN copies made on ingress In manual mode, the rate limit will be in range, i.e., 1%, 2%, 3% 100% of 10G SPAN rate In auto mode, the rate limit will automatically calculated as follows: Rate limit = Destination Bandwidth / Source Bandwidth NEXUS(config-monitor)# [no] rate-limit [auto manual [1..100]] Rate Limiting is by default in auto-mode BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 83
84 Sampled SPAN Used to provide an accurate count of the SPAN source packets Sampling and MTU truncation can be enabled at the same time and have no precedence over each other because they are applied to different aspects of the source packet (packet count versus size) Sampling takes precedence over SPAN source rate limiting. Rate limiting takes effect after sampling is completed on SPAN source packets NEXUS(config-monitor)# sampling [ ] BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 84
85 Exception SPAN Exception SPAN enables you to span exception packets Packets that have failed an build-in Nexus 7x00 intrusion detection system (IDS); as example for Layer 3 IP verification Rate limiters, MTU truncation, and sampling are supported in the exception SPAN session Exception SPAN is supported in TX direction only BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 85
86 Exception SPAN Verify CLI (IP IDS) NEXUS# show hardware ip verify IPv4 IDS Checks Status Packets Failed address source broadcast Enabled address source multicast Enabled address destination zero Enabled address identical Enabled checksum Enabled 768 protocol Enabled 0 fragment Enabled 0 length minimum Enabled 0 length consistent Enabled 0 length maximum max-frag Enabled 0 length maximum max-tcp Enabled 0 tcp flags Enabled 0 tcp tiny-frag Enabled 0 version Enabled 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 86
87 Exception which lead to SPAN length minimum = if the packet length is smaller than 64 bytes length consistent = when L2 frame size is shorter than the expected length to include the IP packet + MAC header. length maximum max-frag = if the packet fragment exceeds allowed fragmentation count length maximum udp = if the UDP payload is larger than specified length maximum max-tcp = if the TCP payload is larger than specified tcp flags = if incorrect flags are set in the TCP packet tcp tiny-frag = if TCP payload is smaller or is fragmented unexpectedly Version = if the IP header version is incorrect BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 87
88 Exception SPAN Each VDC supports one exception SPAN session Configuration Example NEXUS(config)# monitor session 3 NEXUS(config-monitor)# source exception all NEXUS(config-monitor)# destination interface ethernet 2/5 NEXUS(config-monitor)# no shut BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 88
89 Exception which lead to SPAN Exceptions Brief explanation No route in hardware This is seen when adjacency is not yet formed Unicast/Multicast route error (incoming/outgoing interface) Multicast DF failure SMAC IP check failure Protocol field failure FCS / CRC errors This is seen when the outgoing interface is not available (say, when the LC is reloaded) Seen when the designated forwarder is not available. Incorrect SMAC / DMAC combinations, like multicast SRC MAC or SRC.IP = DST.IP or SRC.IP is a broadcast address or DST.IP is all zeros Incorrect IP protocol specified in the IP header Errors related to incorrect FCS or CRC BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 89
90 Exception which lead to SPAN Exceptions Brief explanation TTL expiry SPAN replication before L2/L3 ACL deny IPV6 scope check fail MTU fail Stale adjacency CoPP violations When the number of hops in the header exceeds TTL configured If the copy is made before the decision engine takes a decision, it is Ingress replication Seen when there are multiple link-local addresses tied to an interface and the route does not exist for the packet through either one of them,. When packet size exceeds the link MTU When the adjacency does not exist / is not updated for a long time / fails refresh Any packets that violated CoPP rate-limits BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 90
91 Real World Example CRC errors Use Exception SPAN Use Exception SPAN Find reason for drop and what was dropped! Packets coming into interface were mishandled by Transceiver leading to CRC errors Receive packet from wire Packet dropped in hardware Packet which came in didn't make it to the egress BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 91
92 Real World Example Malfunction NIC Use Exception SPAN Use Exception SPAN Find reason for drop and what was dropped! I didn t receive the data! Receive packet from wire Packet dropped in hardware Packets from the server were sent with BROADCAST SOURCE IP because of MALFUNCTIONING NIC BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 92
93 SPAN Sessions on Nexus active unidirectional SPAN session 2 bidirectional local SPAN sessions per system 11 unidirectional extended sessions with F2/F2E/F3 modules present in addition to 2 traditional SPAN sessions 12 unidirectional extended sessions with F1/M2 modules present in addition to 2 traditional SPAN sessions M1 supports only 2 bidirectional local SPAN sessions per system BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 93
94 SPAN Sessions on Nexus active unidirectional SPAN session (F2E, F3 and M3) All SPAN sessions are unidirectional and any two can be combined to create a bidirectional session The Cisco Nexus 7700 switch does not have standard and extended sessions BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 94
95 SPAN Sessions on Nexus 9000 Nexus 9500: up to 32 active SPAN session Scale is based on the number of linecards and the SPAN source interface to ASIC mapping Nexus N9200-X / N9200-Q/C / N9300 / N9300-EX): 4 active SPAN session Up to 3 bidirectional session plus 1 unidirectional BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 95
96 Review SPAN
97 SPAN Overview Nexus 5600/6000 and 7x00 SPAN Features* Nexus 5600/6000 Nexus 7000 Nexus 7700 ERSPAN destination session Yes All except F1 All LC s Prioritize data over SPAN Yes Yes (F2E/F3/M1/M2) Yes (F2E/F3/M3) Line-rate SPAN throughput Yes No No ERSPAN (v3) with 1588 PTP timestamp Yes M2/F2/F2E/F3 F2E/F3/M3** Number of SPAN destinations N/A SPAN with MTU truncation Yes Yes (Except M1) Yes Virtual SPAN Yes Yes Yes ACL filters Yes Rule based SPAN Rule based SPAN SPAN source as VLAN Receive only Bidirectional Bidirectional *Please check release notes for additional details and support **M3 has HW support for ERSPAN III with IEEE15888, SW support is pending BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 97
98 SPAN Overview Nexus 3000/9200/9300 SPAN Features* Nexus 3100 Nexus st Generation Nexus 9200-X Nexus 9200-Q/C Nexus 9300-EX** SPAN source as VLAN Receive only Receive only Receive/Transmit Receive/Transmit ERSPAN destination session (V2 and V3) ERSPAN with V2 header Yes No HW support HW support Yes Yes-Only on uplink ports Prioritize data over SPAN Yes Yes Yes Yes Line-rate SPAN throughput Yes Yes Yes Yes ERSPAN V3 with 1588 PTP timestamps No Yes-Only on uplink ports Number of SPAN session ACL filters for SPAN Yes Yes Yes Yes Yes Yes Yes Yes *Check SPAN/ERSPAN Configuration Documentation for details on CCO ** NX-OS Standalone will be available Q3 CY2016 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 98
99 SPAN Overview Nexus 9500 SPAN Features* Nexus 9500 Linecards 9400/9500/9600 Nexus 9500 Linecard 9700-EX** SPAN source as VLAN Receive only Receive/Transmit ERSPAN destination session No HW support ERSPAN with V2 header No Yes Prioritize data over SPAN Yes Yes Line-rate SPAN throughput Yes Yes ERSPAN V3 with 1588 PTP timestamps No Yes Number of SPAN destinations per session ACL filters for SPAN Yes Yes *Check SPAN/ERSPAN Configuration Documentation for details on CCO ** NX-OS Standalone will be available Q3 CY2016 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 99
100 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion
101 Flexible NetFlow Enhanced network anomaly Customized user configurable flow (records) Monitor a wider range of packet information BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 101
102 NetFlow = Visibility A single NetFlow Record provides a wealth of information switch# show flow monitor MONITOR-1 cache IPV4 SOURCE ADDRESS: IPV4 DESTINATION ADDRESS: TRNS SOURCE PORT: TRNS DESTINATION PORT: 443 INTERFACE INPUT: E1/1 IP TOS: 0x00 IP PROTOCOL: 6 ipv4 next hop address: tcp flags: 0x1A interface output: Gi0/1.20 counter bytes: 1482 counter packets: 23 timestamp first: 12:33: timestamp last: 12:33: ip dscp: 0x00 ip ttl min: 127 ip ttl max: 127 application name: nbar secure-http BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 102
103 Layer 2 NetFlow versus Bridged NetFlow Layer 2 NetFlow - ability to collect IP traffic statistics based on the packet s Layer 2 header and thus allowing for SRC/DST MAC accounting Bridged NetFlow - ability to collect statistic for IP traffic being bridged within a given VLAN. The flow information will be based on the packet s Layer 3 and Layer 4 headers, allowing for applications visibility Layer2 NetFlow Flow Information Bridged NetFlow Flow Information DMAC SMAC VLAN Ethertype 000A:ABCD:00EF 001E:A12D: x86DD IP SA IP DA IP Proto Layer4 SRC Port Layer4 DST Port BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 103
104 Seven Steps of Flow Creation 1 Packet I/O Module 2 Extract relevant fields DMAC SMAC VLAN Ethertype 000A:ABCD:00EF 001E:A12D: x86DD 3 Flow Flow Flow Flow Flow 4 Statistics Statistics Statistics Statistics Statistics 6 Formatted into NetFlow Export I/O module collects the flows and their statistics once the flow ages out 5 7 Collector BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 104
105 Full versus Sampled NetFlow NetFlow collects full or sampled flow data Full NetFlow: Accounts for every packet of every flow on interface Available on M1/M2 modules only on Nexus 7000 Flow data collection up to capacity of hardware NetFlow table Sampled NetFlow: Accounts for M in N packets on interface Available on M1/M2 and F3/M3 in Nexus 7x00 and Nexus 5600/6000 M2: Flow data collection up to capacity of hardware NetFlow table F3: Flow data collection for up to ~500pps per ASIC(SOC) module before NX-OS 7.2 F3/M3: Increased per-module sampling rate leveraging on-board Fabric Services Accelerator (FSA) complex to ~50kpps with NX-OS 7.2 Nexus 5600/6000: Flow data collection for up to ~120kpps per chassis BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 105
106 NetFlow on M2 Modules To NetFlow Collector Generate NetFlow v5 or v9 export packets M2 Module via Supervisor Inband Fabric ASIC VOQs Supervisor Engine LC CPU Aged Flow Info Forwarding Engine M2 Module NetFlow Table Hardware Flow Creation Main CPU Switched EOBC LC CPU Aged Flow Info Forwarding Engine NetFlow Table Hardware Flow Creation via mgmt0 Mgmt Enet To NetFlow Collector M2 Module LC CPU Aged Flow Info Forwarding Engine NetFlow Table Hardware Flow Creation BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 106
107 NetFlow on F3/M3 Modules Populate cache based on received samples To NetFlow Collector Fabric ASIC Age flows and generate NetFlow v5 or v9 export packets Supervisor Engine Aged Flows DRAM NetFlow Cache FSA CPU via Module Inband Sampled Packets F3/M3 Module SoC Decision Engine Data Flow VOQs Main CPU Switched EOBC Aged Flows DRAM NetFlow Cache FSA CPU via Module Inband Sampled Packets F3/M3 Module SoC Decision Engine Data Flow via mgmt0 Mgmt Enet To NetFlow Collector Aged Flows DRAM NetFlow Cache FSA CPU via Module Inband Sampled Packets F3/M3 Module SoC Decision Engine Data Flow BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 107
108 NetFlow - Traffic Statistics Configuration Steps for Full Netflow* 1. Create Flow Record 2. Create Flow Exporter 3. Associate Record and Exporter to a Flow Monitor 4. Apply to the interface Flexible NetFlow KEY NON-KEY flow record FLOW-RECORD match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last flow exporter FLOW-EXPORT description NetFlow v9 Exporter destination use-vrf management source Loopback0 transport udp 2055 version 9 flow monitor FLOW-MONITOR description NetFlow v9 Monitor record FLOW-RECORD exporter FLOW-EXPORT interface eth 1/1 ip address ip flow monitor FLOW-MONITOR input ip flow monitor FLOW-MONITOR output *command feature netflow is not shown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 108
109 NetFlow - Traffic Statistics Configuration Steps for Sampled Netflow* 1. Create Flow Record 2. Create Flow Exporter 3. Associate Record and Exporter to a Flow Monitor 4. Create Flow Sampler 5. Apply Flow Monitor and Flow Sampler to the interface Flexible NetFlow KEY NON-KEY flow record FLOW-RECORD match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last flow exporter FLOW-EXPORT description NetFlow v9 Exporter destination use-vrf management source Loopback0 transport udp 2055 version 9 flow monitor FLOW-MONITOR description NetFlow v9 Monitor record FLOW-RECORD exporter FLOW-EXPORT sampler FLOW-SAMPLER description Netflow v9 Sampler mode 1 out-of 1200 interface eth 1/1 ip address ip flow monitor FLOW-MONITOR input sampler FLOW-SAMPLER ip flow monitor FLOW-MONITOR output sampler FLOW-SAMPLER *Command feature netflow is not shown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 109
110 NetFlow Traffic Statistics Calculating the sampling rate Example with a N77-F348XP-23 linecard (6 SOC/ASICs per Linecard), FSA enabled Assumption: average packetsize 512bytes, average traffic rate max 50% Per F3 Linecard sampling rate (FSA) = 50kpps, per SOC/ASIC = 8 333pps* Calculation 50% x 10Gbps / 512 Bytes = ~1 221kpps 8 Ports per SOC: 8 x 1 221kpps = 9 768kpps Calculated Sampling Rate: 9 768kpps / 8 333pps = ~ 1172 Recommended sampling rate to be configured = 1 : *Exceeding per SOC sampling rate will result tail-dropping packets due the rate limiter BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 110
111 Nexus 7000 Control-Plane NetFlow Creates NetFlow records for control-traffic* punted to the CPU on the Supervisor Traffic flows from Linecard to CPU, hence the NetFlow monitor could be applied in egress (output) direction only Flow monitor is applied on control-plane interface Only sampled Netflow is supported Configuration applied in the default VDC NX-OS 7.3 Linecard specific NetFlow capabilities and resources are used for creating this internal control-plane flows *today unicast control-plan traffic, only multicast controltraffic should be supported from the next 7.3 Maintenance Release (Q3/4 CY2016) BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 111
112 Nexus 7000 Control-Plane NetFlow Resolving High CPU using CoPP NetFlow NEXUS# show processes cpu sort CPU utilization for five seconds: 65%/8%; one minute: 63%; five minutes: 61% PID Runtime(ms) Invoked usecs 5Sec 1Min 5Min TTY Process % 45.11% 45.23% 0 IP Input NX-OS 7.3 High CPU due to process IP Input flow record NF-RECORD match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect counter packets flow exporter NF-EXPORT-1 destination use-vrf management transport udp 2055 source mgmt0 version 9 sampler NF-SAMPLER mode 1 out-of 1 Building a NetFlow record, matching L3 and L4 parameters (key fields) and collecting details on Input interface and packet count (non-key fields) Optional: Building a NetFlow exporter Create a sampler BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 112
113 Nexus 7000 Control-Plane NetFlow Resolving High CPU using CoPP NetFlow flow monitor NF-MONITOR record NF-RECORD exporter NF-EXPORT-1 control-plane ip flow monitor NF-MONITOR output sampler NF-SAMPLER NX-OS 7.3 Create the flow monitor and associate Record and Exporter Applying to the control-plane interface the NetFlow monitor in egress direction with a sampler NEXUS# show hardware flow ip Check your control-plan flow entries ---snip--- D - Direction; L4 Info - Protocol:Source Port:Destination Port IF - Interface: (Eth)ernet, (S)vi, (V)lan, (P)ortchannel, (T)unnel TCP Flags: Ack, Flush, Push, Reset, Syn, Urgent D IF SrcAddr DstAddr L4 Info PktCnt TCP Fl CP sup-eth :00000: Troubleshooting Methodology: Once the flow is identified, further action could be (1) blocking the flow with an Access List (ACL) (Infrastructure or CoPP) or/and (2) rate-limiting the flow using CoPP depending on the criticality of the flow to the production 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
114 NetFlow Overview M2 (N7000) F3 (Nexus 7x00) M3 (Nexus 7700) Nexus 5600/6000 Per-interface NetFlow Yes Yes Yes Yes NetFlow direction Ingress/Egress Ingress / Egress* Ingress / Egress Ingress only Full NetFlow Yes No No No Sampled NetFlow Yes Yes Yes Yes FSA assisted for Sampled NetFlow No Yes* Yes No Bridged NetFlow Yes Yes Yes Yes Hardware Cache Yes No No No Software Cache No Yes Yes Yes Hardware Cache Size 512K entries per forwarding engine N/A N/A N/A NDE (v5/v9) Yes Yes Yes Yes Note: Nexus 9K (N9200-X/N9300-EX/N9700-EX) supports full NetFlow; software support is on the roadmap *supported since NX-OS 7.2 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 114
115 Agenda Introduction Quick Product Overview Advanced Visibility SPAN/ ERSPAN NetFlow Conclusion
116 Tools designed with you in mind Advanced feature rich analytics tools Visibility into the products helping to validate the path-of-the-packet Analytics tools can help in isolating problems we see in Datacenters today Reduce the time to resolution of network issues Netflow SPAN Latency monitoring Microburst monitoring ACL Capture ERSPAN SPAN-on-drop BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 116
117 Call to Action Attend the following related sessions BRKDCN Network Analytics using Nexus 3000/9000 Switches BRKARC Cisco Nexus 5600/6000 Switch Architecture BRKARC Cisco Nexus 7000/7700 Switch Architecture BRKARC Cisco Nexus 9000 Architecture BRKARC Overview of Packet Capturing Tools in Cisco Switches and Routers Visit the World of Solutions for Cisco Campus Walk in Labs Technical Solution Clinics Meet the Engineer Lunch and Learn Topics DevNet zone related sessions - BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 117
118 Complete Your Online Session Evaluation Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card. Complete your session surveys through the Cisco Live mobile app or from the Session Catalog on CiscoLive.com/us. Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 118
119 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Lunch & Learn Meet the Engineer 1:1 meetings Related sessions BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 119
120 Please join us for the Service Provider Innovation Talk featuring: Yvette Kanouff Senior Vice President and General Manager, SP Business Joe Cozzolino Senior Vice President, Cisco Services Thursday, July 14 th, :30 am - 12:30pm, In the Oceanside A room What to expect from this innovation talk Insights on market trends and forecasts Preview of key technologies and capabilities Innovative demonstrations of the latest and greatest products Better understanding of how Cisco can help you succeed Register to attend the session live now or watch the broadcast on cisco.com
121 Thank you
122
Network Visibility using Advanced Analytics in Nexus Switches
Network Visibility using Advanced Analytics in Nexus Switches Karishma Gupta, Technical Marketing Engineer BRKDCT-1890 Let s Build Tomorrow Today Email : kargupta@cisco.com Twitter @karismagupta Session
More informationContents. Introduction. Methodology. Check for Output Drops. Introduction Methodology
Contents Introduction Methodology Check for Output Drops Determine if the Drops are Unicast or Multicast Determine Which Output Buffer is Used Check the Active Buffer Monitoring Counters Actively Increment
More informationConfiguring Local SPAN and ERSPAN
This chapter contains the following sections: Information About ERSPAN, page 1 Licensing Requirements for ERSPAN, page 5 Prerequisites for ERSPAN, page 5 Guidelines and Limitations for ERSPAN, page 5 Guidelines
More informationImplementing the ERSPAN Analytics Feature on Cisco Nexus 6000 Series and 5600 Platform Switches
White Paper Implementing the ERSPAN Analytics Feature on Cisco Nexus 6000 Series and 5600 Platform Switches White Paper October 2014 2014 Cisco and/or its affiliates. All rights reserved. This document
More informationConfiguring SPAN. Finding Feature Information. About SPAN. SPAN Sources
This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco NX-OS devices. Finding Feature Information, on page 1 About SPAN, on page 1 Licensing
More informationConfiguring SPAN. About SPAN. SPAN Sources
This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco NX-OS devices. This chapter contains the following sections: About SPAN, page
More informationAdvanced Network Visibility and Monitoring in Nexus 5000/6000/7000 Switches
Advanced Network Visibility and Monitoring in Nexus 5000/6000/7000 Switches Yogesh Ramdoss, Technical Leader, Cisco Services Cisco Spark How Questions? Use Cisco Spark to chat with the speaker after the
More informationThis chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.
This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. Finding Feature Information, page 1 NetFlow, page 2 Licensing Requirements for NetFlow, page 6 Prerequisites for NetFlow,
More informationImplementing Buffer Utilization Histogram on Cisco Nexus 5600 and Nexus 6000 Switch Families
White Paper Implementing Buffer Utilization Histogram on Cisco Nexus 5600 and Nexus 6000 Switch Families White Paper January 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is
More informationConfiguring IPv4. Finding Feature Information. This chapter contains the following sections:
This chapter contains the following sections: Finding Feature Information, page 1 Information About IPv4, page 2 Virtualization Support for IPv4, page 6 Licensing Requirements for IPv4, page 6 Prerequisites
More informationEthernet Interface Configuration Commands
Table of Contents Ethernet Interface Configuration Commands 1 General Ethernet Interface/Subinterface Configuration Commands 1 combo enable 1 description 1 display interface 2 display interface brief 9
More informationEthernet Interface Configuration Commands
Table of Contents Ethernet Interface Configuration Commands 1 General Ethernet Interface/Subinterface Configuration Commands 1 combo enable 1 description 1 display interface 2 display interface brief 9
More informationGlobal Interface Commands on the Cisco ASR 9000 Series Router
Global Interface Commands on the Cisco ASR 9000 Series Router This module provides global command line interface (CLI) commands for configuring interfaces on the Cisco ASR 9000 Series Aggregation Services
More informationGlobal Interface Commands on the. Cisco ASR 9000 Series Router.
Global Interface Commands on the Cisco ASR 9000 Series Router This module describes the global command line interface (CLI) commands for configuring interfaces on the Cisco ASR 9000 Series Router. bandwidth
More informationTable of Contents 1 Ethernet Interface Configuration Commands 1-1
Table of Contents 1 Ethernet Interface Configuration Commands 1-1 broadcast-suppression 1-1 description 1-2 display brief interface 1-3 display interface 1-4 display loopback-detection 1-8 duplex 1-9 flow-control
More informationConfiguring NetFlow. About NetFlow. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.
This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. About NetFlow, page 1 Licensing Requirements for NetFlow, page 4 Prerequisites for NetFlow, page 4 Guidelines and Limitations
More informationConfiguring QoS CHAPTER
CHAPTER 37 This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on the Catalyst 3750-E or 3560-E switch. With QoS,
More informationGlobal Interface Commands on Cisco IOS XR Software
Global Interface Commands on Cisco IOS XR Software This module provides global command line interface (CLI) commands for configuring interfaces on the Cisco CRS Router. HR-613 bandwidth (global) Global
More informationSections Describing Standard Software Features
30 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to
More informationConfiguring Interfaces
CHAPTER 6 This chapter describes how to configure interfaces for the Catalyst 4500 series switches. It also provides guidelines, procedures, and configuration examples. This chapter includes the following
More informationConfiguring Queuing and Flow Control
This chapter contains the following sections: Information About Queues, page 1 Information About Flow Control, page 3 Configuring Queuing, page 4 Configuring Flow Control, page 7 Verifying the Queue and
More informationConfiguring QoS CHAPTER
CHAPTER 36 This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on the Catalyst 3750 switch. With QoS, you can provide
More informationConfiguring sflow. About sflow. sflow Agent
About sflow This chapter describes how to configure sflow on Cisco NX-OS devices. This chapter includes the following sections: About sflow, on page 1 Licensing Requirements for sflow, on page 2 Prerequisites
More informationConfiguring QoS. Understanding QoS CHAPTER
29 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on the Catalyst 3750 switch. With QoS, you can provide
More informationCisco Nexus 5500, 5600, 6000 with Fabric Extender 2000 Switch Architecture
Cisco Nexus 5500, 5600, 6000 with Fabric Extender 2000 Switch Architecture Nicolas Delecroix Technical Marketing Engineer Data Center Group Nexus Business Unit ndelecro@cisco.com Nexus 5000 History Nexus
More informationEthernet interface commands
Contents Ethernet interface commands 1 Common Ethernet interface commands 1 default 1 description 2 display counters 2 display counters rate 4 display interface 5 display interface brief 12 display packet-drop
More informationEthernet interface configuration commands
Contents Ethernet interface configuration commands 1 General Ethernet interface and subinterface configuration commands 1 alarm-detect 1 bandwidth 2 combo enable 2 default 3 description 4 display counters
More informationConfiguring Queuing and Flow Control
This chapter contains the following sections: Information About Queues, page 1 Information About Flow Control, page 4 Configuring Queuing, page 5 Configuring Flow Control, page 9 Verifying the Queue and
More informationConfiguring TAP Aggregation and MPLS Stripping
This chapter describes how to configure TAP aggregation and MPLS stripping on Cisco NX-OS devices. This chapter contains the following sections: About TAP Aggregation, page 1 About MPLS Stripping, page
More informationHP MSR Router Series. Layer 2 LAN Switching Command Reference(V7)
HP MSR Router Series Layer 2 LAN Switching Command Reference(V7) Part number: 5998-7738b Software version: CMW710-R0304 Document version: 6PW104-20150914 Legal and notice information Copyright 2015 Hewlett-Packard
More informationConfiguring Interfaces
CHAPTER 6 This chapter describes how to configure interfaces for the Catalyst 4500 series switches. It also provides guidelines, procedures, and configuration examples. This chapter includes the following
More informationConfiguring QoS CHAPTER
CHAPTER 34 This chapter describes how to use different methods to configure quality of service (QoS) on the Catalyst 3750 Metro switch. With QoS, you can provide preferential treatment to certain types
More informationConfiguring Traffic Mirroring
This module describes the configuration of the traffic mirroring feature. Traffic mirroring is sometimes called port mirroring, or switched port analyzer (SPAN). Feature History for Traffic Mirroring Release
More informationConfiguring TAP Aggregation and MPLS Stripping
This chapter describes how to configure TAP aggregation and MPLS stripping on Cisco NX-OS devices. This chapter contains the following sections: About TAP Aggregation, page 1 About MPLS Stripping, page
More informationSections Describing Standard Software Features
27 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to
More informationArista EOS Central Drop Counters
Arista EOS Central Drop Counters eos.arista.com /eos-4-15-3f/drop-counters/ With this feature, user can fetch various internal hardware info from each switch and isolate the switch or fabric card or SerDes
More informationApplication Guide. VLANs for improved Q-SYS performance
Application Guide Rev. A, 6 June 2018 OPTIMIZE Q-SYS PERFORMANCE: CREATE DEDICATED VLANS. One way to greatly ensure the reliability and performance of a Q-SYS network is putting Q-SYS traffic on one or
More informationConfiguring Traffic Mirroring
This module describes the configuration of the traffic mirroring feature. Traffic mirroring is sometimes called port mirroring, or switched port analyzer (SPAN). Feature History for Traffic Mirroring Release
More informationConfiguring Priority Flow Control
About Priority Flow Control, on page 1 Licensing Requirements for Priority Flow Control, on page 2 Prerequisites for Priority Flow Control, on page 2 Guidelines and Limitations for Priority Flow Control,
More informationConfiguring IP ACLs. About ACLs
This chapter describes how to configure IP access control lists (ACLs) on Cisco NX-OS devices. Unless otherwise specified, the term IP ACL refers to IPv4 and IPv6 ACLs. This chapter includes the following
More informationStarting Interface Configuration (ASA 5505)
CHAPTER 13 Starting Interface Configuration (ASA 5505) This chapter includes tasks for starting your interface configuration for the ASA 5505, including creating VLAN interfaces and assigning them to switch
More informationHardware Telemetry. About Streaming Statistics Export (SSX) Packet Format. About Streaming Statistics Export (SSX), on page 1
About Streaming Statistics Export (SSX), on page 1 About Streaming Statistics Export (SSX) Packet Format The Streaming Statistics Export (SSX) module reads statistics from the ASIC and sends them to a
More informationConfiguring 4-Port Gigabit Ethernet WAN Optical Services Modules
CHAPTER 4 Configuring 4-Port Gigabit Ethernet WAN Optical Services Modules This chapter provides an overview of the features supported on the 4-port Gigabit Ethernet WAN Optical Services Modules (OSM-2+4GE-WAN+
More informationThroughput Issues on ASR1000 Series Router
Throughput Issues on ASR1000 Series Router Contents Introduction Prerequisites Requirements Components Used Conventions Problem Solution Scenario 1. High Bandwidth Ingress Interface(s) and Low Bandwidth
More informationConfiguring Layer 3 Interfaces
This chapter contains the following sections: Information About Layer 3 Interfaces, page 1 Licensing Requirements for Layer 3 Interfaces, page 4 Guidelines and Limitations for Layer 3 Interfaces, page
More informationConfiguring SPAN. Configuring SPAN. SPAN Sources. This chapter includes the following sections: Configuring SPAN, page 1
This chapter includes the following sections:, page 1 SPAN Sources The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by
More informationConfiguring NetFlow. NetFlow Overview
NetFlow Overview NetFlow identifies packet flows for ingress IP packets and provides statistics based on these packet flows. NetFlow does not require any change to either the packets themselves or to any
More informationCCNA Practice test. 2. Which protocol can cause high CPU usage? A. NTP B. WCCP C. Telnet D. SNMP Answer: D
1. Which network would support at least 30 hosts? A. 10.0.0.0 255.255.255.252 B. 10.0.0.0 255.255.255.240 C. 10.0.0.0 255.255.255.224 D. 10.0.0.0 255.255.255.248 2. Which protocol can cause high CPU usage?
More informationConfiguring Policy-Based Routing
This chapter contains the following sections: Finding Feature Information, page 1 Information About Policy Based Routing, page 1 Licensing Requirements for Policy-Based Routing, page 5 Prerequisites for
More informationConfiguring Quality of Service
3 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on a Catalyst 45 series switch. It also describes
More informationConfiguring Interfaces
CHAPTER 4 This chapter describes how to configure interfaces for the Catalyst 4500 series switches. It also provides guidelines, procedures, and configuration examples. This chapter includes the following
More informationCisco Nexus 7000 Switch Architecture
Cisco Nexus 7000 Switch Architecture BRKARC-3470 Ron Fuller, CCIE#5851 (R&S/Storage) Technical Marketing er Session Abstract This session presents an in-depth study of the architecture of the latest generation
More informationConfiguring NetFlow. Understanding NetFlow CHAPTER
50 CHAPTER This chapter describes how to configure NetFlow statistics collection on the Cisco 7600 series routers. Note For complete syntax and usage information for the commands used in this chapter,
More informationConfiguring IEEE 802.3ad Link Bundling and Load Balancing
Configuring IEEE 802.3ad Link Bundling and Load Balancing This document describes how the IEEE 802.3ad link bundling and load balancing leverages the EtherChannel infrastructure within Cisco software to
More informationCisco Nexus 6000 and 5600 with Fabric Extender 2000 Switch Architecture
Cisco Nexus 6000 and 5600 with Fabric Extender 2000 Switch Architecture Nicolas Delecroix Technical Marketing Engineer Data Center Group Nexus Business Unit ndelecro@cisco.com Nexus 5000 Evolution Nexus
More informationConfiguring NetFlow. NetFlow Overview
NetFlow identifies packet flows for ingress IP packets and provides statistics based on these packet flows. NetFlow does not require any change to either the packets themselves or to any networking device.
More informationConfiguring Q-in-Q VLAN Tunnels
Information About Q-in-Q Tunnels, page 1 Licensing Requirements for Interfaces, page 7 Guidelines and Limitations, page 7 Configuring Q-in-Q Tunnels and Layer 2 Protocol Tunneling, page 8 Configuring Q-in-Q
More informationCisco Nexus 7000 / 7700 Switch Architecture
Cisco Nexus 7000 / 7700 Switch Architecture BRKARC-3470 Tim Stevenson Distinguished Engineer, Technical Marketing Session Abstract This session presents an in-depth study of the architecture of the latest
More informationNexus 7000 F3 or Mx/F2e VDC Migration Use Cases
Nexus 7000 F3 or Mx/F2e VDC Migration Use Cases Anees Mohamed Network Consulting Engineer Session Goal M1 VDC M1/M2 VDC M2/F3 VDC M1/F1 VDC M1/M2/F2e VDC F2/F2e/F3 VDC F2 VDC F3 VDC You are here This Session
More informationConfiguring QoS. Finding Feature Information. Prerequisites for QoS
Finding Feature Information, page 1 Prerequisites for QoS, page 1 Restrictions for QoS, page 3 Information About QoS, page 4 How to Configure QoS, page 28 Monitoring Standard QoS, page 80 Configuration
More informationCisco Nexus 9500 Series Switches Buffer and Queuing Architecture
White Paper Cisco Nexus 9500 Series Switches Buffer and Queuing Architecture White Paper December 2014 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
More informationConfiguring IP ACLs. About ACLs
About ACLs This chapter describes how to configure IP access control lists (ACLs) on Cisco NX-OS devices. Unless otherwise specified, the term IP ACL refers to IPv4 and IPv6 ACLs. This chapter includes
More informationConfiguring Virtual Port Channels
Configuring Virtual Port Channels This chapter describes how to configure virtual port channels (vpcs) on Cisco Nexus 5000 Series switches. It contains the following sections: Information About vpcs, page
More informationThe configuration of the router at the initial stage was fairly simple (quoting only significant commands, not the entire config):
Gentlemen, As was to be expected, Joseph was correct on all accounts. My testbed consisted of a 2811 router running 12.4(24)T4 Advanced IP Services, and two PCs connected to it. One PC was used as the
More informationEthernet interface configuration commands
Contents Ethernet interface configuration commands 1 General Ethernet interface/subinterface configuration commands 1 combo enable 1 default 1 description 2 display counters 3 display counters rate 4 display
More informationConfiguring SPAN and RSPAN
34 CHAPTER This chapter describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 4500 series switches. SPAN selects network traffic for analysis by a network
More informationConfiguring IP Tunnels
This chapter describes how to configure IP tunnels using Generic Route Encapsulation (GRE) on Cisco NX-OS devices. Information About IP Tunnels, page 1 Licensing Requirements for IP Tunnels, page 3 Prerequisites
More informationCisco Nexus 7000 / 7700 Switch Architecture
Cisco Nexus 7000 / 7700 Switch Architecture Tim Stevenson Distinguished Engineer, Technical Marketing BRKARC-3470 Session Abstract This session presents an in-depth study of the architecture of the latest
More informationConfiguring NetFlow. Information About NetFlow. What is a Flow. This chapter contains the following sections:
This chapter contains the following sections: Information About NetFlow, page 1 Guidelines and Limitations for NetFlow, page 9 Default Settings for NetFlow, page 10 Enabling the NetFlow Feature, page 11
More informationConfiguring Traffic Storm Control
This chapter describes how to configure traffic storm control on the Cisco NX-OS device. This chapter includes the following sections: Finding Feature Information, page 1 Information About Traffic Storm
More informationOn the Cisco Nexus 5548 Switch, Fibre Channel ports and VSAN ports cannot be configured as ingress source ports in a SPAN session.
This chapter includes the following sections:, page 1 SPAN Sources The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by
More informationConfiguring Virtual Port Channels
This chapter contains the following sections: Information About vpcs, page 1 Guidelines and Limitations for vpcs, page 10 Verifying the vpc Configuration, page 11 vpc Default Settings, page 16 Configuring
More informationConfiguring Layer 3 Interfaces
This chapter contains the following sections: Information About Layer 3 Interfaces, page 1 Licensing Requirements for Layer 3 Interfaces, page 4 Guidelines and Limitations for Layer 3 Interfaces, page
More information1 of :22
Feedback: Help us help you Please rate this document. Excellent Good Average Fair Poor This document solved my problem. Yes No Just Browsing Suggestions to improve this document. (512 character limit)
More informationConfiguring Quality of Service
CHAPTER 34 This chapter describes how to configure quality of service (QoS) with either automatic QoS (auto-qos) commands or standard QoS commands on a switch running Supervisor Engine 7-E and Supervisor
More informationConfiguring Port Channels
This chapter contains the following sections: Information About Port Channels, page 1, page 10 Verifying Port Channel Configuration, page 21 Verifying the Load-Balancing Outgoing Port ID, page 22 Feature
More informationCisco Nexus 7000 Hardware Architecture
Cisco Nexus 7000 Hardware Architecture BRKARC-3470 Tim Stevenson Distinguished er, Technical Marketing Session Abstract This session presents an in-depth study of the architecture of the Nexus 7000 data
More informationConfiguring Virtual Port Channels
This chapter contains the following sections: Information About vpcs, page 1 Guidelines and Limitations for vpcs, page 10 Configuring vpcs, page 11 Verifying the vpc Configuration, page 25 vpc Default
More informationConfiguring PFC QoS CHAPTER
38 CHAPTER This chapter describes how to configure quality of service (QoS) as implemented on the Policy Feature Card 3B (PFC3B) on the Supervisor Engine 32 PISA. Note For complete syntax and usage information
More informationConfiguring SPAN and RSPAN
CHAPTER 32 This chapter describes how to configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 3750-X or 3560-X switch. Unless otherwise noted, the term switch refers to a Catalyst
More informationConfiguring IP ACLs. Finding Feature Information
This chapter describes how to configure IP access control lists (ACLs) on Cisco NX-OS devices. Unless otherwise specified, the term IP ACL refers to IPv4 and IPv6 ACLs. Note The Cisco NX-OS release that
More informationLab - Troubleshooting Connectivity Issues
Lab - Troubleshooting Connectivity Issues Topology Addressing Table R1 ISP Objectives Device Interface IP Address Subnet Mask Default Gateway G0/1 192.168.1.1 255.255.255.0 N/A S0/0/0 10.1.1.1 255.255.255.252
More informationConfiguring Policy-Based Routing
CHAPTER 17 This chapter describes how to configure policy based routing. This chapter includes the following sections: Information About Policy Based Routing, page 17-1 Licensing Requirements for Policy-Based
More informationConfiguring SPAN and RSPAN
41 CHAPTER This chapter describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 4500 series switches. SPAN selects network traffic for analysis by a network
More informationConfiguring Tap Aggregation and MPLS Stripping
This chapter contains the following sections: Information About Tap Aggregation, page 1 Information About MPLS Stripping, page 3 Configuring Tap Aggregation, page 4 Verifying the Tap Aggregation Configuration,
More informationConfiguring Port Channels
This chapter contains the following sections: Information About Port Channels, on page 1, on page 8 Verifying Port Channel Configuration, on page 16 Verifying the Load-Balancing Outgoing Port ID, on page
More informationGlobal Interface Commandsonthe Cisco IOS XR Software
Global Interface Commandsonthe Cisco IOS XR Software This module describes the global command line interface (CLI) commands for configuring interfaces on the Cisco CRS Router. bandwidth (global), page
More informationCisco Nexus 6000 Architecture
Cisco Nexus 6000 Architecture Sina Mirtorabi Technical Marketing Engineer Session Abstract Session ID: Title: Cisco Nexus 6000 Architecture Abstract: This session describes the architecture of the Nexus
More informationMonitoring Ports. Port State
The Ports feature available on the ME 1200 Web GUI allows you to monitor the various port parameters on the ME 1200 switch. Port State, page 1 Port Statistics Overview, page 2 QoS Statistics, page 2 QCL
More informationQuality of Service. Understanding Quality of Service
The following sections describe support for features on the Cisco ASR 920 Series Router. Understanding, page 1 Configuring, page 2 Global QoS Limitations, page 2 Classification, page 3 Marking, page 6
More informationIntroduction to Routers and LAN Switches
Introduction to Routers and LAN Switches Session 3048_05_2001_c1 2001, Cisco Systems, Inc. All rights reserved. 3 Prerequisites OSI Model Networking Fundamentals 3048_05_2001_c1 2001, Cisco Systems, Inc.
More informationMonitoring Data CHAPTER
CHAPTER 4 The Monitor tab provides options to view various types of monitored data. There are options for: Viewing the Monitor Overview Charts, page 4-9 Viewing Application Data, page 4-12 Viewing Voice
More informationContents. Introduction. Background Information. Terminology. ACL TCAM Regions
Contents Introduction Background Information Terminology ACL TCAM Regions Defaults Nexus 9500 Series TCAM Allocation Nexus 9300 Series TCAM Allocation Configuration Example Scenario Verification Commands
More informationConfiguring Port-Based Traffic Control
CHAPTER 18 This chapter describes how to configure port-based traffic control features on the Catalyst 3750 Metro switch. For complete syntax and usage information for the commands used in this chapter,
More informationPFC QoS. Prerequisites for PFC QoS. Restrictions for PFC QoS CHAPTER
58 CHAPTER Prerequisites for, page 58- Restrictions for, page 58- Information about, page 58-7 Default Settings for, page 58-33 How to Configure, page 58-56 Common QoS Scenarios, page 58- Glossary, page
More informationManaging the Unicast RIB and FIB, on page 5
This chapter describes how to manage routes in the unicast Routing Information Base (RIB) and the Forwarding Information Base (FIB) on the Cisco NX-OS device. Finding Feature Information, on page 1 Information
More informationConfiguring Priority Flow Control
This chapter contains the following sections: Information About Priority Flow Control, page 1 Guidelines and Limitations, page 2 Default Settings for Priority Flow Control, page 3 Enabling Priority Flow
More informationApplication Notes for ADTRAN NetVanta 3205 Access Router and IP Office Using Frame Relay over T1 - Issue 1.0
Avaya Solution & Interoperability Test Lab Application Notes for ADTRAN NetVanta 3205 Access Router and IP Office Using Frame Relay over T1 - Issue 1.0 Abstract These Application Notes describe a sample
More informationConfiguring Port Channels
CHAPTER 5 This chapter describes how to configure port channels and to apply and configure the Link Aggregation Control Protocol (LACP) for more efficient use of port channels in Cisco DCNM. For more information
More informationManaging the Unicast RIB and FIB, page 5
This chapter describes how to manage routes in the unicast Routing Information Base (RIB) and the Forwarding Information Base (FIB) on the Cisco NX-OS device. Finding Feature Information, page 1 Information
More information