Network Visibility using Advanced Analytics in Nexus Switches

Size: px
Start display at page:

Download "Network Visibility using Advanced Analytics in Nexus Switches"

Transcription

1

2 Network Visibility using Advanced Analytics in Nexus Switches Oliver Ziltener - Technical Marketing Engineer BRKDCT-1890

3 Session Abstract Session ID : BRKDCT 1890 Title : Network visibility using advanced Analytics in Nexus switches Abstract: Learn how to get the most visibility from your Nexus-based network with new monitoring capabilities and advanced enhancements to traditional features like SPAN, ERSPAN and NetFlow. We will delve deeper into platform specific features like ERSPAN, Virtual SPAN to leverage multi destination SPAN, SPAN filters, In-Band SPAN, Extended SPAN/ERSPAN, Rule based SPAN, SPAN with MTU truncation, SPAN rate limiting, Exception SPAN on Nexus 7000 & Microburst monitoring, latency monitoring, line rate SPAN, SPAN on drop, SPAN on latency, buffer usage histogram etc. in Nexus 5000/6000. NetFlow and its unique aspects on Nexus switches will be discussed as well. These features help you understand the network and the applications running on the network better, and quickly pinpoint trouble spots in the network. We will go over what each feature is capable of, what proper real world use cases are, proper configurations, how to interpret the outputs and use the data collected. This session will focus on analytics and monitoring. It will not focus on other management aspects like SNMP, Syslog, RMON etc. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 3

4 Session Goal Create awareness of the Analytics and Monitoring tools available in the Nexus family (N3k, N5K, N6K, N7K and N9K) in NX-OS standalone mode Provide the ability to choose the right tool to analyze, which helps in timely resolution of the problem It will NOT focus on other management aspects like SNMP, Syslog, RMON, troubleshooting, QOS, architecture and packet flows Reference Slide BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 4

5 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion

6 Network Bandwidth Explosion IP Traffic Global IP traffic will grow 3X to 1.4 zettabytes annually by 2017 Cloud Global cloud traffic will grow 6X by 2016 Video By 2017, the world will reach 3 trillion Internet video minutes per month 4G Mobile Adoption 4G will account for 45% of global mobile data traffic M2M Trillions of new connected events will occur over IP networks throughout the next decade BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 6

7 If not handled well... Degrading performance Difficulty to troubleshoot Improper planning of resources BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 7

8 What is Analytics? Studying past historical data to research potential trends Discovery and communication of meaningful patterns in data The systematic computational analysis of data or statistics statistics. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 8

9 Advanced Analytics on Nexus Switches Collection of various features and enhancements to the traditional monitoring tools Latency Monitoring, Buffer Monitoring, SPAN-on-drop, Exception SPAN, SPAN filters, Microburst Monitoring and a LOT MORE! Advantages: Microbursts, Congestion, find malicious source, filter SPAN packets etc... BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 9

10 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion

11 Nexus Switches Family Nexus 2300 Nexus 3100 Nexus 5600/6000 Nexus 7000 Nexus 7700 Nexus 9000 Nexus 1000V Nexus 2000 Nexus 3000 Nexus 5000 Nexus 3500 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 11

12 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion

13 Latency Monitoring

14 Why do we need to correct latency problems? Many applications can get impacted because of high latency Website download Video streaming Video conferencing Online gaming Banking Airline reservation Stock Market Web hosting BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 14

15 How does Latency Monitoring work? Packet Packet Time T1 INGRESS TIMESTAMPING EGRESS TIMESTAMPING Packet Time T2 Packet Latency Monitoring Feature measure: T2 T1 in ns BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 15

16 How does Latency Monitoring work? Latency Monitoring provides {min, average, max} latency between a specified port pair and also maintains latency histogram (accuracy in few nanoseconds) By default instantaneous Latency Monitoring is enabled between pair of ports Latency Histogram can be enabled for specific port-pair to provide histogram instead of instantaneous mode Measures switch latency for each packet, no sampling required Fully implemented in HW, no CPU impact, no traffic impact BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 16

17 Modes of Latency monitoring Instantaneous - Enabled by default on all pairs of ports No configuration required Egress Interface Ingress Interface NEXUS# show hardware profile latency monitor interface e1/7 interface ethernet 1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Inst Minimum Maximum Average cnt The latency measured is after the packet enters Port ASIC (Bigsur) cnt denotes the latency of packets entering e1/14 and egressing e1/7 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 17

18 Modes of Latency Monitoring Custom histogram Counts packets in defined range. Needs below configurations Egress Interface Ingress Interface Time in nano seconds NEXUS(config)# interface e1/3 NEXUS(config-if)# packet latency interface e1/1 mode custom low-latency 800 high-latency NEXUS# show hardware profile latency monitor interface e1/3 interface e1/ Egress Port: Ethernet1/3 Ingress Port: Ethernet1/1 Mode: Custom Histogram Range 800 <= Latency < > Latency >= cnt cnt denotes the number of packet in the specific range BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 18

19 Microburst monitoring

20 Microburst A Concern Spike of high activity Passes under the radar of traditional loadmonitoring tools Traffic spike that causes that system to saturate How short and how high? Capacity of worst system in N/W BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 20

21 Microburst in Reality UW-Madison & Microsoft Research Paper: Understanding Data Center Traffic Characteristics Results: we find only a small fraction of losses do not belong to any microburst. This indicates that, more often that not, when losses happen at the edge or aggregation links, they happen in bursts. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 21

22 Challenge: It s Very Hard to see Microbursts NEXUS# show interface ethernet 1/2 Ethernet1/2 is up [ ] Last clearing of "show interface" counters 00:00:58 0 interface resets 30 seconds input rate bits/sec, 1331 packets/sec 30 seconds output rate 0 bits/sec, 0 packets/sec Load-Interval #2: 5 minute (300 seconds) input rate Mbps, 1.05 Kpps; output rate 0 bps, 0 pps RX unicast packets 0 multicast packets 0 broadcast packets input packets bytes jumbo packets 0 storm suppression bytes 0 runts 0 giants 0 CRC 0 no buffer [ ] BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 22

23 Solution: Burst Monitoring Configure your own burst filter per port per direction This command essentially enables micro burst detection on a port burst threshold {ingress egress} {limit percent size max_bytes} interval interval_time This command defines the maximum number of bursts that should happen over a time window before firing an syslog [no] burst maximum {ingress egress} burst-count max-burst BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 23

24 Feature guideline Supported on physical ports, port-channel members, and FEX fabric ports Not supported on sub interfaces, FEX HIF ports and port-channels BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 24

25 Burst Monitoring CLI To monitor bursts show interface [ethernet slot/port]] burst-counters Example: NEXUS# show interface e1/14 burst-counters Interface Ingress Bursts Egress Bursts Total Bursts Ethernet1/ To clear counters: clear burst-counters [interface {all ethernet interface}] {both egress ingress } BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 25

26 Real World Example Troubleshooting Methodology: Detect micro bursty traffic Enable Micro burst detection to provide syslog notification limit: Threshold size as percentage of link speed size: Threshold size in bytes interface Ethernet1/13 burst threshold ingress size interval 100 burst maximum ingress burst-count 100 burst threshold egress size interval 100 burst maximum egress burst-count 100! Time in micro seconds Define how many bursts to be detected, before send syslog 2016 Feb 8 12:10:05 NEXUS %$ VDC-1 %$ %USER-2-SYSTEM_MSG: Micro Burst has been detected on ingress side on Ethernet1/13 - bigsurusd Both commands are recommend per direction BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 26

27 Buffer monitoring

28 Why do we need to monitor buffers? Is my network congested? Can I add a new server? Will the performance be impacted? Why are the drops happening? BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 28

29 What is Buffer monitoring on Nexus? Buffer utilization is on a per port basis Buffer utilization shows buffer for unicast traffic in ingress and unicast and multicast in egress directions Histogram mode slow (1sec) or fast (250ms) sampling BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 29

30 Feature Guideline Supported on physical ports, port-channel members, and FEX fabric ports Not supported on sub interfaces, FEX HIF ports and port-channels BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 30

31 Configuration Buffer utilization must be enabled on interface NEXUS(config)# inter e1/10 NEXUS(config-if)# hardware profile buffer monitor NEXUS(config-if)# Fast sampling must be enabled in global configuration mode NEXUS(config)# hardware profile buffer monitor sampling fast NEXUS(config)# Default sampling is slow = 1 second BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 31

32 Configuration To see buffer utilization and/or the buffer utilization histogram*, the next command must be executed show hardware profile buffer monitor { interface <ifid> all } history { brief detail } To clear buffer utilization history use clear hardware profile buffer monitor [ interface <ifid> ] *History up to 1 hour BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 32

33 Output of Buffer Monitoring tool NEXUS# show hardware profile buffer monitor interface ethernet 1/21 history brief Interface : Eth1/ Sampling Mode : Slow (1 second) Ingress Buffer Utilization Detected(in KB) Per asic Ingress Total Usage ( MB) sec 5 sec 1 min 5 min 1 hour Egress Buffer Utilization Detected(Unicast Multicast)(in KB) Per asic Egress Total Usage ( MB) sec 5 sec 1 min 5 min 1 hour BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 33

34 Real World Example Slow Application Response Port Oversubscription Interface and queueing statistics verification ingress discards due oversubscription egress port Check buffer utilization Determine the egress port that is congested using virtual output queue (VoQ) statistics Destination e1/4 10G e1/5 10G e1/25 10G BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 34

35 Real World Example Slow Application Response Port Oversubscription We spot input discards on interfaces NEXUS#show inter e1/25 Ethernet1/25 is up ---snip--- RX unicast packets 0 multicast packets 0 broadcast packets NEXUS#show inter e1/ input packets bytes Ethernet1/5 is up 0 jumbo packets 0 storm suppression bytes ---snip--- 0 runts 0 giants 0 CRC 0 no buffer RX 0 input error 0 short frame 0 overrun 0 underrun 0 ignored unicast packets 0 multicast packets 0 broadcast packets 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop input packets bytes 0 jumbo packets 0 storm 0 suppression input with bytes dribble input discard 0 runts 0 giants 0 CRC 0 0 Rx no pause... buffer 0 input error 0 short frame 0 overrun 0 underrun 0 ignored 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop 0 input with dribble input discard 0 Rx pause... BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 35

36 Real World Example Slow Application Response Port Oversubscription We spot ingress discards on interface (RX queuing) NEXUS#show queuing interface e1/5 Ethernet1/5 queuing information: TX Queuing qos-group sched-type oper-bandwidth 0 WRR 100 Only default queue is used (default) here RX Queuing qos-group 0 q-size: , HW MTU: 1500 (1500 configured) drop-type: drop, xon: 0, xoff: 0 Statistics: Pkts received over the port : Ucast pkts sent to the cross-bar : Mcast pkts sent to the cross-bar : 0 Ucast pkts received from the cross-bar : 0 Pkts sent to the port : 0 Pkts discarded on ingress : Per-priority-pause status : Rx (Inactive),Tx(Inactive) BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 36

37 Real World Example Slow Application Response Port Oversubscription Egress interface is ok NEXUS#show inter e1/4 Ethernet1/4 is up ---snip--- TX unicast packets 262 multicast packets 3 broadcast packets output packets bytes 0 jumbo packets 0 output error 0 collision 0 deferred 0 late collision 0 lost carrier 0 no carrier 0 babble 0 output discard 0 Tx pause BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 37

38 Real World Example Slow Application Response Port Oversubscription What is about buffer utilization? NEXUS# show hardware profile buffer monitor interface e1/ Instant Ingress Buffer utilization per class per port. Every line displays the number of cells utilized for a given port for each class One cell represents 320 bytes Interface : Eth1/ Total Port Instant Usage ( MB) Remaining Asic Instant Usage ( MB) Per asic ingress cell count ( MB) port class0 class1 class2 class3 class4 class5 class6 class Eth1/ snip--- Note: Class0 is control traffic Class1 is internetwork control traffic Class2 is FCoE traffic Class3 is QoS group 0 (default queue) Class4-7 are QoS group 2-5 sequentially Real-time buffer/cell allocation of buffer/cell at ingress BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public

39 Real World Example Slow Application Response Port Oversubscription To get additional information about the oversubscribed port, we will need to look at the virtual output queue (VoQ) statistics for the ingress ASIC group ASIC group is the NEXUS# show platform fwm info pif e1/5 grep global_asic_num «global_asic_num» Eth1/5 pd: slot 0 logical port num 4 slot_asic_num 1 global_asic_num 1 fw_inst 4 phy_fw_inst 1 fc 0 NEXUS# show platform fwm info pif e1/25 grep global_asic_num Eth1/25 pd: slot 0 logical port num 24 slot_asic_num 3 global_asic_num 3 fw_inst 0 phy_fw_inst 0 fc 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 39

40 Real World Example Slow Application Response Port Oversubscription VoQ statistics indicates that QUEUE-3 of Eth1/4 is oversubscribed (tail drops) NEXUS# show platform software qd info counters voq asic-num port TRANSMIT TAIL DROP HEAD DROP Egress Interface Eth1/4 QUEUE QoS Group 0 ---snip NEXUS# show platform software qd info counters voq asic-num port TRANSMIT TAIL DROP HEAD DROP Eth1/4 QUEUE snip Note: Internal queue numbers are mapped as follows: QUEUE-0 is control traffic QUEUE-1 is internetwork control traffic QUEUE-2 is FCoE traffic QUEUE-3 is QoS group 0 (default queue) QUEUE 4-7 are QoS group 2-5 sequentially BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 40

41 Real World Example Slow Application Response Port Oversubscription The same drops on the egress interface using the following command: NEXUS# show platform software qd info counters voq interface e1/ slot asic TRANSMIT TAIL DROP HEAD DROP snip QUEUE QUEUE The output indicates that ASIC1 and ASIC3 are dropping traffic destined to Eth1/4 as seen in the initial VoQ output BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 41

42 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion

43 Switch Port Analyzer (SPAN) A SPAN session is an association of source ports/vlans to one or more destination ports SPAN all the packets ingressing e1/1 Once the traffic is identified for replication, switch copies the matching traffic to the SPAN destination port(s) Host A e1/1 e5/1 e2/1 Host B The SPAN (copied) packets are created in hardware without overloading the CPU SPAN Source SPAN Destination Spanned (copied) traffic Sniffer Device BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 43

44 SPAN Sources Switchports Access ports Trunk ports Private VLAN ports Port-channels Routed interfaces Physical interfaces Port-channels VLANs and PVLANs Supervisor inband interface Up to 128 physical interfaces and/or up to 32 VLANs per session Mix of interface types allowed in single session For example, SPAN source of VLAN 10 and interface e1/1 in same session Individual subinterfaces cannot be SPAN source BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 44

45 Encapsulated Remote SPAN (ERSPAN) ERSPAN supports source and destinations on different switches* It uses a GRE tunnel to carry traffic Packets replicated in hardware Packets are replicated and GRE encapsulated at ERSPAN source device At ERSPAN Destination device, GRE packet is decapsulated Sniffer Device Layer 3 Network ERSPAN Source ERSPAN Destination *Not all HW supports ERSPAN destination, e.g. N9272 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 45

46 N5K-C56-72UP ID STAT N5K-C56-72UP ID STAT ERSPAN with IEEE1588 timestamp Find Network Latency PTP messages Data ERSPAN type III GPS PTP grandmaster Switch A Sniffer Latency from Switch A to Switch N = T2 T1 Switch N BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 46

47 ERSPAN Type III Packet Capture Example Timestamp information in the Type III header to be used to calculate the packet latency Time Stamps Direction (0xxx) and Granularity x10x = 1588* ERSPAN Type III use a new GRE Protocol Type 0x22EB ERSPAN II use 0x88BE monitor session 1 type erspan-source header-type 3 erspan-id 1 vrf default destination ip source interface ethernet1/1 both rate-limit auto no shut! monitor erspan granularity 1588 *This wireshark version does not decode properly BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 47

48 ERSPAN Type III Configuration Example (N7700) Layer 3 Network e1/3 e1/19 ERSPAN hostname Node1 interface loopback0 ip address /32! monitor session 2 type erspan-source header-type 3 erspan-id 1 vrf default destination ip source interface Ethernet1/3 both rate-limit auto no shut!! Admin VDC monitor erspan origin ip-address global monitor erspan granularity 1588 hostname Node3 interface loopback0 ip address /32! monitor session 2 type erspan-destination erspan-id 1 vrf default source ip destination interface Ethernet1/19 no shut *only the relevant configuration is shown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 48

49 x FEX Nexus 2000 (FEX) with Nexus Parent Switch Parent Switch support: please check latest release notes Parent Switch Nexus 2000 Fabric Extenders + BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 49

50 SPAN with FEX FEX Host ports can be SPAN source ports* FEX Fabric ports can be SPAN source ports with all parent switches FEX Host ports can be SPAN destination port with Nexus 5K** Nexus Parent Switch Sniffer Device Nexus Fabric Extender Host A **Supported since NX-OS 7.2 *Except Nexus 7000 parent switch with F2/F2e Line card BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 50

51 Nexus 5600/6000 SPAN Features

52 Use Case - Packet Drops What packets are dropped? e1/5 10G NEXUS#show inter e1/5 Ethernet1/5 is up ---snip--- RX unicast packets 0 multicast packets 0 broadcast packets input packets bytes 0 jumbo packets 0 storm suppression bytes 0 runts 0 giants 0 CRC 0 no buffer 0 input error 0 short frame 0 overrun 0 underrun 0 ignored 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop 0 input with dribble input discard 0 Rx pause... BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 52

53 SPAN-on-Drop SPAN-on-Drop allows SPAN ning of the packets which were dropped due to unavailable buffer on ingress SPAN-on-Drop Tail-Drop Ingress Data Buffer Dedicated SPAN Buffer N5600/N6000 Port 3 is congested Sniffer Device BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 53

54 SPAN-on-Drop Information Works for unicast packets only Supports both local SPAN and ERSPAN One SPAN-on-Drop session is supported Can have multiple source ports, and multiple destination ports Source port(s) can be a part of a SPAN-on-Drop session, and a local SPAN session simultaneously Note: SPAN-on-Drop is supported on N9K since 7.0(3)I4(1) on 2nd Generation N9K (N9200-X and N9200-Q/C). Hardware support N9300-EX, as Standalone NX-OS is not shipped yet. BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 54

55 SPAN-on-Drop Configuration The source interface is the ingress port for which we want to monitor drops NEXUS(config)# monitor session 1 type span-on-drop NEXUS(config-span-on-drop)# source interface e1/1 rx NEXUS(config-span-on-drop)# source interface e1/2 rx NEXUS(config-span-on-drop)# destination interface e1/4 Always Rx : Ingress interface Packets dropped at ingress NEXUS(config)# monitor session 2 type span-on-drop-erspan NEXUS(config-span-on-drop-erspan)# source interface e1/1 rx NEXUS(config-span-on-drop-erpsan)# source interface e1/2 rx NEXUS(config-span-on-drop-erspan)# destination ip BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 55

56 SPAN-on-Drop Guidelines The source interfaces can only be Ethernet. They can be port-channel members, but port-channel as source is not supported Fabric extender (HIF) interfaces are not supported as sources; however, fabric (NIF) interfaces are supported. Setting a fabric interface as a source allows SPAN-on-Drop to be enabled on all fabric extender ports associated with that fabric interface. One SPAN-on-drop or SPAN-on-drop ERSPAN session can be active at a time BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 56

57 Use Case Identify delayed flows Is a packet delayed? e1/7 10G e1/14 10G BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 57

58 SPAN-on-Latency Data Timestamp Data N5600/N6000 Port 3 is congested Latency monitoring If Latency Threshold > 10 usec: SPAN to 4 Sniffer Device BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 58

59 SPAN-on-Latency Information Replicated traffic uses the SPAN buffer so it doesn't impact the production traffic Supports both local SPAN and ERSPAN Latency threshold is per-port One SPAN-on-Latency session is supported in hardware BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 59

60 SPAN-on-Latency Configuration SPAN-on-Latency session makes a copy of all high-latency packets egressing on this port, coming from any ingress port NEXUS(config)# monitor session 1 type span-on-latency NEXUS(config-span-on-latency)# source interface Ethernet1/7 tx NEXUS(config-span-on-latency)# destination interface Ethernet1/23 interface Ethernet1/7 packet latency threshold interface Ethernet1/23 switchport monitor Always Tx: packets egressing on 1/7 (any source) with latency >10us will be replicated to the SPAN destination 1/23 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 60

61 SPAN-on-Latency Guideslines Support for one SPAN-on-latency session Multiple sources can be configured latency threshold is per SPAN-on-drop TX source port A SPAN-on-Latency source port cannot be in another SPAN session BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 61

62 SPAN-on-Latency Guideslines Source port can be an regular Ethernet port, not a port-channel. Can be a portchannel member Source port cannot be FEX HIF port. But FEX fabric port is supported Destination is only a single Ethernet port, not port-channel BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 62

63 Real World Example Slow Download Rate Troubleshooting Methodology Verification of interface errors and Switch CPU Maybe congestion? Use Analytics Latency monitoring & Span-on-Latency e1/7 10G e1/14 10G BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 63

64 Real World Example Slow Download Rate Instantaneous Latency Monitoring (no configuration required) NEXUS# show hardware profile latency monitor interface e1/7 interface ethernet 1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Inst When heavy congestion Minimum Maximum Average on e1/ cnt NEXUS# show hardware profile latency monitor interface e1/7 interface ethernet 1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Inst When no congestion Minimum Maximum Average on e1/ cnt BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 64

65 Real World Example Slow Download Rate Optional: Configure Latency Monitoring Egress Interface Ingress Interface NEXUS(config)#interface Ethernet1/7 NEXUS(config-if)# packet latency int e1/14 mode custom low-latency 800 high-latency NEXUS#show hardware profile latency monitor interface e1/7 interface e1/ Egress Port: Ethernet1/7 Ingress Port: Ethernet1/14 Mode: Custom Histogram Range 800 <= Latency < > Latency >= cnt Out of the required latency > 10us BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 65

66 Real World Example Slow Download Rate Find which application is impacted - SPAN-on-Latency NEXUS(config)# monitor session 1 type span-on-latency NEXUS(config-span-on-latency)# source interface Ethernet1/7 tx NEXUS(config-span-on-latency)# destination interface Ethernet1/23 interface Ethernet1/7 packet latency threshold interface Ethernet1/23 switchport monitor Always Tx: packets egressing on 1/7 (any source) with latency >10us will be replicated to the SPAN destination 1/23 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 66

67 SPAN with ACL filter Selectively monitor traffic in a SPAN session using Access-Control-List (ACL) to avoid destination sniffer overload SPAN session ignores any permit/deny actions specified in the ACL SPANs packets that match (permit) the ACL filter criteria NEXUS(config)# ip access-list ACL-IP-01 NEXUS(config-acl)# 10 permit ip host host NEXUS(config-acl)# end NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface ethernet 1/3 NEXUS(config-monitor)# destination interface ethernet 1/9 NEXUS(config-monitor)# filter access-group ACL-IP-01 NEXUS(config-monitor)# no shut *Supported with SPAN local and ERSPAN BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 67

68 Nexus 7000/9000 SPAN Features

69 SPAN VLAN Filters VLAN filters allow monitoring subset of VLANs on trunk ports Filter specifies list of VLANs to capture Traffic for other VLANs not sent to SPAN destination NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface e1/17 both NEXUS(config-monitor)# destination interface e1/32 NEXUS(config-monitor)# filter vlan 77,88 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 69

70 SPAN ACL Filtering Nexus 9000 Configuration Example NEXUS(config)# ip access-list match_my_pkts NEXUS(config-acl)# permit ip any NEXUS(config)# vlan access-map span_filter 5 NEXUS(config-access-map)# match ip address match_my_pkts NEXUS(config-access-map)# action forward NEXUS(config)# monitor session 1 NEXUS(config-monitor)# filter access-group span_filter BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 70

71 Multi-Destination Virtual SPAN Use Case:«Breakout» high speed source Multiple SPAN destination configured as trunk and allow vlan list SPAN Destination 802.1Q, Allowed VLAN 10 monitor session 1 source interface e2/1 both destination interface e1/1 destination interface e1/2 destination interface e1/3 destination interface e1/4 filter vlan e2/ Q Trunk VLANs High-speed Interface e1/1 e1/2 e1/3 e1/4 SPAN Destination 802.1Q, Allowed VLAN 11 SPAN Destination 802.1Q, Allowed VLAN 12 SPAN Destination 802.1Q, Allowed VLAN 13 To monitor multiple VLAN sources and choose only VLANs of interest to transmit on multiple destination ports BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 71

72 SPAN with ACL Capture Selectively monitor traffic on an interface or VLAN Packets that match ACL rule are permitted or denied and/or sent to an monitor destination NEXUS(config)# monitor session 1 type acl-capture NEXUS(config-acl-capture)#destination interface Ethernet1/32 NEXUS(config-acl-capture)#no shut NEXUS# show monitor session 1 session type : acl-capture state : up destination ports : Eth1/32 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 72

73 SPAN with ACL Capture Enable a capture session for an ACL's access control entries (ACEs) and then apply the ACL to an interface or VLAN filter-list (VACL) Capture session ID matches with the monitor session ID An example with the capture option applied to a VLAN-List ip access-list MY-ACL 10 permit udp any any capture session 1 vlan access-map MY-VACL 10 match ip address MY-ACL action forward vlan filter MY-VACL vlan-list 77 Note: The ACL rule with the capture option can be also applied to an interfaces BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 73

74 SPAN with ACL Capture The ACL Capture filter feature requires to enable hardware access-list command in the admin VDC or default VDC* hardware access-list capture *ACL capture is not supported with ACL logging BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 74

75 Packet Injection Allows device connected to SPAN destination interface to inject traffic into the network Specify input packets option when configuring SPAN destination: Normal SPAN session Allow inject packets, but do not learn the MAC NEXUS(config)# interface ethernet 1/2 NEXUS(config-if)# switchport monitor NEXUS(config-if)# interface ethernet 1/3 NEXUS(config-if)# switchport monitor ingress NEXUS(config-if)# interface ethernet 1/4 NEXUS(config-if)# switchport monitor ingress learning interface MAC Table e1/3 Learned MAC e1/ Allow inject packets and learn MAC e1/2 X switchport monitor SMAC: switchport monitor ingress e1/3 SMAC: switchport monitor ingress learning e1/4 SMAC: BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 75

76 Inband SPAN Monitor control traffic Supervisor CPU sends/receives traffic via dedicated interface to Fabric using inband interface Monitoring direction is from perspective of switch fabric, not CPU Tx SPAN monitors traffic from switch fabric to CPU Rx SPAN monitors traffic from CPU to switch fabric One Inband SPAN session per switch supported NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface sup-eth 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 76

77 Inband SPAN Monitor control traffic Inband SPAN Packet Trace Example monitor session 1 source interface sup-eth0 both rate-limit auto destination interface Ethernet1/32 no shut interface Ethernet1/32 switchport switchport monitor speed 1000 no shutdown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 77

78 Real World Example High CPU Use INBAND SPAN to find out! NEXUS# show processes cpu sort CPU utilization for five seconds: 100%/100%; one minute: 99%; five minutes:98% PID Runtime(ms) Invoked usecs 5Sec 1Min 5Min TTY Process % 77.12% 76.35% - X % 14.13% 14.59% - Y NEXUS(config)# monitor session 1 NEXUS(config-monitor)# source interface sup-eth 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 78

79 Rule Based SPAN SPAN-Filter Filter applied selectively on a session results in desired subset of traffic Filter by L2/L3/L4 fields BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 79

80 Rule Based SPAN SPAN-Filter Configure a filter within the session configuration mode Simple SPAN-Filter Configuration: monitor session 1 source interface Ethernet1/17 both rate-limit auto destination interface Ethernet1/32 filter frame-type ipv4 src-ip /32 filter frame-type ipv4 dest-ip /32 no shut Boolean AND between different filters BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 80

81 Rule Based SPAN SPAN-Filter How is ACL different from SPAN-Filter? ACL Applied on interfaces & vlans Requires large TCAM size SPAN-Filter Applied on a SPAN session Limited TCAM space BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 81

82 SPAN Filters, ACL etc Confused? Nexus 5600/6000 : ACL Filters for SPAN (Use Access lists to filter SPAN) Nexus 7000/7700 : VLAN filters (Filter by VLAN) Rule based SPAN (Filter by L2/L3/L4 fields) Nexus 3100/9200/9300/9500 : VLAN filters (Filter by VLAN) ACL Filters for SPAN (Use Access lists to filter SPAN) BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 82

83 SPAN Rate Limiting Limits the number of SPAN copies made on ingress In manual mode, the rate limit will be in range, i.e., 1%, 2%, 3% 100% of 10G SPAN rate In auto mode, the rate limit will automatically calculated as follows: Rate limit = Destination Bandwidth / Source Bandwidth NEXUS(config-monitor)# [no] rate-limit [auto manual [1..100]] Rate Limiting is by default in auto-mode BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 83

84 Sampled SPAN Used to provide an accurate count of the SPAN source packets Sampling and MTU truncation can be enabled at the same time and have no precedence over each other because they are applied to different aspects of the source packet (packet count versus size) Sampling takes precedence over SPAN source rate limiting. Rate limiting takes effect after sampling is completed on SPAN source packets NEXUS(config-monitor)# sampling [ ] BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 84

85 Exception SPAN Exception SPAN enables you to span exception packets Packets that have failed an build-in Nexus 7x00 intrusion detection system (IDS); as example for Layer 3 IP verification Rate limiters, MTU truncation, and sampling are supported in the exception SPAN session Exception SPAN is supported in TX direction only BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 85

86 Exception SPAN Verify CLI (IP IDS) NEXUS# show hardware ip verify IPv4 IDS Checks Status Packets Failed address source broadcast Enabled address source multicast Enabled address destination zero Enabled address identical Enabled checksum Enabled 768 protocol Enabled 0 fragment Enabled 0 length minimum Enabled 0 length consistent Enabled 0 length maximum max-frag Enabled 0 length maximum max-tcp Enabled 0 tcp flags Enabled 0 tcp tiny-frag Enabled 0 version Enabled 0 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 86

87 Exception which lead to SPAN length minimum = if the packet length is smaller than 64 bytes length consistent = when L2 frame size is shorter than the expected length to include the IP packet + MAC header. length maximum max-frag = if the packet fragment exceeds allowed fragmentation count length maximum udp = if the UDP payload is larger than specified length maximum max-tcp = if the TCP payload is larger than specified tcp flags = if incorrect flags are set in the TCP packet tcp tiny-frag = if TCP payload is smaller or is fragmented unexpectedly Version = if the IP header version is incorrect BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 87

88 Exception SPAN Each VDC supports one exception SPAN session Configuration Example NEXUS(config)# monitor session 3 NEXUS(config-monitor)# source exception all NEXUS(config-monitor)# destination interface ethernet 2/5 NEXUS(config-monitor)# no shut BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 88

89 Exception which lead to SPAN Exceptions Brief explanation No route in hardware This is seen when adjacency is not yet formed Unicast/Multicast route error (incoming/outgoing interface) Multicast DF failure SMAC IP check failure Protocol field failure FCS / CRC errors This is seen when the outgoing interface is not available (say, when the LC is reloaded) Seen when the designated forwarder is not available. Incorrect SMAC / DMAC combinations, like multicast SRC MAC or SRC.IP = DST.IP or SRC.IP is a broadcast address or DST.IP is all zeros Incorrect IP protocol specified in the IP header Errors related to incorrect FCS or CRC BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 89

90 Exception which lead to SPAN Exceptions Brief explanation TTL expiry SPAN replication before L2/L3 ACL deny IPV6 scope check fail MTU fail Stale adjacency CoPP violations When the number of hops in the header exceeds TTL configured If the copy is made before the decision engine takes a decision, it is Ingress replication Seen when there are multiple link-local addresses tied to an interface and the route does not exist for the packet through either one of them,. When packet size exceeds the link MTU When the adjacency does not exist / is not updated for a long time / fails refresh Any packets that violated CoPP rate-limits BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 90

91 Real World Example CRC errors Use Exception SPAN Use Exception SPAN Find reason for drop and what was dropped! Packets coming into interface were mishandled by Transceiver leading to CRC errors Receive packet from wire Packet dropped in hardware Packet which came in didn't make it to the egress BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 91

92 Real World Example Malfunction NIC Use Exception SPAN Use Exception SPAN Find reason for drop and what was dropped! I didn t receive the data! Receive packet from wire Packet dropped in hardware Packets from the server were sent with BROADCAST SOURCE IP because of MALFUNCTIONING NIC BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 92

93 SPAN Sessions on Nexus active unidirectional SPAN session 2 bidirectional local SPAN sessions per system 11 unidirectional extended sessions with F2/F2E/F3 modules present in addition to 2 traditional SPAN sessions 12 unidirectional extended sessions with F1/M2 modules present in addition to 2 traditional SPAN sessions M1 supports only 2 bidirectional local SPAN sessions per system BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 93

94 SPAN Sessions on Nexus active unidirectional SPAN session (F2E, F3 and M3) All SPAN sessions are unidirectional and any two can be combined to create a bidirectional session The Cisco Nexus 7700 switch does not have standard and extended sessions BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 94

95 SPAN Sessions on Nexus 9000 Nexus 9500: up to 32 active SPAN session Scale is based on the number of linecards and the SPAN source interface to ASIC mapping Nexus N9200-X / N9200-Q/C / N9300 / N9300-EX): 4 active SPAN session Up to 3 bidirectional session plus 1 unidirectional BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 95

96 Review SPAN

97 SPAN Overview Nexus 5600/6000 and 7x00 SPAN Features* Nexus 5600/6000 Nexus 7000 Nexus 7700 ERSPAN destination session Yes All except F1 All LC s Prioritize data over SPAN Yes Yes (F2E/F3/M1/M2) Yes (F2E/F3/M3) Line-rate SPAN throughput Yes No No ERSPAN (v3) with 1588 PTP timestamp Yes M2/F2/F2E/F3 F2E/F3/M3** Number of SPAN destinations N/A SPAN with MTU truncation Yes Yes (Except M1) Yes Virtual SPAN Yes Yes Yes ACL filters Yes Rule based SPAN Rule based SPAN SPAN source as VLAN Receive only Bidirectional Bidirectional *Please check release notes for additional details and support **M3 has HW support for ERSPAN III with IEEE15888, SW support is pending BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 97

98 SPAN Overview Nexus 3000/9200/9300 SPAN Features* Nexus 3100 Nexus st Generation Nexus 9200-X Nexus 9200-Q/C Nexus 9300-EX** SPAN source as VLAN Receive only Receive only Receive/Transmit Receive/Transmit ERSPAN destination session (V2 and V3) ERSPAN with V2 header Yes No HW support HW support Yes Yes-Only on uplink ports Prioritize data over SPAN Yes Yes Yes Yes Line-rate SPAN throughput Yes Yes Yes Yes ERSPAN V3 with 1588 PTP timestamps No Yes-Only on uplink ports Number of SPAN session ACL filters for SPAN Yes Yes Yes Yes Yes Yes Yes Yes *Check SPAN/ERSPAN Configuration Documentation for details on CCO ** NX-OS Standalone will be available Q3 CY2016 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 98

99 SPAN Overview Nexus 9500 SPAN Features* Nexus 9500 Linecards 9400/9500/9600 Nexus 9500 Linecard 9700-EX** SPAN source as VLAN Receive only Receive/Transmit ERSPAN destination session No HW support ERSPAN with V2 header No Yes Prioritize data over SPAN Yes Yes Line-rate SPAN throughput Yes Yes ERSPAN V3 with 1588 PTP timestamps No Yes Number of SPAN destinations per session ACL filters for SPAN Yes Yes *Check SPAN/ERSPAN Configuration Documentation for details on CCO ** NX-OS Standalone will be available Q3 CY2016 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 99

100 Agenda Introduction Quick Product Overview Advanced Visibility SPAN / ERSPAN Flexible NetFlow Conclusion

101 Flexible NetFlow Enhanced network anomaly Customized user configurable flow (records) Monitor a wider range of packet information BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 101

102 NetFlow = Visibility A single NetFlow Record provides a wealth of information switch# show flow monitor MONITOR-1 cache IPV4 SOURCE ADDRESS: IPV4 DESTINATION ADDRESS: TRNS SOURCE PORT: TRNS DESTINATION PORT: 443 INTERFACE INPUT: E1/1 IP TOS: 0x00 IP PROTOCOL: 6 ipv4 next hop address: tcp flags: 0x1A interface output: Gi0/1.20 counter bytes: 1482 counter packets: 23 timestamp first: 12:33: timestamp last: 12:33: ip dscp: 0x00 ip ttl min: 127 ip ttl max: 127 application name: nbar secure-http BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 102

103 Layer 2 NetFlow versus Bridged NetFlow Layer 2 NetFlow - ability to collect IP traffic statistics based on the packet s Layer 2 header and thus allowing for SRC/DST MAC accounting Bridged NetFlow - ability to collect statistic for IP traffic being bridged within a given VLAN. The flow information will be based on the packet s Layer 3 and Layer 4 headers, allowing for applications visibility Layer2 NetFlow Flow Information Bridged NetFlow Flow Information DMAC SMAC VLAN Ethertype 000A:ABCD:00EF 001E:A12D: x86DD IP SA IP DA IP Proto Layer4 SRC Port Layer4 DST Port BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 103

104 Seven Steps of Flow Creation 1 Packet I/O Module 2 Extract relevant fields DMAC SMAC VLAN Ethertype 000A:ABCD:00EF 001E:A12D: x86DD 3 Flow Flow Flow Flow Flow 4 Statistics Statistics Statistics Statistics Statistics 6 Formatted into NetFlow Export I/O module collects the flows and their statistics once the flow ages out 5 7 Collector BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 104

105 Full versus Sampled NetFlow NetFlow collects full or sampled flow data Full NetFlow: Accounts for every packet of every flow on interface Available on M1/M2 modules only on Nexus 7000 Flow data collection up to capacity of hardware NetFlow table Sampled NetFlow: Accounts for M in N packets on interface Available on M1/M2 and F3/M3 in Nexus 7x00 and Nexus 5600/6000 M2: Flow data collection up to capacity of hardware NetFlow table F3: Flow data collection for up to ~500pps per ASIC(SOC) module before NX-OS 7.2 F3/M3: Increased per-module sampling rate leveraging on-board Fabric Services Accelerator (FSA) complex to ~50kpps with NX-OS 7.2 Nexus 5600/6000: Flow data collection for up to ~120kpps per chassis BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 105

106 NetFlow on M2 Modules To NetFlow Collector Generate NetFlow v5 or v9 export packets M2 Module via Supervisor Inband Fabric ASIC VOQs Supervisor Engine LC CPU Aged Flow Info Forwarding Engine M2 Module NetFlow Table Hardware Flow Creation Main CPU Switched EOBC LC CPU Aged Flow Info Forwarding Engine NetFlow Table Hardware Flow Creation via mgmt0 Mgmt Enet To NetFlow Collector M2 Module LC CPU Aged Flow Info Forwarding Engine NetFlow Table Hardware Flow Creation BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 106

107 NetFlow on F3/M3 Modules Populate cache based on received samples To NetFlow Collector Fabric ASIC Age flows and generate NetFlow v5 or v9 export packets Supervisor Engine Aged Flows DRAM NetFlow Cache FSA CPU via Module Inband Sampled Packets F3/M3 Module SoC Decision Engine Data Flow VOQs Main CPU Switched EOBC Aged Flows DRAM NetFlow Cache FSA CPU via Module Inband Sampled Packets F3/M3 Module SoC Decision Engine Data Flow via mgmt0 Mgmt Enet To NetFlow Collector Aged Flows DRAM NetFlow Cache FSA CPU via Module Inband Sampled Packets F3/M3 Module SoC Decision Engine Data Flow BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 107

108 NetFlow - Traffic Statistics Configuration Steps for Full Netflow* 1. Create Flow Record 2. Create Flow Exporter 3. Associate Record and Exporter to a Flow Monitor 4. Apply to the interface Flexible NetFlow KEY NON-KEY flow record FLOW-RECORD match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last flow exporter FLOW-EXPORT description NetFlow v9 Exporter destination use-vrf management source Loopback0 transport udp 2055 version 9 flow monitor FLOW-MONITOR description NetFlow v9 Monitor record FLOW-RECORD exporter FLOW-EXPORT interface eth 1/1 ip address ip flow monitor FLOW-MONITOR input ip flow monitor FLOW-MONITOR output *command feature netflow is not shown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 108

109 NetFlow - Traffic Statistics Configuration Steps for Sampled Netflow* 1. Create Flow Record 2. Create Flow Exporter 3. Associate Record and Exporter to a Flow Monitor 4. Create Flow Sampler 5. Apply Flow Monitor and Flow Sampler to the interface Flexible NetFlow KEY NON-KEY flow record FLOW-RECORD match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last flow exporter FLOW-EXPORT description NetFlow v9 Exporter destination use-vrf management source Loopback0 transport udp 2055 version 9 flow monitor FLOW-MONITOR description NetFlow v9 Monitor record FLOW-RECORD exporter FLOW-EXPORT sampler FLOW-SAMPLER description Netflow v9 Sampler mode 1 out-of 1200 interface eth 1/1 ip address ip flow monitor FLOW-MONITOR input sampler FLOW-SAMPLER ip flow monitor FLOW-MONITOR output sampler FLOW-SAMPLER *Command feature netflow is not shown BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 109

110 NetFlow Traffic Statistics Calculating the sampling rate Example with a N77-F348XP-23 linecard (6 SOC/ASICs per Linecard), FSA enabled Assumption: average packetsize 512bytes, average traffic rate max 50% Per F3 Linecard sampling rate (FSA) = 50kpps, per SOC/ASIC = 8 333pps* Calculation 50% x 10Gbps / 512 Bytes = ~1 221kpps 8 Ports per SOC: 8 x 1 221kpps = 9 768kpps Calculated Sampling Rate: 9 768kpps / 8 333pps = ~ 1172 Recommended sampling rate to be configured = 1 : *Exceeding per SOC sampling rate will result tail-dropping packets due the rate limiter BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 110

111 Nexus 7000 Control-Plane NetFlow Creates NetFlow records for control-traffic* punted to the CPU on the Supervisor Traffic flows from Linecard to CPU, hence the NetFlow monitor could be applied in egress (output) direction only Flow monitor is applied on control-plane interface Only sampled Netflow is supported Configuration applied in the default VDC NX-OS 7.3 Linecard specific NetFlow capabilities and resources are used for creating this internal control-plane flows *today unicast control-plan traffic, only multicast controltraffic should be supported from the next 7.3 Maintenance Release (Q3/4 CY2016) BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 111

112 Nexus 7000 Control-Plane NetFlow Resolving High CPU using CoPP NetFlow NEXUS# show processes cpu sort CPU utilization for five seconds: 65%/8%; one minute: 63%; five minutes: 61% PID Runtime(ms) Invoked usecs 5Sec 1Min 5Min TTY Process % 45.11% 45.23% 0 IP Input NX-OS 7.3 High CPU due to process IP Input flow record NF-RECORD match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port collect counter packets flow exporter NF-EXPORT-1 destination use-vrf management transport udp 2055 source mgmt0 version 9 sampler NF-SAMPLER mode 1 out-of 1 Building a NetFlow record, matching L3 and L4 parameters (key fields) and collecting details on Input interface and packet count (non-key fields) Optional: Building a NetFlow exporter Create a sampler BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 112

113 Nexus 7000 Control-Plane NetFlow Resolving High CPU using CoPP NetFlow flow monitor NF-MONITOR record NF-RECORD exporter NF-EXPORT-1 control-plane ip flow monitor NF-MONITOR output sampler NF-SAMPLER NX-OS 7.3 Create the flow monitor and associate Record and Exporter Applying to the control-plane interface the NetFlow monitor in egress direction with a sampler NEXUS# show hardware flow ip Check your control-plan flow entries ---snip--- D - Direction; L4 Info - Protocol:Source Port:Destination Port IF - Interface: (Eth)ernet, (S)vi, (V)lan, (P)ortchannel, (T)unnel TCP Flags: Ack, Flush, Push, Reset, Syn, Urgent D IF SrcAddr DstAddr L4 Info PktCnt TCP Fl CP sup-eth :00000: Troubleshooting Methodology: Once the flow is identified, further action could be (1) blocking the flow with an Access List (ACL) (Infrastructure or CoPP) or/and (2) rate-limiting the flow using CoPP depending on the criticality of the flow to the production 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

114 NetFlow Overview M2 (N7000) F3 (Nexus 7x00) M3 (Nexus 7700) Nexus 5600/6000 Per-interface NetFlow Yes Yes Yes Yes NetFlow direction Ingress/Egress Ingress / Egress* Ingress / Egress Ingress only Full NetFlow Yes No No No Sampled NetFlow Yes Yes Yes Yes FSA assisted for Sampled NetFlow No Yes* Yes No Bridged NetFlow Yes Yes Yes Yes Hardware Cache Yes No No No Software Cache No Yes Yes Yes Hardware Cache Size 512K entries per forwarding engine N/A N/A N/A NDE (v5/v9) Yes Yes Yes Yes Note: Nexus 9K (N9200-X/N9300-EX/N9700-EX) supports full NetFlow; software support is on the roadmap *supported since NX-OS 7.2 BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 114

115 Agenda Introduction Quick Product Overview Advanced Visibility SPAN/ ERSPAN NetFlow Conclusion

116 Tools designed with you in mind Advanced feature rich analytics tools Visibility into the products helping to validate the path-of-the-packet Analytics tools can help in isolating problems we see in Datacenters today Reduce the time to resolution of network issues Netflow SPAN Latency monitoring Microburst monitoring ACL Capture ERSPAN SPAN-on-drop BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 116

117 Call to Action Attend the following related sessions BRKDCN Network Analytics using Nexus 3000/9000 Switches BRKARC Cisco Nexus 5600/6000 Switch Architecture BRKARC Cisco Nexus 7000/7700 Switch Architecture BRKARC Cisco Nexus 9000 Architecture BRKARC Overview of Packet Capturing Tools in Cisco Switches and Routers Visit the World of Solutions for Cisco Campus Walk in Labs Technical Solution Clinics Meet the Engineer Lunch and Learn Topics DevNet zone related sessions - BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 117

118 Complete Your Online Session Evaluation Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card. Complete your session surveys through the Cisco Live mobile app or from the Session Catalog on CiscoLive.com/us. Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 118

119 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Lunch & Learn Meet the Engineer 1:1 meetings Related sessions BRKDCT Cisco and/or its affiliates. All rights reserved. Cisco Public 119

120 Please join us for the Service Provider Innovation Talk featuring: Yvette Kanouff Senior Vice President and General Manager, SP Business Joe Cozzolino Senior Vice President, Cisco Services Thursday, July 14 th, :30 am - 12:30pm, In the Oceanside A room What to expect from this innovation talk Insights on market trends and forecasts Preview of key technologies and capabilities Innovative demonstrations of the latest and greatest products Better understanding of how Cisco can help you succeed Register to attend the session live now or watch the broadcast on cisco.com

121 Thank you

122

Network Visibility using Advanced Analytics in Nexus Switches

Network Visibility using Advanced Analytics in Nexus Switches Network Visibility using Advanced Analytics in Nexus Switches Karishma Gupta, Technical Marketing Engineer BRKDCT-1890 Let s Build Tomorrow Today Email : kargupta@cisco.com Twitter @karismagupta Session

More information

Contents. Introduction. Methodology. Check for Output Drops. Introduction Methodology

Contents. Introduction. Methodology. Check for Output Drops. Introduction Methodology Contents Introduction Methodology Check for Output Drops Determine if the Drops are Unicast or Multicast Determine Which Output Buffer is Used Check the Active Buffer Monitoring Counters Actively Increment

More information

Configuring Local SPAN and ERSPAN

Configuring Local SPAN and ERSPAN This chapter contains the following sections: Information About ERSPAN, page 1 Licensing Requirements for ERSPAN, page 5 Prerequisites for ERSPAN, page 5 Guidelines and Limitations for ERSPAN, page 5 Guidelines

More information

Implementing the ERSPAN Analytics Feature on Cisco Nexus 6000 Series and 5600 Platform Switches

Implementing the ERSPAN Analytics Feature on Cisco Nexus 6000 Series and 5600 Platform Switches White Paper Implementing the ERSPAN Analytics Feature on Cisco Nexus 6000 Series and 5600 Platform Switches White Paper October 2014 2014 Cisco and/or its affiliates. All rights reserved. This document

More information

Configuring SPAN. Finding Feature Information. About SPAN. SPAN Sources

Configuring SPAN. Finding Feature Information. About SPAN. SPAN Sources This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco NX-OS devices. Finding Feature Information, on page 1 About SPAN, on page 1 Licensing

More information

Configuring SPAN. About SPAN. SPAN Sources

Configuring SPAN. About SPAN. SPAN Sources This chapter describes how to configure an Ethernet switched port analyzer (SPAN) to analyze traffic between ports on Cisco NX-OS devices. This chapter contains the following sections: About SPAN, page

More information

Advanced Network Visibility and Monitoring in Nexus 5000/6000/7000 Switches

Advanced Network Visibility and Monitoring in Nexus 5000/6000/7000 Switches Advanced Network Visibility and Monitoring in Nexus 5000/6000/7000 Switches Yogesh Ramdoss, Technical Leader, Cisco Services Cisco Spark How Questions? Use Cisco Spark to chat with the speaker after the

More information

This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.

This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. Finding Feature Information, page 1 NetFlow, page 2 Licensing Requirements for NetFlow, page 6 Prerequisites for NetFlow,

More information

Implementing Buffer Utilization Histogram on Cisco Nexus 5600 and Nexus 6000 Switch Families

Implementing Buffer Utilization Histogram on Cisco Nexus 5600 and Nexus 6000 Switch Families White Paper Implementing Buffer Utilization Histogram on Cisco Nexus 5600 and Nexus 6000 Switch Families White Paper January 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is

More information

Configuring IPv4. Finding Feature Information. This chapter contains the following sections:

Configuring IPv4. Finding Feature Information. This chapter contains the following sections: This chapter contains the following sections: Finding Feature Information, page 1 Information About IPv4, page 2 Virtualization Support for IPv4, page 6 Licensing Requirements for IPv4, page 6 Prerequisites

More information

Ethernet Interface Configuration Commands

Ethernet Interface Configuration Commands Table of Contents Ethernet Interface Configuration Commands 1 General Ethernet Interface/Subinterface Configuration Commands 1 combo enable 1 description 1 display interface 2 display interface brief 9

More information

Ethernet Interface Configuration Commands

Ethernet Interface Configuration Commands Table of Contents Ethernet Interface Configuration Commands 1 General Ethernet Interface/Subinterface Configuration Commands 1 combo enable 1 description 1 display interface 2 display interface brief 9

More information

Global Interface Commands on the Cisco ASR 9000 Series Router

Global Interface Commands on the Cisco ASR 9000 Series Router Global Interface Commands on the Cisco ASR 9000 Series Router This module provides global command line interface (CLI) commands for configuring interfaces on the Cisco ASR 9000 Series Aggregation Services

More information

Global Interface Commands on the. Cisco ASR 9000 Series Router.

Global Interface Commands on the. Cisco ASR 9000 Series Router. Global Interface Commands on the Cisco ASR 9000 Series Router This module describes the global command line interface (CLI) commands for configuring interfaces on the Cisco ASR 9000 Series Router. bandwidth

More information

Table of Contents 1 Ethernet Interface Configuration Commands 1-1

Table of Contents 1 Ethernet Interface Configuration Commands 1-1 Table of Contents 1 Ethernet Interface Configuration Commands 1-1 broadcast-suppression 1-1 description 1-2 display brief interface 1-3 display interface 1-4 display loopback-detection 1-8 duplex 1-9 flow-control

More information

Configuring NetFlow. About NetFlow. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices.

Configuring NetFlow. About NetFlow. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. This chapter describes how to configure the NetFlow feature on Cisco NX-OS devices. About NetFlow, page 1 Licensing Requirements for NetFlow, page 4 Prerequisites for NetFlow, page 4 Guidelines and Limitations

More information

Configuring QoS CHAPTER

Configuring QoS CHAPTER CHAPTER 37 This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on the Catalyst 3750-E or 3560-E switch. With QoS,

More information

Global Interface Commands on Cisco IOS XR Software

Global Interface Commands on Cisco IOS XR Software Global Interface Commands on Cisco IOS XR Software This module provides global command line interface (CLI) commands for configuring interfaces on the Cisco CRS Router. HR-613 bandwidth (global) Global

More information

Sections Describing Standard Software Features

Sections Describing Standard Software Features 30 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to

More information

Configuring Interfaces

Configuring Interfaces CHAPTER 6 This chapter describes how to configure interfaces for the Catalyst 4500 series switches. It also provides guidelines, procedures, and configuration examples. This chapter includes the following

More information

Configuring Queuing and Flow Control

Configuring Queuing and Flow Control This chapter contains the following sections: Information About Queues, page 1 Information About Flow Control, page 3 Configuring Queuing, page 4 Configuring Flow Control, page 7 Verifying the Queue and

More information

Configuring QoS CHAPTER

Configuring QoS CHAPTER CHAPTER 36 This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on the Catalyst 3750 switch. With QoS, you can provide

More information

Configuring sflow. About sflow. sflow Agent

Configuring sflow. About sflow. sflow Agent About sflow This chapter describes how to configure sflow on Cisco NX-OS devices. This chapter includes the following sections: About sflow, on page 1 Licensing Requirements for sflow, on page 2 Prerequisites

More information

Configuring QoS. Understanding QoS CHAPTER

Configuring QoS. Understanding QoS CHAPTER 29 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on the Catalyst 3750 switch. With QoS, you can provide

More information

Cisco Nexus 5500, 5600, 6000 with Fabric Extender 2000 Switch Architecture

Cisco Nexus 5500, 5600, 6000 with Fabric Extender 2000 Switch Architecture Cisco Nexus 5500, 5600, 6000 with Fabric Extender 2000 Switch Architecture Nicolas Delecroix Technical Marketing Engineer Data Center Group Nexus Business Unit ndelecro@cisco.com Nexus 5000 History Nexus

More information

Ethernet interface commands

Ethernet interface commands Contents Ethernet interface commands 1 Common Ethernet interface commands 1 default 1 description 2 display counters 2 display counters rate 4 display interface 5 display interface brief 12 display packet-drop

More information

Ethernet interface configuration commands

Ethernet interface configuration commands Contents Ethernet interface configuration commands 1 General Ethernet interface and subinterface configuration commands 1 alarm-detect 1 bandwidth 2 combo enable 2 default 3 description 4 display counters

More information

Configuring Queuing and Flow Control

Configuring Queuing and Flow Control This chapter contains the following sections: Information About Queues, page 1 Information About Flow Control, page 4 Configuring Queuing, page 5 Configuring Flow Control, page 9 Verifying the Queue and

More information

Configuring TAP Aggregation and MPLS Stripping

Configuring TAP Aggregation and MPLS Stripping This chapter describes how to configure TAP aggregation and MPLS stripping on Cisco NX-OS devices. This chapter contains the following sections: About TAP Aggregation, page 1 About MPLS Stripping, page

More information

HP MSR Router Series. Layer 2 LAN Switching Command Reference(V7)

HP MSR Router Series. Layer 2 LAN Switching Command Reference(V7) HP MSR Router Series Layer 2 LAN Switching Command Reference(V7) Part number: 5998-7738b Software version: CMW710-R0304 Document version: 6PW104-20150914 Legal and notice information Copyright 2015 Hewlett-Packard

More information

Configuring Interfaces

Configuring Interfaces CHAPTER 6 This chapter describes how to configure interfaces for the Catalyst 4500 series switches. It also provides guidelines, procedures, and configuration examples. This chapter includes the following

More information

Configuring QoS CHAPTER

Configuring QoS CHAPTER CHAPTER 34 This chapter describes how to use different methods to configure quality of service (QoS) on the Catalyst 3750 Metro switch. With QoS, you can provide preferential treatment to certain types

More information

Configuring Traffic Mirroring

Configuring Traffic Mirroring This module describes the configuration of the traffic mirroring feature. Traffic mirroring is sometimes called port mirroring, or switched port analyzer (SPAN). Feature History for Traffic Mirroring Release

More information

Configuring TAP Aggregation and MPLS Stripping

Configuring TAP Aggregation and MPLS Stripping This chapter describes how to configure TAP aggregation and MPLS stripping on Cisco NX-OS devices. This chapter contains the following sections: About TAP Aggregation, page 1 About MPLS Stripping, page

More information

Sections Describing Standard Software Features

Sections Describing Standard Software Features 27 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to

More information

Arista EOS Central Drop Counters

Arista EOS Central Drop Counters Arista EOS Central Drop Counters eos.arista.com /eos-4-15-3f/drop-counters/ With this feature, user can fetch various internal hardware info from each switch and isolate the switch or fabric card or SerDes

More information

Application Guide. VLANs for improved Q-SYS performance

Application Guide. VLANs for improved Q-SYS performance Application Guide Rev. A, 6 June 2018 OPTIMIZE Q-SYS PERFORMANCE: CREATE DEDICATED VLANS. One way to greatly ensure the reliability and performance of a Q-SYS network is putting Q-SYS traffic on one or

More information

Configuring Traffic Mirroring

Configuring Traffic Mirroring This module describes the configuration of the traffic mirroring feature. Traffic mirroring is sometimes called port mirroring, or switched port analyzer (SPAN). Feature History for Traffic Mirroring Release

More information

Configuring Priority Flow Control

Configuring Priority Flow Control About Priority Flow Control, on page 1 Licensing Requirements for Priority Flow Control, on page 2 Prerequisites for Priority Flow Control, on page 2 Guidelines and Limitations for Priority Flow Control,

More information

Configuring IP ACLs. About ACLs

Configuring IP ACLs. About ACLs This chapter describes how to configure IP access control lists (ACLs) on Cisco NX-OS devices. Unless otherwise specified, the term IP ACL refers to IPv4 and IPv6 ACLs. This chapter includes the following

More information

Starting Interface Configuration (ASA 5505)

Starting Interface Configuration (ASA 5505) CHAPTER 13 Starting Interface Configuration (ASA 5505) This chapter includes tasks for starting your interface configuration for the ASA 5505, including creating VLAN interfaces and assigning them to switch

More information

Hardware Telemetry. About Streaming Statistics Export (SSX) Packet Format. About Streaming Statistics Export (SSX), on page 1

Hardware Telemetry. About Streaming Statistics Export (SSX) Packet Format. About Streaming Statistics Export (SSX), on page 1 About Streaming Statistics Export (SSX), on page 1 About Streaming Statistics Export (SSX) Packet Format The Streaming Statistics Export (SSX) module reads statistics from the ASIC and sends them to a

More information

Configuring 4-Port Gigabit Ethernet WAN Optical Services Modules

Configuring 4-Port Gigabit Ethernet WAN Optical Services Modules CHAPTER 4 Configuring 4-Port Gigabit Ethernet WAN Optical Services Modules This chapter provides an overview of the features supported on the 4-port Gigabit Ethernet WAN Optical Services Modules (OSM-2+4GE-WAN+

More information

Throughput Issues on ASR1000 Series Router

Throughput Issues on ASR1000 Series Router Throughput Issues on ASR1000 Series Router Contents Introduction Prerequisites Requirements Components Used Conventions Problem Solution Scenario 1. High Bandwidth Ingress Interface(s) and Low Bandwidth

More information

Configuring Layer 3 Interfaces

Configuring Layer 3 Interfaces This chapter contains the following sections: Information About Layer 3 Interfaces, page 1 Licensing Requirements for Layer 3 Interfaces, page 4 Guidelines and Limitations for Layer 3 Interfaces, page

More information

Configuring SPAN. Configuring SPAN. SPAN Sources. This chapter includes the following sections: Configuring SPAN, page 1

Configuring SPAN. Configuring SPAN. SPAN Sources. This chapter includes the following sections: Configuring SPAN, page 1 This chapter includes the following sections:, page 1 SPAN Sources The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by

More information

Configuring NetFlow. NetFlow Overview

Configuring NetFlow. NetFlow Overview NetFlow Overview NetFlow identifies packet flows for ingress IP packets and provides statistics based on these packet flows. NetFlow does not require any change to either the packets themselves or to any

More information

CCNA Practice test. 2. Which protocol can cause high CPU usage? A. NTP B. WCCP C. Telnet D. SNMP Answer: D

CCNA Practice test. 2. Which protocol can cause high CPU usage? A. NTP B. WCCP C. Telnet D. SNMP Answer: D 1. Which network would support at least 30 hosts? A. 10.0.0.0 255.255.255.252 B. 10.0.0.0 255.255.255.240 C. 10.0.0.0 255.255.255.224 D. 10.0.0.0 255.255.255.248 2. Which protocol can cause high CPU usage?

More information

Configuring Policy-Based Routing

Configuring Policy-Based Routing This chapter contains the following sections: Finding Feature Information, page 1 Information About Policy Based Routing, page 1 Licensing Requirements for Policy-Based Routing, page 5 Prerequisites for

More information

Configuring Quality of Service

Configuring Quality of Service 3 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic QoS (auto-qos) commands or by using standard QoS commands on a Catalyst 45 series switch. It also describes

More information

Configuring Interfaces

Configuring Interfaces CHAPTER 4 This chapter describes how to configure interfaces for the Catalyst 4500 series switches. It also provides guidelines, procedures, and configuration examples. This chapter includes the following

More information

Cisco Nexus 7000 Switch Architecture

Cisco Nexus 7000 Switch Architecture Cisco Nexus 7000 Switch Architecture BRKARC-3470 Ron Fuller, CCIE#5851 (R&S/Storage) Technical Marketing er Session Abstract This session presents an in-depth study of the architecture of the latest generation

More information

Configuring NetFlow. Understanding NetFlow CHAPTER

Configuring NetFlow. Understanding NetFlow CHAPTER 50 CHAPTER This chapter describes how to configure NetFlow statistics collection on the Cisco 7600 series routers. Note For complete syntax and usage information for the commands used in this chapter,

More information

Configuring IEEE 802.3ad Link Bundling and Load Balancing

Configuring IEEE 802.3ad Link Bundling and Load Balancing Configuring IEEE 802.3ad Link Bundling and Load Balancing This document describes how the IEEE 802.3ad link bundling and load balancing leverages the EtherChannel infrastructure within Cisco software to

More information

Cisco Nexus 6000 and 5600 with Fabric Extender 2000 Switch Architecture

Cisco Nexus 6000 and 5600 with Fabric Extender 2000 Switch Architecture Cisco Nexus 6000 and 5600 with Fabric Extender 2000 Switch Architecture Nicolas Delecroix Technical Marketing Engineer Data Center Group Nexus Business Unit ndelecro@cisco.com Nexus 5000 Evolution Nexus

More information

Configuring NetFlow. NetFlow Overview

Configuring NetFlow. NetFlow Overview NetFlow identifies packet flows for ingress IP packets and provides statistics based on these packet flows. NetFlow does not require any change to either the packets themselves or to any networking device.

More information

Configuring Q-in-Q VLAN Tunnels

Configuring Q-in-Q VLAN Tunnels Information About Q-in-Q Tunnels, page 1 Licensing Requirements for Interfaces, page 7 Guidelines and Limitations, page 7 Configuring Q-in-Q Tunnels and Layer 2 Protocol Tunneling, page 8 Configuring Q-in-Q

More information

Cisco Nexus 7000 / 7700 Switch Architecture

Cisco Nexus 7000 / 7700 Switch Architecture Cisco Nexus 7000 / 7700 Switch Architecture BRKARC-3470 Tim Stevenson Distinguished Engineer, Technical Marketing Session Abstract This session presents an in-depth study of the architecture of the latest

More information

Nexus 7000 F3 or Mx/F2e VDC Migration Use Cases

Nexus 7000 F3 or Mx/F2e VDC Migration Use Cases Nexus 7000 F3 or Mx/F2e VDC Migration Use Cases Anees Mohamed Network Consulting Engineer Session Goal M1 VDC M1/M2 VDC M2/F3 VDC M1/F1 VDC M1/M2/F2e VDC F2/F2e/F3 VDC F2 VDC F3 VDC You are here This Session

More information

Configuring QoS. Finding Feature Information. Prerequisites for QoS

Configuring QoS. Finding Feature Information. Prerequisites for QoS Finding Feature Information, page 1 Prerequisites for QoS, page 1 Restrictions for QoS, page 3 Information About QoS, page 4 How to Configure QoS, page 28 Monitoring Standard QoS, page 80 Configuration

More information

Cisco Nexus 9500 Series Switches Buffer and Queuing Architecture

Cisco Nexus 9500 Series Switches Buffer and Queuing Architecture White Paper Cisco Nexus 9500 Series Switches Buffer and Queuing Architecture White Paper December 2014 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

More information

Configuring IP ACLs. About ACLs

Configuring IP ACLs. About ACLs About ACLs This chapter describes how to configure IP access control lists (ACLs) on Cisco NX-OS devices. Unless otherwise specified, the term IP ACL refers to IPv4 and IPv6 ACLs. This chapter includes

More information

Configuring Virtual Port Channels

Configuring Virtual Port Channels Configuring Virtual Port Channels This chapter describes how to configure virtual port channels (vpcs) on Cisco Nexus 5000 Series switches. It contains the following sections: Information About vpcs, page

More information

The configuration of the router at the initial stage was fairly simple (quoting only significant commands, not the entire config):

The configuration of the router at the initial stage was fairly simple (quoting only significant commands, not the entire config): Gentlemen, As was to be expected, Joseph was correct on all accounts. My testbed consisted of a 2811 router running 12.4(24)T4 Advanced IP Services, and two PCs connected to it. One PC was used as the

More information

Ethernet interface configuration commands

Ethernet interface configuration commands Contents Ethernet interface configuration commands 1 General Ethernet interface/subinterface configuration commands 1 combo enable 1 default 1 description 2 display counters 3 display counters rate 4 display

More information

Configuring SPAN and RSPAN

Configuring SPAN and RSPAN 34 CHAPTER This chapter describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 4500 series switches. SPAN selects network traffic for analysis by a network

More information

Configuring IP Tunnels

Configuring IP Tunnels This chapter describes how to configure IP tunnels using Generic Route Encapsulation (GRE) on Cisco NX-OS devices. Information About IP Tunnels, page 1 Licensing Requirements for IP Tunnels, page 3 Prerequisites

More information

Cisco Nexus 7000 / 7700 Switch Architecture

Cisco Nexus 7000 / 7700 Switch Architecture Cisco Nexus 7000 / 7700 Switch Architecture Tim Stevenson Distinguished Engineer, Technical Marketing BRKARC-3470 Session Abstract This session presents an in-depth study of the architecture of the latest

More information

Configuring NetFlow. Information About NetFlow. What is a Flow. This chapter contains the following sections:

Configuring NetFlow. Information About NetFlow. What is a Flow. This chapter contains the following sections: This chapter contains the following sections: Information About NetFlow, page 1 Guidelines and Limitations for NetFlow, page 9 Default Settings for NetFlow, page 10 Enabling the NetFlow Feature, page 11

More information

Configuring Traffic Storm Control

Configuring Traffic Storm Control This chapter describes how to configure traffic storm control on the Cisco NX-OS device. This chapter includes the following sections: Finding Feature Information, page 1 Information About Traffic Storm

More information

On the Cisco Nexus 5548 Switch, Fibre Channel ports and VSAN ports cannot be configured as ingress source ports in a SPAN session.

On the Cisco Nexus 5548 Switch, Fibre Channel ports and VSAN ports cannot be configured as ingress source ports in a SPAN session. This chapter includes the following sections:, page 1 SPAN Sources The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by

More information

Configuring Virtual Port Channels

Configuring Virtual Port Channels This chapter contains the following sections: Information About vpcs, page 1 Guidelines and Limitations for vpcs, page 10 Verifying the vpc Configuration, page 11 vpc Default Settings, page 16 Configuring

More information

Configuring Layer 3 Interfaces

Configuring Layer 3 Interfaces This chapter contains the following sections: Information About Layer 3 Interfaces, page 1 Licensing Requirements for Layer 3 Interfaces, page 4 Guidelines and Limitations for Layer 3 Interfaces, page

More information

1 of :22

1 of :22 Feedback: Help us help you Please rate this document. Excellent Good Average Fair Poor This document solved my problem. Yes No Just Browsing Suggestions to improve this document. (512 character limit)

More information

Configuring Quality of Service

Configuring Quality of Service CHAPTER 34 This chapter describes how to configure quality of service (QoS) with either automatic QoS (auto-qos) commands or standard QoS commands on a switch running Supervisor Engine 7-E and Supervisor

More information

Configuring Port Channels

Configuring Port Channels This chapter contains the following sections: Information About Port Channels, page 1, page 10 Verifying Port Channel Configuration, page 21 Verifying the Load-Balancing Outgoing Port ID, page 22 Feature

More information

Cisco Nexus 7000 Hardware Architecture

Cisco Nexus 7000 Hardware Architecture Cisco Nexus 7000 Hardware Architecture BRKARC-3470 Tim Stevenson Distinguished er, Technical Marketing Session Abstract This session presents an in-depth study of the architecture of the Nexus 7000 data

More information

Configuring Virtual Port Channels

Configuring Virtual Port Channels This chapter contains the following sections: Information About vpcs, page 1 Guidelines and Limitations for vpcs, page 10 Configuring vpcs, page 11 Verifying the vpc Configuration, page 25 vpc Default

More information

Configuring PFC QoS CHAPTER

Configuring PFC QoS CHAPTER 38 CHAPTER This chapter describes how to configure quality of service (QoS) as implemented on the Policy Feature Card 3B (PFC3B) on the Supervisor Engine 32 PISA. Note For complete syntax and usage information

More information

Configuring SPAN and RSPAN

Configuring SPAN and RSPAN CHAPTER 32 This chapter describes how to configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 3750-X or 3560-X switch. Unless otherwise noted, the term switch refers to a Catalyst

More information

Configuring IP ACLs. Finding Feature Information

Configuring IP ACLs. Finding Feature Information This chapter describes how to configure IP access control lists (ACLs) on Cisco NX-OS devices. Unless otherwise specified, the term IP ACL refers to IPv4 and IPv6 ACLs. Note The Cisco NX-OS release that

More information

Lab - Troubleshooting Connectivity Issues

Lab - Troubleshooting Connectivity Issues Lab - Troubleshooting Connectivity Issues Topology Addressing Table R1 ISP Objectives Device Interface IP Address Subnet Mask Default Gateway G0/1 192.168.1.1 255.255.255.0 N/A S0/0/0 10.1.1.1 255.255.255.252

More information

Configuring Policy-Based Routing

Configuring Policy-Based Routing CHAPTER 17 This chapter describes how to configure policy based routing. This chapter includes the following sections: Information About Policy Based Routing, page 17-1 Licensing Requirements for Policy-Based

More information

Configuring SPAN and RSPAN

Configuring SPAN and RSPAN 41 CHAPTER This chapter describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 4500 series switches. SPAN selects network traffic for analysis by a network

More information

Configuring Tap Aggregation and MPLS Stripping

Configuring Tap Aggregation and MPLS Stripping This chapter contains the following sections: Information About Tap Aggregation, page 1 Information About MPLS Stripping, page 3 Configuring Tap Aggregation, page 4 Verifying the Tap Aggregation Configuration,

More information

Configuring Port Channels

Configuring Port Channels This chapter contains the following sections: Information About Port Channels, on page 1, on page 8 Verifying Port Channel Configuration, on page 16 Verifying the Load-Balancing Outgoing Port ID, on page

More information

Global Interface Commandsonthe Cisco IOS XR Software

Global Interface Commandsonthe Cisco IOS XR Software Global Interface Commandsonthe Cisco IOS XR Software This module describes the global command line interface (CLI) commands for configuring interfaces on the Cisco CRS Router. bandwidth (global), page

More information

Cisco Nexus 6000 Architecture

Cisco Nexus 6000 Architecture Cisco Nexus 6000 Architecture Sina Mirtorabi Technical Marketing Engineer Session Abstract Session ID: Title: Cisco Nexus 6000 Architecture Abstract: This session describes the architecture of the Nexus

More information

Monitoring Ports. Port State

Monitoring Ports. Port State The Ports feature available on the ME 1200 Web GUI allows you to monitor the various port parameters on the ME 1200 switch. Port State, page 1 Port Statistics Overview, page 2 QoS Statistics, page 2 QCL

More information

Quality of Service. Understanding Quality of Service

Quality of Service. Understanding Quality of Service The following sections describe support for features on the Cisco ASR 920 Series Router. Understanding, page 1 Configuring, page 2 Global QoS Limitations, page 2 Classification, page 3 Marking, page 6

More information

Introduction to Routers and LAN Switches

Introduction to Routers and LAN Switches Introduction to Routers and LAN Switches Session 3048_05_2001_c1 2001, Cisco Systems, Inc. All rights reserved. 3 Prerequisites OSI Model Networking Fundamentals 3048_05_2001_c1 2001, Cisco Systems, Inc.

More information

Monitoring Data CHAPTER

Monitoring Data CHAPTER CHAPTER 4 The Monitor tab provides options to view various types of monitored data. There are options for: Viewing the Monitor Overview Charts, page 4-9 Viewing Application Data, page 4-12 Viewing Voice

More information

Contents. Introduction. Background Information. Terminology. ACL TCAM Regions

Contents. Introduction. Background Information. Terminology. ACL TCAM Regions Contents Introduction Background Information Terminology ACL TCAM Regions Defaults Nexus 9500 Series TCAM Allocation Nexus 9300 Series TCAM Allocation Configuration Example Scenario Verification Commands

More information

Configuring Port-Based Traffic Control

Configuring Port-Based Traffic Control CHAPTER 18 This chapter describes how to configure port-based traffic control features on the Catalyst 3750 Metro switch. For complete syntax and usage information for the commands used in this chapter,

More information

PFC QoS. Prerequisites for PFC QoS. Restrictions for PFC QoS CHAPTER

PFC QoS. Prerequisites for PFC QoS. Restrictions for PFC QoS CHAPTER 58 CHAPTER Prerequisites for, page 58- Restrictions for, page 58- Information about, page 58-7 Default Settings for, page 58-33 How to Configure, page 58-56 Common QoS Scenarios, page 58- Glossary, page

More information

Managing the Unicast RIB and FIB, on page 5

Managing the Unicast RIB and FIB, on page 5 This chapter describes how to manage routes in the unicast Routing Information Base (RIB) and the Forwarding Information Base (FIB) on the Cisco NX-OS device. Finding Feature Information, on page 1 Information

More information

Configuring Priority Flow Control

Configuring Priority Flow Control This chapter contains the following sections: Information About Priority Flow Control, page 1 Guidelines and Limitations, page 2 Default Settings for Priority Flow Control, page 3 Enabling Priority Flow

More information

Application Notes for ADTRAN NetVanta 3205 Access Router and IP Office Using Frame Relay over T1 - Issue 1.0

Application Notes for ADTRAN NetVanta 3205 Access Router and IP Office Using Frame Relay over T1 - Issue 1.0 Avaya Solution & Interoperability Test Lab Application Notes for ADTRAN NetVanta 3205 Access Router and IP Office Using Frame Relay over T1 - Issue 1.0 Abstract These Application Notes describe a sample

More information

Configuring Port Channels

Configuring Port Channels CHAPTER 5 This chapter describes how to configure port channels and to apply and configure the Link Aggregation Control Protocol (LACP) for more efficient use of port channels in Cisco DCNM. For more information

More information

Managing the Unicast RIB and FIB, page 5

Managing the Unicast RIB and FIB, page 5 This chapter describes how to manage routes in the unicast Routing Information Base (RIB) and the Forwarding Information Base (FIB) on the Cisco NX-OS device. Finding Feature Information, page 1 Information

More information