This guide presents the instructions and other information concerning the lab activities for this course.

DCICT Lab Guide 11/03/2013 Overview Outline This guide presents the instructions and other information concerning the lab activities for this course. This guide includes these activities: Activity 1-1: Cisco Power Calculator (Instructor Demonstration Only) Activity 1-2: Cisco Nexus 7000 Series Switch Initial Setup Script (Instructor Demonstration Only) Lab 1-1: Connecting to a Cisco Nexus 7000 Series Switch Using SSH Activity 1-3: Cisco Nexus 5000 Series Switch Initial Setup Script (Instructor Demonstration Only) Lab 1-2: Connecting to a Cisco Nexus 5000 Series Switch Using SSH Lab 1-3: Running CLI Commands Lab 1-4: Configuring vpcs Lab 1-5: Validating Cisco FabricPath Configuration Lab 1-6: Validating OTV Configuration Lab 2-1: Verifying Current VDC Settings Lab 2-2: Validating a Cisco Nexus 2000 Series Fabric Extender Configuration Activity 3-1: Cisco MDS 9100 Series Multilayer Fabric Switch Initial Setup (Instructor Demonstration Only) Lab 3-1: Validating a Cisco MDS 9100 Series Multilayer Fabric Switch License Lab 3-2: Configuring VSANs and Zoning Lab 3-3: Validating FLOGI and FCNS Lab 3-3: Viewing the tech-support Command Output Lab 4-1: Validating the Physical Connections for FCoE Activity 5-1: Cisco UCS 6120XP Fabric Interconnect Initial Setup Script (Instructor Demonstration Only)

Activity 5-2: Configuring Server Ports and Chassis Discovery (Instructor Demonstration Only) Lab 5-1: Exploring the Cisco UCS Manager GUI Lab 5-2: Creating a Service Profile from a Template and Performing VMware ESXi 5.0 SAN Boot Lab 5-3: Validating a Cisco Nexus 1000V Series Switch Configuration 2 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Job Aids Use the following job aids while performing the lab tasks in this lab guide. Lab Topology Diagram This diagram describes the physical topology of the lab that is used in this course: Legend: 10 GE with FCoE FC 10 GE 1 GE MDS9124-1 Storage SPA SPB MDS9124-2 Virtual Center ESX1 ESX2 ESX3 Cisco Catalyst 3750 7010-C1 vpc Peer Link N5548UP- C1 Po1 N5548UP- C2 7010-C2 Nexus 2248TP Nexus 2248TP S6120-A S6120-B 8 x UCS C200 UCS B-Series 8 x Blade 2012 Cisco and/or its affiliates. All rights reserved. DCICT v1.0 2 2012 Cisco Systems, Inc. Lab Guide 3

Lab Connections This table lists the physical connections between the devices that are used in this course: From To Device Interface Device Interface N7K-A Ethernet 2/1 UCS Fabric-A Ethernet 1/1 Ethernet 2/2 UCS Fabric-A Ethernet 1/2 Ethernet 2/3 UCS Fabric-B Ethernet 1/1 Ethernet 2/4 UCS Fabric-B Ethernet 1/2 Ethernet 2/5 N5K-A Ethernet 1/1 Ethernet 2/6 N5K-A Ethernet 1/2 Ethernet 2/7 N5K-B Ethernet 1/1 Ethernet 2/8 N5K-B Ethernet 1/2 Ethernet 2/10 Student ESXi Host Intel Quad Ethernet 2/11 N7K -B Ethernet 2/23 Ethernet 2/12 N7K -B Ethernet 2/24 Ethernet 3/1 N7K -B OTV Ethernet 3/2 Ethernet 3/3 N5K-A OTV Ethernet 1/5 Ethernet 3/20 N5K-A Ethernet 1/20 Ethernet 3/21 N5K-A Ethernet 1/21 Ethernet 3/22 N5K-B Ethernet 1/20 Ethernet 3/23 N5K-B Ethernet 1/21 Ethernet 3/24 N5K-A Ethernet 1/24 Ethernet 3/25 N5K-A Ethernet 1/25 Ethernet 3/26 N5K-B Ethernet 1/24 Ethernet 3/27 N5K-B Ethernet 1/25 Device Interface Device Interface Ethernet2/13 UCS Fabric-A Ethernet 1/3 N7K-B Ethernet 2/14 UCS Fabric-A Ethernet 1/4 Ethernet 2/15 UCS Fabric-B Ethernet 1/3 Ethernet 2/16 UCS Fabric-B Ethernet 1/4 Ethernet 2/17 N5K-A Ethernet 1/3 Ethernet 2/18 N5K-A Ethernet 1/4 Ethernet 2/19 N5K-B Ethernet 1/3 Ethernet 2/20 N5K-B Ethernet 1/4 Ethernet 2/23 N7K -A Ethernet 2/11 Ethernet 2/24 N7K -A Ethernet 2/12 Ethernet 3/2 N7K -A OTV Ethernet 3/1 4 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Ethernet 3/4 N5K-B OTV Ethernet 1/5 Ethernet 3/9???? Ethernet 3/20 N5K-A Ethernet 1/22 Ethernet 3/21 N5K-A Ethernet 1/23 Ethernet 3/22 N5K-B Ethernet 1/22 Ethernet 3/23 N5K-B Ethernet 1/23 Ethernet 3/24 N5K-A Ethernet 1/26 Ethernet 3/25 N5K-A Ethernet 1/27 Ethernet 3/26 N5K-B Ethernet 1/26 Ethernet 3/27 N5K-B Ethernet 1/27 2012 Cisco Systems, Inc. Lab Guide 5

Device Interface Device Interface N5K-A Ethernet 1/2 N7K -A Ethernet 2/6 Ethernet 1/3 N7K -B Ethernet 2/17 Ethernet 1/4 N7K -B Ethernet 2/18 Ethernet 1/5 N7K -A OTV Ethernet 3/3 Ethernet 1/6 Catalyst Ethernet 1/7 N7K-A Ethernet 2/32 Ethernet 1/9 N2K-A Uplink 1 Ethernet 1/10 N2K-B Uplink 1 Ethernet 1/11 Ethernet 1/12 Ethernet 1/13 Ethernet 1/14 Ethernet 1/15 Ethernet 1/16 Ethernet 1/17 Ethernet 1/18 UCS C-Series Rackserver 1 UCS C-Series Rackserver 2 UCS C-Series Rackserver 3 UCS C-Series Rackserver 4 UCS C-Series Rackserver 5 UCS C-Series Rackserver 6 UCS C-Series Rackserver 7 UCS C-Series Rackserver 8 NIC NIC NIC NIC NIC NIC NIC NIC FC 1/29 MDS-A FC 1/1 FC 1/30 MDS-A FC 1/2 FC 1/31 MDS-A FC 1/3 FC 1/32 MDS-A FC 1/4 Interface Device Interface N5K-B Ethernet 1/3 N7K -B Ethernet 2/19 Ethernet 1/4 N7K -B Ethernet 2/20 Ethernet 1/5 N7K -B OTV Ethernet 3/4 Ethernet 1/7 N7K-B Ethernet 2/32 Ethernet 1/9 N2K-A Uplink 2 Ethernet 1/10 N2K-B Uplink 2 Ethernet 1/11 Ethernet 1/12 Ethernet 1/13 UCS C-Series Rackserver 1 UCS C-Series Rackserver 2 UCS C-Series Rackserver 3 NIC NIC NIC 6 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Ethernet 1/14 Ethernet 1/15 Ethernet 1/16 Ethernet 1/17 Ethernet 1/18 UCS C-Series Rackserver 4 UCS C-Series Rackserver 5 UCS C-Series Rackserver 6 UCS C-Series Rackserver 7 UCS C-Series Rackserver 8 NIC NIC NIC NIC NIC FC 1/29 MDS-B FC 1/1 FC 1/30 MDS-B FC 1/2 FC 1/31 MDS-B FC 1/3 FC 1/32 MDS-B FC 1/4 Interface Device Interface MDS-A FC 1/1 N5K-A FC 1/29 MDS-A Device FC 1/2 N5K-A FC 1/30 FC 1/3 N5K-A FC 1/31 FC 1/4 N5K-A FC 1/32 FC 1/9 FilerStorage Controller ControllerFabric A Interface Device Interface MDS-B FC 1/1 N5K-B FC 1/29 FC 1/2 N5K-B FC 1/30 FC 1/3 N5K-B FC 1/31 FC 1/4 N5K-B FC 1/32 FC 1/9 FilerStorage Controller ControllerFabric B 2012 Cisco Systems, Inc. Lab Guide 7

Lab Addressing Plan IP Addresses This table lists the IP addresses that are configured on the devices in this course: Device Interface IP Address Default Gateway N7K -A Mgmt0 172.16.1.201/24 172.16.1.1 N7K -B Mgmt0 172.16.1.202/24 172.16.1.1 N5K-A Mgmt0 172.16.1.41/24 172.16.1.1 N5K-B Mgmt0 172.16.1.42/24 172.16.1.1 MDS-A Mgmt0 172.16.1.51/24 172.16.1.1 MDS-B Mgmt0 172.16.1.52/24 172.16.1.1 UCS Fabric A Mgmt0 172.16.1.101/24 172.16.1.1 UCS Mgmt IP Cluster IP 172.16.1.200/24 172.16.1.1 UCS Fabric B Mgmt0 172.16.1.102/24 172.16.1.1 Management DC Mgmt NIC 172.16.1.20/24 172.16.1.1 Student VM 1 Mgmt NIC 172.16.1.21/24 172.16.1.1 Student VM 2 Mgmt NIC 172.16.1.22/24 172.16.1.1 Student VM 3 Mgmt NIC 172.16.1.23/24 172.16.1.1 Student VM 4 Mgmt NIC 172.16.1.24/24 172.16.1.1 Student VM 5 Mgmt NIC 172.16.1.25/24 172.16.1.1 Student VM 6 Mgmt NIC 172.16.1.26/24 172.16.1.1 Student VM 7 Mgmt NIC 172.16.1.27/24 172.16.1.1 Student VM 8 Mgmt NIC 172.16.1.28/24 172.16.1.1 3560-X OOB Switch Mgmt0 10.3.103.200/24 Filer Head-A Mgmt0 10.3.103.250/24 10.3.103.1 Filer Head-B Mgmt0 10.3.103.251/24 10.3.103.1 8 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Cisco UCS C-Series Rack-Mounted Servers Pod 1 server CIMC 172.16.1.121/24 172.16.1.1 Pod 2 server CIMC 172.16.1.122/24 172.16.1.1 Pod 3 server CIMC 172.16.1.123/24 172.16.1.1 Pod 4 server CIMC 172.16.1.124/24 172.16.1.1 Pod 5 server CIMC 172.16.1.125/24 172.16.1.1 Pod 6 server CIMC 172.16.1.126/24 172.16.1.1 Pod 7 server CIMC 172.16.1.127/24 172.16.1.1 Pod 8 server CIMC 172.16.1.128/24 172.16.1.1 Pod 1 server Ethernet 172.17.1.31/24 172.17.1.1 Pod 2 server Ethernet 172.17.1.32/24 172.17.1.1 Pod 3 server Ethernet 172.17.1.33/24 172.17.1.1 Pod 4 server Ethernet 172.17.1.34/24 172.17.1.1 Pod 5 server Ethernet 172.17.1.35/24 172.17.1.1 Pod 6 server Ethernet 172.17.1.36/24 172.17.1.1 Pod 7 server Ethernet 172.17.1.37/24 172.17.1.1 Pod 8 server Ethernet 172.17.1.38/24 172.17.1.1 Cisco UCS B-Series Blade Servers Pod 1 server Ethernet 172.17.1.121/24 172.17.1.1 Pod 2 server Ethernet 172.17.1.122/24 172.17.1.1 Pod 3 server Ethernet 172.17.1.123/24 172.17.1.1 Pod 4 server Ethernet 172.17.1.124/24 172.17.1.1 Pod 5 server Ethernet 172.17.1.125/24 172.17.1.1 Pod 6 server Ethernet 172.17.1.126/24 172.17.1.1 Pod 7 server Ethernet 172.17.1.127/24 172.17.1.1 Pod 8 server Ethernet 172.17.1.128/24 172.17.1.1 Cisco UCS Management and Virtual Machines UCS Manager Mgmt- Pool Mgmt-Pool 172.16.1.61-68/24 vcenter-1 VM Ethernet 172.17.1.131/24 172.17.1.1 vcenter-2 VM Ethernet 172.17.1.132/24 172.17.1.1 vcenter-3 VM Ethernet 172.17.1.133/24 172.17.1.1 vcenter-4 VM Ethernet 172.17.1.134/24 172.17.1.1 vcenter-5 VM Ethernet 172.17.1.135/24 172.17.1.1 vcenter-6 VM Ethernet 172.17.1.136/24 172.17.1.1 2012 Cisco Systems, Inc. Lab Guide 9

vcenter-7 VM Ethernet 172.17.1.137/24 172.17.1.1 vcenter-8 VM Ethernet 172.17.1.138/24 172.17.1.1 10 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Cisco Nexus 1000V Pod1-N1K Mgmt 0 172.17.1.141/24 172.17.1.1 Pod2-N1K Mgmt 0 172.17.1.142/24 172.17.1.1 Pod3-N1K Mgmt 0 172.17.1.143/24 172.17.1.1 Pod4-N1K Mgmt 0 172.17.1.144/24 172.17.1.1 Pod5-N1K Mgmt 0 172.17.1.145/24 172.17.1.1 Pod6-N1K Mgmt 0 172.17.1.146/24 172.17.1.1 Pod7-N1K Mgmt 0 172.17.1.147/24 172.17.1.1 Pod8-N1K Mgmt 0 172.17.1.148/24 172.17.1.1 2012 Cisco Systems, Inc. Lab Guide 11

Fibre Channel World Wide Names This table lists the WWNs that are used in this course: Host WWNN WWPN Fabric p1-b 20:00:00:25:b5:10:10:01 20:00:00:25:b5:20:20:00 A 20:00:00:25:b5:20:20:01 B p2-b 20:00:00:25:b5:10:10:02 20:00:00:25:b5:20:20:02 A 20:00:00:25:b5:20:20:03 B p3-b 20:00:00:25:b5:10:10:03 20:00:00:25:b5:20:20:04 A 20:00:00:25:b5:20:20:05 B p4-b 20:00:00:25:b5:10:10:04 20:00:00:25:b5:20:20:06 A 20:00:00:25:b5:20:20:06 B p5-b 20:00:00:25:b5:10:10:05 20:00:00:25:b5:20:20:08 A 20:00:00:25:b5:20:20:09 B p6-b 20:00:00:25:b5:10:10:06 20:00:00:25:b5:20:20:0a A 20:00:00:25:b5:20:20:0b B p7-b 20:00:00:25:b5:10:10:07 20:00:00:25:b5:20:20:0c A 20:00:00:25:b5:20:20:0d B p8-b 20:00:00:25:b5:10:10:08 20:00:00:25:b5:20:20:0e A 20:00:00:25:b5:20:20:0f B p1-c 20:00:00:25:b5:30:30:01 20:00:00:25:b5:40:40:00 A 20:00:00:25:b5:40:40:01 B p2-c 20:00:00:25:b5:30:30:02 20:00:00:25:b5:40:40:02 A 20:00:00:25:b5:40:40:03 B p3-c 20:00:00:25:b5:30:30:03 20:00:00:25:b5:40:40:04 A 20:00:00:25:b5:40:40:05 B p4-c 20:00:00:25:b5:30:30:04 20:00:00:25:b5:40:40:06 A 20:00:00:25:b5:40:40:06 B p5-c 20:00:00:25:b5:30:30:05 20:00:00:25:b5:40:40:08 A 20:00:00:25:b5:40:40:09 B p6-c 20:00:00:25:b5:30:30:06 20:00:00:25:b5:40:40:0a A 20:00:00:25:b5:40:40:0b B p7-c 20:00:00:25:b5:30:30:07 20:00:00:25:b5:40:40:0c A 20:00:00:25:b5:40:40:0d B p8-c 20:00:00:25:b5:30:30:08 20:00:00:25:b5:40:40:0e A 20:00:00:25:b5:40:40:0f B 12 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity 1-1: Cisco Power Calculator (Instructor Demonstration Only) The instructor will complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, the instructor will demonstrate how to use the Cisco Power Calculator. After completing this activity, you will be able to meet these objectives: Describe how to access the Cisco Power Calculator Describe how to use the Cisco Power Calculator to identify the power requirements for a Cisco Nexus 7000 Series switch Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One PC with browser Internet connection Note The Cisco Power Calculator can be accessed via Smart Phone web browser. 2012 Cisco Systems, Inc. Lab Guide 13

Command List The table describes the commands that are used in this activity. Command Description Job Aids There are no commands used. These job aids are available to help you complete the lab activity: No job aids are required. 14 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Configure the Cisco Power Calculator (Instructor Demonstration Only) Activity Procedure During this task, your instructor will demonstrate how to use the Cisco Power Calculator. Complete these steps: Step 1 Step 2 Step 3 Step 4 Connect to a pod PC and open an Internet browser. Go to the Cisco website at http://www.cisco.com and log in using your Cisco.com account credentials. Go to the following URL to access the Cisco Power Calculator: http://tools.cisco.com/cpc Click the Launch Cisco Power Calculator to launch the calculator. 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 4 Step 5 Click I Agree to accept or confirm acceptance of the online privacy policy. 2012 Cisco Systems, Inc. Lab Guide 15

Step 6 In the Product Family drop-down menu, choose Cisco Nexus 7000. Note The Cisco Nexus 7000 is currently the only Nexus-family switch supported by the Cisco Power Calculator. Step 7 Step 8 Click the Next button. In the Configure Product tab, choose the following options: Chassis: N7K-C7009 Supervisor Engine: N7K-SUP1 Redundant Supervisor Engine: Yes Fantray: N7K-C7009-FAN How many Fabric modules? 5 Input Voltage: 200-240 volts Slot 3: N7K-M148GT-11L Slot 4: N7K-M148GT-11L Slot 5: N7K-M132XP-12L Slot 6: N7K-F248XP-25 Slot 7: N7K-F248XP-25 Slot 8: N7K-M108X2-12L Slot 9: N7K-M108X2-12L 16 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 9 Step 10 Click the Next button. The Power Calculation tab appears showing power supply recommendations. 2012 Cisco Systems, Inc. Lab Guide 17

Step 11 View the supported redundancy options further down on the same page. Step 12 View the information in the Total Output columns, which is based on the chosen power redundancy mode. 18 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 13 View how much power each item requires. Step 14 Click the link to download the summary either to a Microsoft Excel or Adobe PDF file. Activity Verification You have completed this task when you attain this result: You have used the Cisco Power Calculator to calculate power supply options for the Cisco Nexus 7000 9-Slot Switch chassis and selected modules. 2012 Cisco Systems, Inc. Lab Guide 19

Activity 1-2: Cisco Nexus 7000 Series Switch Initial Setup Script (Instructor Demonstration Only) The instructor will complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, the instructor will demonstrate how to perform an initial setup on a Cisco Nexus 7000 Series switch. After completing this activity, you will be able to meet these objectives: Describe how to use the initial setup script to perform an initial configuration on a Cisco Nexus 7000 Series switch Describe which parameters should be set during the initial configuration on a Cisco Nexus 7000 Series switch Describe which parameters have default settings in the initial setup script on a Cisco Nexus 7000 Series switch Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 7000 Series VDC One PC with an SSH application for remote connectivity 20 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command setup show running-config Description Runs the setup script Displays the current running configuration Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 21

Task 1: Use Cisco Nexus 7000 Series Initial Setup Script (Instructor Demonstration Only) Activity Procedure During this task, your instructor will demonstrate how to use the initial setup script on a Cisco Nexus 7000 Series switch. Complete these steps: Step 1 Step 2 Step 3 Step 4 Connect to the remote lab using the credentials that are provided. Connect to the console of the PC, and log in using the username administrator and password 1234QWer. Double-click the PuTTY application. (There should be a shortcut icon on the desktop.) Put in the IP address of the N7K-A device. (IP addresses are found at the beginning of this lab guide in the Lab Addressing Plan: IP Addresses section.) Step 5 Click Open to open the connection. When you are asked for credentials, enter the username admin and password 1234QWer. 22 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Note Step 6 Step 7 Normally the initial configuration would be performed when you first use the switch or after completion of a write erase. Because you are connecting directly to a VDC on the N7K perform the initial configuration by using the setup command. This process will ensure that you do not lose remote connectivity to the switch. At the command prompt, enter the command setup. The initial setup script runs. You will see an error message regarding permission for performing an initial setup. Ignore the error for now and enter Yes to entering the basic configuration dialog. Note Some of the initial setup has default parameters. If you see a question where a potential answer is shown in square brackets ([xx]), then you can press the Enter key to accept the default behavior. 2012 Cisco Systems, Inc. Lab Guide 23

Step 8 Work through the initial setup script as follows: N7K-A# setup ---- Basic System Configuration Dialog VDC: 1 ---- This setup utility will guide you through the basic configuration of the system. Setup configures only enough connectivity for management of the system. *Note: setup is mainly used for configuring the system initially, when no configuration is present. So setup always assumes system defaults and not the current system configuration values. Press Enter at anytime to skip a dialog. Use ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes Do you want to enforce secure password standard (yes/no) [y]: y Create another login account (yes/no) [n]: n Configure read-only SNMP community string (yes/no) [n]: n Configure read-write SNMP community string (yes/no) [n]: n Enter the switch name : N7K-A Enable license grace period? (yes/no) [n]: n Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]: y Mgmt0 IPv4 address : 172.16.1.201 Mgmt0 IPv4 netmask : 255.255.255.0 Configure the default gateway? (yes/no) [y]: y IPv4 address of the default gateway : 172.16.1.1 Configure advanced IP options? (yes/no) [n]: n Enable the telnet service? (yes/no) [n]: n Enable the ssh service? (yes/no) [y]: y Type of ssh key you would like to generate (dsa/rsa) [rsa]: rsa Number of rsa key bits <1024-2048> [1024]: 1024 Configure the ntp server? (yes/no) [n]: n Configure default interface layer (L3/L2) [L3]: L3 Configure default switchport interface state (shut/noshut) [shut]: shut Configure CoPP system profile (strict/moderate/lenient/dense/skip) [strict]: strict Configure CMP processor on current sup (slot 5)? (yes/no) [y]: n Configure CMP processor on redundant sup (slot 6)? (yes/no) [y]: n Step 9 Step 10 Verify that the proposed configuration is as expected and contains the values that were provided. Press the Enter key to accept the default answer of no to the question regarding editing the configuration. The following configuration will be applied: no password strength-check switchname N7K-A no license grace-period interface mgmt0 ip address 172.16.1.201 255.255.255.0 no shutdown vrf context management ip route 0.0.0.0/0 172.16.1.1 exit no feature telnet ssh key rsa 1024 force feature ssh no system default switchport system default switchport shutdown 24 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

copp profile strict Would you like to edit the configuration? (yes/no) [n]: <enter> Step 11 When you are asked if you wish to use this configuration, enter Y. Use this configuration and save it? (yes/no) [y]: y vrf context management Error: There was an error executing at least one of the command Please verify the following log for the command execution errors. Disabling ssh: as its enabled right now: Can't disable ssh for key generation:current user is logged in through ssh Can't disable/re-enable ssh:current user is logged in through ssh Note Because you are currently logged into the switch via an SSH session, the error message regarding SSH can be ignored in this instance. Step 12 Enter Y to save the configuration to startup-config. Would you like to save the running-config to startup-config? (yes/no) [n]: y [########################################] 100% Copy complete, now saving to disk (please wait)... N7K-A# Step 13 Use the command show running-config to verify that the configuration has been generated as expected. Activity Verification You have completed this task when you attain these results: You have successfully performed an initial configuration on the Cisco Nexus 7000 Series switch. You have verified the configuration using the show running-config command. 2012 Cisco Systems, Inc. Lab Guide 25

Lab 1-1: Connecting to Cisco Nexus 7000 Series Switches Using SSH Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to both of the Cisco Nexus 7000 Series switches using SSH to run various show commands. After completing this activity, you will be able to meet these objectives: Connect to a Cisco Nexus 7000 Series switch using SSH Use show commands to verify the management 0 interface configuration Use the show commands to verify the management 0 interface connectivity Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 7000 Series VDC One PC with an SSH application for remote connectivity 26 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show running-config interface mgmt 0 show running-config include route show ip route show ip route vrf management show interface mgmt 0 brief show interface mgmt 0 ping <x.x.x.x> ping <x.x.x.x> vrf management Description Displays the mgmt 0 configuration in the running configuration Displays the default route configuration in the running configuration Displays the IP routing table for the default VRF Displays the IP routing table for the management VRF Displays summary information about the mgmt 0 interface Displays detailed information about the mgmt 0 interface Pings a remote address using the default VRF Pings a remote address using the management VRF Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 27

Task 1: Connect to the Cisco Nexus 7000 Series Switch Using SSH Activity Procedure In this task, you will use SSH to connect to both Cisco Nexus 7000 Series switches. Complete these steps: Step 1 Step 2 Step 3 Using the credentials that are provided by your instructor, connect to the remote lab and your pod. Log into the PC using the username admin and the password 1234QWer. Double-click the PuTTY shortcut on the desktop. (If the icon is missing, please contact your instructor.) Step 4 Enter the following details in the PuTTY configuration dialog box to open a session to the first N7K: Host Name (or IP address): 172.16.1.201 Port: 22 Connection Type: SSH Step 5 Click the Open button to open the session. 28 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 6 When the session opens, you will be asked for credentials for logging into the switch. Log in as a student using the username admin and the password 1234QWer. Step 7 Open a second SSH session to the second N7K at 172.16.1.202. Activity Verification You have completed this task when you attain this result: You have successfully logged into both switches. 2012 Cisco Systems, Inc. Lab Guide 29

Task 2: Verify Interface Management 0 Configuration Activity Procedure In this task, you will use show commands to verify the configuration that was applied to management 0 in the Cisco Nexus 7000 Series Switch Initial Script Setup lab. Complete these steps on both Cisco Nexus 7000 series switches: Step 1 At the command prompt, enter the show running-config interface mgmt 0 to verify the configuration of management 0. N7K-A# show running-config interface mgmt 0!Command: show running-config interface mgmt0!time: Wed Feb 22 10:07:43 2012 version 6.0(2) interface mgmt0 ip address 172.16.1.201/24 Step 2 N7K-A# Verify that the IP address of each Cisco Nexus 7000 Series switch is as follows: N7K-A: 172.16.1.201 N7K-B: 172.16.1.202 Step 3 Verify that the default route has been correctly set using the command show running-config include route on both N7K switches. N7K-A# show running-config include ip route ip route 0.0.0.0/0 10.1.1.1 ip route 0.0.0.0/0 172.16.1.1 N7K-A# Note The output of the preceding command may be different depending on how the lab infrastructure is configured. Step 4 The Cisco Nexus 7000 Series switch supports two default VRFs. One is called management and the other is called default. Use the following commands to verify that the default route has been set for the correct VRF. N7K-A# show ip route IP Route Table for VRF "default" '*' denotes best ucast next-hop '**' denotes best mcast next-hop '[x/y]' denotes [preference/metric] '%<string>' in via output denotes VRF <string> N7K-A# Note No routing has yet been configured for the default vrf. 30 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-A# show ip route vrf management IP Route Table for VRF "management" '*' denotes best ucast next-hop '**' denotes best mcast next-hop '[x/y]' denotes [preference/metric] '%<string>' in via output denotes VRF <string> 0.0.0.0/0, ubest/mbest: 1/0 *via 172.16.1.1, [1/0], 05:14:18, static 172.16.1.0/24, ubest/mbest: 1/0, attached *via 172.16.1.201, mgmt0, [0/0], 2d15h, direct 172.16.1.201/32, ubest/mbest: 1/0, attached *via 172.16.1.201, mgmt0, [0/0], 2d15h, local N7K-A# Q1) Which VRF is using the default route of 172.16.1.1? Q2) Is this VRF the correct VRF? Q3) Based on your answer, explain why this is, or is not, the correct VRF. Step 5 Verify that the management 0 interface is administratively and operationally up using the show interface mgmt 0 brief command. N7K-A# show interface mgmt 0 brief -------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------- mgmt0 -- up 172.16.1.201 1000 1500 N7K-A# Step 6 Check the management 0 interface details using the show interface mgmt 0 command. N7K-A# show interface mgmt 0 mgmt0 is up Hardware: GigabitEthernet, address: 68bd.abd6.1f11 (bia 68bd.abd6.1f11) Internet Address is 172.16.1.201/24 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA full-duplex, 1000 Mb/s Auto-Negotiation is turned on EtherType is 0x0000 1 minute input rate 144 bits/sec, 0 packets/sec 1 minute output rate 120 bits/sec, 0 packets/sec Rx 16269 input packets 10685 unicast packets 3827 multicast packets 1757 broadcast packets 2865910 bytes Tx 30351 output packets 7740 unicast packets 3839 multicast packets 18772 broadcast packets 3027571 bytes N7K-A# Activity Verification You have completed this task when you attain these results: 2012 Cisco Systems, Inc. Lab Guide 31

You have confirmed that the IP configuration for the management 0 interface is correctly configured. You have confirmed that the IP default route is configured for the correct VRF. You have confirmed that the mgmt 0 interface is up both administratively and operationally. 32 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 3: Verify Management Connectivity In this task, you will test connectivity from the management 0 interface. Activity Procedure Complete these steps: Step 1 Step 2 Now that the mgmt 0 configuration has been verified, you need to verify that connectivity to remote devices is available. From the N7K-A SSH session, ping N5K-A using the ping command. N7K-A# ping 172.16.1.41 PING 172.16.1.41 (172.16.1.41): 56 data bytes ping: sendto 172.16.1.41 64 chars, No route to host Request 0 timed out ping: sendto 172.16.1.41 64 chars, No route to host Request 1 timed out ping: sendto 172.16.1.41 64 chars, No route to host Request 2 timed out ping: sendto 172.16.1.41 64 chars, No route to host Request 3 timed out ping: sendto 172.16.1.41 64 chars, No route to host Request 4 timed out --- 172.16.1.41 ping statistics --- 5 packets transmitted, 0 packets received, 100.00% packet loss N7K-A# Q1) Why did the ping fail? Q2) What would you do to correct the problem? Step 3 From the N7K-A SSH session, try using the following command to verify reachability to the N5K-A: ping 172.16.1.41 vrf management. N7K-A# ping 172.16.1.41 vrf management PING 172.16.1.41 (172.16.1.41): 56 data bytes 64 bytes from 172.16.1.41: icmp_seq=0 ttl=254 time=9.935 ms 64 bytes from 172.16.1.41: icmp_seq=1 ttl=254 time=0.834 ms 64 bytes from 172.16.1.41: icmp_seq=2 ttl=254 time=0.564 ms 64 bytes from 172.16.1.41: icmp_seq=3 ttl=254 time=0.582 ms 64 bytes from 172.16.1.41: icmp_seq=4 ttl=254 time=0.514 ms --- 172.16.1.41 ping statistics --- 5 packets transmitted, 5 packets received, 0.00% packet loss round-trip min/avg/max = 0.514/2.485/9.935 ms N7K-A# Q3) Why did this command work? Step 4 Use the ping command to verify reachability to all devices in the lab on the 172.16.1.x network. 2012 Cisco Systems, Inc. Lab Guide 33

Activity Verification You have completed this task when you attain this result: You have verified reachability to all devices in the lab on the 172.16.1.x network. 34 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity 1-3: Cisco Nexus 5000 Series Switch Initial Setup Script (Instructor Demonstration Only) The instructor will complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, the instructor will demonstrate how to perform an initial setup on a Cisco Nexus 5000 Series switch. After completing this activity, you will be able to meet these objectives: Describe how to use the initial setup script to perform an initial configuration on a Cisco Nexus 5000 Series switch Describe which parameters should be set during the initial configuration on a Cisco Nexus 5000 Series switch Describe which parameters have default settings in the initial setup script on a Cisco Nexus 5000 Series switch Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 2012 Cisco Systems, Inc. Lab Guide 35

Task 1: Use Cisco Nexus 5000 Series Initial Setup Script (Instructor Demonstration Only) Activity Procedure During this task, your instructor will demonstrate how to use the initial setup script on a Cisco Nexus 5000 Series switch. Complete these steps: Step 1 Step 2 Step 3 Connect to the remote lab using the credentials that are provided. Open the console connection to the Cisco Nexus 5000 Series switch and log in using the username admin and password 1234QWer. Perform a write erase and reload the switch. N5K-A# write erase Warning: This command will erase the startup-configuration. Do you wish to proceed anyway? (y/n) [n] y N5K-A# reload WARNING: This command will reboot the system Do you want to continue? (y/n) [n] y Note If you wish to save time here, explain to the students the purpose of the write erase and reload commands, and instead just run the setup script. Step 4 When the switch has reloaded, you will be asked if you wish to enforce secure passwords and to enter a password for the admin user. Enter the password 1234QWer. ---- System Admin Account Setup ---- Do you want to enforce secure password standard (yes/no): yes Enter the password for "admin": 1234QWer Confirm the password for "admin": 1234QWer ---- Basic System Configuration Dialog ---- This setup utility will guide you through the basic configuration of the system. Setup configures only enough connectivity for management of the system. Please register Cisco Nexus 5000 Family devices promptly with your supplier. Failure to register may affect response times for initial service calls. Nexus devices must be registered to receive entitled support services. Press Enter at anytime to skip a dialog. Use ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes 2012 Cisco Systems, Inc. Lab Guide 37

Step 5 Step 6 Step 7 After you have entered the admin user password, you will be asked if you wish to enter the basic configuration dialog. Enter Yes to enter the initial setup script. Some of the initial setup has default parameters. If you see a question when a potential answer in square brackets ([xx]), then you can press the Enter key to accept the default behavior. Work through the initial setup script as follows: ---- Basic System Configuration Dialog ---- This setup utility will guide you through the basic configuration of the system. Setup configures only enough connectivity for management of the system. Please register Cisco Nexus 5000 Family devices promptly with your supplier. Failure to register may affect response times for initial service calls. Nexus devices must be registered to receive entitled support services. Press Enter at anytime to skip a dialog. Use ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes Create another login account (yes/no) [n]: <enter> Configure read-only SNMP community string (yes/no) [n]: <enter> Configure read-write SNMP community string (yes/no) [n]: <enter> Enter the switch name : N5K-A Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]: <enter> Mgmt0 IPv4 address : 172.16.1.41 Mgmt0 IPv4 netmask : 255.255.255.0 Configure the default gateway? (yes/no) [y]: <enter> IPv4 address of the default gateway : 172.16.1.1 Enable the telnet service? (yes/no) [n]: <enter> Enable the ssh service? (yes/no) [y]: <enter> Type of ssh key you would like to generate (dsa/rsa) : rsa Number of key bits <768-2048> : 1024 Configure the ntp server? (yes/no) [n]: <enter> Enter basic FC configurations (yes/no) [n]: <enter> Step 8 Step 9 Verify that the proposed configuration is as expected and contains the values that were provided. Press the Enter key to accept not editing the configuration. The following configuration will be applied: switchname N5K-A interface mgmt0 ip address 172.16.1.41 255.255.255.0 no shutdown 38 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

exit vrf context management ip route 0.0.0.0/0 172.16.1.1 exit no telnet server enable ssh key rsa 1024 force ssh server enable Would you like to edit the configuration? (yes/no) [n]: <enter> Step 10 When you are asked if you wish to use this configuration, enter Y. Use this configuration and save it? (yes/no) [y] : Y or <enter> Step 11 Enter Y to save the configuration to startup-config Would you like to save the running-config to startup-config? (yes/no) [n]: y [########################################] 100% Copy complete, now saving to disk (please wait)... Step 12 User Access Verification N5K-B login: Use the command show running-config to verify that the configuration has been generated as expected. Activity Verification You have completed this task when you attain these results: You have successfully performed an initial configuration on the Cisco Nexus 5000 Series switch. You have verified the configuration using the show running-config command. 2012 Cisco Systems, Inc. Lab Guide 39

Lab 1-2: Connecting to a Cisco Nexus 5000 Series Switch Using SSH Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to a Cisco Nexus 5000 Series switch using SSH to verify the management 0 configuration and connectivity. After completing this activity, you will be able to meet these objectives: Connect to a Cisco Nexus 5000 Series switch using SSH Use show commands to verify the management 0 interface configuration Use show commands to verify the management 0 interface connectivity Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 40 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Connect to Cisco Nexus 5000 Series Switches Using SSH Activity Procedure In this task, you will use SSH to connect to both Cisco Nexus 5000 Series switches. Complete these steps: Step 1 Step 2 Step 3 Step 4 Using the credentials that are provided by your instructor, connect to the remote lab and your pod. Log into the PC using the username administrator and the password 1234QWer. Double-click the PuTTY shortcut on the desktop. (If the icon is missing please contact your instructor.) Enter the following details in the PuTTY configuration dialog box to open a session to the first N5K: Host Name (or IP address): 172.16.1.41 Port: 22 Connection Type: SSH Step 5 Step 6 Click the Open button to open the session. When the session opens, you will be asked for credentials for logging into the switch. Log in as a student using the username admin and the password 1234QWer. Step 7 Open a second SSH session to the second N5K at 172.16.1.42. Activity Verification You have completed this task when you attain this result: You have successfully logged into both switches. 42 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

2012 Cisco Systems, Inc. Lab Guide 43

Task 2: Verify Interface Management 0 Configuration Activity Procedure In this task, you will use show commands to verify the configuration that was applied to management 0 in the previous lab. Complete these steps on both N5K switches: Step 1 At the command prompt, enter the show running-config interface mgmt 0 to verify the configuration of management 0. N5K-A# show running-config interface mgmt 0!Command: show running-config interface mgmt0!time: Wed Feb 18 12:01:35 2009 version 5.1(3)N1(1) interface mgmt0 ip address 172.16.1.41/24 Step 2 N5K-A# Verify that the IP address of each Cisco Nexus 5000 Series switch is as follows: N5K-A: 172.16.1.41 N5K-B: 172.16.1.42 Step 3 Step 4 Verify that the default route has been correctly set using the command show running-config include route. N5K-A# show running-config include route ip route 0.0.0.0/0 172.16.1.1 N5K-A# The Cisco Nexus 5000 Series switch supports two default VRFs. One is called management and the other is called default. Use the following commands to verify that the default route has been set for the correct VRF. N5K-A# show ip route IP Route Table for VRF "default" '*' denotes best ucast next-hop '**' denotes best mcast next-hop '[x/y]' denotes [preference/metric] N5K-A# N5K-A# show ip route vrf management IP Route Table for VRF "management" '*' denotes best ucast next-hop '**' denotes best mcast next-hop '[x/y]' denotes [preference/metric] 0.0.0.0/0, ubest/mbest: 1/0 *via 172.16.1.1, mgmt0, [1/0], 06:44:09, static 44 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 5 172.16.1.0/24, ubest/mbest: 1/0, attached *via 172.16.1.41, mgmt0, [0/0], 06:45:30, direct 172.16.1.41/32, ubest/mbest: 1/0, attached *via 172.16.1.41, mgmt0, [0/0], 06:45:30, local N5K-A# Q1) Which VRF is using the default route of 172.16.1.1? Q2) Is this VRF the correct VRF? Q3) Based on your answer, explain why this is, or is not, the correct VRF. Verify that the management 0 interface is administratively and operationally up using the show interface mgmt 0 brief. N5K-A# show interface mgmt 0 brief -------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------- mgmt0 -- up 172.16.1.41 1000 1500 N5K-A# Step 6 Check the management 0 interface details using the show interface mgmt 0 command. N5K-A# show interface mgmt 0 mgmt0 is up Hardware: GigabitEthernet, address: 547f.ee5c.6ea1 (bia 547f.ee5c.6ea1) Internet Address is 172.16.1.41/24 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA full-duplex, 1000 Mb/s EtherType is 0x0000 1 minute input rate 1168 bits/sec, 1 packets/sec 1 minute output rate 816 bits/sec, 0 packets/sec Rx 36258 input packets 293 unicast packets 33536 multicast packets 2429 broadcast packets 3189819 bytes Tx 3470 output packets 207 unicast packets 3262 multicast packets 1 broadcast packets 804357 bytes N5K-A# Activity Verification You have completed this task when you attain these results: You have confirmed that the IP configuration for the management 0 interface is correctly configured. You have confirmed that the IP default route is configured for the correct VRF. You have confirmed that the mgmt 0 interface is up both administratively and operationally. 2012 Cisco Systems, Inc. Lab Guide 45

Lab 1-3: Running CLI Commands Complete this lab activity to practice what you learned in the related module Activity Objective In this activity, you will connect to a Cisco Nexus 7000 Series switch and a 5000 Series switch to run various show commands. After completing this activity, you will be able to meet these objectives: Use the show commands to verify VLANs and VLAN membership Use the show commands to verify which interfaces are operational Use the show commands to verify the MAC address table Verify which Cisco NX-OS Software version is running on the switch Verify the running and startup configurations Use the show commands to verify if there are any connectivity issues in the network Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 7000 Series VDC One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 46 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show vlan show vlan summary show interface brief show interface trunk show mac address-table show mac address-table learningmode show mac address-table vlan <x> show mac address-table agingtime show version show startup-config show running-config show running-config <feature> <all> show feature show tech-support show tech-support > volatile:<filename> show cdp neighbor show run vpc show tech vpc Description Displays the currently configured VLANs and the interfaces that are associated with those VLANs Displays a summary of the number of VLANs that are configured Displays a summary of the interfaces, showing the status of those interfaces Displays details of which interfaces are trunking and if there are any issues with the VLANs that are on the trunks Displays the switch MAC address table Displays the learning mode for MAC addresses on the VLANs Displays the MAC address table for a given VLAN Displays how long MAC addresses will be kept in the table Displays details that are related to the Cisco NX- OS Software version that is being used Displays the startup configuration of the switch Displays the running configuration of the switch Displays the running configuration of a specific feature on the switch Displays the features that are currently enabled on the switch Displays the output of the tech-support command Directs the output of the tech-support command to a file in volatile memory Displays the neighbors that are found using Cisco Discovery Protocol Displays the vpc configuration from the running configuration Displays the output of the tech-support command for the vpc configuration Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 47

Task 1: Verify VLAN and VLAN Membership In this task, you will use CLI commands to verify the VLAN database and membership. Activity Procedure Complete these steps: Step 1 Step 2 Step 3 Using the credentials provided by your instructor, connect to the remote lab and your pod and open an SSH session to both N7K and N5K switches. Log in using the username admin and password 1234QWer on all four switches. On both Cisco Nexus 5000 Series Switches, identify which VLANs are currently configured. N5K-B# show vlan summary Number of existing VLANs : 3 Number of existing user VLANs : 3 Number of existing extended VLANs : 0 Step 4 Q1) How many VLANs have been configured on the switch? Q2) Have the same number of VLANs been configured on the Cisco Nexus 7000 Series switch? Q3) If you have a different number of VLANs between the switches, which VLANs are they? Use the show vlan command to find out which interfaces are members of which VLAN on both the Cisco Nexus 7000 Series and 5000 Series Switches. N7K-A# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Po7, Po71, Po72, Eth2/1, Eth2/2 Eth2/3, Eth2/4, Eth2/5, Eth2/6 Eth2/7, Eth2/8, Eth2/10, Eth2/11 Eth2/12, Eth2/13, Eth2/14 Eth2/15, Eth2/16, Eth2/17 Eth2/18, Eth2/19, Eth2/20 Eth2/21, Eth2/22, Eth2/23 Eth2/24, Eth2/25, Eth2/26 Eth2/27, Eth2/28, Eth2/29 Eth2/30, Eth2/31, Eth2/32 Eth3/1 110 UCS-Management active Po7, Po71, Po72, Eth2/5, Eth2/6 Eth2/7, Eth2/8, Eth2/9, Eth2/11 Eth2/12 113 VLAN0113 active Po7, Po71, Po72, Eth2/5, Eth2/6 Eth2/7, Eth2/8, Eth2/11, Eth2/12 114 VLAN0114 active Po7, Po71, Po72, Eth2/5, Eth2/6 Eth2/7, Eth2/8, Eth2/11, Eth2/12 211 VLAN0211 active Po7, Po71, Po72, Eth2/5, Eth2/6 Eth2/7, Eth2/8, Eth2/11, Eth2/12 212 VLAN0212 active Po7, Po71, Po72, Eth2/5, Eth2/6 Eth2/7, Eth2/8, Eth2/11, Eth2/12 48 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

VLAN Type Vlan-mode ---- ----- ---------- 1 enet CE 110 enet CE 113 enet CE 114 enet CE 211 enet CE 212 enet CE Remote SPAN VLANs ------------------------------------------------------------------------------- Primary Secondary Type Ports ------- --------- --------------- ------------------------------------------- N5K-A# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Po71, Eth1/5, Eth1/6, Eth1/7 Eth1/8, Eth1/9, Eth1/10, Eth1/11 Eth1/12, Eth1/15, Eth1/16 Eth1/17, Eth1/18, Eth1/19 Eth1/20, Eth1/21, Eth1/22 Eth1/23, Eth1/24, Eth1/25 Eth1/26, Eth1/27, Eth1/28 Eth1/29, Eth1/30, Eth1/31 Eth1/32 113 VLAN0113 active Po71, Eth1/13 114 VLAN0114 active Po71, Eth1/14 VLAN Type Vlan-mode ---- ----- ---------- 1 enet CE 113 enet CE 114 enet CE Remote SPAN VLANs --------------------------------------------------------------------- Primary Secondary Type Ports ------- --------- --------------- -------------------------------- Q4) Are there any interfaces that are members of multiple VLANs? Q5) What is the reason for this? Step 5 Activity Verification Do not log out of the switches because you will be using the same connections and configurations for the following task. You have completed this task when you attain these results: You have successfully identified which VLANs have been configured and which interfaces are members of which VLAN. You have correctly identified why some interfaces are members of multiple VLANs. 2012 Cisco Systems, Inc. Lab Guide 49

Task 2: Verify Interface States Activity Procedure In this task, you will use CLI commands to verify the interface states. Complete these steps: Step 1 Step 2 If you logged out of your assigned switches, please log in again for this task. The show interface brief command is used to provide a summary state of all interfaces on the switch. Run the show interface brief command on both the Cisco Nexus 7000 Series and 5000 Series Switches. N5K-A# show interface brief -------------------------------------------------------------------------------- Ethernet VLAN Type Mode Status Reason Speed Por t Interface Ch # -------------------------------------------------------------------------------- Eth1/1 1 eth trunk up none 10G(D) 71 Eth1/2 1 eth trunk up none 10G(D) 71 Eth1/3 1 eth trunk up none 10G(D) 71 Eth1/4 1 eth trunk up none 10G(D) 71 Eth1/5 1 eth access down Link not connected 10G(D) -- Eth1/6 1 eth access down Administratively down 1000(D) -- Eth1/7 1 eth access down Administratively down 10G(D) -- Eth1/8 1 eth access down SFP not inserted 10G(D) -- Eth1/9 1 eth access down Administratively down 10G(D) -- Eth1/10 1 eth access down Administratively down 10G(D) -- Eth1/11 1 eth access down Administratively down 10G(D) -- Eth1/12 1 eth access down Administratively down 10G(D) -- Eth1/13 113 eth access down Administratively down 10G(D) -- Eth1/14 114 eth access down Administratively down 10G(D) -- Eth1/15 1 eth access down Administratively down 10G(D) -- Eth1/16 1 eth access down Administratively down 10G(D) -- Eth1/17 1 eth access down Administratively down 10G(D) -- Eth1/18 1 eth access down Administratively down 10G(D) -- Eth1/19 1 eth access down SFP not inserted 10G(D) -- Eth1/20 1 eth access up none 10G(D) -- Eth1/21 1 eth access up none 10G(D) -- Eth1/22 1 eth access up none 10G(D) -- Eth1/23 1 eth access up none 10G(D) -- Eth1/24 1 eth access up none 10G(D) -- Eth1/25 1 eth access up none 10G(D) -- Eth1/26 1 eth access up none 10G(D) -- Eth1/27 1 eth access up none 10G(D) -- Eth1/28 1 eth access down Administratively down 10G(D) -- Eth1/29 1 eth access down Administratively down 10G(D) -- Eth1/30 1 eth access down Administratively down 10G(D) -- Eth1/31 1 eth access down Administratively down 10G(D) -- Eth1/32 1 eth access down Administratively down 10G(D) -- -------------------------------------------------------------------------------- Port-channel VLAN Type Mode Status Reason Speed Proto col Interface -------------------------------------------------------------------------------- Po71 1 eth trunk up none a-10g(d) la cp -------------------------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------------------------- mgmt0 -- up 172.16.1.41 1000 1500 50 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-A# show interface brief -------------------------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------------------------- mgmt0 -- up 172.16.1.201 1000 1500 -------------------------------------------------------------------------------- Ethernet VLAN Type Mode Status Reason Speed Por t Interface Ch # -------------------------------------------------------------------------------- Eth2/1 1 eth access down Administratively down auto(d) -- Eth2/2 1 eth access down Administratively down auto(d) -- Eth2/3 1 eth access down Administratively down auto(d) -- Eth2/4 1 eth access up none 10G(D) -- Eth2/5 1 eth trunk up none 10G(D) 71 Eth2/6 1 eth trunk up none 10G(D) 71 Eth2/7 1 eth trunk up none 10G(D) 72 Eth2/8 1 eth trunk up none 10G(D) 72 Eth2/9 110 eth access down SFP not inserted 1000(D) -- Eth2/10 1 eth access up none 1000(D) -- Eth2/11 1 eth trunk down Link not connected auto(d) 7 Eth2/12 1 eth trunk up none 10G(D) 7 Eth2/13 1 eth access down SFP not inserted auto(d) -- Eth2/14 1 eth access down SFP not inserted auto(d) -- Eth2/15 1 eth access down SFP not inserted auto(d) -- Eth2/16 1 eth access down SFP not inserted auto(d) -- Eth2/17 1 eth access down SFP not inserted auto(d) -- Eth2/18 1 eth access down SFP not inserted auto(d) -- Eth2/19 1 eth access down SFP not inserted auto(d) -- Eth2/20 1 eth access down SFP not inserted auto(d) -- Eth2/21 1 eth access down SFP not inserted auto(d) -- Eth2/22 1 eth access down SFP not inserted auto(d) -- Eth2/23 1 eth access down SFP not inserted auto(d) -- Eth2/24 1 eth access down SFP not inserted auto(d) -- Eth2/25 1 eth access down SFP not inserted auto(d) -- Eth2/26 1 eth access down SFP not inserted auto(d) -- Eth2/27 1 eth access down SFP not inserted auto(d) -- Eth2/28 1 eth access down SFP not inserted auto(d) -- Eth2/29 1 eth access down SFP not inserted auto(d) -- Eth2/30 1 eth access down SFP not inserted auto(d) -- Eth2/31 1 eth access down SFP not inserted auto(d) -- Eth2/32 1 eth access down Administratively down auto(d) -- Eth3/1 1 eth access down Administratively down auto(s) -- Eth3/2 -- eth routed down SFP not inserted auto(s) -- Eth3/3 -- eth routed down Administratively down auto(s) -- Eth3/4 -- eth routed down SFP not inserted auto(s) -- Eth3/5 -- eth routed down SFP not inserted auto(s) -- Eth3/6 -- eth routed down SFP not inserted auto(s) -- Eth3/7 -- eth routed down SFP not inserted auto(s) -- Eth3/8 -- eth routed down SFP not inserted auto(s) -- Eth3/9 -- eth routed down SFP not inserted auto(s) -- Eth3/10 -- eth routed down SFP not inserted auto(s) -- Eth3/11 -- eth routed down Administratively down auto(s) -- Eth3/12 -- eth routed down Administratively down auto(s) -- Eth3/13 -- eth routed down Administratively down auto(s) -- Eth3/14 -- eth routed down Administratively down auto(s) -- Eth3/15 -- eth routed down SFP not inserted auto(s) -- Eth3/16 -- eth routed down SFP not inserted auto(s) -- Eth3/17 -- eth routed down SFP not inserted auto(s) -- Eth3/18 -- eth routed down SFP not inserted auto(s) -- Eth3/19 -- eth routed down SFP not inserted auto(s) -- Eth3/20 -- eth routed up none 10G(S) -- 2012 Cisco Systems, Inc. Lab Guide 51

Eth3/21 -- eth routed up none 10G(S) -- Eth3/22 -- eth routed up none 10G(S) -- Eth3/23 -- eth routed up none 10G(S) -- Eth3/24 -- eth routed up none 10G(S) -- Eth3/25 -- eth routed up none 10G(S) -- Eth3/26 -- eth routed up none 10G(S) -- Eth3/27 -- eth routed up none 10G(S) -- Eth3/28 -- eth routed down SFP not inserted auto(s) -- Eth3/29 -- eth routed down SFP not inserted auto(s) -- Eth3/30 -- eth routed down SFP not inserted auto(s) -- Eth3/31 -- eth routed down SFP not inserted auto(s) -- Eth3/32 -- eth routed down SFP not inserted auto(s) -- -------------------------------------------------------------------------------- Port-channel VLAN Type Mode Status Reason Speed Proto col Interface -------------------------------------------------------------------------------- Po7 1 eth trunk up none a-10g(d) no ne Po71 1 eth trunk up none a-10g(d) la cp Po72 1 eth trunk up none a-10g(d) la cp ------------------------------------------------------------------------------- Interface Secondary VLAN(Type) Status Reason ------------------------------------------------------------------------------- Vlan1 -- up -- Q1) On the Cisco Nexus 5000 Series switch, one of the interfaces is running at 1 Gb/s instead of the usual 10 Gb/s. Identify which device this interface is connected to. (Hint: you can use the show cdp neighbors command to find out which Cisco devices a switch is connected to.) Q2) What is the default mode for interfaces on the Cisco Nexus 5000 Series switch? Q3) What is the default mode for interfaces on the Cisco Nexus 7000 Series switch? Q4) When were these default modes set? Step 3 Some of the interfaces on the switches are set as trunk interfaces. Check whether any of these interfaces have any VLAN errors disabled on the Trunk using the command show interface trunk. Note Your output may not match the lab guide output exactly. N5K-A# show interface trunk ------------------------------------------------------------- Port Native Status Port Vlan Channel ------------------------------------------------------------- Eth1/1 1 trnk-bndl Po71 Eth1/2 1 trnk-bndl Po71 Eth1/3 1 trnk-bndl Po71 Eth1/4 1 trnk-bndl Po71 52 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Po71 1 trunking -- ------------------------------------------------------------- Port Vlans Allowed on Trunk ------------------------------------------------------------- Eth1/1 1-3967,4048-4093 Eth1/2 1-3967,4048-4093 Eth1/3 1-3967,4048-4093 Eth1/4 1-3967,4048-4093 Po71 1-3967,4048-4093 ------------------------------------------------------------ Port Vlans Err-disabled on Trunk ------------------------------------------------------------ Eth1/1 none Eth1/2 none Eth1/3 none Eth1/4 none Po71 none ------------------------------------------------------------ Port STP Forwarding ------------------------------------------------------------ Eth1/1 none Eth1/2 none Eth1/3 none Eth1/4 none Po71 1,113-114 ----------------------------------------------------------- Port Vlans in spanning tree forwarding state and not pruned ------------------------------------------------------------ Eth1/1 -- Eth1/2 -- Eth1/3 -- Eth1/4 -- Po71 -- ------------------------------------------------------------ Port Vlans Forwarding on FabricPath ------------------------------------------------------------ N5K-A# Activity Verification Q5) Were there any VLANs disabled on the Cisco Nexus 5000 Series switch? Q6) Were there any VLANs disabled on the Cisco Nexus 7000 Series switch? You have completed this task when you attain these results: You have successfully verified the state of the interfaces. You have successfully identified the device that is connected to the 1-Gb/s interface on the Cisco Nexus 5000 Series switch. You have successfully verified there are no error-disabled VLANs on the trunk interfaces. 2012 Cisco Systems, Inc. Lab Guide 53

Task 3: Verify the MAC Address Table Activity Procedure In this task, you will use CLI commands to verify the MAC address table. Complete these steps: Step 1 Step 2 If you logged out of your assigned switches, please log in again for this task. As MAC addresses are discovered, they are put into a MAC address table. Use the following command to identify which MAC addresses are currently in the table on the Cisco Nexus 7000 Series switch: show mac address-table. Note Your output may not match the lab guide output exactly. N7K-A# show mac address-table Legend: * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC age - seconds since last seen,+ - primary entry using vpc Peer-Link VLAN MAC Address Type age Secure NTFY Ports/SWID.SSID.LID ---------+-----------------+--------+---------+------+----+---------- G - 64a0.e743.6241 static - F F sup-eth1(r) G 1 64a0.e743.6241 static - F F sup-eth1(r) G 1 6c9c.ed46.37c1 static - F F sup-eth1(r) Step 3 Using the show mac address-table aging-time command, find out the aging time for entries in the MAC address table. Vlan Aging Time ---- ---------- 1 1800 113 1800 114 1800 211 1800 212 1800 N7K-A# show mac address-table aging-time Q1) What is the aging time value? Step 4 Use the show mac address-table vlan number command. Which MAC addresses are registered in VLAN 1? N7K-A# show mac address-table vlan 1 Legend: * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC age - seconds since last seen,+ - primary entry using vpc Peer-Link VLAN MAC Address Type age Secure NTFY Ports/SWID.SSID.LID ---------+-----------------+--------+---------+------+----+------------------ G 1 64a0.e743.6241 static - F F sup-eth1(r) G 1 6c9c.ed46.37c1 static - F F sup-eth1(r) Note Depending on the equipment group you are assigned, the actual MAC addresses will be different in your output. Q2) How have the MAC addresses been discovered? 54 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Q3) Cisco FabricPath is not configured. Using the show mac address-table learning-mode command. What is the learning mode for MAC addresses on the Cisco Nexus 7000 Series switch? N7K-A# show mac address-table learning-mode Vlan Learning Mode ---- ---------- 1 Non-Conversational-Learning 113 Non-Conversational-Learning 114 Non-Conversational-Learning 211 Non-Conversational-Learning 212 Non-Conversational-Learning Activity Verification You have completed this task when you attain these results: You have successfully verified the MAC address table. You have successfully identified the learning mode for MAC addresses. You have successfully identified how MAC addresses have been discovered. 2012 Cisco Systems, Inc. Lab Guide 55

Task 4: Verify the Cisco NX-OS Software Activity Procedure In this task, you will use CLI commands to verify the Cisco NX-OS version. Complete these steps: Step 1 Step 2 If you logged out of your assigned switches, please log in again for this task. The show version command shows you which version of software you are running currently on the switch. Use the show version command to answer the following questions (the following output is an example of the output you will see on the switches): Note Your output may not match the lab guide output exactly. N7K-A# show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Documents: http://www.cisco.com/en/us/products/ps9372/tsd_products_support_series Copyright (c) 2002-2011, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0 or the GNU Lesser General Public License (LGPL) Version 2.1. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php Software BIOS: version 3.22.0 kickstart: version 6.0(2) system: version 6.0(2) BIOS compile time: 02/20/10 kickstart image file is: bootflash:///n7000-s1-kickstart.6.0.2.bin kickstart compile time: 12/25/2020 12:00:00 [12/22/2011 06:56:22] system image file is: bootflash:///n7000-s1-dk9.6.0.2.bin system compile time: 11/15/2011 12:00:00 [12/22/2011 08:46:28] Hardware cisco Nexus7000 C7010 (10 Slot) Chassis ("Supervisor module-1x") Intel(R) Xeon(R) CPU with 8245320 kb of memory. Processor Board ID JAF1508AJQR Device name: F103-Nexus-7010 bootflash: 2029608 kb slot0: 2074214 kb (expansion flash) Kernel uptime is 18 day(s), 3 hour(s), 59 minute(s), 5 second(s) Last reset Reason: Unknown System version: 6.0(1) Service: plugin Core Plugin, Ethernet Plugin 56 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity Verification Q1) Which version of the kickstart image is running on each of these switches? Cisco Nexus 7000 Series switch A: Cisco Nexus 7000 Series switch B: Cisco Nexus 5000 Series switch A: Cisco Nexus 5000 Series switch B: Q2) Which version of the system image is running on each of these switches? Cisco Nexus 7000 Series switch A: Cisco Nexus 7000 Series switch B: Cisco Nexus 5000 Series switch A: Cisco Nexus 5000 Series switch B: Q3) Are you running the same version of kickstart and system image on the switches? Q4) Are you running the same version of software on both the Cisco Nexus 7000 Series and 5000 Series Switches? Q5) How long has the switch been operating? Q6) What is the reason for the last switch reset? You have completed this task when you attain this result: You have successfully verified the Cisco NX-OS software image that is being used. 2012 Cisco Systems, Inc. Lab Guide 57

Task 5: Verify the Running and Startup Configuration In this task, you will use CLI commands to verify the running and startup configuration. Activity Procedure Complete these steps: Step 1 Step 2 If you logged out of your assigned switches, please log in again for this task. The show running-config command is used to show the running configuration. Use the command to see what your current configuration looks like. N7K-A# show running-config!command: show running-config!time: Thu Feb 23 11:47:27 2012 version 6.0(2) switchname N7K-A cfs eth distribute feature interface-vlan feature lacp feature vpc username admin password 5 $1$A4XvuSsm$HWRb2FVZURjX6p6CzLaqL0 role vdc-admin ----not all output is shown here---- Q1) Use the show startup-config command to see the configurations. Are the running and startup configurations the same? Q2) If they were different, which command would you use to save the running configuration to the startup configuration? Step 3 The preloaded configuration for this lab included a vpc configuration. Use the show running-config vpc command on the Cisco Nexus 7000 Series switch to view the parameters that are configured for this feature. N7K-A# show running-config vpc!command: show running-config vpc!time: Thu Feb 23 11:54:25 2012 version 6.0(2) feature vpc vpc domain 103 peer-switch peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf keepalive peer-gateway interface port-channel7 vpc peer-link interface port-channel71 vpc 71 interface port-channel72 vpc 72 58 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 4 The show running-config vpc all command shows you additional configuration for the vpc feature. N7K-A# show running-config vpc all!command: show running-config vpc all!time: Thu Feb 23 11:57:17 2012 version 6.0(2) feature vpc vpc domain 103 peer-switch role priority 32667 system-priority 32667 peer-keepalive destination 192.168.1.2 source 192.168.1.1 udp-port 3200 vrf keepalive interval 1000 timeout 5 precedence 6 hold-timeout 3 delay restore 30 no dual-active exclude interface-vlan peer-gateway graceful consistency-check no auto-recovery delay restore interface-vlan 10 no fabricpath switch-id no fabricpath multicast load-balance interface port-channel7 vpc peer-link interface port-channel71 vpc 71 interface port-channel72 vpc 72 Q3) When you add the all parameter to the show running config <feature> command, what additional configuration is actually being displayed? Step 5 To be able to configure the vpc feature, you would have had to switch on the feature. Use the show feature command on the Cisco Nexus 7000 Series switch to find out what other additional features are available for you to configure. 2012 Cisco Systems, Inc. Lab Guide 59

N7K-A# show feature Feature Name Instance State -------------------- -------- -------- amt 1 disabled bfd 1 disabled bfd_app 1 disabled bgp 1 disabled cts 1 disabled dhcp 1 disabled dot1x 1 disabled drap 1 disabled eigrp 1 disabled eigrp 2 disabled eigrp 3 disabled eigrp 4 disabled eou 1 disabled eth_port_sec 1 disabled fex 1 disabled fipsm 1 disabled glbp 1 disabled hsrp_engine 1 disabled interface-vlan 1 enabled isis 1 disabled isis 2 disabled isis 3 disabled isis 4 disabled lacp 1 enabled ldap 1 disabled lisp 1 disabled lldp 1 disabled msdp 1 disabled netflow 1 disabled oim 1 disabled ospf 1 disabled ospf 2 disabled ospf 3 disabled ospf 4 disabled ospfv3 1 disabled ospfv3 2 disabled ospfv3 3 disabled ospfv3 4 disabled otv 1 disabled pbr 1 disabled pim 1 disabled pim6 1 disabled pong 1 disabled private-vlan 1 disabled privilege 1 disabled ptp 1 disabled rip 1 disabled rip 2 disabled rip 3 disabled rip 4 disabled scheduler 1 disabled scpserver 1 disabled sftpserver 1 disabled sshserver 1 enabled tacacs 1 disabled telnetserver 1 disabled tunnel 1 disabled udld 1 disabled vpc 1 enabled vrrp 1 disabled vtp 1 disabled wccp 1 disabled 60 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 6 Use the same command on the Cisco Nexus 5000 Series switch. Are you running the same features? N5K-A# show feature Feature Name Instance State -------------------- -------- -------- Flexlink 1 disabled amt 1 disabled bgp 1 disabled cts 1 disabled dhcp 1 disabled dot1x 1 disabled eigrp 1 disabled eigrp 2 disabled eigrp 3 disabled eigrp 4 disabled eth_port_sec 1 disabled fcoe 1 disabled fcoe-npv 1 disabled fex 1 disabled glbp 1 disabled hsrp_engine 1 disabled http-server 1 disabled interface-vlan 1 disabled lacp 1 enabled ldap 1 disabled lldp 1 enabled msdp 1 disabled ospf 1 disabled ospf 2 disabled ospf 3 disabled ospf 4 disabled pim 1 disabled poe 1 disabled private-vlan 1 disabled privilege 1 disabled ptp 1 disabled rip 1 disabled rip 2 disabled rip 3 disabled rip 4 disabled sshserver 1 enabled tacacs 1 disabled telnetserver 1 disabled udld 1 disabled vem 1 disabled vmfex 1 disabled vpc 1 disabled vrrp 1 disabled vtp 1 disabled Activity Verification You have completed this task when you attain these results: You have successfully verified the configuration that is being used in running and startup configuration. You have successfully verified which features are currently enabled on the Cisco Nexus 7000 Series and 5000 Series Switches. 2012 Cisco Systems, Inc. Lab Guide 61

Task 6: Use the tech-support Command Activity Procedure In this task, you will use CLI commands to view the tech-support command output. Complete these steps: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Activity Verification If you logged out of your assigned switches, please log in again for this task. The show tech-support command provides you with valuable information about the switch, and the output is often provided to Cisco TAC so that they have a complete picture of the switch that is having problems. Run the show tech-support command on the Cisco Nexus 5000 Series switch. Run the show tech-support command on the Cisco Nexus 7000 Series switch. As you can see, there is a large amount of data to view. If you are looking for specific information, you can pull out the tech support details for a specific feature. For example, run the show tech-support vpc on the Cisco Nexus 7000 Series switch. There is still a large amount of data, but it is now focused on a specific feature you may be having issues with. It is often necessary to send this output to Cisco TAC, or you may wish to analyze the information offline. To be able to do this analysis, you can send the output to a file, which can then be copied to a TFTP server. Run the show tech-support > volatile:tech command. In this command, you are sending the output of the command to a file called tech, which is being stored in volatile memory. You have completed this task when you attain this result: You have successfully run and viewed the output from the show tech-support command. 62 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Lab 1-4: Configuring vpcs Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to the Cisco Nexus 7000 Series and 5000 Series Switches and perform the tasks that are required to configure and verify vpcs. After completing this activity, you will be able to meet these objectives: Verify the vpc domain, vpc peer link, and vpc peer-keepalive link Configure and verify vpcs on the downstream switches Use show commands to verify the overall vpc operation Save the running configurations Visual Objective The figure illustrates what you will accomplish in this activity. 2012 Cisco Systems, Inc. Lab Guide 63

Required Resources Command List These are the resources and equipment that are required to complete this activity: Two Cisco Nexus 7000 Series Switches Two Cisco Nexus 5000 Series Switches One PC with an SSH application for remote connectivity The table describes the commands that are used in this activity. Command show interface description show interface brief show cdp neighbor show ip interface brief ping <x.x.x.x> feature vpc vpc domain n peer-keepalive destination <x.x.x.x> [source <x.x.x.x> vrf <vrf-name>] show running-config interface channel-group n [mode active] vpc peer-link description show port-channel summary show interface show vpc brief copy running-config startupconfig vpc n show port-channel traffic show running-config vpc show tech-support vpc Description Displays the description that is defined for the interfaces Displays a summary of the interfaces, showing the status of those interfaces Displays the neighbors that are found using Cisco Discovery Protocol Displays a summary of the interfaces that are configured with IP, showing the status of those interfaces Pings a remote address using the default VRF Enables the vpc feature on the switch Defines the vpc domain on the switch Defines the vpc peer-keepalive link Displays the current running configuration for a specified interface Creates a port channel Defines a port channel as a vpc peer link. Assigns a description to an interface Displays a summary of the port channels that are configured on the switch and their state Displays the details of an interface Displays a summary of the vpc and its operating parameters Saves the current configuration of the switch Defines a port channel as a vpc Displays the traffic utilization of the port channel Displays the vpc portion of the running configuration Displays the output of the tech-support command for the vpc configuration 64 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 65

Task 1: Connect to Your Assigned Switches Activity Procedure In this task, you will make SSH connections to both Cisco Nexus 7000 series switch and Nexus 5500 series switches in the topology. Complete these steps: Step 1 Step 2 Activity Verification Using the credentials that are provided by your instructor, connect to the remote lab and your student PC. Open SSH sessions to N7K-A, N7k-B, N5K-A, and N5K-B. Login with the username admin and password 1234QWer. Refer to the Lab Addressing Plan: IP Addresses section for the management IP address of your switch. You have completed this task when you attain these results: You have successfully logged into all four lab switches via SSH. 66 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 2: Verify Interswitch Connections Activity Procedure In this task, you will use CLI commands to verify the physical connections between the Cisco Nexus 7000 Series and Cisco Nexus 5000 Series Switches. This task will be performed on all switches. Complete these steps on all switches: Step 1 Review the interface connectivity by examining the descriptions that are assigned to the interfaces. Compare the output to your topology diagram for all interfaces that are in use. N7K-A# show interface description ------------------------------------------------------------------------------ - Interface Description ------------------------------------------------------------------------------ - mgmt0 -- ------------------------------------------------------------------------------ - Port Type Speed Description ------------------------------------------------------------------------------ - Eth2/1 eth 10G To FI A int Eth 1 Eth2/2 eth 10G To FI A int Eth 2 Eth2/3 eth 10G To FI B int Eth 1 Eth2/4 eth 10G To FI B int Eth 2 Eth2/5 eth 10G To N5K-A int Eth 1/1 Eth2/6 eth 10G To N5K-A int Eth 1/2 Eth2/7 eth 10G To N5K-B int Eth 1/1 Eth2/8 eth 10G To N5K-B int Eth 1/2 Eth2/9 eth 10G Connection to Management Network Eth2/10 eth 10G Not in Use Eth2/11 eth 10G To N7K-B int Eth 2/23 Eth2/12 eth 10G To N7K-B int Eth 2/24 --output ommitted-- Step 2 Verify that the required interfaces are operational by comparing the output of the show interface brief command to your topology diagram. N7K-A# show interface brief -------------------------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------------------------- mgmt0 -- up 172.16.1.201 1000 1500 -------------------------------------------------------------------------------- Ethernet VLAN Type Mode Status Reason Speed Por t Interface Ch # -------------------------------------------------------------------------------- Eth2/1 1 eth access down Administratively down auto(d) -- Eth2/2 1 eth access down Administratively down auto(d) -- Eth2/3 1 eth access down Administratively down auto(d) -- Eth2/4 1 eth access up none 10G(D) -- Eth2/5 1 eth trunk up none 10G(D) 71 Eth2/6 1 eth trunk up none 10G(D) 71 Eth2/7 1 eth trunk up none 10G(D) 72 Eth2/8 1 eth trunk up none 10G(D) 72 Eth2/9 110 eth access down SFP not inserted 1000(D) -- Eth2/10 1 eth access up none 1000(D) -- Eth2/11 1 eth trunk down Link not connected auto(d) 7 --output ommitted-- 2012 Cisco Systems, Inc. Lab Guide 67

Step 3 Determine which remote device is connected on each of the links and that the connection is on the correct interface. N7K-A# show cdp neighbors Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge S - Switch, H - Host, I - IGMP, r - Repeater, V - VoIP-Phone, D - Remotely-Managed-Device, s - Supports-STP-Dispute Device-ID Local Intrfce Hldtme Capability Platform Port ID mgmnt-sw mgmt0 132 S I WS-C3560X-48 Gig0/1 UCS-A(SSI15280G2J) Eth2/1 157 S I s N10-S6100 Eth1/1 UCS-A(SSI15280G2J) Eth2/2 157 S I s N10-S6100 Eth1/2 UCS-B(SSI15441476) Eth2/3 157 S I s N10-S6100 Eth1/1 UCS-B(SSI15441476) Eth2/4 179 S I s N10-S6100 Eth1/2 N5K-A(SSI16380AYG) Eth2/5 154 S I s N5K-C5548UP Eth1/1 N5K-A(SSI16380AYG) Eth2/6 154 S I s N5K-C5548UP Eth1/2 N5K-B(SSI16380AY7) Eth2/7 157 S I s N5K-C5548UP Eth1/1 N5K-B(SSI16380AY7) Eth2/8 157 S I s N5K-C5548UP Eth1/2 N7K-B(JAF1602BFMH) Eth2/12 152 R S I s N7K-C7010 Eth2/24 N5K-A(SSI16380AYG) Eth3/20 165 S I s N5K-C5548UP Eth1/20 N5K-A(SSI16380AYG) Eth3/21 165 S I s N5K-C5548UP Eth1/21 N5K-B(SSI16380AY7) Eth3/22 166 S I s N5K-C5548UP Eth1/20 N5K-B(SSI16380AY7) Eth3/23 166 S I s N5K-C5548UP Eth1/21 N5K-A(SSI16380AYG) Eth3/24 165 S I s N5K-C5548UP Eth1/24 N5K-A(SSI16380AYG) Eth3/25 165 S I s N5K-C5548UP Eth1/25 N5K-B(SSI16380AY7) Eth3/26 166 S I s N5K-C5548UP Eth1/24 N5K-B(SSI16380AY7) Eth3/27 166 S I s N5K-C5548UP Eth1/25 Step 4 Validate that the Layer 3 vpc keepalive interface is present on both Cisco Nexus 7000 series switches. If present, ensure that they are up. N7K-A# show ip interface brief vrf keepalive IP Interface Status for VRF "keepalive"(3) Interface IP Address Interface Status Vlan1 192.168.1.1 protocol-up/link-up/admin-up N7K-B# show ip interface brief vrf keepalive IP Interface Status for VRF "keepalive"(3) Interface IP Address Interface Status Vlan1 192.168.1.2 protocol-up/link-up/admin-up Step 5 Verify connectivity between the Layer 3 vpc keepalive interfaces that are found in the previous step. N7K-A# ping 192.168.1.2 vrf keepalive PING 192.168.1.2 (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=254 time=1.615 ms 64 bytes from 192.168.1.2: icmp_seq=1 ttl=254 time=1.168 ms 64 bytes from 192.168.1.2: icmp_seq=2 ttl=254 time=1.074 ms 64 bytes from 192.168.1.2: icmp_seq=3 ttl=254 time=0.749 ms 64 bytes from 192.168.1.2: icmp_seq=4 ttl=254 time=1.194 ms 68 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

--- 192.168.1.2 ping statistics --- 5 packets transmitted, 5 packets received, 0.00% packet loss round-trip min/avg/max = 0.749/1.159/1.615 ms N7K-B# ping 192.168.1.1 vrf keepalive PING 192.168.1.1 (192.168.1.1): 56 data bytes 64 bytes from 192.168.1.1: icmp_seq=0 ttl=254 time=1.271 ms 64 bytes from 192.168.1.1: icmp_seq=1 ttl=254 time=0.672 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=254 time=0.637 ms 64 bytes from 192.168.1.1: icmp_seq=3 ttl=254 time=0.841 ms 64 bytes from 192.168.1.1: icmp_seq=4 ttl=254 time=0.903 ms --- 192.168.1.1 ping statistics --- 5 packets transmitted, 5 packets received, 0.00% packet loss round-trip min/avg/max = 0.637/0.864/1.271 ms Q1) In which VRF do these Layer 3 interfaces reside? Note It is a best practice to place the vpc keepalive in a dedicated vrf. Activity Verification You have completed this task when you attain these results: You have verified that all interfaces between the switches are operational. You have verified that all links between the switches are connected to the correct device and interface. 2012 Cisco Systems, Inc. Lab Guide 69

Task 3: Validate the vpc Domain Activity Procedure In this task, you will use CLI commands to validate the vpc domain between the Cisco Nexus 7000 Series Switches. This task will be performed only on the Cisco Nexus 7000 Series Switches. Complete these steps on both Cisco Nexus 7000 Series Switches: Note Because vpc configuration tasks such as configuring the vpc domain, peer-link, and keepalive link can only be performed once, the instructor imported a completed configuration for you to explore and validate. Step 1 N7K-A# show vpc Legend: On both Cisco Nexus 7000 Series switches, use the show vpc command to observe the current vpc configuration. The output of this command in a correctly configured vpc will indicate a healthy status of the vpc peer, keep-alive, consistency checks, and port channels that are part of the vpc. (*) - local vpc is down, forwarding via vpc peer-link vpc domain id : 103 Peer status : peer adjacency formed ok vpc keep-alive status : peer is alive Configuration consistency status : success Per-vlan consistency status : success Type-2 consistency status : success vpc role : primary Number of vpcs configured : 2 Peer Gateway : Enabled Peer gateway excluded VLANs : - Dual-active excluded VLANs : - Graceful Consistency Check : Enabled Auto-recovery status : Disabled vpc Peer-link status --------------------------------------------------------------------- id Port Status Active vlans -- ---- ------ -------------------------------------------------- 1 Po7 up 1,110,113-114,211-212 vpc status ---------------------------------------------------------------------- id Port Status Consistency Reason Active vlans -- ---- ------ ----------- ------ ------------ 71 Po71 up success success 1,110,113-1 14,211-212 72 Po72 up success success 1,110,113-1 14,211-212 Step 2 The lab visual objective indicates there are two vpcs, one per Cisco Nexus 5548. The port-channel associated with the vpc from N5K-A is interface is port-channel 71. The port-channel interface associated with the vpc from N5K-B is 72. Use the show interface port-channel, show run interface, and show cdp neighbor commands on N7K-A and N7K-B to determine all of the interfaces that form vpcs 71 & 72. 70 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-A# sh interface port-channel 71 port-channel71 is up vpc Status: Up, vpc number: 71 Hardware: Port-Channel, address: 2894.0fdf.baf0 (bia 2894.0fdf.baf0) MTU 1500 bytes, BW 20000000 Kbit, DLY 10 usec reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA Port mode is trunk full-duplex, 10 Gb/s Input flow-control is off, output flow-control is off Switchport monitor is off EtherType is 0x8100 Members in this channel: Eth2/5, Eth2/6 N7K-A# sh interface port-channel 72 port-channel72 is up vpc Status: Up, vpc number: 72 Hardware: Port-Channel, address: 2894.0fdf.baf2 (bia 2894.0fdf.baf2) MTU 1500 bytes, BW 20000000 Kbit, DLY 10 usec reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA Port mode is trunk full-duplex, 10 Gb/s Input flow-control is off, output flow-control is off Switchport monitor is off EtherType is 0x8100 Members in this channel: Eth2/7, Eth2/8 Step 3 Use the output of the show interface port-channel, show run interface, and show cdp neighbor commands to fill-in all of the vpc-related interfaces of N7K-A, N7K- B, N5K-A, and N5K-B on the illustration below. 2012 Cisco Systems, Inc. Lab Guide 71

Activity Verification You have completed this task when you attain these results: You have validated the vpc domain between two Cisco Nexus Series Switches. You have verified that the vpc domain is operational. You have identified all of the port-channel interfaces and physical interfaces that constitute the vpc peer-link and vpc member links. 72 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 4: Configure vpcs on N7K-A, N7K-B, N5K-A, and N5K-B Activity Procedure In this task, you will use CLI commands to configure and verify vpcs on devices that are connected to the vpc domain. This task will be performed on all four switches. Complete these steps according to your pod number. The vpc from N5K-A or N5K-B includes one port-channel to N7K-A and one port-channel to N7K-B. Each pod is responsible to configure one of the two port-channels on the assigned Cisco Nexus 7000 and Cisco Nexus 5548UP. Pod Device Interface Device Interface Port Channel ID 1 N7K-A 2 N7K-B 3 N7K-A 4 N7K-B 5 N7K-A 6 N7K-B 7 N7K-A 8 N7K-B Ethernet 3/20 N5K-A Ethernet 1/20 Ethernet 3/21 Ethernet 1/21 Ethernet 3/20 N5K-A Ethernet 1/22 Ethernet 3/21 Ethernet 1/23 Ethernet 3/22 N5K-B Ethernet 1/20 Ethernet 3/23 Ethernet 1/21 Ethernet 3/22 N5K-B Ethernet 1/22 Ethernet 3/23 Ethernet 1/23 Ethernet 3/24 N5K-A Ethernet 1/24 Ethernet 3/25 Ethernet 1/25 Ethernet 3/24 N5K-A Ethernet 1/26 Ethernet 3/25 Ethernet 1/27 Ethernet 3/26 N5K-B Ethernet 1/24 Ethernet 3/27 Ethernet 1/25 Ethernet 3/26 N5K-B Ethernet 1/26 Ethernet 3/27 Ethernet 1/27 11 12 13 14 Refer to the Job Aid table above to determine your switch and port assignments. 2012 Cisco Systems, Inc. Lab Guide 73

Step 1 Configure your pod-specific port-channel. N7K-A# con Enter configuration commands, one per line. End with CNTL/Z. N7K-A(config)# interface e3/20-21 N7K-A(config)# description To N5K-A vpc 11 N7K-A(config-if)# switchport N7K-A(config-if)# switchport mode trunk N7K-A(config-if)# channel-group 11 mode active N7K-A(config-if)# no shutdown N7K-A(config-if)# exit N7K-A(config)# interface port-channel 11 N7K-A(config-if)# switchport mode trunk N7K-A(config-if)# vpc 11 N5K-A# con Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface e1/20-21 N5K-A(config-if-range)# description To N7K-A vpc 11 N5K-A(config-if-range)# switchport mode trunk N5K-A(config-if-range)# channel-group 11 mode active N5K-A(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-A(config-if)# sh int port-channel 11 port-channel11 is up vpc Status: Up, vpc number: 11 --output omitted-- Members in this channel: Eth3/20, Eth3/21 N5K-A(config-if-range)# sh int port-channel 11 port-channel11 is up --output ommited Members in this channel: Eth1/20, Eth1/21 74 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-B# con Enter configuration commands, one per line. End with CNTL/Z. N7K-B(config)# interface e3/20-21 N7K-B(config-if-range)# description To N5K-A vpc 11 N7K-B(config-if-range)# switchport N7K-B(config-if-range)# switchport mode trunk N7K-B(config-if-range)# channel-group 11 mode active N7K-B(config-if-range)# no shutdown N7K-B(config-if-range)# exit N7K-B(config)# interface port-channel 11 N7K-B(config-if)# switchport mode trunk N7K-B(config-if)# vpc 11 N7K-B(config-if)# sh vpc N5K-A# con Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface e1/22-23 N5K-A(config-if-range)# description To N7K-B vpc 11 N5K-A(config-if-range)# switchport mode trunk N5K-A(config-if-range)# channel-group 11 mode active N5K-A(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-B(config-if)# sh int port-channel 11 port-channel11 is up vpc Status: Up, vpc number: 11 --output omitted-- Members in this channel: Eth3/20, Eth3/21 N5K-A(config-if-range)# sh int port-channel 11 port-channel11 is up --output ommited Members in this channel: Eth1/20, Eth1/21, Eth1/22, Eth1/23 Note Interfaces e1/20 & e1/21 will only be present if pod 1 has completed their side of the vpc. 2012 Cisco Systems, Inc. Lab Guide 75

N7K-A# con Enter configuration commands, one per line. End with CNTL/Z. N7K-A(config)# N7K-A(config)# interface e3/22-23 N7K-A(config-if-range)# description To N5K-B vpc 12 N7K-A(config-if-range)# switchport N7K-A(config-if-range)# switchport mode trunk N7K-A(config-if-range)# channel-group 12 mode active N7K-A(config-if-range)# no shutdown N7K-A(config-if-range)# exit N7K-A(config)# interface port-channel 12 N7K-A(config-if)# switchport mode trunk N7K-A(config-if)# vpc 12 N5K-B# con Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface e1/20-21 N5K-B(config-if-range)# description To N7K-A vpc 12 N5K-B(config-if-range)# switchport mode trunk N5K-B(config-if-range)# channel-group 12 mode active N5K-B(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-A(config-if)# sh int port-channel 12 port-channel12 is up vpc Status: Up, vpc number: 12 --output omitted-- Members in this channel: Eth3/22, Eth3/23 N5K-B(config-if-range)# sh int port-channel 12 port-channel12 is up --output ommited Members in this channel: Eth1/20, Eth1/21 76 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-B# con Enter configuration commands, one per line. End with CNTL/Z. N7K-B(config)# interface e3/22-23 N7K-B(config-if-range)# description To N5K-B vpc 12 N7K-B(config-if-range)# switchport N7K-B(config-if-range)# switchport mode trunk N7K-B(config-if-range)# channel-group 12 mode active N7K-B(config-if-range)# no shutdown N7K-B(config-if-range)# exit N7K-B(config)# interface port-channel 12 N7K-B(config-if)# switchport mode trunk N7K-B(config-if)# vpc 12 N5K-B# con Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface e1/22-23 N5K-B(config-if-range)# description To N7K-B vpc 12 N5K-B(config-if-range)# switchport mode trunk N5K-B(config-if-range)# channel-group 12 mode active N5K-B(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-B(config-if)# sh int port-channel 12 port-channel12 is up vpc Status: Up, vpc number: 12 --output omitted-- Members in this channel: Eth3/22, Eth3/23 N5K-B(config-if-range)# sh int port-channel 12 port-channel12 is up Members in this channel: Eth1/20, Eth1/21, Eth1/22, Eth1/23 Note Interfaces e1/20 & e1/21 will only be present if pod 3 has completed their side of the vpc. 2012 Cisco Systems, Inc. Lab Guide 77

N7K-A# con Enter configuration commands, one per line. End with CNTL/Z. N7K-A(config)# interface e3/24-25 N7K-A(config-if-range)# description To N5K-A vpc 13 N7K-A(config-if-range)# switchport N7K-A(config-if-range)# switchport mode trunk N7K-A(config-if-range)# channel-group 13 mode active N7K-A(config-if-range)# no shutdown N7K-A(config-if-range)# exit N7K-A(config)# interface port-channel 13 N7K-A(config-if)# switchport mode trunk N7K-A(config-if)# vpc 13 N5K-A# con Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface e1/24-25 N5K-A(config-if-range)# description To N7K-A vpc 13 N5K-A(config-if-range)# switchport mode trunk N5K-A(config-if-range)# channel-group 13 mode active N5K-A(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-A(config-if)# sh int port-channel 13 port-channel13 is up vpc Status: Up, vpc number: 13 --output omitted-- Members in this channel: Eth3/24, Eth3/25 N5K-B(config-if-range)# sh int port-channel 13 port-channel13 is up --output ommited Members in this channel: Eth1/24, Eth1/25 78 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-B# con Enter configuration commands, one per line. End with CNTL/Z. N7K-B(config)# interface e3/24-25 N7K-B(config-if-range)# description To N5K-A vpc 13 N7K-B(config-if-range)# switchport N7K-B(config-if-range)# switchport mode trunk N7K-B(config-if-range)# channel-group 13 mode active N7K-B(config-if-range)# no shutdown N7K-B(config-if-range)# exit N7K-B(config)# interface port-channel 13 N7K-B(config-if)# switchport mode trunk N7K-B(config-if)# vpc 13 N5K-A# con Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface e1/26-27 N5K-A(config-if-range)# description To N7K-B vpc 13 N5K-A(config-if-range)# switchport mode trunk N5K-A(config-if-range)# channel-group 13 mode active N5K-A(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-B(config-if)# sh int port-channel 13 port-channel13 is up vpc Status: Up, vpc number: 13 --output omitted-- Members in this channel: Eth3/24, Eth3/25 N5K-B(config-if-range)# sh int port-channel 13 port-channel13 is up --output ommited Members in this channel: Eth1/24, Eth1/25, Eth1/26, Eth1/27 Note Interfaces e1/24 & e1/25 will only be present if pod 5 has completed their side of the vpc. 2012 Cisco Systems, Inc. Lab Guide 79

N7K-A# con Enter configuration commands, one per line. End with CNTL/Z. N7K-A(config)# interface e3/26-27 N7K-A(config-if-range)# description To N5K-B vpc 14 N7K-A(config-if-range)# switchport N7K-A(config-if-range)# switchport mode trunk N7K-A(config-if-range)# channel-group 14 mode active N7K-A(config-if-range)# no shutdown N7K-A(config-if-range)# exit N7K-A(config)# interface port-channel 14 N7K-A(config-if)# switchport mode trunk N7K-A(config-if)# vpc 14 N5K-B# con Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface e1/24-25 N5K-B(config-if-range)# description To N7K-A vpc 14 N5K-B(config-if-range)# switchport mode trunk N5K-B(config-if-range)# channel-group 14 mode active N5K-B(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-A(config-if)# sh int port-channel 14 port-channel14 is up vpc Status: Up, vpc number: 14 --output omitted-- Members in this channel: Eth3/26, Eth3/27 N5K-B(config-if-range)# sh int port-channel 14 port-channel14 is up --output ommited Members in this channel: Eth1/24, Eth1/25 80 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-B# con Enter configuration commands, one per line. End with CNTL/Z. N7K-B(config)# interface e3/26-27 N7K-B(config-if-range)# description To N5K-B vpc 14 N7K-B(config-if-range)# switchport N7K-B(config-if-range)# switchport mode trunk N7K-B(config-if-range)# channel-group 14 mode active N7K-B(config-if-range)# no shutdown N7K-B(config-if-range)# exit N7K-B(config)# interface port-channel 14 N7K-B(config-if)# switchport mode trunk N7K-B(config-if)# vpc 14 N5K-B# con Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface e1/26-27 N5K-B(config-if-range)# description To N7K-B vpc 14 N5K-B(config-if-range)# switchport mode trunk N5K-B(config-if-range)# channel-group 14 mode active N5K-B(config-if-range)# no shutdown Validate the new port-channel interface is up on both switches. N7K-B(config-if)# sh int port-channel 14 port-channel14 is up vpc Status: Up, vpc number: 14 --output omitted-- Members in this channel: Eth3/24, Eth3/25 N5K-B(config-if-range)# sh int port-channel 14 port-channel14 is up --output ommited Members in this channel: Eth1/24, Eth1/25, Eth1/26, Eth1/27 Note Interfaces e1/24 & e1/25 will only be present if pod 7 has completed their side of the vpc. 2012 Cisco Systems, Inc. Lab Guide 81

Task 5: Validate the vpc Activity Procedure In this task, you will use CLI commands to configure and verify vpcs on devices that are connected to the vpc domain. This task will be performed on all four switches. Use show commands to validate the overall vpc configuration. Step 1 Use the show port-channel summary command on all four switches to validate the member links of the vpc. N7K-A# sh port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended S - Switched r - Module-removed R - Routed U - Up (port-channel) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 7 Po7(SU) Eth NONE Eth2/11(P) Eth2/12(P) 11 Po11(SU) Eth LACP Eth3/20(P) Eth3/21(P) 12 Po12(SU) Eth LACP Eth3/22(P) Eth3/23(P) 13 Po13(SU) Eth LACP Eth3/24(P) Eth3/25(P) 14 Po14(SU) Eth LACP Eth3/26(P) Eth3/27(P) 71 Po71(SU) Eth LACP Eth2/5(P) Eth2/6(P) 72 Po72(SU) Eth LACP Eth2/7(P) Eth2/8(P) Notice the bolded flags in the command output. For the port-channel, (SU) indicates this is an OSI layer 2 port-channel and that the port-channel is administratively UP. The (P) flag in the constituent links of the port channel indicate they are operation in the port-channel. N7K-B# sh port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended S - Switched r - Module-removed R - Routed U - Up (port-channel) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 7 Po7(SU) Eth NONE Eth2/23(P) Eth2/24(P) 11 Po11(SU) Eth LACP Eth3/20(P) Eth3/21(P) 12 Po12(SU) Eth LACP Eth3/22(P) Eth3/23(P) 13 Po13(SU) Eth LACP Eth3/24(P) Eth3/25(P) 14 Po14(SU) Eth LACP Eth3/26(P) Eth3/27(P) 71 Po71(SU) Eth LACP Eth2/17(P) Eth2/18(P) 72 Po72(SU) Eth LACP Eth2/19(P) Eth2/20(P) The output of the show port-channel summary command is quite different on the Cisco Nexus 5548UP switches. The northbound Cisco Nexus 7000 Series switches include half of 82 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

the vpc for N5K-A and N5K-B. As such, all six port-channels are configured on the Nexus 7000s. From the perspective of the Nexus 5548UPs, the vpc is transparent. This is to say that they are not aware that the port-channel is connected to two upstream switches. The even-numbered port-channels are terminated on N5K-A, and the odd-numbered port-channels are terminated on N5K-B. This was an arbitrary decision and not a design requirement. N5K-A# sh port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended S - Switched r - Module-removed R - Routed U - Up (port-channel) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 11 Po11(SU) Eth LACP Eth1/20(P) Eth1/21(P) Eth1/22(P) Eth1/23(P) 13 Po13(SU) Eth LACP Eth1/24(P) Eth1/25(P) Eth1/26(P) Eth1/27(P) 71 Po71(SU) Eth LACP Eth1/1(P) Eth1/2(P) Eth1/3(P) Eth1/4(P) N5K-B# sh port-channel summary Flags: D - Down P - Up in port-channel (members) I - Individual H - Hot-standby (LACP only) s - Suspended r - Module-removed S - Switched R - Routed U - Up (port-channel) M - Not in use. Min-links not met -------------------------------------------------------------------------------- Group Port- Type Protocol Member Ports Channel -------------------------------------------------------------------------------- 12 Po12(SU) Eth LACP Eth1/20(P) Eth1/21(P) Eth1/22(P) Eth1/23(P) 14 Po14(SU) Eth LACP Eth1/24(P) Eth1/25(P) Eth1/26(P) Eth1/27(P) 72 Po72(SU) Eth LACP Eth1/1(P) Eth1/2(P) Eth1/3(P) Eth1/4(P) Step 2 Verify that traffic is traversing the port-channel interfaces on N5K-A and N5K-B. N5K-A# show port-channel traffic ChanId Port Rx-Ucst Tx-Ucst Rx-Mcst Tx-Mcst Rx-Bcst Tx-Bcst ------ --------- ------- ------- ------- ------- ------- ------- 11 Eth1/20 0.0% 0.0% 1.07% 25.80% 0.0% 0.0% 11 Eth1/21 0.0% 0.0% 48.98% 25.40% 0.0% 0.0% 11 Eth1/22 0.0% 0.0% 1.03% 24.39% 0.0% 0.0% 11 Eth1/23 0.0% 0.0% 48.91% 24.39% 0.0% 0.0% ------ --------- ------- ------- ------- ------- ------- ------- 13 Eth1/24 0.0% 0.0% 1.07% 25.56% 0.0% 0.0% 2012 Cisco Systems, Inc. Lab Guide 83

13 Eth1/25 0.0% 0.0% 48.96% 25.43% 0.0% 0.0% 13 Eth1/26 0.0% 0.0% 48.90% 24.50% 0.0% 0.0% 13 Eth1/27 0.0% 0.0% 1.05% 24.49% 0.0% 0.0% ------ --------- ------- ------- ------- ------- ------- ------- 71 Eth1/1 82.05% 17.44% 50.70% 22.65% 56.69% 9.42% 71 Eth1/2 3.20% 4.69% 3.15% 22.56% 34.29% 0.0% 71 Eth1/3 7.69% 75.16% 29.39% 27.47% 7.64% 72.69% 71 Eth1/4 7.05% 2.68% 16.73% 27.30% 1.36% 17.87% N5K-B# sh port-channel traffic ChanId Port Rx-Ucst Tx-Ucst Rx-Mcst Tx-Mcst Rx-Bcst Tx-Bcst ------ --------- ------- ------- ------- ------- ------- ------- 12 Eth1/20 0.0% 0.0% 49.14% 25.66% 0.0% 0.0% 12 Eth1/21 0.0% 0.0% 1.05% 25.18% 0.0% 0.0% 12 Eth1/22 0.0% 0.0% 48.74% 24.56% 0.0% 0.0% 12 Eth1/23 0.0% 0.0% 1.04% 24.58% 0.0% 0.0% ------ --------- ------- ------- ------- ------- ------- ------- 14 Eth1/24 0.0% 0.0% 1.06% 25.47% 0.0% 0.0% 14 Eth1/25 0.0% 0.0% 48.98% 25.33% 0.0% 0.0% 14 Eth1/26 0.0% 0.0% 1.05% 24.59% 0.0% 0.0% 14 Eth1/27 0.0% 0.0% 48.88% 24.59% 0.0% 0.0% ------ --------- ------- ------- ------- ------- ------- ------- 72 Eth1/1 80.55% 32.17% 50.82% 22.44% 24.99% 29.28% 72 Eth1/2 8.33% 12.17% 3.16% 21.87% 29.64% 0.14% 72 Eth1/3 2.08% 33.91% 29.24% 29.25% 45.24% 41.27% 72 Eth1/4 9.02% 21.73% 16.76% 26.42% 0.11% 29.28% Note Your output will be different than what is shown. Activity Verification You have completed this task when you attain these results: You have configured a port channel using IEEE 802.1ax LACP on the Cisco Nexus 5000 Series and 7000 Series switches. You have validated that traffic is traversing the vpc 84 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

2012 Cisco Systems, Inc. Lab Guide 85

Lab 1-5: Validating Cisco FabricPath Configuration Complete this lab activity to practice what you learned in the related module activity. Activity Objective In this activity, you will connect to the Cisco Nexus 7000 Series and 5000 Series Switches to validate a Cisco FabricPath configuration. After completing this activity, you will be able to meet this objective: Use the show commands to validate the Cisco FabricPath configuration Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 7000 Series VDC One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 86 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show feature-set show fabricpath switch-id show fabricpath isis adjacency show fabricpath route show mac address-table learningmode show spanning-tree [vlan <x>] show cdp neighbor show fabricpath conflict all Description Displays which feature-set or sets have been enabled on the switch Displays the Cisco FabricPath switch IDs for each switch Displays the Cisco FabricPath adjacencies that have been formed Displays the Cisco FabricPath routing table Displays the learning mode for MAC addresses on the VLANs Displays the spanning tree details for a given VLAN Displays the Cisco devices that have been discovered via Cisco Discovery Protocol Displays any Cisco FabricPath conflicts that have been discovered Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 87

Task 1: Validate the Cisco FabricPath Configuration In this task, you will use CLI commands to validate the Cisco FabricPath configuration. Activity Procedure Complete these steps: Step 1 Step 2 Using the credentials that are provided by your instructor, connect to the remote lab and your pod and open an SSH session to all four switches. Log into the switches using the username admin and password 1234QWer. Note Cisco FabricPath has been configured on all the switches in the lab, with VLAN 42 configured as the FabricPath VLAN. Step 3 Step 4 Switch One of the things to check when verifying a Cisco FabricPath configuration is whether the Cisco FabricPath feature set has been installed on the switch. Use the show feature-set command to check that this feature is enabled on each of the switches in the lab. N7K-A# show feature-set Feature Set Name ID State -------------------- -------- -------- fcoe 1 uninstalled fabricpath 2 enabled fex 3 uninstalled mpls 4 uninstalled N7K-A# Although the switch ID can be dynamically allocated, it has been configured on each switch. Using the show fabricpath switch-id command, verify that the switch ID for each switch has been configured as follows: Switch-ID N5K-A 51 N5K-B 52 N7K-A 71 N7K-B 72 Step 5 Using the show fabricpath isis adjacency command, verify that each switch has formed the correct adjacencies. N5K-A# show fabricpath isis adjacency Fabricpath IS-IS domain: default Fabricpath IS-IS adjacency database: System ID SNPA Level State Hold Time Interface N7K-A N/A 1 UP 00:00:27 Ethernet1/1 N7K-A N/A 1 UP 00:00:27 Ethernet1/2 N5K-A# N5K-B# show fabricpath isis adjacency Fabricpath IS-IS domain: default Fabricpath IS-IS adjacency database: System ID SNPA Level State Hold Time Interface 7K-B N/A 1 UP 00:00:26 Ethernet1/3 7K-B N/A 1 UP 00:00:30 Ethernet1/4 N5K-B# 88 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-A# show fabricpath isis adjacency Fabricpath IS-IS domain: default Fabricpath IS-IS adjacency database: System ID SNPA Level State Hold Time Interface N5K-A N/A 1 UP 00:00:26 Ethernet2/5 N5K-A N/A 1 UP 00:00:23 Ethernet2/6 7K-B N/A 1 UP 00:00:28 Ethernet2/11 7K-B N/A 1 UP 00:00:28 Ethernet2/12 N7K-A# N7K-B# show fabricpath isis adjacency Fabricpath IS-IS domain: default Fabricpath IS-IS adjacency database: System ID SNPA Level State Hold Time Interface N5K-B N/A 1 UP 00:00:28 Ethernet2/19 N5K-B N/A 1 UP 00:00:27 Ethernet2/20 N7K-A N/A 1 UP 00:00:25 Ethernet2/23 N7K-A N/A 1 UP 00:00:26 Ethernet2/24 N7K-B# Step 6 Q1) Why do the Cisco Nexus 7000 Series Switches have more adjacencies than the Cisco Nexus 5000 Series switch? Each switch should have four routes in the FabricPath routing table, indicating the paths that are available to each switch. Use the show fabricpath route to verify. N5K-A# show fabricpath route FabricPath Unicast Route Table 'a/b/c' denotes ftag/switch-id/subswitch-id '[x/y]' denotes [admin distance/metric] ftag 0 is local ftag subswitch-id 0 is default subswitch-id FabricPath Unicast Route Table for Topology-Default 0/51/0, number of next-hops: 0 via ----, [60/0], 0 day/s 17:14:02, local 1/52/0, number of next-hops: 2 via Eth1/1, [115/120], 0 day/s 00:13:27, isis_fabricpath-default via Eth1/2, [115/120], 0 day/s 00:13:27, isis_fabricpath-default 1/71/0, number of next-hops: 2 via Eth1/1, [115/40], 0 day/s 01:33:47, isis_fabricpath-default via Eth1/2, [115/40], 0 day/s 01:33:47, isis_fabricpath-default 1/72/0, number of next-hops: 2 via Eth1/1, [115/80], 0 day/s 00:45:27, isis_fabricpath-default via Eth1/2, [115/80], 0 day/s 00:45:27, isis_fabricpath-default N5K-A# N5K-B# show fabricpath route FabricPath Unicast Route Table 'a/b/c' denotes ftag/switch-id/subswitch-id '[x/y]' denotes [admin distance/metric] ftag 0 is local ftag subswitch-id 0 is default subswitch-id FabricPath Unicast Route Table for Topology-Default 0/52/0, number of next-hops: 0 via ----, [60/0], 0 day/s 00:43:41, local 1/51/0, number of next-hops: 2 via Eth1/3, [115/120], 0 day/s 00:13:58, isis_fabricpath-default via Eth1/4, [115/120], 0 day/s 00:13:58, isis_fabricpath-default 1/71/0, number of next-hops: 2 via Eth1/3, [115/80], 0 day/s 00:13:58, isis_fabricpath-default via Eth1/4, [115/80], 0 day/s 00:13:58, isis_fabricpath-default 2012 Cisco Systems, Inc. Lab Guide 89

1/72/0, number of next-hops: 2 via Eth1/3, [115/40], 0 day/s 00:13:58, isis_fabricpath-default via Eth1/4, [115/40], 0 day/s 00:13:58, isis_fabricpath-default N5K-B# N7K-A# show fabricpath route FabricPath Unicast Route Table 'a/b/c' denotes ftag/switch-id/subswitch-id '[x/y]' denotes [admin distance/metric] ftag 0 is local ftag subswitch-id 0 is default subswitch-id FabricPath Unicast Route Table for Topology-Default 0/71/0, number of next-hops: 0 via ----, [60/0], 0 day/s 01:46:12, local 1/51/0, number of next-hops: 2 via Eth2/5, [115/40], 0 day/s 01:35:05, isis_fabricpath-default via Eth2/6, [115/40], 0 day/s 01:35:05, isis_fabricpath-default 1/52/0, number of next-hops: 2 via Eth2/11, [115/80], 0 day/s 00:14:45, isis_fabricpath-default via Eth2/12, [115/80], 0 day/s 00:14:45, isis_fabricpath-default 1/72/0, number of next-hops: 2 via Eth2/11, [115/40], 0 day/s 00:46:45, isis_fabricpath-default via Eth2/12, [115/40], 0 day/s 00:46:45, isis_fabricpath-default N7K-A# N7K-B# show fabricpath route FabricPath Unicast Route Table 'a/b/c' denotes ftag/switch-id/subswitch-id '[x/y]' denotes [admin distance/metric] ftag 0 is local ftag subswitch-id 0 is default subswitch-id FabricPath Unicast Route Table for Topology-Default 0/72/0, number of next-hops: 0 via ----, [60/0], 0 day/s 00:48:54, local 1/51/0, number of next-hops: 2 via Eth2/23, [115/80], 0 day/s 00:47:21, isis_fabricpath-default via Eth2/24, [115/80], 0 day/s 00:47:21, isis_fabricpath-default 1/52/0, number of next-hops: 2 via Eth2/19, [115/40], 0 day/s 00:15:20, isis_fabricpath-default via Eth2/20, [115/40], 0 day/s 00:15:20, isis_fabricpath-default 1/71/0, number of next-hops: 2 via Eth2/23, [115/40], 0 day/s 00:47:21, isis_fabricpath-default via Eth2/24, [115/40], 0 day/s 00:47:21, isis_fabricpath-default N7K-B# Q2) Do any of the switches have multiple paths in the routing table to any other switch? Q3) If so, why do these multiple paths exist? Step 7 When you enable Cisco FabricPath on a VLAN, the MAC address learning should change to conversational. Verify this change is the case on all switches for VLAN 42 using the command show mac address-table learning-mode. N7K-A# show mac address-table learning-mode 90 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N7K-A# show mac address-table learning-mode Vlan Learning Mode ---- ---------- 1 Non-Conversational-Learning 42 Conversational-Learning 110 Non-Conversational-Learning 113 Non-Conversational-Learning 114 Non-Conversational-Learning 211 Non-Conversational-Learning 212 Non-Conversational-Learning Step 8 When you enable Cisco FabricPath for a VLAN, spanning-tree is automatically switched off for that VLAN instance. Use the show spanning-tree command to verify that VLAN 1 is running a spanning-tree instance, and VLAN 42 is not. N7K-A# show spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 64a0.e743.03c2 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 24577 (priority 24576 sys-id-ext 1) Address 64a0.e743.03c2 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ----------------- Eth2/7 Desg FWD 2 128.263 P2p Eth2/8 Desg FWD 2 128.264 P2p N7K-A# show spanning-tree vlan 42 Spanning tree instance(s) for vlan does not exist. N7K-A# Step 9 Verify that Cisco Discovery Protocol is still running between devices by using the command show cdp neighbor. N5K-A# sh cdp neighbors Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge S - Switch, H - Host, I - IGMP, r - Repeater, V - VoIP-Phone, D - Remotely-Managed-Device, s - Supports-STP-Dispute Device-ID Local Intrfce Hldtme Capability Platform Port ID mgmnt-sw mgmt0 142 S I WS-C3560X-48 Gig0/5 N7K-A(JAF1547ATSM) Eth1/1 152 R S I s N7K-C7010 Eth2/5 N7K-A(JAF1547ATSM) Eth1/2 152 R S I s N7K-C7010 Eth2/6 N7K-B(JAF1602BFMH) Eth1/3 149 R S I s N7K-C7010 Eth2/17 N7K-B(JAF1602BFMH) Eth1/4 150 R S I s N7K-C7010 Eth2/18 N7K-A(JAF1547ATSM) Eth1/20 160 R S I s N7K-C7010 Eth3/20 2012 Cisco Systems, Inc. Lab Guide 91

N7K-A(JAF1547ATSM) Eth1/21 160 R S I s N7K-C7010 Eth3/21 N7K-B(JAF1602BFMH) Eth1/22 149 R S I s N7K-C7010 Eth3/20 N7K-B(JAF1602BFMH) Eth1/23 149 R S I s N7K-C7010 Eth3/21 N7K-A(JAF1547ATSM) Eth1/24 161 R S I s N7K-C7010 Eth3/24 N7K-A(JAF1547ATSM) Eth1/25 161 R S I s N7K-C7010 Eth3/25 N7K-B(JAF1602BFMH) Eth1/26 149 R S I s N7K-C7010 Eth3/24 N7K-B(JAF1602BFMH) Eth1/27 149 R S I s N7K-C7010 Eth3/25 N7K-A# sh cdp neighbors Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge S - Switch, H - Host, I - IGMP, r - Repeater, V - VoIP-Phone, D - Remotely-Managed-Device, s - Supports-STP-Dispute Device-ID Local Intrfce Hldtme Capability Platform Port ID mgmnt-sw mgmt0 126 S I WS-C3560X-48 Gig0/1 UCS-A(SSI15280G2J) Eth2/1 137 S I s N10-S6100 Eth1/1 UCS-A(SSI15280G2J) Eth2/2 137 S I s N10-S6100 Eth1/2 UCS-B(SSI15441476) Eth2/3 144 S I s N10-S6100 Eth1/1 UCS-B(SSI15441476) Eth2/4 164 S I s N10-S6100 Eth1/2 N5K-A(SSI16380AYG) Eth2/5 137 S I s N5K-C5548UP Eth1/1 N5K-A(SSI16380AYG) Eth2/6 137 S I s N5K-C5548UP Eth1/2 N5K-B(SSI16380AY7) Eth2/7 146 S I s N5K-C5548UP Eth1/1 N5K-B(SSI16380AY7) Eth2/8 146 S I s N5K-C5548UP Eth1/2 7K-B(JAF1602BFMH) Eth2/11 19 R S I s N7K-C7010 Eth2/23 N7K-B(JAF1602BFMH) Eth2/11 139 R S I s N7K-C7010 Eth2/23 7K-B(JAF1602BFMH) Eth2/12 19 R S I s N7K-C7010 Eth2/24 N7K-B(JAF1602BFMH) Eth2/12 139 R S I s N7K-C7010 Eth2/24 N5K-A(SSI16380AYG) Eth3/20 144 S I s N5K-C5548UP Eth1/20 N5K-A(SSI16380AYG) Eth3/21 144 S I s N5K-C5548UP Eth1/21 N5K-B(SSI16380AY7) Eth3/22 145 S I s N5K-C5548UP Eth1/20 N5K-B(SSI16380AY7) Eth3/23 145 S I s N5K-C5548UP Eth1/21 N5K-A(SSI16380AYG) Eth3/24 145 S I s N5K-C5548UP Eth1/24 N5K-A(SSI16380AYG) Eth3/25 145 S I s N5K-C5548UP Eth1/25 N5K-B(SSI16380AY7) Eth3/26 145 S I s N5K-C5548UP Eth1/24 N5K-B(SSI16380AY7) Eth3/27 145 S I s N5K-C5548UP Eth1/25 N7K-A# 92 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 10 If any conflicts have been discovered within Cisco FabricPath, they can be displayed using the show fabricpath conflict all command. Run this command to verify that there are no conflicts on any switches in the lab. N7K-A# show fabricpath conflict all No Ports under Fabricpath control No Switch id Conflicts No transitions in progress N7K-A# Activity Verification You have completed this task when you attain these results: You have successfully verified the Cisco FabricPath configuration and established that neighbor adjacencies have been formed. You have successfully verified that you can see all neighbors across the Cisco FabricPath network. You have successfully verified that there are no Cisco FabricPath conflicts in the network. 2012 Cisco Systems, Inc. Lab Guide 93

Lab 1-6: Validating OTV Configuration Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to both Cisco Nexus 7000 Series switches to validate a Cisco OTV configuration. After completing this activity, you will be able to meet this objective: Use the show commands to validate the Cisco OTV configuration Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 94 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show license usage show otv overlay 1 show vlan show otv adjacency show otv route ping <x.x.x.x> show otv arp-nd-cache Description Displays which licenses are available and currently being used Displays the overlay interface settings and verifies if the interface is up Displays the current VLANs Displays the OTV adjacencies that have been established Displays the OTV routing table Tests connectivity to an IP address Displays the OTV ARP cache Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 95

Task 1: Validate the OTV Configuration Activity Procedure In this task, you will use CLI commands to validate the Cisco OTV configuration. Complete these steps: Step 1 Step 2 Using the credentials provided by your instructor, connect to the remote lab and your pod and open an SSH session to all four switches. Log in using the username admin and password 1234QWer. Note OTV has been configured on all the switches in the lab, with VLAN 10 configured as the extended VLAN across the OTV cloud. Step 3 Check that the correct license is enabled for the OTV configuration using the command show license usage. N7K-A# show license usage Feature Ins Lic Status Expiry Date Comments Count -------------------------------------------------------------------------------- MPLS_PKG No - Unused - STORAGE-ENT Yes - Unused Never - ENTERPRISE_PKG No - Unused - FCOE-N7K-F132XP No 0 Unused - ENHANCED_LAYER2_PKG Yes - In use Never - SCALABLE_SERVICES_PKG No - Unused - TRANSPORT_SERVICES_PKG Yes - In use Never - LAN_ADVANCED_SERVICES_PKG Yes - Unused Never - LAN_ENTERPRISE_SERVICES_PKG Yes - Unused Never - -------------------------------------------------------------------------------- N7K-A# Q1) Which license does OTV require? Step 4 To be able to create any OTV adjacencies, the overlay interface must be up and the site VLAN configured. Use the show otv overlay 1 command to view the state of the overlay interface. N7K-A# show otv overlay 1 OTV Overlay Information Site Identifier 0000.0000.2010 Overlay interface Overlay1 VPN name : Overlay1 VPN state : UP Extended vlans : 10-12 (Total:3) Control group : 239.7.7.7 Data group range(s) : 232.7.7.0/24 Join interface(s) : Eth3/1 (10.7.7.201) Site vlan : 13 (up) AED-Capable : Yes Capability : Multicast-Reachable N7K-A# 96 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 5 Identify the site VLAN from the output and run the show vlan command to verify that the VLAN is operational. N7K-A# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Eth2/1, Eth2/2, Eth2/3, Eth2/4 Eth2/5, Eth2/6, Eth2/7, Eth2/8 Eth2/10, Eth2/11, Eth2/12 Eth2/13, Eth2/14, Eth2/15 Eth2/16, Eth2/17, Eth2/18 Eth2/19, Eth2/20, Eth2/21 Eth2/22, Eth2/23, Eth2/24 Eth2/25, Eth2/26, Eth2/27 Eth2/28, Eth2/29, Eth2/30 Eth2/31, Eth2/32, Eth3/20 Eth3/21, Eth3/22, Eth3/23 Eth3/24, Eth3/25, Eth3/26 Eth3/27 10 OTV-Extended-VLAN active Eth2/7, Eth2/8, Eth2/11 Eth2/12, Eth3/3, Eth3/20 Eth3/21, Eth3/22, Eth3/23 Eth3/24, Eth3/25, Eth3/26 Eth3/27 13 OTV-Site-VLAN active Eth2/7, Eth2/8, Eth2/9, Eth3/20 Eth3/21, Eth3/22, Eth3/23 ----remaining output removed---- Step 6 Without an adjacency established, traffic cannot be forwarded over the OTV cloud. Verify the establishment of an adjacency between the two Cisco Nexus 7000 Series Switches using the show otv adjacency command. N7K-A# show otv adjacency Overlay Adjacency database Overlay-Interface Overlay1 : Hostname System-ID Dest Addr Up Time State N7K-B 64a0.e743.03c3 10.7.7.202 01:19:38 UP N7K-A# N7K-B# show otv adjacency Overlay Adjacency database Overlay-Interface Overlay1 : Hostname System-ID Dest Addr Up Time State N7K-A 64a0.e743.03c2 10.7.7.201 01:19:58 UP N7K-B# Step 7 Verify that MAC addresses are being discovered across the OTV cloud. Use the command show otv route. N7K-A# show otv route OTV Unicast MAC Routing Table For Overlay1 VLAN MAC-Address Metric Uptime Owner Next-hop(s) ---- -------------- ------ -------- --------- ----------- 10 547f.eeee.e34c 1 00:05:46 site Ethernet3/3 10 547f.eeee.e35d 42 00:05:29 overlay N7K-B 10 64a0.e743.6241 42 00:05:17 overlay N7K-B 10 6c9c.ed46.37c1 1 00:05:46 site Ethernet3/3 2012 Cisco Systems, Inc. Lab Guide 97

Step 8 If you do not see any routes in the table, go to the Cisco Nexus 5000 Series switch and run the following two pings: N5K-A# ping 172.16.20.42 N5K-A# ping 172.16.20.41 Step 9 Step 10 Redo the show otv route command. Has anything changed (you should see some routes in the OTV routing table)? Why has it changed? The show otv arp-nd-cache command can show you which addresses have been seen through ARPs. Run this command to verify that addresses are being discovered through the ARP process. N7K-A# show otv arp-nd-cache Activity Verification OTV ARP/ND L3->L2 Address Mapping Cache Overlay Interface Overlay1 VLAN MAC Address Layer-3 Address Age Expires In 10 547f.ee5c.6efc 172.16.20.42 00:02:37 00:07:04 N7K-A# You have completed this task when you attain these results: You have examined OTV and verified that OTV adjacencies are in place. 98 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Lab 2-1: Verifying Current VDC Settings Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to a Cisco Nexus 7000 Series switch to verify the current VDC settings. After completing this activity, you will be able to meet this objective: Use the show commands to verify the settings that are configured for a VDC Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 7000 Series VDC One PC with an SSH application for remote connectivity 2012 Cisco Systems, Inc. Lab Guide 99

Command List The table describes the commands that are used in this activity. Command show vdc show vdc detail show vdc feature-set show vdc internal mac_address_table show vdc membership Description Displays a summary of the current VDC Displays detailed information of the current VDC Displays which feature sets have been enabled in the current VDC Displays the internal MAC address table of the current VDC Displays which interfaces are members of the current VDC Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 100 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Verify the Current VDC Settings In this task, you will use CLI commands to verify the current VDC settings. Activity Procedure Complete these steps: Step 1 Step 2 Step 3 Using the credentials that are provided by your instructor, connect to the remote lab and your pod and open an SSH session to all four switches. Log into your assigned PC using username administrator password 1234QWer. VDCs are created and modified in the default VDC. You are working in a nondefault VDC here in the lab. Use the show vdc command to identify which VDC you are working in. N7K-A# show vdc vdc_id vdc_name state mac type lc ------ -------- ----- --------- --------- ------ 1 N7K-A active 64:a0:e7:43:03:c2 Ethernet m1 f1 m1xl Q1) Which VDC are you using? Step 4 N7K-A# sh vdc VDCs are configured with a high availability policy. Use the command show vdc detail to identify which high availability policy your VDC is using. vdc id: 1 vdc name: N7K-A vdc state: active vdc mac address: 64:a0:e7:43:62:41 vdc ha policy: RELOAD vdc dual-sup ha policy: SWITCHOVER vdc boot Order: 1 vdc create time: Thu Sep 26 18:34:56 2013 vdc reload count: 0 vdc restart count: 0 vdc type: Ethernet vdc supported linecards: m1 f1 m1xl Q2) Which high availability policy has been configured for the VDC? Q3) Using the same output, what line cards are supported in your VDC? Step 5 Feature sets are used to enable specific features on the Cisco Nexus 7000 Series switch. These feature sets can be enabled on a per-vdc basis. Verify which feature sets you are running in your VDC using the command show vdc feature-set. Q4) Which feature sets are you running? Step 6 Check what internal MAC addresses are being used in the VDC using the command show vdc internal mac_address_table. 2012 Cisco Systems, Inc. Lab Guide 101

N7K-A# show vdc internal mac_address_table 64:a0:e7:43:03:c0 64:a0:e7:43:03:c1 64:a0:e7:43:03:c2 64:a0:e7:43:03:c3 64:a0:e7:43:03:c4 Note The MAC addresses are specific to the equipment group you are assigned. Your output will not match this example. Step 7 An easy way to find out which interfaces have been assigned to your VDC is through the show vdc membership command. Check which interfaces you have been assigned to use. N7K-A# show vdc membership vdc_id: 0 vdc_name: Unallocated interfaces: vdc_id: 1 vdc_name: N7K-A interfaces: Ethernet2/1 Ethernet2/2 Ethernet2/3 Ethernet2/4 Ethernet2/5 Ethernet2/6 Ethernet2/7 Ethernet2/8 Ethernet2/9 Ethernet2/10 Ethernet2/11 Ethernet2/12 Ethernet2/13 Ethernet2/14 Ethernet2/15 Ethernet2/16 Ethernet2/17 Ethernet2/18 Ethernet2/19 Ethernet2/20 Ethernet2/21 Ethernet2/22 Ethernet2/23 Ethernet2/24 Ethernet2/25 Ethernet2/26 Ethernet2/27 Ethernet2/28 Ethernet2/29 Ethernet2/30 Ethernet2/31 Ethernet2/32 Ethernet3/1 Ethernet3/2 Ethernet3/3 Ethernet3/4 Ethernet3/5 Ethernet3/6 Ethernet3/7 Ethernet3/8 Ethernet3/9 Ethernet3/10 Ethernet3/11 Ethernet3/12 Ethernet3/13 Ethernet3/14 Ethernet3/15 Ethernet3/16 Ethernet3/17 Ethernet3/18 Ethernet3/19 Ethernet3/20 Ethernet3/21 Ethernet3/22 Ethernet3/23 Ethernet3/24 Ethernet3/25 Ethernet3/26 Ethernet3/27 Ethernet3/28 Ethernet3/29 Ethernet3/30 Ethernet3/31 Ethernet3/32 Activity Verification You have completed this task when you attain these results: You have identified which VDC you are currently working with. You have successfully verified the VDC membership. You have successfully verified the high availability policy. You have successfully identified which feature sets are being used in your VDC. 102 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Lab 2-2: Validating a Cisco Nexus 2000 Series Fabric Extender Configuration Complete this lab activity to practice what you learned in the related module Activity Objective In this activity, you will connect to a Cisco Nexus 5000 Series switch to validate a Cisco Nexus 2000 Series Fabric Extender configuration. After completing this activity, you will be able to meet this objective: Use the show commands to validate a Cisco Nexus 2000 Series Fabric Extender configuration Visual Objective The figure illustrates what you will accomplish in this activity. N5K-A N5K-B N2K-A N2K-B 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 14 Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 2012 Cisco Systems, Inc. Lab Guide 103

Command List The table describes the commands that are used in this activity. Command show fex show run interface Ethernet 1/x-y show fex detail show running-config fex all show interface Ethernet 1/x fexintf show interface brief show module fex # Description Displays a summary of which FEXs are online and discovered Displays the running configuration for specific interfaces Displays detailed information about discovered FEXs Displays the FEX configuration in the running configuration file Displays the FEX interfaces for a specific interface Displays a summary of all interfaces known by the switch Displays the FEX module details Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 104 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Validate a Cisco Nexus 2000 Fabric Extender Configuration Activity Procedure In this task, you will use CLI commands to validate the configuration of a Cisco Nexus 2000 Fabric Extender that is connected to a Cisco Nexus 5000 Series switch. Complete these steps: Step 1 Step 2 Using the credentials provided by your instructor, connect to the remote lab and your pod and open an SSH session to all four switches. Log in to the switches using the username admin and password 1234QWer. Note The Cisco Nexus 2000 Series Fabric Extender is attached to the N5K switches via interface Ethernet 1/9 on the N5K-A and interface Ethernet 1/10 on the N5K-B. Step 3 Once the file has loaded, verify that the Cisco Nexus 2000 Series Fabric Extender is online using the show fex command. N5K-A# show fex FEX FEX FEX FEX Number Description State Model Serial --------------------------------------------------------------------- 151 FEX0151 Online N2K-C2224TP-1GE SSI153910AP --- -------- Discovered N2K-C2224TP-1GE SSI153910AF N5K-A# Q1) Why is one FEX online? (Hint: use the show running-config interface Ethernet 1/9-10 command.) N5K-A# show run interface ethernet 1/9-10!Command: show running-config interface Ethernet1/9-10!Time: Fri Feb 20 11:17:22 2009 version 5.1(3)N1(1) interface Ethernet1/9 switchport mode fex-fabric fex associate 151 no shutdown interface Ethernet1/10 no shutdown Step 4 Using the show fex detail command, identify the number of uplinks that are being used and which uplinks the FEX server interfaces are using. N5K-B# show fex detail FEX: 152 Description: FEX0152 state: Online FEX version: 5.1(3)N1(1) [Switch version: 5.1(3)N1(1)] FEX Interim version: 5.1(3)N1(1) Switch Interim version: 5.1(3)N1(1) Extender Serial: SSI153910AF Extender Model: N2K-C2224TP-1GE, Part No: 73-13373-01 Card Id: 132, Mac Addr: d4:d7:48:3a:fa:c2, Num Macs: 64 Module Sw Gen: 12594 [Switch Sw Gen: 21] 2012 Cisco Systems, Inc. Lab Guide 105

post level: complete pinning-mode: static Max-links: 1 Fabric port for control traffic: Eth1/10 FCoE Admin: false FCoE Oper: true FCoE FEX AA Configured: false Fabric interface state: Eth1/10 - Interface Up. State: Active Fex Port State Fabric Port Eth152/1/1 Down Eth1/10 Eth152/1/2 Down Eth1/10 Eth152/1/3 Down Eth1/10 Eth152/1/4 Down Eth1/10 Eth152/1/5 Down Eth1/10 Eth152/1/6 Down Eth1/10 Eth152/1/7 Down Eth1/10 Eth152/1/8 Down Eth1/10 Eth152/1/9 Down Eth1/10 Eth152/1/10 Down Eth1/10 Eth152/1/11 Up Eth1/10 Eth152/1/12 Up Eth1/10 Eth152/1/13 Up Eth1/10 Eth152/1/14 Up Eth1/10 Eth152/1/15 Down Eth1/10 Eth152/1/16 Down Eth1/10 Eth152/1/17 Down Eth1/10 Eth152/1/18 Down Eth1/10 Eth152/1/19 Down Eth1/10 Eth152/1/20 Down Eth1/10 Eth152/1/21 Down Eth1/10 Eth152/1/22 Down Eth1/10 Eth152/1/23 Down Eth1/10 Eth152/1/24 Down Eth1/10 Logs: 02/20/2009 10:08:06.614862: Module register received 02/20/2009 10:08:06.616005: Image Version Mismatch 02/20/2009 10:08:06.616259: Registration response sent 02/20/2009 10:08:06.616542: Requesting satellite to download image 02/20/2009 10:17:00.452677: Image preload successful. 02/20/2009 10:17:01.587339: Deleting route to FEX 02/20/2009 10:17:01.593870: Module disconnected 02/20/2009 10:17:01.596658: Module Offline 02/20/2009 10:18:06.626003: Module timed out 02/20/2009 10:18:13.947971: Module register received 02/20/2009 10:18:13.949346: Registration response sent 02/20/2009 10:18:14.815655: Module Online Sequence 02/20/2009 10:18:18.825624: Module Online N5K-B# Q2) Which command would you use to verify that the number of uplinks being used is the number that is specified in the pinning command for the FEX? 106 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N5K-A# show running-config fex all!command: show running-config fex all!time: Fri Feb 20 11:32:49 2009 version 5.1(3)N1(1) feature fex fex 151 pinning max-links 1 description "FEX0151" interface Ethernet1/10 fex associate 151 N5K-B# show running-config fex all!command: show running-config fex all!time: Fri Feb 20 11:33:09 2009 version 5.1(3)N1(1) feature fex fex 152 pinning max-links 1 description "FEX0152" interface Ethernet1/10 fex associate 152 Step 5 Verify the mapping of FEX server interfaces to uplink interfaces using the show interface Ethernet 1/x fex-intf command. (Where x is Ethernet 1/9 on the N5K-A and Ethernet 1/10 on the N5K-B.) N5K-B# show interface ethernet 1/10 fex-intf Fabric FEX Interface Interfaces --------------------------------------------------- Eth1/10 Eth152/1/1 Eth152/1/2 Eth152/1/3 Eth152/1/4 Eth152/1/5 Eth152/1/6 Eth152/1/7 Eth152/1/8 Eth152/1/9 Eth152/1/10 Eth152/1/11 Eth152/1/12 Eth152/1/13 Eth152/1/14 Eth152/1/15 Eth152/1/16 Eth152/1/17 Eth152/1/18 Eth152/1/19 Eth152/1/20 Eth152/1/21 Eth152/1/22 Eth152/1/23 Eth152/1/24 N5K-B# Step 6 Verify the Cisco Nexus 2000 Series Fabric Extender interfaces using the show interface brief command. N5K-A(config-if)# show interface brief begin Eth151 Eth151/1/1 1 eth access down Link not connected auto(d) -- Eth151/1/2 1 eth access down Link not connected auto(d) -- Eth151/1/3 1 eth access down Link not connected auto(d) -- Eth151/1/4 1 eth access down Link not connected auto(d) -- Eth151/1/5 1 eth access down Link not connected auto(d) -- Eth151/1/6 1 eth access down Link not connected auto(d) -- Eth151/1/7 1 eth access down Link not connected auto(d) -- Eth151/1/8 1 eth access down Link not connected auto(d) -- Eth151/1/9 1 eth access down Link not connected auto(d) -- Eth151/1/10 1 eth access down Link not connected auto(d) -- Eth151/1/11 1 eth access down Link not connected auto(d) -- Eth151/1/12 1 eth access up none 1000(D) -- Eth151/1/13 1 eth access up none 1000(D) -- Eth151/1/14 1 eth access up none 1000(D) -- Eth151/1/15 1 eth access up none 1000(D) -- 2012 Cisco Systems, Inc. Lab Guide 107

Eth151/1/16 1 eth access up none 1000(D) -- Eth151/1/17 1 eth access up none 1000(D) -- Eth151/1/18 1 eth access up none 1000(D) -- Eth151/1/19 1 eth access down Link not connected auto(d) -- Eth151/1/20 1 eth access down Link not connected auto(d) -- Eth151/1/21 1 eth access down Link not connected auto(d) -- Eth151/1/22 1 eth access down Link not connected auto(d) -- Eth151/1/23 1 eth access down Link not connected auto(d) -- Eth151/1/24 1 eth access down Link not connected auto(d) -- N5K-A# Step 7 Use the show module fex command to view the Cisco Nexus 2000 Series Fabric Extender modules on both Nexus 5548UP switches. N5K-B is shown. N5K-B# show module fex 152 FEX Mod Ports Card Type Model Status. --- --- ----- ---------------------------------- ------------------ --------- 152 1 24 Fabric Extender 24x1GE + 2x10G MOdule N2K-C2224TP-1GE present FEX Mod Sw Hw World-Wide-Name(s) (WWN) --- --- -------------- ------ --------------------------------------------- 152 1 5.1(3)N1(1) 1.2 -- FEX Mod MAC-Address(es) Serial-Num --- --- -------------------------------------- ---------- 152 1 d4d7.483a.fac0 to d4d7.483a.fad7 SSI153910AF N5K-B# Activity Verification You have completed this task when you attain these results: Used the show commands to verify the connectivity between the Cisco Nexus 5000 Series switch and the Cisco Nexus 2000 Series Fabric Extender. Use the show commands to verify that the Cisco Nexus 5000 Series switch can see the interfaces on the Cisco Nexus 2000 Series Fabric Extender. 108 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity 3-1: Cisco MDS 9100 Series Multilayer Fabric Switch Initial Setup (Instructor Demonstration Only) The instructor will complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, the instructor will demonstrate how to perform an initial configuration on a Cisco MDS 9100 Series Multilayer Fabric switch. After completing this activity, you will be able to meet these objectives: Describe how to use the initial setup script to perform an initial configuration on a Cisco MDS 9100 Series Multilayer Fabric switch Describe which parameters should be set during the initial configuration on the Cisco MDS 9100 Series Multilayer Fabric switch Describe which parameters have default settings in the initial setup script on the Cisco MDS 9100 Series Multilayer Fabric switch Visual Objective The figure illustrates what you will accomplish in this activity. Required Resources These are the resources and equipment that are required to complete this activity: One Cisco MDS 9100 Series Multilayer Fabric switch One PC with an SSH application for remote connectivity 2012 Cisco Systems, Inc. Lab Guide 109

Command List The table describes the commands that are used in this activity. Command write erase reload setup show running-config Description Erases the startup-configuration Reboots the switch Runs the initial setup script Displays the current configuration on the switch Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 110 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Perform an Initial Setup on the Cisco MDS 9100 Series Multilayer Fabric Switch Activity Procedure During this task, your instructor will demonstrate how to perform an initial configuration on a Cisco MDS 9100 Series Multilayer Fabric switch. Complete these steps: Step 1 Step 2 Step 3 The instructor will connect to the Instructor VM. Open a console connection to Cisco MDS 9100-A and log in using username admin password 1234QWer. Perform a write erase and reload of the switch to clear any current configuration. Note Instead of performing a write erase and reload, explain to the students the purpose of these commands and then issue the setup command. Step 4 Complete the initial configuration as follows: ---- System Admin Account Setup ---- Do you want to enforce secure password standard (yes/no) [y]: <enter> Enter the password for "admin": 1234QWer Confirm the password for "admin": 1234QWer ---- Basic System Configuration Dialog ---- This setup utility will guide you through the basic configuration of the system. Setup configures only enough connectivity for management of the system. Please register Cisco MDS 9000 Family devices promptly with your supplier. Failure to register may affect response times for initial service calls. MDS devices must be registered to receive entitled support services. Press Enter at anytime to skip a dialog. Use ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes Create another login account (yes/no) [n]: <enter> Configure read-only SNMP community string (yes/no) [n]: <enter> Configure read-write SNMP community string (yes/no) [n]: <enter> Enter the switch name : MDS-A Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]: <enter> Mgmt0 IPv4 address : 172.16.1.51 Mgmt0 IPv4 netmask : 255.255.255.0 Configure the default gateway? (yes/no) [y]: <enter> IPv4 address of the default gateway : 172.16.1.1 Configure advanced IP options? (yes/no) [n]: <enter> Enable the ssh service? (yes/no) [y]: <enter> Type of ssh key you would like to generate (dsa/rsa) [rsa]: <enter> Number of rsa key bits <1024-2048> [1024]: <enter> Enable the telnet service? (yes/no) [n]: <enter> Enable the http-server? (yes/no) [y]: n Configure clock? (yes/no) [n]: <enter> Configure timezone? (yes/no) [n]: <enter> Configure summertime? (yes/no) [n]: <enter> Configure the ntp server? (yes/no) [n]: <enter> Configure default switchport interface state (shut/noshut) [shut]: <enter> Configure default switchport trunk mode (on/off/auto) [on]: <enter> Configure default switchport port mode F (yes/no) [n]: <enter> Configure default zone policy (permit/deny) [deny]: <enter> Enable full zoneset distribution? (yes/no) [n]: <enter> Configure default zone mode (basic/enhanced) [basic]: <enter> Step 5 You will be asked to verify if the proposed configuration is as required. Enter no to editing the configuration and yes to saving the configuration. 2012 Cisco Systems, Inc. Lab Guide 111

The following configuration will be applied: password strength-check switchname MDS-A interface mgmt0 ip address 172.16.1.51 255.255.255.0 no shutdown ip default-gateway 172.16.1.1 ssh key rsa 1024 force feature ssh no feature telnet no feature http-server system default switchport shutdown system default switchport trunk mode on no system default zone default-zone permit no system default zone distribute full no system default zone mode enhanced Would you like to edit the configuration? (yes/no) [n]: <enter> Use this configuration and save it? (yes/no) [y]: <enter> [########################################] 100% Copy complete, now saving to disk (please wait)... Step 6 Step 7 Step 8 Once the configuration has been saved, log into the switch and verify the configuration using the show running-config command. Repeat the preceding procedure for MDS-B, making the following modifications: Switch Name: MDS-B IP Address: 172.16.1.52/24 Verify the configuration using the show running-config command. Activity Verification You have completed this task when you attain these results: You have successfully performed an initial configuration on the Cisco MDS 9100 Series Multilayer switch. You have verified the configuration using the show running-config command. 112 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Lab 3-1: Validating a Cisco MDS 9100 Series Multilayer Fabric Switch License Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to a Cisco MDS 9100 Series Multilayer Fabric switch and validate the license and features. After completing this activity, you will be able to meet this objective: Validate the license on a Cisco MDS 9100 Series Multilayer Fabric switch. Visual Objective The figure illustrates what you will accomplish in this activity. MDS-A MDS-B 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 17 Required Resources These are the resources and equipment that are required to complete this activity: One Cisco MDS 9100 Series Multilayer Fabric switch One PC with an SSH application for remote connectivity 2012 Cisco Systems, Inc. Lab Guide 113

Command List The table describes the commands that are used in this activity. Command show license show license usage show license default show license host-id Description Displays the license details Displays the license usage table Displays which services are using default licenses Displays the unique ID for this host for licensing Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 114 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Validate the License on the Cisco MDS 9100 Series Switch Activity Procedure In this task, you will use the CLI commands to validate the license on the Cisco MDS 9100 Series Multilayer Fabric switch. Complete these steps: Step 1 Step 2 Step 3 Using the credentials that are provided by your instructor, connect to the remote lab and your pod and open an SSH session to both Cisco MDS 9100 Series Multilayer Fabric Switches. Log in using username admin and password 1234QWer. Identify which license is currently installed on the switch using the command show license. Note The name of the license file, digital signature, and host-id will depend on which equipment group you are assigned. MDS-A# show license MDSFOX1609GYNM.lic: SERVER this_host ANY VENDOR cisco INCREMENT ENTERPRISE_PKG cisco 1.0 permanent uncounted \ VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>L- M9100ENT1K9=</SKU > \ HOSTID=VDH=FOX1609GYNM \ NOTICE="<LicFileID>20130129162533072</LicFileID><LicLineID>1</LicLineID> \ <PAK></PAK>" SIGN=AF28AC78FFF4 INCREMENT PORT_ACTIVATION_PKG cisco 1.0 permanent 8 \ VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>M9124PL8-4G</SKU> \ HOSTID=VDH=FOX1609GYNM \ NOTICE="<LicFileID>20130129162533072</LicFileID><LicLineID>2</LicLineID> \ <PAK></PAK>" SIGN=BBEBFB467F52 Note The host-id and PAK signature will be different if you are not on this exact MDS switch. Step 4 This command shows you what license is currently being used. To find out which licenses are available use the show license default command. MDS-A# show license default Feature Default License Count --------------------------------------------------------------------- FM_SERVER_PKG - ENTERPRISE_PKG - PORT_ACTIVATION_PKG 8 10G_PORT_ACTIVATION_PKG 0 --------------------------------------------------------------------- 2012 Cisco Systems, Inc. Lab Guide 115

Step 5 To find out more details about the current license usage, use the command show license usage. MDS-A# show license usage Feature Ins Lic Status Expiry Date Comments Count -------------------------------------------------------------------------------- FM_SERVER_PKG No - Unused - ENTERPRISE_PKG Yes - Unused never - PORT_ACTIVATION_PKG Yes 16 In use never - 10G_PORT_ACTIVATION_PKG No 0 Unused - -------------------------------------------------------------------------------- Step 6 Use the outputs from the previous two commands to answer the following questions: Q1) How many port licenses are available on the switch? Q2) How many port licenses have been activated on the switch? Step 7 Licenses are tied to the host ID of the switch. If you needed to purchase additional licenses, you would need to provide this ID. Use the show license host-id command to identify the switch ID. MDS-A# show license host-id License hostid: VDH=FOX1609GYNM Note The host-id will be different if you are not on this exact MDS switch. Activity Verification You have completed this task when you attain this result: You have successfully validated the license on the Cisco MDS 9100 Series Multilayer Fabric switch. 116 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Lab 3-2: Configuring VSANs and Zoning Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will configure and verify VSANs in the switch fabric to logically isolate SAN traffic in SAN-A and SAN-B. You will then configure zone services, enabling initiators to have access to the proper storage targets. After completing this activity, you will be able to meet these objectives: Verify the existing topology and default configuration Configure and verify the VSANs to provide logical isolation for SAN traffic between SAN- A and SAN-B Optimize VSAN trunking Configure and verify the zone configuration to ensure that initiators can see their proper storage targets Use show commands to verify the configuration Save the running configurations Visual Objective The figure illustrates what you will accomplish in this activity. JBOD Disk 1 Disk 2 SAN A SAN B MDS-A MDS-B N5K-A N5K-B Cisco UCS C Series Servers 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 18 Required Resources These are the resources and equipment that are required to complete this activity: Two Cisco MDS 9100 Series Multilayer Fabric Switches Two Cisco Nexus 5000 Series Switches One PC with an SSH application for remote connectivity 2012 Cisco Systems, Inc. Lab Guide 117

Command List The table describes the commands that are used in this activity. Command show module show interface brief show interface description show ip interface brief [vrf vrf-name] show ip interface ping <x.x.x.x>[vrf vrfname] ping <x.x.x.x> show feature show vsan show vlan id n show vlan fcoe n vsan database vsan n vsan n name VSAN-name show vsan membership vsan n interface <interface slot/port> copy running-config startup-config switchport trunk allowed vsan n show zone policy show zone active show zoneset active show device-alias database zone name name vsan n member device-alias devicealias-name show zone zoneset name zoneset-name vsan n member zone-name zoneset activate name Description Displays the modules that are seen by the switch Displays a summary of the interfaces, showing the status of those interfaces Displays the description that is defined for the interfaces Displays the interfaces with IP addresses assigned in the specified VRF (Cisco Nexus Series switch) Displays the interfaces with IP addresses assigned (Cisco MDS switch) Tests connectivity to an IP address in the specified VRF (Cisco Nexus Series switch) Tests connectivity to an IP address (Cisco MDS switch) Displays the features that are enabled on the switch Displays the VSANs that are present on the switch Displays a VLAN Displays the VLAN-VSAN mapping for FCoE Enters VSAN database configuration mode Creates a VSAN in the VSAN database Assigns a name to a VSAN Displays the VSAN-to-interface associations Associates an interface to the specified VSAN Saves the configuration of the switch Defines the VSANs that are permitted to use a VSAN trunk Displays the current zoning policy Displays the active zone set and zones Displays the active zone set Displays the device aliases that are known to the switch Defines a zone and associates the zone to a VSAN Assigns a device to a zone based on the device alias Displays all configured zones Defines a zone set and associates the zone set to a VSAN Assigns a zone to a zone set Makes the specified zone set the active zone set for a 118 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

zoneset-name vsan n show zone status vsan n show zoneset VSAN Displays the zoning status for a VSAN Displays all configured zone sets Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 119

Task 1: Connect to N5K-A, N5K-B, MDS-A and MDS-B Activity Procedure In this task, you will connect to your Cisco Nexus 5548UP and MDS 9124 switches Complete these steps: Step 1 Using the credentials that are provided by your instructor, connect to the remote lab and your pod. Step 2 Open an SSH session to switches N5K-A (172.16.1.41), N5K-B (172.16.1.42), MDS- A (172.16.1.51), and MDS-B (172.16.1.52). Login with username admin and password 1234QWer. Note Not all of the following tasks in this lab exercise are performed on all switches. Activity Verification You have completed this task when you attain these results: You have successfully logged into the four switches via SSH. 120 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 2: Verify the Switch Model Activity Procedure In this task, you will use CLI commands to verify the model of a Cisco Nexus 5000 Series switch. Note A configuration file that contains additional configuration relating to Fibre Channel, FCoE, and other technologies has been preloaded into the switches. The command outputs that are shown in this lab will reflect those configurations. Ask your instructor for further clarification if required. Complete these steps on the Cisco Nexus 5000 Series Switches only: Step 1 Determine the model of the Cisco Nexus 5000 Series switch. N5K-A# show module Mod Ports Module-Type Model Status --- ----- -------------------------------- ---------------------- ----------- 1 32 O2 32X10GE/Modular Universal Pla N5K-C5548UP-SUP active * 3 0 O2 Non L3 Daughter Card N55-DL2 ok Mod Sw Hw World-Wide-Name(s) (WWN) --- ------------- ------ ------------------------------------------------- 1 5.1(3)N1(1a) 1.0 20:01:54:7f:ee:5c:6e:c0 to 20:04:54:7f:ee:5c:6e:c0 3 5.1(3)N1(1a) 1.0 -- Mod MAC-Address(es) Serial-Num --- -------------------------------------- ---------- 1 547f.ee5c.6ea8 to 547f.ee5c.6ec7 FOC154849HZ 3 0000.0000.0000 to 0000.0000.000f FOC15475JZJ Step 2 Q1) What does UP in N5K-C5548UP mean? Determine if any of the physical ports have been configured as type fc. N5K-A# show running-config include slot next 1 slot 1 port 29-32 type fc Step 3 Q2) What is the default mode of all the physical ports on a UP platform? Verify that the fc ports are recognized by the switch and their status. Trunking indicates an operational condition. N5K-A# show interface fc1/29-32 brief ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ fc1/29 1 auto on trunking swl TE 4 -- fc1/30 1 auto on trunking swl TE 4 -- fc1/31 1 auto on trunking swl TE 4 -- fc1/32 1 auto on trunking swl TE 4 -- Activity Verification You have completed this task when you attain these results: You have verified the model of the Cisco Nexus 5000 Series switch. You have verified the operation of the required unified ports in Fibre Channel (fc) mode. 2012 Cisco Systems, Inc. Lab Guide 121

Task 3: Verify Lab Connections Activity Procedure In this task, you will use CLI commands to verify the physical connections between the servers, the Cisco Nexus 5000 Series and Cisco MDS 9100 Series Multilayer Fabric Switches. Note A configuration file that contains additional configuration relating to Fibre Channel, FCoE, and other technologies has been preloaded into the switches. The command outputs that are shown in this lab will reflect those configurations. Ask your instructor for further clarification if required. Complete these steps on both the Cisco Nexus 5000 Series and Cisco MDS 9100 Series Multilayer Fabric Switches: Step 1 Display the interface descriptions that have been configured on the switches. Verify the connections by comparing the output to your lab topology diagram. N5K-A# show interface description ------------------------------------------------------------------------------ Interface Description ------------------------------------------------------------------------------ fc1/29 Connection to MDS-A fc1/1 fc1/30 Connection to MDS-A fc1/2 fc1/31 Connection to MDS-A fc1/3 fc1/32 Connection to MDS-A fc1/4 ------------------------------------------------------------------------------ Port Type Speed Description ------------------------------------------------------------------------------ Eth1/1 eth 10G Connection to 7K-A Eth 2/5 Eth1/2 eth 10G Connection to 7K-A Eth 2/6 Eth1/3 eth 10G Connection to 7K-B Eth 2/17 Eth1/4 eth 10G Connection to 7K-B Eth 2/18 Eth1/5 eth 10G Currently Unused Eth1/6 eth 10G To Server A Eth1/7 eth 10G Currently Unused Eth1/8 eth 10G Currently Unused Eth1/9 eth 10G Connection to FEX-A Eth1/10 eth 10G Connection to FEX-B Eth1/11 eth 10G C200-1 Port 0 Eth1/12 eth 10G C200-2 Port 0 Eth1/13 eth 10G C200-3 Port 0 Eth1/14 eth 10G C200-4 Port 0 Eth1/15 eth 10G C200-5 Port 0 Eth1/16 eth 10G C200-6 Port 0 Eth1/17 eth 10G C200-7 Port 0 Eth1/18 eth 10G C200-8 Port 0 Eth1/19 eth 10G Currently Unused Eth1/20 eth 10G Currently Unused Eth1/21 eth 10G Currently Unused Eth1/22 eth 10G Currently Unused Eth1/23 eth 10G Currently Unused Eth1/24 eth 10G Currently Unused Eth1/25 eth 10G Currently Unused Eth1/26 eth 10G Currently Unused Eth1/27 eth 10G Currently Unused Eth1/28 eth 10G Currently Unused ------------------------------------------------------------------------------ Interface Description ------------------------------------------------------------------------------ Po71 -- 122 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

------------------------------------------------------------------------------ Interface Description ------------------------------------------------------------------------------ vfc11 C200-1 FCoE vfc12 C200-2 FCoE vfc13 C200-3 FCoE vfc14 C200-4 FCoE vfc15 C200-5 FCoE vfc16 C200-6 FCoE vfc17 C200-7 FCoE vfc18 C200-8 FCoE MDS-A# show interface description ------------------------------------------------------------------------------ Interface Description ------------------------------------------------------------------------------ fc1/1 Connection to N5K-A fc1/29 fc1/2 Connection to N5K-A fc1/30 fc1/3 Connection to N5K-A fc1/31 fc1/4 Connection to N5K-A fc1/32 fc1/5 Connection to UCS-A fc1/6 Connection to UCS-A fc1/7 Connection to UCS-A fc1/8 Connection to UCS-A fc1/9 Connection to Disk1 -- output omitted -- Step 2 Verify the Layer 3 interfaces that are configured on your assigned switch. Ensure that they are up. N5K-A# show ip interface brief vrf management IP Interface Status for VRF "management"(2) Interface IP Address Interface Status mgmt0 172.16.1.41 protocol-up/link-up/admin-up MDS-A# show ip interface mgmt0 is up Internet address is 172.16.1.51/24 Broadcast address is 172.16.1.255 Step 3 Activity Verification Refer to the lab addressing plan. Determine the IP addresses for the other switches in your pod. Verify connectivity between all Layer 3 interfaces. N5K-A# ping 172.16.1.51 vrf management PING 172.16.1.51 (172.16.1.51): 56 data bytes Request 0 timed out 64 bytes from 172.16.1.51: icmp_seq=1 ttl=63 time=0.692 ms 64 bytes from 172.16.1.51: icmp_seq=2 ttl=63 time=0.51 ms 64 bytes from 172.16.1.51: icmp_seq=3 ttl=63 time=0.494 ms 64 bytes from 172.16.1.51: icmp_seq=4 ttl=63 time=0.489 ms --- 172.16.1.51 ping statistics --- 5 packets transmitted, 4 packets received, 20.00% packet loss round-trip min/avg/max = 0.489/0.546/0.692 ms You have completed this task when you attain these results: You have verified the interface descriptions on all the interfaces that are in use. You have verified that all required interfaces are operational. You have verified connectivity between the devices in the topology 2012 Cisco Systems, Inc. Lab Guide 123

Task 4: Configure Virtual Fibre Channel Interfaces on the Cisco Nexus 5000 Series Switches Activity Procedure In this task, you will use the CLI commands to validate VSANs and assign Fibre Channel interfaces into the correct VSANs to complete the preloaded FCoE configuration of a Cisco Nexus 5000 Series switch. Note A configuration file that contains configuration relating to Fibre Channel, FCoE, and related technologies has been preloaded into the switches. The command outputs that are shown here will reflect those configurations. Ask your instructor for further clarification if required. Complete these steps on the Cisco Nexus 5000 Series Switches only: Step 1 Determine the operating mode of the Cisco Nexus 5000 Series switch. When the NPV modes are disabled, the switch is operating in the default mode of switch mode. N5K-A# show feature include npv fcoe-npv 1 disabled npv 1 disabled Note In switch mode, the Cisco Nexus 5000 Series switch operates as both an Ethernet switch and Fibre Channel (MDS) switch at the same time. Step 2 Determine if the VFC interfaces are operational. They should not be operational at this time. The interfaces will be operational when the VSAN configuration performed in this task is completed. N5K-A# show interface vfc 11-18 brief ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ vfc11 1 F on isolated -- -- -- vfc12 1 F on isolated -- -- -- vfc13 1 F on isolated -- -- -- vfc14 1 F on isolated -- -- -- vfc15 1 F on isolated -- -- -- vfc16 1 F on isolated -- -- -- vfc17 1 F on isolated -- -- -- vfc18 1 F on isolated -- -- -- N5K-A# show interface vfc 11 vfc11 is down (Isolation due to no common vsans with peer on trunk) Bound interface is Ethernet1/11 Hardware is Ethernet Port WWN is 20:0a:54:7f:ee:5c:6e:ff Admin port mode is F, trunk mode is on snmp link state traps are enabled Port vsan is 1 1 minute input rate 0 bits/sec, 0 bytes/sec, 0 frames/sec 1 minute output rate 0 bits/sec, 0 bytes/sec, 0 frames/sec 44 frames input, 4952 bytes 0 discards, 0 errors 45 frames output, 5600 bytes 0 discards, 0 errors last clearing of "show interface" counters never Interface last changed at Thu May 28 14:01:04 2009 124 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 3 Use the show vlan id command to verify the FCoE VLANs needed to carry traffic are configured and active. Perform this step on N5K-A and N5K-B. Switch VLAN VSAN VSAN Name N5K-A 1011 11 SAN-A-FCoE N5K-B 1012 12 SAN-B-FCoE N5K-A# show vlan id 1011 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------ 1011 SAN-A active Eth1/11, Eth1/12, Eth1/13 Eth1/14, Eth1/15, Eth1/16 Eth1/17, Eth1/18 VLAN Type Vlan-mode ---- ----- ---------- 1011 enet CE N5K-B# show vlan id 1012 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------ - 1012 SAN-B active Eth1/11, Eth1/12, Eth1/13 Eth1/14, Eth1/15, Eth1/16 Eth1/17, Eth1/18 VLAN Type Vlan-mode ---- ----- ---------- 1012 enet CE Step 4 The VLAN that carries FCoE traffic must be translated to a VSAN. Verify the preconfigured VLAN to VSAN translation for the VLAN on your switch. N5K-A# show vlan fcoe 1011 Original VLAN ID Translated VSAN ID Association State ---------------- ------------------ ----------------- 1011 11 Operational N5K-B# show vlan fcoe 1012 Original VLAN ID Translated VSAN ID Association State ---------------- ------------------ ----------------- 1012 12 Operational Note The association state of Operational validates that the FCoE VLAN is properly bound to VSAN. Fabric A operates on VSAN 11, and Fabric B operates on VSAN 12 Step 5 Refer to the table to determine the VSAN that is used by your switch. Use the show vsan command to validate that it is present on both Cisco Nexus 5548UP and Cisco MDS 9124 switches. N5K-A# show vsan vsan 1 information name:vsan0001 state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up 2012 Cisco Systems, Inc. Lab Guide 125

vsan 11 information name:san-a-fcoe state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:down vsan 4079:evfp_isolated_vsan vsan 4094:isolated_vsan N5K-B# show vsan vsan 1 information name:vsan0001 state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up vsan 12 information name:san-b-fcoe state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up vsan 4079:evfp_isolated_vsan vsan 4094:isolated_vsan Step 6 Verify that the VLAN to VSAN association state is now operational. N5K-A# show vlan fcoe 1011 Original VLAN ID Translated VSAN ID Association State ---------------- ------------------ ----------------- 1011 11 Operational N5K-B# show vlan fcoe 1012 Original VLAN ID Translated VSAN ID Association State ---------------- ------------------ ----------------- Step 7 1012 12 Operational Similar to VLANs, all Fibre Channel interfaces are associated to VSAN 1 by default. Verify that all Fibre Channel (fc) interfaces are members of VSAN 1. N5K-A# show vsan membership vsan 1 interfaces: fc1/29 fc1/30 fc1/31 fc1/32 vfc11 vfc12 vfc13 vfc14 vfc15 vfc16 vfc17 vfc18 vsan 4079(evfp_isolated_vsan) interfaces: vsan 4094(isolated_vsan) interfaces: Step 8 Refer to the table to determine the VSANs used by your Cisco Nexus 5548UP switches. The VFC interfaces connect to the Cisco UCS C-Series servers and must be bound to the proper VSAN. 126 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Pod 1 Pod Switch Interface VSAN 1 N5K-A vfc11 11 N5K-B 12 2 N5K-A vfc12 11 N5K-B 12 3 N5K-A vfc13 11 N5K-B 12 4 N5K-A vfc14 11 N5K-B 12 5 N5K-A vfc15 11 N5K-B 12 6 N5K-A vfc16 11 N5K-B 12 7 N5K-A vfc17 11 N5K-B 12 8 N5K-A vfc18 11 N5K-B 12 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc11 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc11 N5K-B(config-vsan-db)# end Pod 2 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc12 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc12 N5K-B(config-vsan-db)# end 2012 Cisco Systems, Inc. Lab Guide 127

Pod 3 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc13 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc13 N5K-B(config-vsan-db)# end Pod 4 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc14 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc14 N5K-B(config-vsan-db)# end Pod 5 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc15 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc15 N5K-B(config-vsan-db)# end Pod 6 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc16 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc16 N5K-B(config-vsan-db)# end 128 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Pod 7 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc17 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc17 N5K-B(config-vsan-db)# end Pod 8 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# vsan database N5K-A(config-vsan-db)# vsan 11 interface vfc18 N5K-A(config-vsan-db)# end N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# vsan database N5K-B(config-vsan-db)# vsan 12 interface vfc18 N5K-B(config-vsan-db)# end Note If an error message similar to the following appears, notify your instructor. 2012 May 28 13:31:56 N5K-A %$ VDC-1 %$ %PORT-2-IF_DOWN_ERROR_DISABLED: %$VSAN 11%$ Interface vfcxx is down (Error disabled) Step 9 Use the show vsan membership command to verify that all Virtual Fibre Channel interfaces (VFC) are now members of the proper VSAN on N5K-A and N5K-B. Note The list will not be complete until all eight pods complete this step. N5K-A# show vsan membership vsan 1 interfaces: fc1/29 fc1/30 fc1/31 fc1/32 vsan 11 interfaces: vfc11 vfc12 vfc13 vfc14 vfc15 vfc16 vfc17 vfc18 N5K-B# show vsan membership vsan 1 interfaces: fc1/29 fc1/30 fc1/31 fc1/32 vsan 12 interfaces: vfc11 vfc12 vfc13 vfc14 vfc15 vfc16 vfc17 vfc18 Step 10 Use the show interface vfc command to verify that all VFC interfaces are operational on N5K-A and N5K-B. Be certain that the Virtual Fibre Channel interfaces are bound to VSAN 11 on N5K-A, and bound to VSAN 12 on N5K-B. N5K-A# show interface vfc 11-18 brief ------------------------------------------------------------------------------- Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) 2012 Cisco Systems, Inc. Lab Guide 129

------------------------------------------------------------------------------- vfc11 11 F on trunking -- TF auto -- vfc12 11 F on trunking -- TF auto -- vfc13 11 F on trunking -- TF auto -- vfc14 11 F on trunking -- TF auto -- vfc15 11 F on trunking -- TF auto -- vfc16 11 F on trunking -- TF auto -- vfc17 11 F on trunking -- TF auto -- vfc18 11 F on trunking -- TF auto N5K-B# show interface vfc 11-18 brief ------------------------------------------------------------------------------- Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------- vfc11 12 F on trunking -- TF auto -- vfc12 12 F on trunking -- TF auto -- vfc13 12 F on trunking -- TF auto -- vfc14 12 F on trunking -- TF auto -- vfc15 12 F on trunking -- TF auto -- vfc16 12 F on trunking -- TF auto -- vfc17 12 F on trunking -- TF auto -- vfc18 12 F on trunking -- TF auto -- Step 11 Use the show interface vfc 1P command (where P = your pod number) to validate that your Virtual Fibre Channel interface is trunking the correct VSAN on N5K-A and N5KB. Note The examples below are specific to Pod 1. N5K-A# show interface vfc 11 vfc11 is trunking Bound interface is Ethernet1/11 Hardware is Ethernet Port WWN is 20:0a:54:7f:ee:5c:6e:ff Admin port mode is F, trunk mode is on snmp link state traps are enabled Port mode is TF Port vsan is 11 Trunk vsans (admin allowed and active) (11) Trunk vsans (up) (11) Trunk vsans (isolated) () Trunk vsans (initializing) () --some output ommitted-- N5K-B# show interface vfc 11 vfc11 is trunking Bound interface is Ethernet1/11 Port description is C200-1 FCoE Hardware is Ethernet Port WWN is 20:0a:54:7f:ee:ee:e4:bf Admin port mode is F, trunk mode is on snmp link state traps are enabled Port mode is TF Port vsan is 12 Trunk vsans (admin allowed and active) (12) Trunk vsans (up) (12) Trunk vsans (isolated) () Trunk vsans (initializing) () --some output ommitted-- 130 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 12 Use the show interface brief command to verify that the operating mode of the physical Fibre Channel (fc) interfaces of N5K-A and N5K-B that connect to the Cisco MDS 9100 Series Multilayer Fabric switch are trunking. N5K-A# show interface fc1/29-32 brief ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ fc1/29 1 auto on trunking swl TE 4 -- fc1/30 1 auto on trunking swl TE 4 -- fc1/31 1 auto on trunking swl TE 4 -- fc1/32 1 auto on trunking swl TE 4 -- N5K-B# show interface fc1/29-32 brief ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ fc1/29 1 auto on trunking swl TE 4 -- fc1/30 1 auto on trunking swl TE 4 -- fc1/31 1 auto on trunking swl TE 4 -- fc1/32 1 auto on trunking swl TE 4 -- Note On Cisco SAN switches, VSAN trunks allow all VSANs by default. Step 13 Activity Verification Save the configuration of the switch. N5K-A# copy running-config startup-config [########################################] 100% Copy complete, now saving to disk (please wait)... You have completed this task when you attain these results: You have successfully validated the required VSAN on the Cisco Nexus 5000 Series switch. You have verified the FCoE VLAN to VSAN mapping on the Cisco Nexus 5000 Series switch. You have successfully configured the virtual Fibre Channel (fc) interfaces to be members of the FCoE VSAN. You have verified that the VSAN trunks between the Cisco Nexus 5000 Series switch and Cisco MDS 9100 Series Multilayer Fabric Switches are operational. 2012 Cisco Systems, Inc. Lab Guide 131

Task 5: Validate VSANs on the Cisco MDS 9100 Series Multilayer Fabric Switches Activity Procedure In this task, you will use the CLI commands to configure VSANs and assign Fibre Channel interfaces into the correct VSANs to complete the preloaded configuration of a Cisco MDS 9100 Series switch. Note A configuration file that contains configuration relating to Fibre Channel, FCoE, and related technologies has been preloaded into the switches. The command outputs that are shown here will reflect those configurations. Ask your instructor for further clarification if required. Complete these steps on the Cisco MDS 9100 Series Multilayer Fabric Switches only: Step 1 Validate the VSANs in the table are present and correct on MDS-A and MDS-B. Switch VLAN VSAN VSAN Name MDS-A n/a 11 SAN-A-FCoE MDS-B n/a 12 SAN-B-FCoE MDS-A# sh vsan vsan 1 information name:vsan0001 state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up vsan 11 information name:san-a-fcoe state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up vsan 4079:evfp_isolated_vsan vsan 4094:isolated_vsan MDS-B# sh vsan vsan 1 information name:vsan0001 state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up vsan 12 information name:san-b-fcoe state:active interoperability mode:default loadbalancing:src-id/dst-id/oxid operational state:up 132 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

vsan 4079:evfp_isolated_vsan vsan 4094:isolated_vsan Step 2 Step 3 Refer to your lab topology diagram. Determine the interface of your switch that is connected to the storage device. Refer to the table. Use the vsan interface command to add the link you are responsible for configuring. These interfaces connect to the Cisco UCS B-Series Fabric Interconnects. Pod Switch Interface VSAN 1 N5K-A fc1/5 11 2 N5K-B fc1/5 12 3 N5K-A fc1/6 11 4 N5K-B fc1/6 12 5 N5K-A fc1/7 11 6 N5K-B fc1/7 12 7 N5K-A fc1/8 11 Pod 1 8 N5K-B fc1/8 12 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config-if)# vsan database MDS-A(config-vsan-db)# vsan 11 interface fc1/5 Traffic on fc1/5 may be impacted. Do you want to continue? (y/n) [n] y MDS-A(config-vsan-db)# end MDS-A# Pod 2 MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config-if)# vsan database MDS-B(config-vsan-db)# vsan 12 interface fc1/5 Traffic on fc1/5 may be impacted. Do you want to continue? (y/n) [n] y MDS-B(config-vsan-db)# end MDS-B# Pod 3 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config-if)# vsan database MDS-A(config-vsan-db)# vsan 11 interface fc1/6 Traffic on fc1/6 may be impacted. Do you want to continue? (y/n) [n] y MDS-A(config-vsan-db)# end MDS-A# 2012 Cisco Systems, Inc. Lab Guide 133

Pod 4 MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config-if)# vsan database MDS-B(config-vsan-db)# vsan 12 interface fc1/6 Traffic on fc1/6 may be impacted. Do you want to continue? (y/n) [n] y MDS-B(config-vsan-db)# end MDS-B# Pod 5 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config-if)# vsan database MDS-A(config-vsan-db)# vsan 11 interface fc1/7 Traffic on fc1/7 may be impacted. Do you want to continue? (y/n) [n] y MDS-A(config-vsan-db)# end MDS-A# Pod 6 MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config-if)# vsan database MDS-B(config-vsan-db)# vsan 12 interface fc1/7 Traffic on fc1/7 may be impacted. Do you want to continue? (y/n) [n] y MDS-B(config-vsan-db)# end MDS-B# Pod 6 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config-if)# vsan database MDS-A(config-vsan-db)# vsan 11 interface fc1/8 Traffic on fc1/8 may be impacted. Do you want to continue? (y/n) [n] y MDS-A(config-vsan-db)# end MDS-A# Pod 8 MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config-if)# vsan database MDS-B(config-vsan-db)# vsan 12 interface fc1/8 Traffic on fc1/8 may be impacted. Do you want to continue? (y/n) [n] y MDS-B(config-vsan-db)# end MDS-B# Step 4 Verify that the interfaces are now members of your VSAN. MDS-A# show vsan membership vsan 1 interfaces: fc1/1 fc1/2 fc1/3 fc1/4 fc1/10 fc1/11 fc1/12 fc1/13 fc1/14 fc1/15 fc1/16 fc1/17 fc1/18 fc1/19 fc1/20 fc1/21 fc1/22 fc1/23 fc1/24 vsan 11 interfaces: fc1/5 fc1/6 fc1/7 fc1/8 fc1/9 --some output omitted-- 134 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

MDS-B# show vsan membership vsan 1 interfaces: fc1/1 fc1/2 fc1/3 fc1/4 fc1/10 fc1/11 fc1/12 fc1/13 fc1/14 fc1/15 fc1/16 fc1/17 fc1/18 fc1/19 fc1/20 fc1/21 fc1/22 fc1/23 fc1/24 vsan 12 interfaces: fc1/5 fc1/6 fc1/7 fc1/8 fc1/9 --some output omitted-- Step 5 Refer to your lab topology diagram. Ensure that all interfaces that are in use are operational. Verify that the operating mode of the physical Fibre Channel (fc) interfaces of your switch that connect to the Cisco Nexus 5000 Series switch is trunking. Perform this step on MDS-A and MDS-B MDS-A# show interface brief ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ fc1/1 1 auto on trunking swl TE 4 -- fc1/2 1 auto on trunking swl TE 4 -- fc1/3 1 auto on trunking swl TE 4 -- fc1/4 1 auto on trunking swl TE 4 -- fc1/5 11 auto on up swl F 4 -- fc1/6 11 auto on up swl F 4 -- fc1/7 11 auto on up swl F 4 -- fc1/8 11 auto on up swl F 4 -- fc1/9 11 auto on up swl F 4 -- fc1/10 1 auto on sfpabsent -- -- -- fc1/11 1 auto on sfpabsent -- -- -- fc1/12 1 auto on sfpabsent -- -- -- fc1/13 1 auto on sfpabsent -- -- -- fc1/14 1 auto on sfpabsent -- -- -- fc1/15 1 auto on sfpabsent -- -- -- fc1/16 1 auto on sfpabsent -- -- -- fc1/17 1 auto on sfpabsent -- -- -- fc1/18 1 auto on sfpabsent -- -- -- fc1/19 1 auto on sfpabsent -- -- -- fc1/20 1 auto on sfpabsent -- -- -- fc1/21 1 auto on sfpabsent -- -- -- fc1/22 1 auto on sfpabsent -- -- -- fc1/23 1 auto on sfpabsent -- -- -- fc1/24 1 auto on sfpabsent -- -- -- ------------------------------------------------------------------------------ Interface Status Speed (Gbps) ------------------------------------------------------------------------------ sup-fc0 up 1 ------------------------------------------------------------------------------ Interface Status IP Address Speed MTU ------------------------------------------------------------------------------ mgmt0 up 172.16.1.51/24 100 Mbps 1500 Step 6 Save the configuration of the switch. MDS-A# copy running-config startup-config [########################################] 100% MDS-A# 2012 Cisco Systems, Inc. Lab Guide 135

Activity Verification You have completed this task when you attain these results: You have successfully validated the required VSAN on the Cisco MDS 9100 Series Multilayer Fabric switch You have successfully configured the storage-facing interface in the proper VSAN You have verified that the VSAN trunks between the Cisco Nexus 5000 Series switch and Cisco MDS 9100 Series Multilayer Switches are operational. 136 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 6: Optimize VSAN Trunking Activity Procedure In this task, you will use the CLI commands to optimize VSAN trunking, minimizing the traffic that is utilizing a trunk connection. Note A configuration file that contains configuration relating to Fibre Channel, FCoE, and related technologies has been preloaded in the switches. The command outputs that are shown here will reflect those configurations. Ask your instructor for further clarification if required. Complete these steps on both the Cisco Nexus 5000 Series and Cisco MDS 9100 Series Multilayer Fabric Switches: Step 1 On each switch, only one VSAN, either VSAN 11 or VSAN 12 is in use. Configure the VSAN trunks of your assigned switches to allow only the VSAN that is in use. Refer to the table below for your switch assignments. Pod Switch Interface VSAN 1 N5K-A fc1/29 11 MDS-A fc1/1 11 2 N5K-B fc1/29 12 MDS-B fc1/1 12 3 N5K-A fc1/30 11 MDS-A fc1/2 11 4 N5K-B fc1/30 12 MDS-B fc1/2 12 5 N5K-A fc1/31 11 MDS-A fc1/3 11 6 N5K-B fc1/31 12 MDS-B fc1/3 12 7 N5K-A fc1/32 11 MDS-A fc1/4 11 8 N5K-B fc1/32 12 MDS-B fc1/4 q 12 2012 Cisco Systems, Inc. Lab Guide 137

Pod 1 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface fc1/29 N5K-A(config-if)# switchport trunk allowed vsan 11 N5K-A(config-if)# end N5K-A# MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# interface fc1/1 MDS-A(config-if)# switchport trunk allowed vsan 11 MDS-A(config-if)# end MDS-A# Pod 2 N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface fc1/29 N5K-B(config-if)# switchport trunk allowed vsan 12 N5K-B(config-if)# end N5K-B# MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# interface fc1/1 MDS-B(config-if)# switchport trunk allowed vsan 12 MDS-B(config-if)# end MDS-B# Pod 3 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface fc1/30 N5K-A(config-if)# switchport trunk allowed vsan 11 N5K-A(config-if)# end N5K-A# MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# interface fc1/2 MDS-A(config-if)# switchport trunk allowed vsan 11 MDS-A(config-if)# end MDS-A# Pod 4 N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface fc1/30 N5K-B(config-if)# switchport trunk allowed vsan 12 N5K-B(config-if)# end N5K-B# MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# interface fc1/2 MDS-B(config-if)# switchport trunk allowed vsan 12 MDS-B(config-if)# end MDS-B# 138 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Pod 5 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface fc1/31 N5K-A(config-if)# switchport trunk allowed vsan 11 N5K-A(config-if)# end N5K-A# MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# interface fc1/3 MDS-A(config-if)# switchport trunk allowed vsan 11 MDS-A(config-if)# end MDS-A# Pod 6 N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface fc1/31 N5K-B(config-if)# switchport trunk allowed vsan 12 N5K-B(config-if)# end N5K-B# MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# interface fc1/3 MDS-B(config-if)# switchport trunk allowed vsan 12 MDS-B(config-if)# end MDS-B# Pod 7 N5K-A# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-A(config)# interface fc1/32 N5K-A(config-if)# switchport trunk allowed vsan 11 N5K-A(config-if)# end N5K-A# MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# interface fc1/4 MDS-A(config-if)# switchport trunk allowed vsan 11 MDS-A(config-if)# end MDS-A# Pod 8 N5K-B# conf Enter configuration commands, one per line. End with CNTL/Z. N5K-B(config)# interface fc1/32 N5K-B(config-if)# switchport trunk allowed vsan 12 N5K-B(config-if)# end N5K-B# MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# interface fc1/4 MDS-B(config-if)# switchport trunk allowed vsan 12 MDS-B(config-if)# end MDS-B# 2012 Cisco Systems, Inc. Lab Guide 139

Step 2 Verify that the trunks between the switches remain operational. N5K-A# show interface fc1/29-32 brief ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ fc1/29 1 auto on trunking swl TE 4 -- fc1/30 1 auto on trunking swl TE 4 -- fc1/31 1 auto on trunking swl TE 4 -- fc1/32 1 auto on trunking swl TE 4 -- Step 3 For each of the interfaces, verify that only the desired list of VSANs is permitted and that the trunk is up for the specified VSAN. N5K-A# show interface fc1/29 fc1/29 is trunking Port description is Connection to MDS-A fc1/1 Hardware is Fibre Channel, SFP is short wave laser w/o OFC (SN) Port WWN is 20:1d:54:7f:ee:5c:6e:c0 Peer port WWN is 20:01:54:7f:ee:31:fd:00 Admin port mode is auto, trunk mode is on snmp link state traps are enabled Port mode is TE Port vsan is 1 Speed is 4 Gbps Transmit B2B Credit is 16 Receive B2B Credit is 16 Receive data field Size is 2112 Beacon is turned off Trunk vsans (admin allowed and active) (11) Trunk vsans (up) (11) Trunk vsans (isolated) () Trunk vsans (initializing) () -- output omitted N5K-B# show interface fc1/29 fc1/29 is trunking Port description is Connection to MDS-B fc1/1 Hardware is Fibre Channel, SFP is short wave laser w/o OFC (SN) Port WWN is 20:1d:54:7f:ee:ee:e4:80 Peer port WWN is 20:01:54:7f:ee:d4:24:c0 Admin port mode is auto, trunk mode is on snmp link state traps are enabled Port mode is TE Port vsan is 1 Speed is 4 Gbps Transmit B2B Credit is 16 Receive B2B Credit is 16 Receive data field Size is 2112 Beacon is turned off Trunk vsans (admin allowed and active) (12) Trunk vsans (up) (12) Trunk vsans (isolated) () Trunk vsans (initializing) () Note If the VSAN you configured is listed in the Trunk vsans (isolated), ask you instructor to configure enhanced zoning on all four switches. Then use the shutdown, and then no shutdown commands and re-run the show interface command. Step 4 Save the configuration of all switches. N5K-A# copy running-config startup-config [########################################] 100% N5K-A# 140 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity Verification You have completed this task when you attain these results: You have optimized the VSAN trunks between the Cisco Nexus 5000 Series and Cisco MDS 9100 Series Multilayer Fabric Switches to allow only the required VSANs. 2012 Cisco Systems, Inc. Lab Guide 141

Task 7: Verify the Default Zoning Activity Procedure In this task, you will use CLI commands to verify the default zoning configuration of the switches. Complete these steps on both the Cisco Nexus 5000 Series and Cisco MDS 9100 Series Multilayer Fabric Switches: Note Zone sets and zones are used to ensure that a server has access to the correct disks, similar to ACLs. Step 1 Use the show zone policy command to inspect the default zoning policy on MDS-A, MDS-B, N5K-A and N5K-B. N5K-A# show zone policy Vsan: 1 Default-zone: deny Distribute: active only Broadcast: disable Merge control: allow Generic Service: read-write Vsan: 11 Default-zone: deny Distribute: active only Broadcast: disable Merge control: allow Generic Service: read-write Q1) What is the default zone policy for each VSAN? Step 2 Verify if there are any zones present on any of the switches. N5K-A# show zone active Zone not present Note Zones are lists of Fibre Channel devices that have permission to communicate with each other. Step 3 Verify if there is an active zone set present on any of the switches. N5K-A# show zoneset active Zoneset not present Note A zone set contains one or more zones. There may be multiple zone sets present on a switch, but only one zone set is active. Activity Verification You have completed this task when you attain these results: You have verified that the default zone policy is deny. You have verified that zoning is not present on the switches by default. 142 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 8: Configure Zoning Activity Procedure In this task, you will use CLI commands to configure and verify the zone set and active zone set of the fabric on the Cisco MDS 9100 Series Multilayer Fabric switches and Cisco Nexus 5500 Series switches. Complete these steps on MDS-A, MDS-B, N5K-A, and N5K-B: Note Configuring zoning requires the administrator to have a complete list of all devices in the SAN. The common practice is to configure zones based on the device WWN. To simplify configuration, a device-alias database of WWNs has been preconfigured on the switches in the lab. Step 1 Verify the device alias database that has been preconfigured on all of the switches. The database will be different on Fabric-A and Fabric-B. MDS-A# show device-alias database device-alias name p1-lun-a pwwn 21:01:00:13:78:ac:03:fd device-alias name p1-lun-b pwwn 22:01:00:13:78:ac:03:fd device-alias name p2-lun-a pwwn 21:02:00:13:78:ac:03:fd device-alias name p2-lun-b pwwn 22:02:00:13:78:ac:03:fd device-alias name p3-lun-a pwwn 21:03:00:13:78:ac:03:fd device-alias name p3-lun-b pwwn 22:03:00:13:78:ac:03:fd device-alias name p4-lun-a pwwn 21:04:00:13:78:ac:03:fd device-alias name p4-lun-b pwwn 22:04:00:13:78:ac:03:fd device-alias name p5-lun-a pwwn 21:05:00:13:78:ac:03:fd device-alias name p5-lun-b pwwn 22:05:00:13:78:ac:03:fd device-alias name p6-lun-a pwwn 21:06:00:13:78:ac:03:fd device-alias name p6-lun-b pwwn 22:06:00:13:78:ac:03:fd device-alias name p7-lun-a pwwn 21:07:00:13:78:ac:03:fd device-alias name p7-lun-b pwwn 22:07:00:13:78:ac:03:fd device-alias name p8-lun-a pwwn 21:08:00:13:78:ac:03:fd device-alias name p8-lun-b pwwn 22:08:00:13:78:ac:03:fd device-alias name VMFS-LUN-a pwwn 21:00:00:13:78:ac:03:fd device-alias name VMFS-LUN-b pwwn 22:00:00:13:78:ac:03:fd device-alias name p1-b-a-esx pwwn 20:00:00:25:b5:20:20:00 device-alias name p1-b-b-esx pwwn 20:00:00:25:b5:20:20:01 device-alias name p1-c-a-esx pwwn 20:00:00:25:b5:40:40:00 device-alias name p1-c-b-esx pwwn 20:00:00:25:b5:40:40:01 device-alias name p2-b-a-esx pwwn 20:00:00:25:b5:20:20:02 device-alias name p2-b-b-esx pwwn 20:00:00:25:b5:20:20:03 device-alias name p2-c-a-esx pwwn 20:00:00:25:b5:40:40:02 device-alias name p2-c-b-esx pwwn 20:00:00:25:b5:40:40:03 device-alias name p3-b-a-esx pwwn 20:00:00:25:b5:20:20:04 device-alias name p3-b-b-esx pwwn 20:00:00:25:b5:20:20:05 device-alias name p3-c-a-esx pwwn 20:00:00:25:b5:40:40:04 device-alias name p3-c-b-esx pwwn 20:00:00:25:b5:40:40:05 device-alias name p4-b-a-esx pwwn 20:00:00:25:b5:20:20:06 device-alias name p4-b-b-esx pwwn 20:00:00:25:b5:20:20:07 device-alias name p4-c-a-esx pwwn 20:00:00:25:b5:40:40:06 device-alias name p4-c-b-esx pwwn 20:00:00:25:b5:40:40:07 device-alias name p5-b-a-esx pwwn 20:00:00:25:b5:20:20:08 2012 Cisco Systems, Inc. Lab Guide 143

device-alias name p5-b-b-esx pwwn 20:00:00:25:b5:20:20:09 device-alias name p5-c-a-esx pwwn 20:00:00:25:b5:40:40:08 device-alias name p5-c-b-esx pwwn 20:00:00:25:b5:40:40:09 device-alias name p6-b-a-esx pwwn 20:00:00:25:b5:20:20:0a device-alias name p6-b-b-esx pwwn 20:00:00:25:b5:20:20:0b device-alias name p6-c-a-esx pwwn 20:00:00:25:b5:40:40:0a device-alias name p6-c-b-esx pwwn 20:00:00:25:b5:40:40:0b device-alias name p7-b-a-esx pwwn 20:00:00:25:b5:20:20:0c device-alias name p7-b-b-esx pwwn 20:00:00:25:b5:20:20:0d device-alias name p7-c-a-esx pwwn 20:00:00:25:b5:40:40:0c device-alias name p7-c-b-esx pwwn 20:00:00:25:b5:40:40:0d device-alias name p8-b-a-esx pwwn 20:00:00:25:b5:20:20:0e device-alias name p8-b-b-esx pwwn 20:00:00:25:b5:20:20:0f device-alias name p8-c-a-esx pwwn 20:00:00:25:b5:40:40:0e device-alias name p8-c-b-esx pwwn 20:00:00:25:b5:40:40:0f Total number of entries = 49 Step 2 Refer to the output of the show device-alias database command. Each pod will configure single-initiator zoning. Specifically, you will create two zones on MDS-A and MDS-B. One zone will be for your Cisco UCS C-Series rack server, and then one zone for your UCS B-Series blade server. The zone for the B-Series blade server will allow the server to access its boot LUN and the shared VMFS LUN. The C-Series servers boot from local RAID, so the zone for the C-Series server will allow access only to the shared VMFS LUN. Note Zoning can be configured on any of the switches. For simplicity and to minimize errors, it is typically configured on one switch per fabric. In the lab, the configuration will be performed on the Cisco MDS 9100 Series Multilayer Fabric Switches. Cisco Fabric Services (CFS) will synchronize the zoning and device-alias database from MDS-A to N5K-A, and from MDS-B to N5K-B. Tip You are configuring your pod-specific zoning on MDS-A and MDS-B. Please read the step carefully and note which MDS you should configure. Pod 1 MDS-A(config)# zone name DCICT_Pod-1-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p1-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p1-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-1-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p1-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status 144 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Pod 1 (Cont.) MDS-B(config)# zone name DCICT_Pod-1-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p1-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p1-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-1-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p1-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 2 MDS-A(config)# zone name DCICT_Pod-2-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p2-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p2-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-2-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p2-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-2-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p2-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p2-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-2-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p2-c-b-esx MDS-B(config-zone)# exit 2012 Cisco Systems, Inc. Lab Guide 145

MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 3 MDS-A(config)# zone name DCICT_Pod-3-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p3-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p3-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-3-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p3-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-3-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p3-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p3-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-3-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p3-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 4 MDS-A(config)# zone name DCICT_Pod-4-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p4-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p4-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-4-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p4-c-a-esx MDS-A(config-zone)# exit 146 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status Pod 4 (Cont.) MDS-B(config)# zone name DCICT_Pod-4-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p4-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p4-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-1-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p4-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 5 MDS-A(config)# zone name DCICT_Pod-5-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p5-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p5-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-5-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p5-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-5-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p5-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p5-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-5-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p5-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status 2012 Cisco Systems, Inc. Lab Guide 147

Pod 6 MDS-A(config)# zone name DCICT_Pod-6-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p6-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p6-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-6-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p6-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-6-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p6-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p6-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-6-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p6-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 7 MDS-A(config)# zone name DCICT_Pod-7-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p7-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p7-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-7-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p7-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status 148 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Pod 7 (Cont.) MDS-B(config)# zone name DCICT_Pod-7-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p7-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p7-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-7-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p7-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 8 MDS-A(config)# zone name DCICT_Pod-8-b vsan 11 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-A(config-zone)# member device-alias p8-lun-a MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p8-b-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-A(config)# zone name DCICT_Pod-8-c vsan 11 MDS-A(config-zone)# member device-alias VMFS-LUN-a MDS-A(config-zone)# member device-alias p8-c-a-esx MDS-A(config-zone)# exit MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-8-b vsan 12 Enhanced zone session has been created. Please 'commit' the changes when done. MDS-B(config-zone)# member device-alias p8-lun-b MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p8-b-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status MDS-B(config)# zone name DCICT_Pod-8-c vsan 12 MDS-B(config-zone)# member device-alias VMFS-LUN-b MDS-B(config-zone)# member device-alias p8-c-b-esx MDS-B(config-zone)# exit MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status 2012 Cisco Systems, Inc. Lab Guide 149

Step 3 Use the show zone command to view the configured zones. Note The actual order of appearance in the listing of zones is based on the order they were entered. Your output will depend of the progress of other pods in the class. MDS-A(config)# sh zone zone name DCICT_Pod-1-b vsan 11 pwwn 21:01:00:13:78:ac:03:fd [p1-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:00 [p1-b-a-esx] zone name DCICT_Pod-1-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:00 [p1-c-a-esx] zone name DCICT_Pod-2-b vsan 11 pwwn 21:02:00:13:78:ac:03:fd [p2-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:03 [p2-b-a-esx] zone name DCICT_Pod-2-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:02 [p2-c-a-esx] zone name DCICT_Pod-3-b vsan 11 pwwn 21:03:00:13:78:ac:03:fd [p3-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:04 [p3-b-a-esx] zone name DCICT_Pod-3-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:04 [p3-c-a-esx] zone name DCICT_Pod-4-b vsan 11 pwwn 21:04:00:13:78:ac:03:fd [p4-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:06 [p4-b-a-esx] zone name DCICT_Pod-4-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:06 [p4-c-a-esx] zone name DCICT_Pod-5-b vsan 11 pwwn 21:05:00:13:78:ac:03:fd [p5-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:08 [p5-b-a-esx] zone name DCICT_Pod-5-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:08 [p5-c-a-esx] zone name DCICT_Pod-6-b vsan 11 pwwn 21:06:00:13:78:ac:03:fd [p6-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:0a [p6-b-a-esx] zone name DCICT_Pod-6-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:0a [p6-c-a-esx] zone name DCICT_Pod-7-b vsan 11 150 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

pwwn 21:07:00:13:78:ac:03:fd [p7-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:0c [p7-b-a-esx] zone name DCICT_Pod-7-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:0c [p7-c-a-esx] zone name DCICT_Pod-8-b vsan 11 pwwn 21:08:00:13:78:ac:03:fd [p8-lun-a] pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:20:20:0e [p8-b-a-esx] zone name DCICT_Pod-8-c vsan 11 pwwn 21:00:00:13:78:ac:03:fd [VMFS-LUN-a] pwwn 20:00:00:25:b5:40:40:0e [p8-c-a-esx] Note Zones are grouped and activated in a zone set. Just as an Access Control List (ACL) does not begin filtering traffic until it is applied to an interface, zones need to be activated in a zone set before they permit communications between Fibre Channel initiators and targets. Step 4 Pod 1 Use the zoneset name, member, zonset activate, and zone commit commands to add the two zones that you configured in the previous step to the zone set DCICT-A (on MDS-A) and zone set DCICT-B (on MDS-B). Zone sets are defined on a per- VSAN basis. There can only be one active zone set per VSAN. MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-1-b MDS-A(config-zoneset)# member DCICT_Pod-1-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-1-b MDS-B(config-zoneset)# member DCICT_Pod-1-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 2 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-2-b MDS-A(config-zoneset)# member DCICT_Pod-2-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-2-b MDS-B(config-zoneset)# member DCICT_Pod-2-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 2012 Cisco Systems, Inc. Lab Guide 151

MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 3 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-3-b MDS-A(config-zoneset)# member DCICT_Pod-3-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-3-b MDS-B(config-zoneset)# member DCICT_Pod-3-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 4 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-4-b MDS-A(config-zoneset)# member DCICT_Pod-4-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-4-b MDS-B(config-zoneset)# member DCICT_Pod-4-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 5 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-5-b MDS-A(config-zoneset)# member DCICT_Pod-5-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-5-b MDS-B(config-zoneset)# member DCICT_Pod-5-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status 152 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Pod 6 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-6-b MDS-A(config-zoneset)# member DCICT_Pod-6-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-6-b MDS-B(config-zoneset)# member DCICT_Pod-6-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 7 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-7-b MDS-A(config-zoneset)# member DCICT_Pod-7-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-7-b MDS-B(config-zoneset)# member DCICT_Pod-7-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status Pod 8 MDS-A# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-A(config)# zoneset name DCICT-A vsan 11 MDS-A(config-zoneset)# member DCICT_Pod-8-b MDS-A(config-zoneset)# member DCICT_Pod-8-c MDS-A(config)# zoneset activate name DCICT-A vsan 11 MDS-A(config)# zone commit vsan 11 Commit operation initiated. Check zone status MDS-B# conf Enter configuration commands, one per line. End with CNTL/Z. MDS-B(config)# zoneset name DCICT-B vsan 12 MDS-B(config-zoneset)# member DCICT_Pod-8-b MDS-B(config-zoneset)# member DCICT_Pod-8-c MDS-B(config)# zoneset activate name DCICT-B vsan 12 MDS-B(config)# zone commit vsan 12 Commit operation initiated. Check zone status 2012 Cisco Systems, Inc. Lab Guide 153

Note The zonset activate, and zone commit commands activate zoning on the VSAN and automatically synchronize the active zone set to connected switches. Step 5 Verify the status of the zoning for your VSAN. MDS-A# show zone status vsan 11 VSAN: 11 default-zone: deny distribute: full Interop: default mode: enhanced merge-control: allow session: none hard-zoning: enabled broadcast: unsupported Default zone: qos: none broadcast: unsupported ronly: disabled Full Zoning Database : DB size: 1684 bytes Zonesets:1 Zones:16 Aliases: 0 Attribute-groups: 1 Active Zoning Database : DB size: 1008 bytes Name: DCICT-A Zonesets:1 Zones:16 Status: Commit completed at 09:18:52 UTC Oct 13 2013 Step 6 Save the configuration of the Cisco MDS 9100 Series Multilayer Fabric switch. MDS-A# copy running-config startup-config [########################################] 100% MDS-A# Step 7 Verify that the active zone set is present on the Cisco Nexus 5000 Series switch. Note The zoning will be different on Fabric-A and Fabric-B, and the assigned fcid s will also be different. N5K-A# show zoneset active zoneset name DCICT-A vsan 11 zone name DCICT_Pod-1-b vsan 11 * fcid 0x1c00e8 [pwwn 21:01:00:13:78:ac:03:fd] [p1-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0101 [pwwn 20:00:00:25:b5:20:20:00] [p1-b-a-esx] zone name DCICT_Pod-1-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0001 [pwwn 20:00:00:25:b5:40:40:00] [p1-c-a-esx] zone name DCICT_Pod-2-b vsan 11 * fcid 0x1c00e4 [pwwn 21:02:00:13:78:ac:03:fd] [p2-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] zone name DCICT_Pod-2-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0004 [pwwn 20:00:00:25:b5:40:40:02] [p2-c-a-esx] zone name DCICT_Pod-3-b vsan 11 * fcid 0x1c00e2 [pwwn 21:03:00:13:78:ac:03:fd] [p3-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0301 [pwwn 20:00:00:25:b5:20:20:04] [p3-b-a-esx] zone name DCICT_Pod-3-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0006 [pwwn 20:00:00:25:b5:40:40:04] [p3-c-a-esx] zone name DCICT_Pod-4-b vsan 11 * fcid 0x1c00e1 [pwwn 21:04:00:13:78:ac:03:fd] [p4-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0201 [pwwn 20:00:00:25:b5:20:20:06] [p4-b-a-esx] 154 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

zone name DCICT_Pod-4-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0007 [pwwn 20:00:00:25:b5:40:40:06] [p4-c-a-esx] zone name DCICT_Pod-5-b vsan 11 * fcid 0x1c00e0 [pwwn 21:05:00:13:78:ac:03:fd] [p5-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0102 [pwwn 20:00:00:25:b5:20:20:08] [p5-b-a-esx] zone name DCICT_Pod-5-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0003 [pwwn 20:00:00:25:b5:40:40:08] [p5-c-a-esx] zone name DCICT_Pod-6-b vsan 11 * fcid 0x1c00dc [pwwn 21:06:00:13:78:ac:03:fd] [p6-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0402 [pwwn 20:00:00:25:b5:20:20:0a] [p6-b-a-esx] zone name DCICT_Pod-6-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0000 [pwwn 20:00:00:25:b5:40:40:0a] [p6-c-a-esx] zone name DCICT_Pod-7-b vsan 11 * fcid 0x1c00da [pwwn 21:07:00:13:78:ac:03:fd] [p7-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0202 [pwwn 20:00:00:25:b5:20:20:0c] [p7-b-a-esx] zone name DCICT_Pod-7-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0005 [pwwn 20:00:00:25:b5:40:40:0c] [p7-c-a-esx] zone name DCICT_Pod-8-b vsan 11 * fcid 0x1c00d9 [pwwn 21:08:00:13:78:ac:03:fd] [p8-lun-a] * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0x1c0302 [pwwn 20:00:00:25:b5:20:20:0e] [p8-b-a-esx] zone name DCICT_Pod-8-c vsan 11 * fcid 0x1c00ef [pwwn 21:00:00:13:78:ac:03:fd] [VMFS-LUN-a] * fcid 0xec0002 [pwwn 20:00:00:25:b5:40:40:0e] [p8-c-a-esx] Note Devices seen as active in the fabric are indicated by an * (asterisk) beside the device name. Activity Verification You have completed this task when you attain these results: You have verified that the device-alias database is present on the switches. You have configured a zone for each of your assigned servers and its associated storage devices. You have configured a zone set that contains the two zones you configured for your pod. You have verified that the active zone set has been distributed across the fabric and is visible on the other switches. 2012 Cisco Systems, Inc. Lab Guide 155

Lab 3-3: Validating FLOGI and FCNS Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to MDS-A, MDS-B, N5K-A, and N5K-B to verify that initiators and targets have successfully logged into the fabric and that the devices have registered with the fabric. After completing this activity, you will be able to meet these objectives: Verify that initiators and targets have been able to successfully log into the fabric Verify FCNS to ensure that devices have registered with the fabric Visual Objective The figure illustrates what you will accomplish in this activity. JBOD MDS-A MDS-B N5K-A N5K-B UCS Server 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 19 Required Resources These are the resources and equipment that are required to complete this activity: One Cisco MDS 9100 Series Multilayer Fabric switch One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 156 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show flogi database show fcns database Description Verifies which devices have logged into the switch Verifies which devices have registered in the fabric Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 157

Task 1: Verify the FLOGI and FCNS Database Activity Procedure In this task, you will use the CLI commands to verify that initiators and targets have been able to successfully log in and register in the fabric. Complete these steps: Step 1 Step 2 Step 3 Using the credentials that are provided by your instructor, connect to the remote lab and your pod and open an SSH session to both Cisco MDS 9100 Series Multilayer Fabric Switches. Log in using username admin and password 1234QWer. The first step in verifying successful login to the fabric by devices is to run the show flogi database command. On the Cisco MDS 9100 Series switch, use this command to verify that devices have successfully logged into the fabric. MDS-A# show flogi database ----------------------------------------------------------------------------- INTERFACE VSAN FCID PORT NAME NODE NAME ----------------------------------------------------------------------------- fc1/5 11 0x1c0400 20:41:54:7f:ee:19:ad:80 20:0b:54:7f:ee:19:ad:81 fc1/6 11 0x1c0200 20:42:54:7f:ee:19:ad:80 20:0b:54:7f:ee:19:ad:81 fc1/7 11 0x1c0300 20:43:54:7f:ee:19:ad:80 20:0b:54:7f:ee:19:ad:81 fc1/8 11 0x1c0100 20:44:54:7f:ee:19:ad:80 20:0b:54:7f:ee:19:ad:81 fc1/9 11 0x1c00d9 21:08:00:13:78:ac:03:fd 20:08:00:13:78:ac:03:fd [p8-lun-a] fc1/9 11 0x1c00da 21:07:00:13:78:ac:03:fd 20:07:00:13:78:ac:03:fd [p7-lun-a] fc1/9 11 0x1c00dc 21:06:00:13:78:ac:03:fd 20:06:00:13:78:ac:03:fd [p6-lun-a] fc1/9 11 0x1c00e0 21:05:00:13:78:ac:03:fd 20:05:00:13:78:ac:03:fd [p5-lun-a] fc1/9 11 0x1c00e1 21:04:00:13:78:ac:03:fd 20:04:00:13:78:ac:03:fd [p4-lun-a] fc1/9 11 0x1c00e2 21:03:00:13:78:ac:03:fd 20:03:00:13:78:ac:03:fd [p3-lun-a] fc1/9 11 0x1c00e4 21:02:00:13:78:ac:03:fd 20:02:00:13:78:ac:03:fd [p2-lun-a] fc1/9 11 0x1c00e8 21:01:00:13:78:ac:03:fd 20:01:00:13:78:ac:03:fd [p1-lun-a] fc1/9 11 0x1c00ef 21:00:00:13:78:ac:03:fd 20:00:00:13:78:ac:03:fd [VMFS-LUN-a] Total number of flogi = 13. Note Step 4 Your output may be slightly different depending on which switch you perform the command from, and based on which servers are active on the fabric. The nine devices connected to interface fc1/9 are the eight boot LUNs for the Cisco UCS B-Series blade servers. There is also a 200GB VMFS shared LUN that is used to administer the lab equipment. Note Step 5 Your output may be slightly different depending on which switch you perform the command from. The next step in verification is to confirm that all the devices have registered in the fabric. The output from the show fcns database command should be the same on both switches in VSAN 11 and VSAN 12. 158 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

N5K-A# show fcns database VSAN 11: -------------------------------------------------------------------------- FCID TYPE PWWN (VENDOR) FC4-TYPE:FEATURE -------------------------------------------------------------------------- 0x1c00d9 NL 21:08:00:13:78:ac:03:fd scsi-fcp:target [p8-lun-a] 0x1c00da NL 21:07:00:13:78:ac:03:fd scsi-fcp:target [p7-lun-a] 0x1c00dc NL 21:06:00:13:78:ac:03:fd scsi-fcp:target [p6-lun-a] 0x1c00e0 NL 21:05:00:13:78:ac:03:fd scsi-fcp:target [p5-lun-a] 0x1c00e1 NL 21:04:00:13:78:ac:03:fd scsi-fcp:target [p4-lun-a] 0x1c00e2 NL 21:03:00:13:78:ac:03:fd scsi-fcp:target [p3-lun-a] 0x1c00e4 NL 21:02:00:13:78:ac:03:fd scsi-fcp:target [p2-lun-a] 0x1c00e8 NL 21:01:00:13:78:ac:03:fd scsi-fcp:target [p1-lun-a] 0x1c00ef NL 21:00:00:13:78:ac:03:fd ipfc scsi-fcp:both [VMFS-LUN-a] 0x1c0100 N 20:44:54:7f:ee:19:ad:80 (Cisco) npv 0x1c0200 N 20:42:54:7f:ee:19:ad:80 (Cisco) npv 0x1c0300 N 20:43:54:7f:ee:19:ad:80 (Cisco) npv 0x1c0400 N 20:41:54:7f:ee:19:ad:80 (Cisco) npv 0xec0000 N 20:00:00:25:b5:40:40:0a [p6-c-a-esx] 0xec0001 N 20:00:00:25:b5:40:40:00 [p1-c-a-esx] 0xec0002 N 20:00:00:25:b5:40:40:0e [p8-c-a-esx] 0xec0003 N 20:00:00:25:b5:40:40:08 [p5-c-a-esx] 0xec0004 N 20:00:00:25:b5:40:40:02 [p2-c-a-esx] 0xec0005 N 20:00:00:25:b5:40:40:0c [p7-c-a-esx] 0xec0006 N 20:00:00:25:b5:40:40:04 [p3-c-a-esx] 0xec0007 N 20:00:00:25:b5:40:40:06 [p4-c-a-esx] Total number of entries = 21 MDS-A# show fcns database VSAN 11: -------------------------------------------------------------------------- FCID TYPE PWWN (VENDOR) FC4-TYPE:FEATURE -------------------------------------------------------------------------- 0x1c00d9 NL 21:08:00:13:78:ac:03:fd scsi-fcp:both [p8-lun-a] 0x1c00da NL 21:07:00:13:78:ac:03:fd scsi-fcp:both [p7-lun-a] 0x1c00dc NL 21:06:00:13:78:ac:03:fd scsi-fcp:both [p6-lun-a] 0x1c00e0 NL 21:05:00:13:78:ac:03:fd scsi-fcp:both 2012 Cisco Systems, Inc. Lab Guide 159

[p5-lun-a] 0x1c00e1 NL 21:04:00:13:78:ac:03:fd scsi-fcp:both [p4-lun-a] 0x1c00e2 NL 21:03:00:13:78:ac:03:fd scsi-fcp:both [p3-lun-a] 0x1c00e4 NL 21:02:00:13:78:ac:03:fd scsi-fcp:both [p2-lun-a] 0x1c00e8 NL 21:01:00:13:78:ac:03:fd scsi-fcp:both [p1-lun-a] 0x1c00ef NL 21:00:00:13:78:ac:03:fd ipfc scsi-fcp:both [VMFS-LUN-a] 0x1c0100 N 20:44:54:7f:ee:19:ad:80 (Cisco) npv 0x1c0200 N 20:42:54:7f:ee:19:ad:80 (Cisco) npv 0x1c0300 N 20:43:54:7f:ee:19:ad:80 (Cisco) npv 0x1c0400 N 20:41:54:7f:ee:19:ad:80 (Cisco) npv 0xec0000 N 20:00:00:25:b5:40:40:0a [p6-c-a-esx] 0xec0001 N 20:00:00:25:b5:40:40:00 [p1-c-a-esx] 0xec0002 N 20:00:00:25:b5:40:40:0e [p8-c-a-esx] 0xec0003 N 20:00:00:25:b5:40:40:08 [p5-c-a-esx] 0xec0004 N 20:00:00:25:b5:40:40:02 [p2-c-a-esx] 0xec0005 N 20:00:00:25:b5:40:40:0c [p7-c-a-esx] 0xec0006 N 20:00:00:25:b5:40:40:04 [p3-c-a-esx] 0xec0007 N 20:00:00:25:b5:40:40:06 [p4-c-a-esx] Total number of entries = 21 Note Your output may be slightly different depending on which switch you perform the command from. Q1) Do you see any differences? Step 6 View the details of an entry in the FCNS database on MDS-A and N5K-A. Note The FCID highlighted in the command example is most likely not in your FCNS database. Use one of the actual FCID values from the show fcns database command to replace that value. MDS-A# show fcns database fcid 0xec0001 detail vsan 11 ------------------------ VSAN:11 FCID:0xec0001 ------------------------ port-wwn (vendor) :20:00:00:25:b5:40:40:00 [p1-c-a-esx] node-wwn :20:00:00:25:b5:30:30:01 class :3 node-ip-addr :0.0.0.0 ipa :ff ff ff ff ff ff ff ff fc4-types:fc4_features : symbolic-port-name : 160 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

symbolic-node-name : port-type :N port-ip-addr :0.0.0.0 fabric-port-wwn :20:0a:54:7f:ee:ee:e3:7f hard-addr :0x000000 permanent-port-wwn (vendor) :00:00:00:00:00:00:00:00 connected interface :fc1/10 switch name (IP address) :N5K-A (172.16.1.41) Total number of entries = 1 N5K-A# sh fcns database fcid 0xec0001 detail vsan 11 ------------------------ VSAN:11 FCID:0xec0001 ------------------------ port-wwn (vendor) :20:00:00:25:b5:40:40:00 [p1-c-a-esx] node-wwn :20:00:00:25:b5:30:30:01 class :3 node-ip-addr :0.0.0.0 ipa :ff ff ff ff ff ff ff ff fc4-types:fc4_features : symbolic-port-name : symbolic-node-name : port-type :N port-ip-addr :0.0.0.0 fabric-port-wwn :20:0a:54:7f:ee:ee:e3:7f hard-addr :0x000000 permanent-port-wwn (vendor) :20:00:00:25:b5:40:40:00 Connected Interface :vfc11 Switch Name (IP address) :N5K-A (172.16.1.41) Activity Verification Total number of entries = 1 You have completed this task when you attain these results: You have successfully verified that devices have been able to log in and register in the fabric. You have displayed the databases that contain the login and fabric information. 2012 Cisco Systems, Inc. Lab Guide 161

Lab 3-4: Viewing the tech-support Command Output Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to a Cisco MDS 9100 Series Multilayer Fabric switch and view the tech-support command outputs. After completing this activity, you will be able to meet this objective: View the tech-support command outputs on the Cisco MDS 9100 Series switch Visual Objective The figure illustrates what you will accomplish in this activity. MDS-A MDS-B N5K-A N5K-B 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 20 Required Resources These are the resources and equipment that are required to complete this activity: One Cisco MDS 9100 Series Multilayer Fabric switch One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 162 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show tech-support show tech-support brief show tech-support bootvar show tech-support details show tech-support device-alias show tech-support license Description Displays the content of the tech-support output Displays the switch summary Gathers detailed information for boot variables troubleshooting Gathers detailed information for troubleshooting Shows device-alias technical support information Displays license information Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 163

Task 1: View the tech-support Command Output Activity Procedure In this task, you will use the CLI commands to view the tech-support command outputs on the Cisco MDS 9100 Series Multilayer Fabric Switch and the Cisco Nexus 5000 Series switch. Complete these steps: Step 1 Step 2 Using the credentials that are provided by your instructor, connect to the remote lab and your pod and open an SSH session to both N5K switches and both Cisco MDS 9100 Series Multilayer Fabric Switches. Log in using username admin and password 1234QWer. Note The show tech-support command has a large amount of data to display because it covers all aspects of the switch that are needed during troubleshooting. Rather than display the output on the console, it is better to send the output to a file, which can then be copied off the switch for offline analysis. Step 3 On your PC, start the TFTP server and ensure it is running before performing Step 4. The 3CDaemon icon is on your student desktop. Step 4 Step 5 Run the command show tech-support > tftp://172.16.1.2p/mds-x_techsupport. (where P = your pod number, and X = either A, or B depending on MDS-A or MDS-B). This command will send the output to a file on the TFTP server. The command may take a few minutes to complete. To verify that it is copying to the TFTP server, look at the TFTP server details on the Windows PC. MDS-A# show tech-support > tftp://172.16.1.21/mdsa_techsupport Trying to connect to tftp server... Connection to server Established. Copying Started... TFTP put operation was successful 164 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 6 Step 7 Rather than perform a complete output of the show tech-support command, it is possible to filter it for specific areas that need further analysis. The show tech-support brief command displays a summary of the tech support details. Run this command on the Cisco MDS 9100 Series Multilayer Fabric switch. MDS-A# show tech-support brief Switch Name Switch Type : : 5.2(2a) bootflash:/m9100-s2ek9-kickstart- Kickstart Image mz.5.2.2a.bin System Image : MDS-A IP Address/Mask : 172.16.1.51/24 No of VSANs : 2 Configured VSANs : 1,11 : 5.2(2a) bootflash:/m9100-s2ek9-mz.5.2.2a.bin VSAN 1: name:vsan0001, state:active, interop mode:default domain id:0xb7(183), WWN:20:01:54:7f:ee:e4:80:81 [Principal] active-zone:<none>, default-zone:deny VSAN 11: name:san-a, state:active, interop mode:default domain id:0x1c(28), WWN:20:0b:54:7f:ee:e4:80:81 [Principal] active-zone:size:, default-zone:deny ----------------------------------------------------------------------------- Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ----------------------------------------------------------------------------- fc1/1 1 auto on trunking swl TE 4 -- fc1/2 1 auto on trunking swl TE 4 -- fc1/3 1 auto on trunking swl TE 4 -- fc1/4 1 auto on trunking swl TE 4 -- fc1/5 11 auto on up swl F 4 -- fc1/6 11 auto on up swl F 4 -- fc1/7 11 auto on up swl F 4 -- fc1/8 11 auto on up swl F 4 -- fc1/9 11 auto on up swl FL 4 -- fc1/10 1 auto on sfpabsent -- -- -- fc1/11 1 auto on sfpabsent -- -- -- fc1/12 1 auto on sfpabsent -- -- -- fc1/13 1 auto on sfpabsent -- -- -- fc1/14 1 auto on sfpabsent -- -- -- fc1/15 1 auto on sfpabsent -- -- -- fc1/16 1 auto on sfpabsent -- -- -- fc1/17 1 auto on sfpabsent -- -- -- fc1/18 1 auto on sfpabsent -- -- -- fc1/19 1 auto on sfpabsent -- -- -- fc1/20 1 auto on sfpabsent -- -- -- fc1/21 1 auto on sfpabsent -- -- -- fc1/22 1 auto on sfpabsent -- -- -- fc1/23 1 auto on sfpabsent -- -- -- fc1/24 1 auto on sfpabsent -- -- -- 2012 Cisco Systems, Inc. Lab Guide 165

----------------------------------------------------------------------------- Interface Status Speed (Gbps) ----------------------------------------------------------------------------- sup-fc0 up 1 Step 8 ----------------------------------------------------------------------------- -- Interface Status IP Address Speed MTU ----------------------------------------------------------------------------- mgmt0 up 172.16.1.51/24 100 Mbps 1500 Q1) How many VSANs have been configured on the switch? Q2) What is the operational speed of the Fibre Channel interfaces? Q3) Which software image is being used? Q4) What is the default zone policy for each VSAN? The show tech-support device-alias can be used when troubleshooting device alias issues in the fabric. Run the command show tech-support device-alias on the Cisco MDS 9100 Series switch. MDS-A# show tech-support device-alias device-alias name p1-lun-a pwwn 21:01:00:13:78:ac:03:fd device-alias name p1-lun-b pwwn 22:01:00:13:78:ac:03:fd device-alias name p2-lun-a pwwn 21:02:00:13:78:ac:03:fd device-alias name p2-lun-b pwwn 22:02:00:13:78:ac:03:fd device-alias name p3-lun-a pwwn 21:03:00:13:78:ac:03:fd device-alias name p3-lun-b pwwn 22:03:00:13:78:ac:03:fd device-alias name p4-lun-a pwwn 21:04:00:13:78:ac:03:fd device-alias name p4-lun-b pwwn 22:04:00:13:78:ac:03:fd device-alias name p5-lun-a pwwn 21:05:00:13:78:ac:03:fd device-alias name p5-lun-b pwwn 22:05:00:13:78:ac:03:fd device-alias name p6-lun-a pwwn 21:06:00:13:78:ac:03:fd device-alias name p6-lun-b pwwn 22:06:00:13:78:ac:03:fd device-alias name p7-lun-a pwwn 21:07:00:13:78:ac:03:fd device-alias name p7-lun-b pwwn 22:07:00:13:78:ac:03:fd device-alias name p8-lun-a pwwn 21:08:00:13:78:ac:03:fd device-alias name p8-lun-b pwwn 22:08:00:13:78:ac:03:fd device-alias name VMFS-LUN-a pwwn 21:00:00:13:78:ac:03:fd device-alias name VMFS-LUN-b pwwn 22:00:00:13:78:ac:03:fd device-alias name p1-b-a-esx pwwn 20:00:00:25:b5:20:20:00 device-alias name p1-b-b-esx pwwn 20:00:00:25:b5:20:20:02 device-alias name p1-c-a-esx pwwn 20:00:00:25:b5:40:40:00 device-alias name p1-c-b-esx pwwn 20:00:00:25:b5:40:40:01 device-alias name p2-b-b-esx pwwn 20:00:00:25:b5:20:20:03 device-alias name p2-c-a-esx pwwn 20:00:00:25:b5:40:40:02 device-alias name p2-c-b-esx pwwn 20:00:00:25:b5:40:40:03 device-alias name p3-b-a-esx pwwn 20:00:00:25:b5:20:20:04 device-alias name p3-b-b-esx pwwn 20:00:00:25:b5:20:20:05 device-alias name p3-c-a-esx pwwn 20:00:00:25:b5:40:40:04 device-alias name p3-c-b-esx pwwn 20:00:00:25:b5:40:40:05 device-alias name p4-b-a-esx pwwn 20:00:00:25:b5:20:20:06 device-alias name p4-b-b-esx pwwn 20:00:00:25:b5:20:20:07 device-alias name p4-c-a-esx pwwn 20:00:00:25:b5:40:40:06 device-alias name p4-c-b-esx pwwn 20:00:00:25:b5:40:40:07 166 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

device-alias name p5-b-a-esx pwwn 20:00:00:25:b5:20:20:08 device-alias name p5-b-b-esx pwwn 20:00:00:25:b5:20:20:09 device-alias name p5-c-a-esx pwwn 20:00:00:25:b5:40:40:08 device-alias name p5-c-b-esx pwwn 20:00:00:25:b5:40:40:09 device-alias name p6-b-a-esx pwwn 20:00:00:25:b5:20:20:0a device-alias name p6-b-b-esx pwwn 20:00:00:25:b5:20:20:0b device-alias name p6-c-a-esx pwwn 20:00:00:25:b5:40:40:0a device-alias name p6-c-b-esx pwwn 20:00:00:25:b5:40:40:0b device-alias name p7-b-a-esx pwwn 20:00:00:25:b5:20:20:0c device-alias name p7-b-b-esx pwwn 20:00:00:25:b5:20:20:0d device-alias name p7-c-a-esx pwwn 20:00:00:25:b5:40:40:0c device-alias name p7-c-b-esx pwwn 20:00:00:25:b5:40:40:0d device-alias name p8-b-a-esx pwwn 20:00:00:25:b5:20:20:0e device-alias name p8-b-b-esx pwwn 20:00:00:25:b5:20:20:0f device-alias name p8-c-a-esx pwwn 20:00:00:25:b5:40:40:0e device-alias name p8-c-b-esx pwwn 20:00:00:25:b5:40:40:0f Total number of entries = 49 `show device-alias pending` There are no pending changes `show device-alias pending-diff` There are no pending changes `show device-alias status` Fabric Distribution: Enabled Database:- Device Aliases 49 Mode: Basic Checksum: 0x85a5418f64d4b0b577c98c782221d79 `show device-alias session status` Last Action Time Stamp : Tue Oct 8 12:31:08 2013 Last Action : Commit Last Action Result : Success Last Action Failure Reason : none `show device-alias merge status` Result: Success Reason: None `show device-alias statistics` Device Alias Statistics =========================================== Lock requests sent: 1 Database update requests sent: 1 Unlock requests sent: 1 Lock requests received: 0 Database update requests received: 0 Unlock requests received: 0 Lock rejects sent: 0 Database update rejects sent: 0 Unlock rejects sent: 0 Lock rejects received: 0 Database update rejects received: 0 Unlock rejects received: 0 Merge requests received: 2 Merge request rejects sent: 0 Merge responses received: 0 Merge response rejects sent: 0 Activation requests received: 2 Activation request rejects sent: 0 Activation requests sent: 0 Activation request rejects received: 0 Validation requests sent: 1 Validation requests received: 2 Validation request rejects sent: 0 Validation request rejects received: 0 Discover requests sent: 1 Discover request rejects received: 0 `show device-alias internal info` Fabric Distribution: Enabled Local SWWN: 20:00:54:7f:ee:e4:80:80 DB Lock:- -(0) Database:- Device Aliases 49 Mode: Basic 2012 Cisco Systems, Inc. Lab Guide 167

Checksum: 0x85a5418f64d4b0b577c98c782221d79 Last Action Time Stamp : Tue Oct 8 12:31:08 2013 Last Action : Commit Last Action Result : Success Last Action Failure Reason : none Last MR rcvd from: 20:00:54:7f:ee:ee:e3:40 At 789435 usecs after Fri Oct 11 06:06:49 2013 Status: Success `show device-alias internal peer-info` Peer Info Table: =================== Total number of peers: 0 `show device-alias internal validation-info` Validation timer: 0s Per SAP Info Table: =================== SAPS: 0 MTS Buffer Array Details: ========================= Buffers: 0 Local Status: ============= Num Reqs Sent: 0 Num SAPs Done: 0 Failed SAP : 0 Status: SUCCESS Expln: Remote Status: ============== CFS Resp Rcvd: FALSE Failed SWWN : 00:00:00:00:00:00:00:00 SAP : 0 Status: SUCCESS Expln: Statistics: =========== Local Num Busy : 0 Remote Num Busy : 0 `show device-alias internal event-history session-fsm` >>>>FSM: <Session> has 66 logged transitions<<<<< 1) FSM:<Session> Transition at 116768 usecs after Tue Oct 8 12:31:06 2013 Previous state: [DDAS_SESSION_ST_IDLE] Triggered event: [DDAS_SESSION_EV_SESSION_BEGIN] Next state: [DDAS_SESSION_ST_LOCKING_FABRIC] 2) FSM:<Session> Transition at 123505 usecs after Tue Oct 8 12:31:06 2013 Previous state: [DDAS_SESSION_ST_LOCKING_FABRIC] Triggered event: [DDAS_SESSION_EV_CFS_OPER_SUCCESS] Next state: [DDAS_SESSION_ST_DISCOVERING_PEERS] -- remaining output removed 168 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 9 Using the information from this output, answer the following questions. Q5) How many entries are there in the device-alias database? Q6) Which pwwn is being used by Disk1 and Disk2? Q7) Are there any pending changes to the device-alias database? Step 10 The command show tech-support license is useful for troubleshooting licensing issues. Run the show tech-support license command on the Cisco MDS 9100 Series Multilayer Fabric switch. Note Your output will be different unless you are on the exact MDS-A illustrated in the example. MDS-A# show tech-support license `show license host-id` License hostid: VDH=FOX1609GYNM `show license` MDSFOX1609GYNM.lic: SERVER this_host ANY VENDOR cisco INCREMENT ENTERPRISE_PKG cisco 1.0 permanent uncounted \ VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>L- M9100ENT1K9=</SKU > \ HOSTID=VDH=FOX1609GYNM \ NOTICE="<LicFileID>20130129162533072</LicFileID><LicLineID>1</LicLineID> \ <PAK></PAK>" SIGN=AF28AC78FFF4 INCREMENT PORT_ACTIVATION_PKG cisco 1.0 permanent 8 \ VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>M9124PL8-4G</SKU> \ HOSTID=VDH=FOX1609GYNM \ NOTICE="<LicFileID>20130129162533072</LicFileID><LicLineID>2</LicLineID> \ <PAK></PAK>" SIGN=BBEBFB467F52 `show license feature package mapping` ------------------------ Feature-Name: fcoe ------------------------ Linecard-Type Package All or Any Package-Name(ver) :AIDA :any :FCOE-N7K-F132XP(1.0) ------------------------ Feature-Name: lisp ------------------------ Linecard-Type Package All or Any Package-Name(ver) :SUP :any :TRANSPORT_SERVICES_PKG(1.0) ------------------------ 2012 Cisco Systems, Inc. Lab Guide 169

Feature-Name: mpls_te ------------------------ Linecard-Type Package All or Any Package-Name(ver) :SUP :any :MPLS_PKG(1.0) ------------------------ Feature-Name: ldp ------------------------ Linecard-Type Package All or Any Package-Name(ver) :SUP :any :MPLS_PKG(1.0) ------------------------ Feature-Name: l3vpn ------------------------ Linecard-Type Package All or Any Package-Name(ver) :SUP :any :MPLS_PKG(1.0) `show license usage ` Feature Ins Lic Status Expiry Date Comments Count ------------------------------------------------------------------------------ FM_SERVER_PKG No - Unused - ENTERPRISE_PKG Yes - Unused never - PORT_ACTIVATION_PKG Yes 16 In use never - 10G_PORT_ACTIVATION_PKG No 0 Unused - ------------------------------------------------------------------------------ `show running-config license all`!command: show running-config license all!time: Sun Oct 13 10:41:01 2013 version 5.2(2a) license grace-period `show system internal license event-history` 1) Event:E_MTS_RX, length:60, at 955891 usecs after Sun Oct 13 10:41:01 2013 [NOT] Opc:MTS_OPC_VSH_ACFG_GEN(7663), Id:0X000DEB5A, Ret:SUCCESS Src:0x00000101/8192, Dst:0x00000101/106, Flags:None HA_SEQNO:0X00000000, RRtoken:0x00000000, Sync:UNKNOWN, Payloadsize:2840 Payload: 0x0000: 00 00 20 00 00 00 02 00 ff ff ff ff ff ff ff ff 2) Event:E_MTS_RX, length:60, at 473269 usecs after Sun Oct 13 10:41:01 2013 [REQ] Opc:MTS_OPC_VSH_CMD_TLV(7679), Id:0X000DEB27, Ret:SUCCESS Src:0x00000101/8187, Dst:0x00000101/106, Flags:None HA_SEQNO:0X00000000, RRtoken:0x000DEB27, Sync:UNKNOWN, Payloadsize:244 Payload: 0x0000: 01 02 03 04 00 00 00 f4 00 00 00 00 00 00 00 00 -- remaining output removed Q8) How many ports are licensed? Q9) Which feature names are mapped to the linecard-type SUP? 170 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity Verification Q10) Are there any feature names mapped to the linecard-type AIDA? Q11) There are a number of show tech-support commands. Which command would be used to troubleshoot the boot variables? You have completed this task when you attain this result: You have successfully viewed the output of the show tech-support <variable> command. 2012 Cisco Systems, Inc. Lab Guide 171

Lab 4-1: Validating the Physical Connections for FCoE Complete this lab activity to practice what you learned in the related module. Activity Objective In this activity, you will connect to a Cisco Nexus 5000 Series switch and validate the physical connections for FCoE. After completing this activity, you will be able to meet this objective: Verify the physical connections that are required for FCoE Visual Objective The figure illustrates what you will accomplish in this activity. JBOD Fibre Channel Fibre Channel MDS-A MDS-B Fibre Channel Fibre Channel N5K-A N5K-B FCoE FCoE 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 21 Required Resources These are the resources and equipment that are required to complete this activity: One Cisco Nexus 5000 Series switch One PC with an SSH application for remote connectivity 172 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command show interface brief show interface Ethernet x/y show interface Ethernet x/y transceiver show interface Ethernet x/y status show interface Ethernet x/y fcoe show interface vfc x Description Displays a brief summary of all interfaces Displays detailed information for an interface Displays the interface transceiver information Displays the interface line status Displays the FCoE information for an interface Displays the logical interface information Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 173

Task 1: Validate FCoE Physical Connections Activity Procedure In this task, you will use the CLI commands to validate FCoE physical connections on the Cisco Nexus 5000 Series switch. Complete these steps: Step 1 Step 2 Step 3 Using the credentials that are provided by your instructor, connect to the remote lab and your pod and open an SSH session to both Cisco Nexus 5000 Series Switches. Log in using username admin password 1234QWer. The show interface brief command displays summary information about all interfaces on the Cisco Nexus 5000 Series switch. Run the show interface brief command. N5K-A# show interface brief ------------------------------------------------------------------------------- Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------- fc1/29 1 auto on trunking swl TE 4 -- fc1/30 1 auto on trunking swl TE 4 -- fc1/31 1 auto on trunking swl TE 4 -- fc1/32 1 auto on trunking swl TE 4 -- -------------------------------------------------------------------------------- Ethernet VLAN Type Mode Status Reason Speed Por t Interface Ch # -------------------------------------------------------------------------------- Eth1/1 1 eth trunk up none 10G(D) 71 Eth1/2 1 eth trunk up none 10G(D) 71 Eth1/3 1 eth trunk up none 10G(D) 71 Eth1/4 1 eth trunk up none 10G(D) 71 Eth1/5 1 eth access up none 10G(D) -- Eth1/6 18 eth access up none 1000(D) -- Eth1/7 1 eth access down Link not connected 10G(D) -- Eth1/8 1 eth access down SFP not inserted 10G(D) -- Eth1/9 1 eth access up none 10G(D) -- Eth1/10 1 eth access up none 10G(D) -- Eth1/11 1 eth trunk up none 10G(D) -- Eth1/12 1 eth trunk up none 10G(D) -- Eth1/13 1 eth trunk up none 10G(D) -- Eth1/14 1 eth trunk up none 10G(D) -- Eth1/15 1 eth trunk up none 10G(D) -- Eth1/16 1 eth trunk up none 10G(D) -- Eth1/17 1 eth trunk up none 10G(D) -- Eth1/18 1 eth trunk up none 10G(D) -- Eth1/19 1 eth access down SFP not inserted 10G(D) -- Eth1/20 1 eth access up none 10G(D) -- Eth1/21 1 eth access up none 10G(D) -- Eth1/22 1 eth access up none 10G(D) -- Eth1/23 1 eth access up none 10G(D) -- Eth1/24 1 eth access up none 10G(D) -- Eth1/25 1 eth access up none 10G(D) -- Eth1/26 1 eth access up none 10G(D) -- Eth1/27 1 eth access up none 10G(D) -- Eth1/28 1 eth access down SFP validation failed 10G(D) -- ------------------------------------------------------------------------------ Port-channel VLAN Type Mode Status Reason Speed Proto col Interface ------------------------------------------------------------------------------ 174 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Po71 1 eth trunk up none a-10g(d) la cp ------------------------------------------------------------------------------ Port VRF Status IP Address Speed MTU ------------------------------------------------------------------------------ mgmt0 -- up 172.16.1.41 1000 1500 ------------------------------------------------------------------------------ Interface Vsan Admin Admin Status SFP Oper Oper Port Mode Trunk Mode Speed Channel Mode (Gbps) ------------------------------------------------------------------------------ vfc11 11 F on trunking -- TF auto -- vfc12 11 F on trunking -- TF auto -- vfc13 11 F on trunking -- TF auto -- vfc14 11 F on trunking -- TF auto -- vfc15 11 F on trunking -- TF auto -- vfc16 11 F on trunking -- TF auto -- vfc17 11 F on trunking -- TF auto -- vfc18 11 F on trunking -- TF auto -- ------------------------------------------------------------------------------ Interface Secondary VLAN(Type) Status Reason ------------------------------------------------------------------------------ Vlan1 -- down Administratively down Step 4 Q1) Which interfaces belong to a port channel? Q2) What is the port channel number that they belong to? Q3) Is this the only port channel, and if so, what is the other port channel interface number? Ports are configured for trunking or access mode. Use the show interface Ethernet 1/1 command to view details about the access port. N5K-A# show interface ethernet 1/1 Ethernet1/1 is up Hardware: 1000/10000 Ethernet, address: 547f.ee5c.6ea8 (bia 547f.ee5c.6ea8) MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA Port mode is access full-duplex, 10 Gb/s, media type is 10G Beacon is turned off Input flow-control is off, output flow-control is off Rate mode is dedicated Switchport monitor is off EtherType is 0x8100 Last link flapped 1week(s) 3day(s) Last clearing of "show interface" counters never 30 seconds input rate 32 bits/sec, 0 packets/sec 30 seconds output rate 440 bits/sec, 0 packets/sec Load-Interval #2: 5 minute (300 seconds) input rate 64 bps, 0 pps; output rate 200 bps, 0 pps RX 2012 Cisco Systems, Inc. Lab Guide 175

0 unicast packets 47360 multicast packets 0 broadcast packets 47360 input packets 8524696 bytes 0 jumbo packets 0 storm suppression bytes 0 runts 0 giants 0 CRC 0 no buffer 0 input error 0 short frame 0 overrun 0 underrun 0 ignored 0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop 0 input with dribble 0 input discard 0 Rx pause TX 0 unicast packets 656172 multicast packets 12263 broadcast packets 668435 output packets 64537816 bytes 0 jumbo packets 0 output errors 0 collision 0 deferred 0 late collision 0 lost carrier 0 no carrier 0 babble 0 output discard 0 Tx pause 1 interface resets Q4) What speed is this interface running at? Q5) What duplex mode is configured? Q6) Have there been any link flaps identified? Q7) If so, how many? Q8) Is this interface up for FCoE? (Use the show interface Ethernet 1/1 fcoe to verify.) Q9) What SFP is installed in the port? (Use the show interface Ethernet 1/1 status to identify the SFP.) Step 5 Step 6 Use the show interface Ethernet 1/1 transceiver command to identify the name and part number of the transceiver that is being used. Run the same commands on interface Ethernet 1/2 to answer the same questions. Q10) What speed is this interface running at? Q11) What duplex mode is configured? Q12) Have there been any link flaps identified? Q13) Is this interface up for FCoE? (Use the show interface Ethernet 1/2 fcoe to verify.) Q14) What SFP is installed in the port? (Use the show interface Ethernet 1/2 status to identify the SFP.) 176 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 7 The virtual Fibre Channel interfaces connect to the servers. Run the show interface vfc 1P command (where P = you pod number. The example below is for pod 1. N5K-A# show interface vfc 11 vfc11 is trunking Bound interface is Ethernet1/11 Port description is C200-1 FCoE Hardware is Ethernet Port WWN is 20:0a:54:7f:ee:ee:e3:7f Admin port mode is F, trunk mode is on snmp link state traps are enabled Port mode is TF Port vsan is 11 Trunk vsans (admin allowed and active) (11) Trunk vsans (up) (11) Trunk vsans (isolated) () Trunk vsans (initializing) () 1 minute input rate 0 bits/sec, 0 bytes/sec, 0 frames/sec 1 minute output rate 0 bits/sec, 0 bytes/sec, 0 frames/sec 20747 frames input, 3803872 bytes 0 discards, 0 errors 62 frames output, 8772 bytes 0 discards, 0 errors last clearing of "show interface" counters never Interface last changed at Wed Oct 9 19:52:35 2013 Q15) Which physical interface is the virtual interface bound to? Q16) What port mode is the interface running in? Q17) What is the port VSAN number? Q18) Which VSANs are active? Step 8 Can you run the command show interface vfc 11 transceiver to view the transceiver details? Q19) Why is it not possible to view the transceiver details? Activity Verification You have completed this task when you attain this result: You have successfully verified the physical and logical interface connections. 2012 Cisco Systems, Inc. Lab Guide 177

Activity 5-1: Cisco UCS 6120XP Fabric Interconnect Initial Setup Script (Instructor Demonstration Only) The instructor will complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, the instructor will demonstrate how to perform an initial setup on a Cisco UCS 6120XP Fabric Interconnect cluster. After completing this activity, you will be able to meet these objectives: Understand how to use the initial setup script to perform an initial configuration on the Cisco UCS 6120XP Fabric Interconnect cluster Understand which parameters are required for the initial configuration on the Cisco UCS 6120XP Fabric Interconnect cluster Visual Objective The figure illustrates what you will accomplish in this activity. IP Addressing Cluster Mode Admin Password Hostname Join Cluster Fabric A Fabric B L1 L2 L1 L2 L1 L2 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 22 Required Resources These are the resources and equipment that are required to complete this activity: Two Cisco UCS 6120XP Fabric Interconnect clusters One PC with access to the Cisco UCS 6120XP Fabric Interconnect serial consoles 178 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Command List The table describes the commands that are used in this activity. Command setup Show cluster state show cluster extendedstate Description Runs the setup script Displays the operational state of the Cisco UCS cluster Displays the operational state of the Cisco UCS cluster with details Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 179

Task 1: Connect to the Serial Console of Both Cisco UCS 6120XP Fabric Interconnects and Erase the Configurations Activity Procedure During this task, the instructor will demonstrate how to baseline the Cisco UCS 6120XP Fabric Interconnects. Complete these steps: Step 1 Step 2 Step 3 Step 4 Your instructor will connect to the remote lab. Your instructor will click the icons for each Cisco UCS 6120XP Fabric Interconnect. A remote connection to the serial consoles of each Cisco UCS 6120XP Fabric Interconnect will open up. Your instructor will log in to the Cisco UCS 6120XP Fabric Interconnect using username admin and password 1234QWer. 180 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 2: Provision the Cisco UCS 6120XP Fabric Interconnect A in Cluster Mode Activity Procedure The instructor will run the setup script on a fabric interconnect to demonstrate provisioning the primary cluster peer. Complete these steps: Step 1 Connect to the serial console of fabric interconnect A. Cisco UCS 6100 Series Fabric Interconnect UCS-A login: admin Password: 1234QWer Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2011, Cisco Systems, Inc. All rights reserved. UCS-A# Step 2 Connect to the Local Management Interface of fabric interconnect A and clear the configuration. UCS-A# connect local-mgmt Cisco Nexus Operating System (NX-OS) Software UCS-A(local-mgmt)# erase configuration All UCS configurations will be erased and system will reboot. Are you sure? (yes/no): yes Removing all the configuration. Please wait... Configurations are cleaned up. Rebooting... Step 3 Connect to the Local Management Interface of fabric interconnect B and clear the configuration. UCS-B# connect local-mgmt Cisco Nexus Operating System (NX-OS) Software UCS-B(local-mgmt)# erase configuration All UCS configurations will be erased and system will reboot. Are you sure? (yes/no): yes Removing all the configuration. Please wait... Configurations are cleaned up. Rebooting... Note It is important to restore both fabric interconnects to factory baseline state. If only one cluster peer is erased, the previous configuration will still survive on the other peer. Step 4 After fabric interconnect A reboots, enter console as the method of setup. ---- Basic System Configuration Dialog ---- This setup utility will guide you through the basic configuration of the system. Only minimal configuration including IP connectivity to the Fabric interconnect and its clustering mode is performed through these steps. Type Ctrl-C at any time to abort configuration and reboot system. To back track or make modifications to already entered values, complete input till end of section and answer no when prompted to apply configuration. Enter the configuration method. (console/gui)? console Step 5 Specify that you will be performing setup and not a disaster-recovery restore. Enter the setup mode; setup newly or restore from backup. (setup/restore)? setup 2012 Cisco Systems, Inc. Lab Guide 181

You have chosen to setup a new Fabric interconnect. Continue? (y/n): y Step 6 Answer y to enforce strong passwords, and then enter the password for the admin user. Enforce strong password? (y/n) [y]: y Enter the password for "admin": 1234QWer Confirm the password for "admin": 1234QWer Step 7 Answer yes to make this fabric interconnect capable of operating in a cluster. Enter A for the first peer, and then enter the hostname. Is this Fabric interconnect part of a cluster(select 'no' for standalone)? (yes/no) [n]: yes Enter the switch fabric (A/B) []: A Enter the system name: UCS Step 8 Set the management IP configuration options. Each fabric interconnect has a unique IP address as well as a shared cluster address. Physical Switch Mgmt0 IPv4 address : 172.16.1.101 Physical Switch Mgmt0 IPv4 netmask : 255.255.255.0 IPv4 address of the default gateway : 172.16.1.254 Cluster IPv4 address : 172.16.1.200 Configure the DNS Server IPv4 address? (yes/no) [n]: n Configure the default domain name? (yes/no) [n]: n Note Since you have chosen to make this fabric interconnect a cluster peer, a cluster IP address is also required. This address always connects sessions to the active management node. Step 9 Review the proposed configuration and answer yes to apply the configuration if correct. Following configurations will be applied: Switch Fabric=A System Name=UCS Enforced Strong Password=yes Physical Switch Mgmt0 IP Address=172.16.1.101 Physical Switch Mgmt0 IP Netmask=255.255.255.0 Default Gateway=172.16.1.254 Cluster Enabled=yes Cluster IP Address=172.16.1.200 NOTE: Cluster IP will be configured only after both Fabric Interconnects are initialized Apply and save the configuration (select 'no' if you want to re-enter)? (yes/no): yes Type 'reboot' to abort configuration and reboot system or hit enter to continue. (reboot/<cr>)? <CR> Applying configuration. Please wait. Configuration file - Ok Cisco UCS 6100 Series Fabric Interconnect UCS-A login: 182 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 10 Log in to the fabric interconnect. UCS-A login: admin Password: 1234QWer Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2011, Cisco Systems, Inc. All rights reserved. Step 11 Verify that cluster services are initializing by using the show cluster state command. A logging message should appear indicating a critical failure of the fabric B peer. This failure will be resolved once the peer fabric interconnect is configured and joins the cluster. UCS-A# show cluster state Cluster Id: 0x746f86a8568611e1-0xbfc7547fee496444 A: UP, ELECTION IN PROGRESS (Management services: UP) B: UNRESPONSIVE, INAPPLICABLE, (Management services: UNRESPONSIVE) HA NOT READY Peer Fabric Interconnect is down No device connected to this Fabric Interconnect 2012 Feb 14 14:48:19 UCS-A %$ VDC-1 %$ %UCSM-2- MANAGEMENT_SERVICES_UNRESPONSIVE: [F0452][critical][management-servicesunresponsive][sys/mgmt-entity-B] Fabric Interconnect B, management services are unresponsive Step 12 From a student PC, open a web browser and open the Cisco UCS Manager launch screen at http://172.16.1.101. Note As the setup wizard indicated earlier, the cluster IP address is not active until the fabric B peer joins the cluster. 2012 Cisco Systems, Inc. Lab Guide 183

Task 3: Provision the Secondary Cisco UCS 6120XP Fabric Interconnect in Cluster Mode Activity Procedure The instructor will run the setup script on the secondary fabric interconnect to demonstrate provisioning the secondary cluster peer. Complete these steps: Step 1 Step 2 Connect to the serial console of fabric interconnect B. Fabric interconnect B was reset to factory defaults in Task 1. It does not need to be repeated in this task. Once the fabric interconnect reboots, enter console as the method of setup. Enter the configuration method. (console/gui)? console Step 3 The secondary fabric interconnect should detect its peer. Answer y to join the cluster and then enter the password that was created for the admin account on the primary fabric interconnect. Installer has detected the presence of a peer Fabric interconnect. This Fabric interconnect will be added to the cluster. Continue (y/n)? y Enter the admin password of the peer Fabric interconnect: 1234QWer Connecting to peer Fabric interconnect... done Retrieving config from peer Fabric interconnect... done Peer Fabric interconnect Mgmt0 IP Address: 172.16.1.101 Peer Fabric interconnect Mgmt0 IP Netmask: 255.255.255.0 Cluster IP address : 172.16.1.200 Step 4 Enter the unicast IP address of the secondary fabric interconnect. Answer yes to save the configuration. Physical Switch Mgmt0 IPv4 address : 172.16.1.102 Apply and save the configuration (select 'no' if you want to re-enter)? (yes/no): yes Applying configuration. Please wait. Configuration file - Ok Cisco UCS 6100 Series Fabric Interconnect UCS-B login: Step 5 Log into the fabric interconnect using the admin username. UCS-B login: admin Password: 1234QWer Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2011, Cisco Systems, Inc. All rights reserved. Step 6 Verify that cluster services are running on both peers. UCS-B# show cluster state Cluster Id: 0x746f86a8568611e1-0xbfc7547fee496444 B: UP, SUBORDINATE A: UP, PRIMARY INTERNAL NETWORK INTERFACES: eth1, UP eth2, DOWN HA NOT READY No device connected to this Fabric Interconnect 184 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 7 From a student PC, open a web browser and open the Cisco UCS Manager launch screen using the IP address of fabric interconnect B: http://172.16.1.102. Step 8 Click the Launch UCS Manager button and enter admin and 1234QWer in the authentication window that appears. Cisco UCS Manager only runs on the active management node. 2012 Cisco Systems, Inc. Lab Guide 185

Step 9 From a student PC, open a web browser and open the Cisco UCS Manager launch screen using the cluster IP address http://172.16.1.200. Step 10 Click the Launch UCS Manager button and enter admin and 1234QWer in the authentication window that appears. This time, the Cisco UCS Manager GUI appears. Note The Cisco UCS 5108 blade server chassis will be discovered as soon as server interfaces are configured. Activity Verification You have completed this task when you attain these results: Observe that the instructor successfully logged into the CLI interface. Observe that the instructor successfully logged into the Cisco UCS Manager GUI using the cluster IP address. 186 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Activity 5-2: Configuring Server Ports and Chassis Discovery The instructor will complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, the instructor will demonstrate how to configure a 10-Gb Ethernet interface on the Cisco UCS 6120XP Fabric Interconnects and observe chassis and blade server discovery. After completing this activity, you will be able to meet these objectives: Understand the role of the server port personality on the Cisco UCS 6120XP Fabric Interconnects Understand the chassis discovery process Visual Objective The figure illustrates what you will accomplish in this activity. Fibre Channel Array MDS 9100 Cisco Nexus 7000 MDS 9100 Cisco UCS 5108 Blade Server Chassis 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 23 Required Resources Command List These are the resources and equipment that are required to complete this activity: Two Cisco UCS 6120XP Fabric Interconnect clusters One Cisco UCS 5108 Blade Server Chassis with two I/O modules One PC with access to the remote lab environment All procedures in this lab are performed in the Cisco UCS Manager GUI. 2012 Cisco Systems, Inc. Lab Guide 187

Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 188 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Connect to Cisco UCS Manager and Configure Server Ports Activity Procedure During this task, the instructor will demonstrate how to configure server ports on the Cisco UCS 6120XP Fabric Interconnects. Complete these steps: Step 1 Step 2 Step 3 Step 4 Your instructor will connect to the remote lab. Your instructor will open a Remote Desktop Connection to a student PC. The instructor will open a web browser and connect to the Cisco UCS Manager cluster IP address 172.16.1.200. In the equipment tab, this instructor will expand the fabric interconnects and demonstrate how to navigate to unconfigured Ethernet ports. Step 5 Step 6 Step 7 Step 8 Step 9 Notice that because all links are unconfigured, the Cisco UCS 5108 Blade Server Chassis does not yet appear in Cisco UCS Manager (no discovery has taken place). The instructor clicks an unconfigured Ethernet port from the Unconfigured Ethernet Ports menu on Fabric Interconnect A (1 in the figure) and then clicks the Configure as Server Port link (2 in the figure). The instructor then clicks the Yes button to enable the port as a server port (3 in the figure). Cisco UCS Manager detects the blade server chassis and adds it to the configuration inventory of the Cisco UCS Manager database. The instructor expands the new chassis and validates that servers are present. 2012 Cisco Systems, Inc. Lab Guide 189

Task 2: Observe B200 Blade Server Discovery in Finite State Machine Activity Procedure During this task, you will observe Cisco UCS B200 blade server discovery in Cisco UCS Manager. Complete these steps: Step 1 Expand the Chassis and Servers menu items. Step 2 Step 3 Notice that the overall status of the server is Discovery. Click the FSM tab to allow the class to observe state transitions as the Cisco UCS B200 is discovered. Step 4 A Finite State Machine (FSM) is a process that tracks and validates state transitions. When the B200 M2 blade server is being observed, components are tested first for presence in the blade server and then the component is validated. This process continues until all of the components of the server are inventoried and added to the Cisco UCS Manager database. Step 5 If the discovery process completes successfully, the Progress Status bar reaches 100% and the Status of Last Operation will indicate Discover Success. 190 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 6 Step 7 Once all servers are discovered, service profiles are created to provision the server and prepare it for operating system or hypervisor installation. To display more detailed information on the actual state transitions that occurred during the discovery process, the instructor will click the Events tab. Activity Verification You have completed this task when you attain these results: Observe that the instructor successfully configured a server port in Cisco UCS Manager and that a new chassis appeared in the Cisco UCS Manager inventory. Observe the blade server discovery progress in the FSM tab of the server. 2012 Cisco Systems, Inc. Lab Guide 191

Lab 5-1: Exploring the Cisco UCS Manager GUI Complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, you will navigate through the Cisco UCS Manager GUI to learn where to locate, monitor, and configure various activities. After completing this activity, you will be able to meet these objectives: Interact with the various elements of the Cisco UCS Manager GUI Locate important functions within the Cisco UCS Manager GUI Visual Objective The figure illustrates what you will accomplish in this activity. 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 24 Required Resources Command List These are the resources and equipment that are required to complete this activity: Two Cisco UCS 6120XP Fabric Interconnect clusters One Cisco UCS 5108 Blade Server Chassis with two I/O modules One PC with access to the remote lab environment Lab resources sheet All procedures in this lab are performed in the Cisco UCS Manager GUI. 192 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Job Aids These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan 2012 Cisco Systems, Inc. Lab Guide 193

Implementation Sheet for Lab 5-1 Explore the Cisco UCS Manager GUI Use this implementation sheet to aid in the configuration tasks in Lab 5-1. Task 3: Pod Number to Organization Mapping Pod Organization 1 Atlanta 2 Boston 3 Chicago 4 Dallas 5 Miami 6 New-York 7 San-Jose 8 Seattle 194 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 1: Connect to Cisco UCS Manager Activity Procedure In this task, you will connect to the Cisco UCS Manager GUI. Complete these steps: Step 1 Step 2 Step 3 Step 4 Connect to the remote lab using the instructions that are provided by the instructor. Open a Remote Desktop Connection to a student PC by clicking the PC icon. Open a web browser and connect to the Cisco UCS Manager Cluster IP address 172.16.1.200. Click the Launch UCS Manager button and enter admin and 1234QWer in the authentication window that appears. The Cisco UCS Manager GUI appears. 2012 Cisco Systems, Inc. Lab Guide 195

Task 2: Explore the Equipment Tab Activity Procedure In this task, you will explore the Cisco UCS Manager GUI from the equipment point of view. Complete these steps: Step 1 Step 2 Expand the Equipment tab in the Navigation pane by clicking the + sign to the left of the word Equipment in the Cisco UCS Manager GUI. Click Equipment at the top of the hierarchy, and then click the Main Topology tab on the Content pane. This tab provides a graphical view of connectivity from the fabric interconnects to the Cisco UCS 5108 Blade Server Chassis. Step 3 Expand the Chassis list by clicking the + sign to the left of Chassis. Step 4 Step 5 In the content pane, there is a graphical view of the chassis. Above the chassis, take a few minutes to explore the selection tabs that provide access to additional information about the chassis. Expand both fabric interconnects by clicking the + sign to the left of each fabric interconnect icon. (The hierarchy can be collapsed by clicking the signs.) 196 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 6 Step 7 In the content pane, click the double chevron to open the information panel that is rolled up underneath it. Click the double chevron again to roll the window up. This behavior is uniform throughout Cisco UCS Manager. Next, click the Statistics tab in the content pane. A summary of environmental statistics appears. In the upper-right portion of the statistics window is a small black triangle on a chart. Click this black triangle to choose which columns you would like to display on the table. This menu is available on any screen that displays columnar data. Add or remove check marks to display or hide columns. 2012 Cisco Systems, Inc. Lab Guide 197

Task 3: Explore the Servers Tab Activity Procedure In this task, you will explore the Cisco UCS Manager GUI from the pools and policies perspective. Complete these steps: Step 1 Step 2 In the Cisco UCS Manager GUI, click the Servers tab in the Navigation pane and expand the following tree in the hierarchy: Service Profiles > root -> Sub- Organizations > Hypothetical_Inc > Sub-Organizations > Pod_City. Click the Pod_Server1 service profile (where Pod = your assigned pod). The example in the following figure is for pod 1 Atlanta. Note Note Step 3 Step 4 Organizations are an optional configuration element that is available in the Servers, LAN, and SAN tabs. They allow the Cisco UCS administrator to create objects such as pools, policies, and profiles into separate folders. If organizations are not employed, all objects are created under the root organization. Root is always present and cannot be modified or deleted. ORD is the airport code for Chicago O Hare International airport. It was formally known Orchard Field. Take a few minutes to explore the tabs at the top of the content pane. Choose the General tab and click the KVM Console link. Step 4 You should see a VMware ESXi 5.0 server console screen. 198 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 5 From the KVM console, click the Virtual Media tab. Step 6 Step 7 Step 8 When the Virtual Media dialog box opens, click the Add Image button. Navigate to c:\software.org\vmware and choose the file named UCS-ESXi_5.0.iso. When the new virtual device appears, click the check box under the Mapped column. The ISO file will now appear as a physical DVD to the server. If ESXi were not preinstalled on your server, you would use this procedure to supply installation media to install a hypervisor or other supported operating system. 2012 Cisco Systems, Inc. Lab Guide 199

Step 9 Step 10 Uncheck the Mapped check box and then close the KVM Console. From the Servers tab, click the Filters drop-down menu. Step 11 Step 12 Choose the Pools filter to reduce the view to only pools that are associated with the Servers tab. Navigate to Pools->root->Sub-Organizations->Hypothetical_Inc-> Sub- Organizations->Pod_City. (Refer to the implementation sheet for the city of your pod.) Q1) What are the names of the Server Pool and UUID pools for your organization? Step 13 Change the filter in the Servers tab to Policies. 200 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 14 Navigate to Policies->root->Sub-Organizations->Hypothetical_Inc-> Sub- Organizations->Pod_City. (Refer to the implementation sheet for the city of your pod.) Q2) What is the name of the Adapter Policy for your organization? Task 4: Explore the LAN Tab Activity Procedure In this task, you will explore the Cisco UCS Manager GUI from the LAN perspective. Complete these steps: Step 1 Step 2 Click the LAN tab in the Navigation pane and set the Filter to LAN Cloud. Expand the LAN Cloud and choose QoS System Class. Step 3 Step 4 This view allows the administrator to adjust Class of Service, MTU, and weighting. The example Gold class that is shown here is assigned CoS of 4 and an MTU of 9216 to allow the transmission and receipt of Jumbo frames. (Jumbos are greater than 1500 bytes.) Click the + sign to the left of VLANs to expand that branch of the tree. Q1) What is the VLAN number for the vmotion VLAN for your pod? Step 5 Step 6 Step 7 Click the Filter drop-down and choose Policies. Navigate to Policies->root->Sub-Organizations->Hypothetical_Inc-> Sub- Organizations->Pod_City. Choose your QoS policy. Q2) What Priority is assigned in the Egress area of the Content pane? Note This step maps the policy that is enabled in QoS System Class and allows this policy to be consumed by your Service Profile to control traffic on Ethernet links. Step 8 Step 9 Click the Filter drop-down and choose Pools. Navigate to Pools->root->Sub-Organizations->Hypothetical_Inc-> Sub- Organizations->Pod_City. Q3) What is the range of MAC addresses in the MAC Pool for your pod? to 2012 Cisco Systems, Inc. Lab Guide 201

Task 5: Explore the SAN Tab In this task, you will explore the Cisco UCS Manager GUI from the SAN perspective. Activity Procedure Complete these steps: Step 1 Click the SAN tab in the Navigation pane and choose the Filter SAN Cloud. Step 2 Expand Fabric Interconnect A and Fabric Interconnect B. Step 3 Expand the VSANs. Q1) What VSANs are configured on each fabric interconnect? Step 4 Step 5 Step 6 Choose Pools from the Filters drop-down menu. Navigate to Pools->root->Sub-Organizations->Hypothetical_Inc-> Sub- Organizations->Pod_City. Expand the WWPN Pool for your pod. Q2) What is the range of addresses in the WWPN Pool for your pod? to 202 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 6: Explore the SAN Tab Activity Procedure In this task, you will briefly explore the VM tab. Complete these steps: Step 1 Step 2 Step 3 Click the VM tab in the Navigation pane and leave the Filter to set to All. Expand Clusters and VMware elements. The VM tab is used to configure a feature called VM-FEX, also known as VMware Pass-Through Switching (PTS). The VM tab will not be discussed further in this course. Task 7: Explore the Admin Tab Activity Procedure In this task, you will explore common administrative tasks. Complete these steps: Step 1 Click the Admin tab in the Navigation pane and leave the Filter to set to All. Step 2 The large number of options in the Admin tab makes the Filter menu very useful. 2012 Cisco Systems, Inc. Lab Guide 203

Step 3 Step 4 Click the Filter drop-down and choose Faults, Events and Audit Log. When you choose a fault in the content pane, the fault detail appears in the Details panel of the Content pane. Step 5 Step 6 In the Severity and Category sections, there are check marks that allow granular filtering of events in the event log. Uncheck a few check marks and observe the results. Click the Audit Log link in the Navigation pane. Step 7 Every time a configuration change is made to the Cisco UCS Manager database, the Audit Log records the change. This can be a useful tool to discover which user created, modified, or deleted a particular object. 204 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 8 Step 9 Click the Filter drop-down and choose User Management. Expand User Services and Locally Authenticated Users. Step 10 This view is where you add, modify, and delete locally authenticated Cisco UCS Manager users. Although the admin user cannot be deleted, it is a best practice to disable it and assign individual users administrative privileges. Activity Verification You have completed this task when you attain these results: Successfully log in to Cisco UCS Manager. Explore the equipment hierarchy in the Equipment tab. Explore service profiles and pools in the Servers tab. Explore QoS system classes and pools in the LAN tab. Explore VSANs and WWN pools in the SAN tab. Explore where communications with VMware vcenter servers are configured. Explore faults, the audit log, and local users. 2012 Cisco Systems, Inc. Lab Guide 205

Lab 5-2: Creating a Service Profile from a Template and Performing VMware ESXi 5.0 SAN Boot Complete this lab activity to demonstrate what you learned in the related module. Activity Objective In this activity, you will generate a service profile for your pod and boot VMware ESXi 5.0 from Fibre Channel SAN. After completing this activity, you will be able to meet these objectives: Explain how to access the KVM console in Cisco UCS Manager Explain how to properly shut down a VMware ESXi server Explain how to disassociate a service profile from a blade server Explain how to spawn a service profile from a service profile template Explain how to monitor service profile association with the FSM tab Explain how to boot the server Visual Objective The figure illustrates what you will accomplish in this activity. Template Pools Instantiation Service Profiles 2012 Cisco and/or its affiliates. All rights reserved. ICDCT v1.0 25 206 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Required Resources The following are the resources and equipment that are required to complete this activity: Two Cisco UCS 6120XP Fabric Interconnect clusters One Cisco UCS 5108 Blade Server Chassis with two I/O modules One PC with access to the remote lab environment Lab resource sheet Command List Job Aids All procedures in this lab are performed in the Cisco UCS Manager GUI. These job aids are available to help you complete the lab activity: Lab topology diagram Lab connections Lab addressing plan Implementation Sheet for Lab 5-2 Creating a Service Profile from a Template and Performing VMware ESXi 5.0 SAN Boot Use this implementation sheet to aid in the configuration tasks in Lab 5-2. Task 1: Pod Number to Organization Mapping Pod Organization 1 Atlanta 2 Boston 3 Chicago 4 Dallas 5 Miami 6 New-York 7 San-Jose 8 Seattle Task 3: Generate a Service Profile from a Template Pod Server Name Hostname IP Address 1 ATL_Server p1-b-esx-dc 172.17.1.121 2 BOS_Server p2-b-esx-dc 172.17.1.122 3 ORD_Server p3-b-esx-dc 172.17.1.123 4 DFW_Server p4-b-esx-dc 172.17.1.124 5 MIA_Server p5-b-esx-dc 172.17.1.125 6 JFK_Server p6-b-esx-dc 172.17.1.126 7 SJC_Server p7-b-esx-dc 172.17.1.127 8 SEA_Server p8-b-esx-dc 172.17.1.128 2012 Cisco Systems, Inc. Lab Guide 207

Task 1: Connect to Cisco UCS Manager Activity Procedure In this task, you will connect to the Cisco UCS Manager GUI. Complete these steps: Step 1 Step 2 Step 3 Step 4 Connect to the remote lab using the instructions provided by the instructor. Open a Remote Desktop Connection to a student PC by clicking the PC icon. Open a web browser and connect to the Cisco UCS Manager Cluster IP address 172.16.1.200. Click the Launch UCS Manager button and enter admin and 1234QWer in the authentication window that appears. The Cisco UCS Manager GUI appears. 208 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Task 2: Launch the KVM on Your Service Profile Activity Procedure In this task, you will connect to the KVM console. Complete these steps: Step 1 Step 2 Step 3 Step 4 Click the Servers tab in the Navigation pane and choose Service Profiles from the Filter drop-down menu. Navigate to Service Profiles->root->Sub-Organizations->Hypothetical_Inc-> Sub-Organizations->Pod_City. (Refer to the lab implementation sheet for your city.) Under your city, click the Service Profile with the name City_Server1 in the Navigation pane. In the Content pane, click the KVM Console link. Step 5 Step 6 When the Security Warning screen appears, click the Run button to continue. When the KVM Console appears, click in the window and press the F12 key until you receive a login prompt. Step 7 Step 8 Authenticate with username root and the password 1234QWer. When the Shut Down/Restart screen appears, press the F2 key to shut down VMware ESXi. 2012 Cisco Systems, Inc. Lab Guide 209

Step 9 Press the Enter key to shut down the VMware ESXi 5.0 host. You will know you are successful when you see a green background with the words No Signal in yellow. Note If you receive a warning message that virtual machines are running on the host, ask your instructor for assistance. Task 3: Disassociate Your Service Profile from Your Blade Server Activity Procedure In this task, you will disassociate and delete your service profile. Complete these steps: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Close the KVM Console and return to Cisco UCS Manager. Navigate to Service Profiles->root->Sub-Organizations->Hypothetical_Inc-> Sub-Organizations->Pod_City. (Refer to the lab implementation sheet for your city.) Under your city, click the Service Profile with the name City_Server1 in the Navigation pane. In the Content pane, click Disassociate Service Profile. Click the Yes button to confirm disassociation. The Service Profile will immediately report that it is unassociated. Because the service profile is no longer attached to a blade server, you will now need to switch to the Equipment tab to watch the disassociation process. Navigate to Equipment->Chassis->Chassis 1->Servers->Server P (where P = your pod number). Click the server in the Navigation pane, and then click the FSM tab in the Content pane. 210 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 9 Step 10 Step 11 Step 12 You will view the process of disassociation. It should take 5 to 8 minutes. Once the Progress Status indicator reaches 100%, the Status of Last Operation should read Disassociate Success. Now that the service profile is no longer associated, return to the service profile in the Servers tab. Right-click your service profile and choose Delete at the bottom of the list of choices. Note Step 13 The example illustrates deleting the service profile for Pod 1 (Atlanta). Be sure to delete only the service profile for your pod. Click the Yes button when prompted to confirm deletion. 2012 Cisco Systems, Inc. Lab Guide 211

Task 4: Generate a Service Profile from a Template Activity Procedure In this task, you will generate a service profile from a template and observe the association process. Complete these steps: Step 1 Step 2 Step 3 From the Servers tab, choose Service Profile Templates from the Filter drop-down menu. Navigate to Service Profile Templates->root->Sub-Organizations- >Hypothetical_Inc-> Sub-Organizations->Pod_City. Right-click the service profile template for your pod and choose Create Service Profiles from Template. Step 4 In the dialog box that appears, enter the server name from the lab implementation sheet that corresponds with your pod number. Set the number in the Number field to 1. Note Step 5 Step 6 Step 7 Step 8 The preceding example is only for Pod 1. Please refer to the lab implementation sheet for your server name. Click the OK button on the dialog box indicating the service profile was created successfully. From the Servers tab, choose Service Profiles from the Filter drop-down menu. Navigate to Service Profiles->root->Sub-Organizations->Hypothetical_Inc-> Sub-Organizations->Pod_City. Click the name of the service profile for your pod, and then click the FSM tab in the Content pane to view the service profile associating with your blade. 212 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.

Step 9 Step 10 Once the Progress Status indicator reaches 100%, the Status of Last Operation should read Hard Shutdown Success. While still in the Content pane for your server, click the General tab. Step 11 Step 12 Step 13 Step 14 Step 15 Step 16 Click the Boot Server link in the Content pane, and then click the OK button to acknowledge you are powering the server on. Click the OK button on the dialog box indicating the power up operation was successful. Click the KVM Console link to observe the POST process. After about 30 seconds, the screen will turn green with the No Signal indicator and then resume booting. This is normal. Once you see the Cisco Systems, Inc. logo, click in the KVM window, and press the Escape key. This action will allow you to observe various devices initializing. If you do not press the Escape key, the logo will remain until the operating system or Hypervisor begins loading. After VMware ESXi 5.0 finishes loading, you should see the server console. Note Step 17 Step 18 The hostname and IP address will vary depending on your pod number. Refer to the lab implementation sheet for the hostname and IP address for your server. On the desktop of your student PC, launch the vsphere client. Enter the IP address for your B200 ESXi server from the lab implementation sheet and authenticate with the username root and password 1234QWer. 2012 Cisco Systems, Inc. Lab Guide 213

Step 19 Step 20 Click the Ignore button when you receive the Security Warning. You have successfully completed the lab once you have logged into your ESXi host using the vsphere client. Activity Verification You have completed this task when you attain these results: Successfully shut down your ESXi 5.0 host from the KVM console. Successfully disassociate your service profile and observe the disassociation process in the FSM tab. Successfully generate a service profile from a template and observe the association process. Successfully boot your ESXi 5.0 host from Fibre Channel SAN. Successfully log in to your ESXi 5.0 host using VMware vsphere client. 214 Introducing Cisco Data Center Technologies (DCICT) v1.0 2012 Cisco Systems, Inc.