Page 2
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. http://cisco.com/ Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at go/trademarks .
About the Unidirectional Link Detection Parameter Default UDLD Configuration UDLD Aggressive and Nonaggressive Modes About Interface Speed About the Cisco Discovery Protocol Default CDP Configuration About the Error-Disabled State About Port Profiles Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 4
Verifying VLAN Configuration Configuring Private VLANs C H A P T E R 4 Information About Private VLANs Primary and Secondary VLANs in Private VLANs Private VLAN Ports Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 5
Configuring Access Host Ports Configuring Trunk Ports Configuring the Native VLAN for 802.1Q Trunking Ports Configuring the Allowed VLANs for Trunking Ports Configuring Native 802.1Q VLANs Verifying Interface Configuration Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 6
Information About Rapid PVST+ Understanding STP STP Overview Understanding How a Topology is Created Understanding the Bridge ID Bridge Priority Value Extended System ID STP MAC Address Allocation Understanding BPDUs Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 7
Configuring the Rapid PVST+ Hello Time for a VLAN Configuring the Rapid PVST+ Forward Delay Time for a VLAN Configuring the Rapid PVST+ Maximum Age Time for a VLAN Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 8
Mapping Secondary VLANs to Same MSTI as Primary VLANs for Private VLANs Configuring the Root Bridge Configuring a Secondary Root Bridge Configuring the Port Priority Configuring the Port Cost Configuring the Switch Priority Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1) viii...
Page 9
Enabling BPDU Guard on Specified Interfaces Enabling BPDU Filtering Globally Enabling BPDU Filtering on Specified Interfaces Enabling Loop Guard Globally Enabling Loop Guard or Root Guard on Specified Interfaces Verifying STP Extension Configuration Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 10
Information About Traffic Storm Control Traffic Storm Guidelines and Limitations Configuring Traffic Storm Control Verifying Traffic Storm Control Configuration Traffic Storm Control Example Configuration Default Traffic Storm Settings Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Preface This preface describes the audience, organization, and conventions of the Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide. It also provides information on how to obtain related documentation. • Audience, page xi • Document Organization, page xi •...
Related Documentation for Nexus 3000 Series NX-OS Software Cisco NX-OS documentation is available at the following URL: http://www.cisco.com/en/US/products/ps11541/tsd_products_support_series_home.html The documentation set for the Cisco Nexus 3000 Series NX-OS software includes the following documents: Release Notes • Cisco Nexus 3000 Series Switch Release Notes Cisco NX-OS documentation is available at the following URL: Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html...
Page 14
Obtaining Documentation and Submitting a Service Request Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
A VLAN interface, or switched virtual interface (SVI), is a Layer 3 interface that is created to provide communication between VLANs. Inter-Switch Link (ISL) trunking is not supported on the NX-OS software for the Cisco Nexus 3000 Series. Note Private VLANs Private VLANs provide traffic separation and security at the Layer 2 level.
You can use either Rapid PVST+ or MST in a given VDC; you cannot mix both in one VDC. Rapid PVST+ is the default STP protocol for Cisco NX-OS for the Cisco Nexus 3000 Series. Cisco NX-OS for the Cisco Nexus 3000 Series uses the extended system ID and MAC address reduction; Note you cannot disable these features.
• Loop Guard—Loop Guard prevents the nondesignated ports from transitioning to the STP forwarding state, which prevents loops in the network. • Root Guard—Root Guard prevents the port from becoming the root in an STP topology. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
C H A P T E R Configuring Ethernet Interfaces This section describes the configuration of the Ethernet interfaces on a Cisco Nexus 3000 Series switch. It contains the following sections: • Information About Ethernet Interfaces, page 5 • Configuring Ethernet Interfaces, page 10 •...
Configuring Ethernet Interfaces About the Unidirectional Link Detection Parameter The interface numbering convention is extended to support use with a Cisco Nexus 2000 Series Fabric Extender as follows: switch(config)# interface ethernet [chassis/]slot/port • Chassis ID is an optional entry to address the ports of a connected Fabric Extender. The chassis ID is configured on a physical Ethernet or EtherChannel interface on the switch to identify the Fabric Extender discovered via the interface.
To prevent spanning tree loops, nonaggressive UDLD with the default interval of 15 seconds is fast enough to shut down a unidirectional link before a blocking port transitions to the forwarding state (with default spanning tree parameters). Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
About Interface Speed A Cisco Nexus 3000 Series switch has a number of fixed 10-Gigabit ports, each equipped with SFP+ interface adapters. The Cisco Nexus 5010 switch has 20 fixed ports, the first 8 of which are switchable 1-Gigabit and 10-Gigabit ports.
About MTU Configuration The Cisco Nexus 3000 Series switch is a Layer 2 device. This means it does not fragment frames. As a result, the switch cannot have two ports in the same Layer 2 domain with different maximum transmission units (MTUs).
1-Gigabit Ethernet SFP transceiver inserted into it. Step 3 switch(config-if)# speed speed Sets the speed on the interface. This command can only be applied to a physical Ethernet interface. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
10 Gigabits. Configuring the CDP Characteristics You can configure the frequency of Cisco Discovery Protocol (CDP) updates, the amount of time to hold the information before discarding it, and whether or not to send Version-2 advertisements. To configure CDP characteristics for an interface, perform this task: SUMMARY STEPS 1.
Enters interface configuration mode for the specified interface. Step 3 switch(config-if)# cdp enable Enables CDP for the interface. To work correctly, this parameter must be enabled for both interfaces on the same link. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Step 3 Brings the interface down administratively. To manually shutdown recover the interface from the err-disabled state, enter this command first. Example: switch(config)# shutdown switch(config)# Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
{all | udld | bpduguard | Specifies a condition under which the interface link-flap | failed-port-state | pause-rate-limit} automatically recovers from the err-disabled state, and Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Specifies the interval for the interface to recover from the err-disabled state. The range is from 30 to 65535 seconds. The default is 300 seconds. Example: switch(config)#errdisable recovery interval 32 switch(config-if)# Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Enters configuration mode. Step 2 switch(config)# interface type slot/port Enters interface configuration mode for the specified interface. Step 3 switch(config-if)# description test Specifies the description for the interface. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
The following example shows how to restart an Ethernet interface: switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# no shutdown Displaying Interface Information To view configuration information about the defined interfaces, perform one of these tasks: Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
S I s N5K-C5020P-BA Eth1/5 Default Physical Ethernet Settings The following table lists the default settings for all physical Ethernet interfaces: Parameter Default Setting Duplex Auto (full-duplex) Encapsulation ARPA Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Parameter Default Setting 1500 bytes Port Mode Access Speed Auto (10000) 1 MTU cannot be changed per-physical Ethernet interface. You modify MTU by selecting maps of QoS classes. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
C H A P T E R Configuring VLANs This chapter describes how to configure VLANs on the Cisco Nexus 3000 Series switch. It contains the following sections: • Information About VLANs, page 23 • Configuring a VLAN, page 27...
VLANs are not passing packets. By default, the VLANs are in the active state and pass traffic. The VLAN Trunking Protocol (VTP) mode is OFF. VTP BPDUs are dropped on all interfaces of a Cisco Note Nexus 3000 Series switch.
VLANs 3968 to 4047 and 4094 are reserved for internal use; these VLANs cannot be changed or used. Cisco NX-OS allocates a group of 80 VLAN numbers for those features, such as multicast and diagnostics, that need to use internal VLANs for their operation. By default, the system allocates VLANs numbered 3968 to 4047 for internal use.
• SNMP can perform GET and SET operations on the CISCO-VTP-MIB objects. • VTP server mode and VTP client mode are not supported. The only supported mode is transparent mode, which is the default mode. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
This example shows how to create a range of VLANs from 15 to 20: switch# configure terminal switch(config)# vlan 15-20 You can also create and delete VLANs in the VLAN configuration submode. Note Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
(Optional) Enables the VLAN. The default value is no shutdown (or enabled). You cannot shut down the default VLAN, VLAN1, or VLANs 1006 to 4094. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Specifies the ASCII filename of the IFS file system file where the VTP configuration is stored. Step 6 switch(config)# vtp password Specifies the password for the VTP administrative domain. password-value Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Configuration last modified by 60.10.10.1 at 0-0-00 00:00:00 VTP version running Adding Ports to a VLAN After you have completed the configuration of a VLAN, assign ports to it. To add ports, perform this task: Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
The following example shows the VLANs created on the switch and their status: switch# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- default active Eth1/1, Eth1/2, Eth1/3, Eth1/4 Eth1/5, Eth1/6, Eth1/7, Eth1/8 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
The following example shows the VLAN settings summary: switch# show vlan summary Number of existing VLANs Number of existing user VLANs Number of existing extended VLANs : 0 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
C H A P T E R Configuring Private VLANs This chapter describes how to configure private VLANs on the Cisco Nexus 3000 Series switch. It contains the following sections: • Information About Private VLANs, page 33 • Guidelines and Limitations for Private VLANs, page 38 •...
VLANs or in any isolated VLANs at the Layer 2 level. Private VLAN Ports The three types of PVLAN ports are as follows: Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
VLANs in a PVLAN domain. The ports within one community can communicate, but these ports cannot communicate with ports in any other community or isolated VLAN in the private VLAN. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
VLAN are brought down. You can associate a secondary VLAN with only one primary VLAN. Note For an association to be operational, the following conditions must be met: Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Private VLAN Promiscuous Trunks The Cisco Nexus 3000 Series device does not support Private VLAN trunk ports. Private VLAN Isolated Trunks The Cisco Nexus 3000 Series device does not support Private VLAN trunk ports.
Disables the private VLAN feature on the switch. You cannot disable private VLANs if there are operational Note ports on the switch that are in private VLAN mode. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
VLAN, the ports that are associated with the VLAN become inactive. This example shows how to assign VLAN 5 to a private VLAN as the primary VLAN: switch# configure terminal switch(config)# vlan 5 switch(config-vlan)# private-vlan primary Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
5 200 Configuring a Promiscuous Trunk Port You cannot perform this task because the Cisco Nexus 3000 Series device does not support Private VLAN trunk ports. Configuring an Isolated Trunk Port You cannot perform this task because the Cisco Nexus 3000 Series device does not support Private VLAN trunk ports.
Configuring Private VLANs Configuring Native 802.1Q VLANs on Private VLANs Configuring Native 802.1Q VLANs on Private VLANs You cannot perform this task because the Cisco Nexus 3000 Series device does not support Private VLAN trunk ports. Verifying Private VLAN Configuration...
VLANs over a single link and allow you to extend VLANs across the network. Note Cisco NX-OS supports only IEEE 802.1Q-type VLAN trunk encapsulation. This chapter describes the configuration of access or trunk ports on Cisco Nexus 3000 Series switches. It includes the following sections: •...
If an access port receives a packet with an 802.1Q tag in the header other than the access VLAN value, that port drops the packet without learning its MAC source address. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
802.1Q trunk port. To address the above issues, the vlan dot1q tag native command performs the following functions: • On the ingress side, all untagged data traffic is dropped. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
VLAN ID. This feature is supported on all the directly connected Ethernet and EtherChannel interfaces of the Cisco Nexus 3000 Series switch. It is also supported on all the host interface ports of any attached Cisco Nexus 2000 Series Fabric Extender.
This example shows how to set an interface as an Ethernet access host port with EtherChannel disabled: switch# configure terminal switch(config)# interface ethernet 1/10 switch(config-if)# switchport host Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Understanding IEEE 802.1Q Encapsulation, on page 46 Configuring the Native VLAN for 802.1Q Trunking Ports If you do not configure this parameter, the trunk port uses the default VLAN as the native VLAN ID. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Typically, you configure 802.1Q trunks with a native VLAN ID, which strips tagging from all packets on that VLAN. This configuration allows all untagged traffic and control traffic to transit the Cisco Nexus 3000 Series switch. Packets that enter the switch with 802.1Q tags that match the native VLAN ID value are similarly stripped of tagging.
Displays the interface configuration switch# show interface switchport Displays information for all Ethernet interfaces, including access and trunk interfaces. switch# show interface brief Displays interface configuration information. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
C H A P T E R Configuring EtherChannels This chapter describes how to configure EtherChannels and to apply and configure the Link Aggregation Control Protocol (LACP) for more efficient use of EtherChannels in Cisco NX-OS. It contains the following sections: •...
The EtherChannel is operationally down when all member ports are operationally down. Compatibility Requirements When you add an interface to a channel group, Cisco NX-OS checks certain interface attributes to ensure that the interface is compatible with the channel group. Cisco NX-OS also checks a number of operational attributes for an interface before allowing that interface to participate in the port-channel aggregation.
Load Balancing Using EtherChannels Cisco NX-OS load balances traffic across all operational interfaces in an EtherChannel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel.
The following figure shows how individual links can be combined into LACP EtherChannels and channel groups as well as function as individual links. Figure 6: Individual Links Combined into an EtherChannel Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Understanding LACP With LACP, just like with static port-channels, you can bundle up to 16 interfaces in a channel group. When you delete the EtherChannel, Cisco NX-OS automatically deletes the associated channel group. All Note member interfaces revert to their previous configuration.
Using EtherChannels, data traffic may be dynamically redistributed due to either a link failure or load balancing. LACP uses the Marker Protocol to ensure that frames are not duplicated or reordered because of this redistribution. Cisco NX-OS supports only Marker Responders. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Maximum number of links in channel Configuring EtherChannels Creating an EtherChannel You can create an EtherChannel before creating a channel group. Cisco NX-OS automatically creates the associated channel group. If you want LACP-based EtherChannels, you need to enable LACP. Note SUMMARY STEPS 1.
Adding a Port to an EtherChannel You can add a port to a new channel group or to a channel group that already contains ports. Cisco NX-OS creates the EtherChannel associated with this channel group if the EtherChannel does not already exist.
This channel configuration mode allows the link to operate with LACP. When you configure EtherChannels with no associated protocol, all interfaces on both sides of the link remain in the on channel mode. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
This example shows how to set the LACP-enabled interface to active port-channel mode for Ethernet interface 1/4 in channel group 5: switch# configure terminal switch (config)# interface ethernet 1/4 switch(config-if)# channel-group 5 mode active Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
This example shows how to restore the LACP default rate (30 seconds) on Ethernet interface 1/4. switch# configure terminal switch (config)# interface ethernet 1/4 switch(config-if)# no lacp rate fast Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You can configure each link in the LACP EtherChannel for the port priority. Before You Begin Ensure that you have enabled the LACP feature. SUMMARY STEPS 1. switch# configure terminal 2. switch(config)# interface type slot/port 3. switch(config-if)# lacp port-priority priority Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Displays a summary for the EtherChannel interfaces. switch# show port-channel traffic Displays the traffic statistics for EtherChannels. switch# show port-channel usage Displays the range of used and unused channel numbers. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Configuring EtherChannels Verifying the Load-Balancing Outgoing Port ID Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Spanning tree is used to refer to IEEE 802.1w and IEEE 802.1s. If the text is discussing the IEEE 802.1D Note Spanning Tree Protocol, 802.1D is stated specifically. This chapter describes the configuration of Rapid PVST+ on Cisco Nexus 3000 Series switches. It includes the following sections: •...
Each VLAN on each switch has a unique 64-bit bridge ID consisting of a bridge priority value, an extended system ID (IEEE 802.1t), and an STP MAC address allocation. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Understanding STP Bridge Priority Value The bridge priority is a 4-bit value when the extended system ID is enabled. In Cisco NX-OS, the extended system ID is always enabled; you cannot be disable the extended system Note Extended System ID A 12-bit extended system ID field is part of the bridge ID.
BPDU. When a switch receives a BPDU, it does not forward the frame but instead uses the information in the frame to calculate a BPDU, and, if the topology changes, initiate a BPDU transmission. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
When the spanning tree topology is calculated based on default parameters, the path between source and destination end stations in a switched network might not be ideal. For instance, connecting higher-speed links Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
• Edge ports—When you configure a port as an edge port on an RSTP switch, the edge port immediately transitions to the forwarding state. (This immediate transition was previously a Cisco-proprietary feature named PortFast.) You should only configure on ports that connect to a single end station as edge ports.
The TCA flag is used only when the switch is interacting with switches that are running legacy 802.1D Note STP. The proposal and agreement sequence then quickly propagates toward the edge of the network and quickly restores connectivity after a topology change. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Another important change is that the Rapid PVST+ BPDU is type 2, version 2, which makes it possible for the switch to detect connected legacy (802.1D) bridges. The BPDU for 802.1D is version 0. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
This proposal/agreement handshake is initiated only when a non-edge port moves from the blocking to the forwarding state. The handshaking process then proliferates step-by-step throughout the topology. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
LAN segment. A backup port provides another path in the topology to the switch. • Disabled port—Has no role within the operation of the spanning tree. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Each LAN port on a software using Rapid PVST+ or MST exists in one of the following four states: • Blocking—The LAN port does not participate in frame forwarding. • Learning—The LAN port prepares to participate in frame forwarding. • Forwarding—The LAN port forwards frames. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
• Receives BPDUs and directs them to the system module. • Receives, processes, and transmits BPDUs received from the system module. • Receives and responds to network management messages. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Table 9: Port State Active Topology Operational Status Port State Is Port Included in the Active Topology? Enabled Blocking Enabled Learning Enabled Forwarding Disabled Disabled Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
If a port receives a superior BPDU, Rapid PVST+ triggers a reconfiguration. If the port is proposed and is selected as the new root port, Rapid PVST+ forces all the other ports to synchronize. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
The STP port path-cost default value is determined from the media speed and path-cost calculation method of a LAN interface. If a loop occurs, STP considers the port cost when selecting a LAN interface to put into the forwarding state. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
When you connect a Cisco switch to a non-Cisco switch through an 802.1Q trunk, the Cisco switch combines the STP instance of the 802.1Q VLAN of the trunk with the STP instance of the non-Cisco 802.1Q switch. However, all per-VLAN STP information that is maintained by Cisco switches is separated by a cloud of non-Cisco 802.1Q switches.
Configuring Rapid PVST+ Rapid PVST+, which has the 802.1w standard applied to the Rapid PVST+ protocol, is the default STP setting in the software. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Rapid PVST+. Enabling Rapid PVST+ per VLAN You can enable or disable Rapid PVST+ on each VLAN. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
VLAN. The switch sets the bridge priority for the specified VLANs to 24576 if this value will cause the switch to become the root for the specified VLANs. If any root bridge for the Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
2 seconds. This example shows how to configure the switch as the root bridge for a VLAN: switch# configure terminal switch(config)# spanning-tree vlan 5 root primary diameter 4 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You can assign lower priority values to LAN ports that you want Rapid PVST+ to select first and higher priority values to LAN ports that you want Rapid PVST+ to select last. If all LAN ports have the same priority Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
In Rapid PVST+ mode, you can use either the short or long pathcost method, and you can configure the Note method in either the interface or configuration submode.The default pathcost method is short. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You can configure the Rapid PVST+ bridge priority of a VLAN. Note Be careful when using this configuration. For most situations, we recommend that you configure the primary root and secondary root to modify the bridge priority. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Configures the hello time of a VLAN. The hello time value hello-time hello-time can be from 1 to 10 seconds. The default is 2 seconds. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You can configure the maximum age time per VLAN when using Rapid PVST+. SUMMARY STEPS 1. switch# configure terminal 2. switch(config)# spanning-tree vlan vlan-range max-age max-age DETAILED STEPS Command or Action Purpose Step 1 switch# configure terminal Enters configuration mode. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
If the link type is shared, the STP reverts to 802.1D. The default is auto, which sets the link type based on the duplex setting of the interface. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Spanning tree is used to refer to IEEE 802.1w and IEEE 802.1s. If the text is discussing the IEEE 802.1D Note Spanning Tree Protocol, 802.1D is stated specifically. This chapter describes how to configure MST on Cisco Nexus 3000 Series switches. It contains the following sections: •...
Each region has only one MST BPDU, and that BPDU carries an M-record for each MSTI within the region (see the following figure). Only the IST sends BPDUs for the MST region; all M-records are encapsulated in Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
MST BPDUs contain these three configuration parameters. An MST bridge accepts an MST BPDU into its own region only if these three configuration parameters match exactly. If one configuration attribute differs, the MST bridge considers the BPDU to be from another MST region. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
During initialization, an MST region might have many subregions, each with its own CIST regional root. As switches receive superior IST information from a neighbor in the same region, they leave their old subregions Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
BPDU transmission (for example, hello time, forward time, max-age, and max-hops) are configured only on the CST instance but affect all MSTIs. You can configure Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
STP bridge or receives an agreement proposal from an MST bridge with a different configuration or a Rapid PVST+ bridge. This definition allows two ports that are internal to a region to share a segment Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
A blocks (or keeps blocking) its port, which prevents the bridging loop. The block is shown as an STP dispute. Figure 17: Detecting a Unidirectional Link Failure Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
MST configuration. MST interoperates with the Cisco prestandard MSTP whenever it receives prestandard MSTP on an MST Note port; no explicit configuration is necessary.
You must enable MST; Rapid PVST+ is the default. Changing the spanning tree mode disrupts traffic because all spanning tree instances are stopped for the Caution previous mode and started for the new mode. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
When you are working in MST configuration mode, note the difference between the exit and abort commands. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You configure a region name on the bridge. For two or more bridges to be in the same MST region, they must have the identical MST name, VLAN-to-instance mapping, and MST revision number. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Enters MST configuration submode. Step 3 switch(config-mst)# revision version Specifies the revision number for the MST region. The range is from 0 to 65535, and the default value is 0. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
To specify a VLAN series, enter a comma; for example, enter the instance 1 vlan 10, 20, 30 command to map VLANs 10, 20, and 30 to MST instance Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You cannot disable an MSTI. For two or more bridges to be in the same MST region, they must have the identical MST name, VLAN-to-instance mapping, and MST revision number. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
When you are working with private VLANs on the system, all secondary VLANs must be in the same MSTI and their associated primary VLAN. SUMMARY STEPS 1. switch# configure terminal 2. switch(config)# spanning-tree mst configuration 3. switch(config-mst)# private-vlan synchronize Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
• For instance-id, you can specify a single instance, a range of instances separated by a hyphen, or a series of instances separated by a comma. The range is from 1 to 4094. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
These messages mean that the switch is alive. For seconds, the range is from 1 to 10, and the default is 2 seconds. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
You set the maximum-aging timer for all MST instances on the switch with one command (the maximum age time only applies to the IST). SUMMARY STEPS 1. switch# configure terminal 2. switch(config)# spanning-tree mst max-age seconds Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
1 to 255, and the default value is 20 hops. This example shows how to set the maximum hops to 40: switch# configure terminal switch(config)# spanning-tree mst max-hops 40 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
If you set the link to shared, STP reverts to 802.1D. SUMMARY STEPS 1. switch# configure terminal 2. switch(config)# interface type slot/port 3. switch(config-if)# spanning-tree link-type {auto | point-to-point | shared} Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Restarts MST on entire switch or specified [interface-num | port-channel]] interfaces. This example shows how to restart MST on the Ethernet interface on slot 2, port 8: switch# clear spanning-tree detected-protocol interface ethernet 2/8 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
The following example shows how to display current MST configuration: switch# show spanning-tree mst configuration % Switch is not in mst mode Name [mist-attempt] Revision Instances configured 2 Instance Vlans mapped -------- --------------------------------------------------------------------- 1-12,14-41,43-4094 13,42 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
About STP Extensions, page 129 About STP Extensions Cisco has added extensions to STP that make convergence more efficient. In some cases, even though similar functionality may be incorporated into the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) standard, we recommend using these extensions.
When you configure BPDU Guard globally, it is effective only on operational spanning tree edge ports. In a valid configuration, LAN edge interfaces do not receive BPDUs. A BPDU that is received by an edge LAN Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
BPDUs, the port returns to the spanning tree normal port state and BPDU Filtering is disabled. Default Enable Disable Disable Default Disable Enabled/Disabled Disable Disable Enabled/Disabled Enabled/Disabled Disable Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
When you enable Root Guard on a port, Root Guard does not allow that port to become a root port. If a received BPDU triggers an STP convergence that makes that designated port become a root port, that port is Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Before You Begin Ensure that STP is configured. Ensure that you are configuring the ports correctly for the type of device to which the interface is connected. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
• spanning-tree port type edge—This command explicitly enables edge behavior on the access port. • spanning-tree port type edge trunk—This command explicitly enables edge behavior on the trunk port. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Configuring Spanning Tree Network Ports on Specified Interfaces You can configure spanning tree network ports on specified interfaces. Bridge Assurance runs only on spanning tree network ports. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
This example shows how to configure the Ethernet interface 1/4 to be a spanning tree network port: switch# configure terminal switch(config)# interface ethernet 1/4 switch(config-if)# spanning-tree port type network Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
• no spanning-tree bpduguard—Enables BPDU Guard on the interface if it is an operational edge port and if the spanning-tree port type edge bpduguard default command is configured. Before You Begin Ensure that STP is configured. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
BPDUs at linkup before they effectively filter outbound BPDUs. If a BPDU is received on an edge port, it immediately loses its operational edge port status and BPDU Filtering is disabled. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
• no spanning-tree bpdufilter—Enables BPDU Filtering on the interface if the interface is in operational edge port and if you configure the spanning-tree port type edge bpdufilter default command. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Loop Guard provides additional security in the bridge network. Loop Guard prevents alternate or root ports from becoming the designated port because of a failure that could lead to a unidirectional link. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Entering the Loop Guard command for the specified interface overrides the global Loop Guard command. Before You Begin Ensure that STP is configured. Ensure that you are configuring Loop Guard on spanning tree normal or network ports. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
[all] Displays the current status of spanning tree on the switch switch# show spanning-tree [options] Displays selected detailed information for the current spanning tree configuration. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
DCBXP parameters are packaged into a specific DCBXP TLV. This TLV is designed to provide an acknowledgement to the received LLDP packet. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 158
Use the system-capabilities option to specify the system capabilities TLV messages. Use the system-description option to specify the system description TLV messages. Use the system-name option to specify the system name TLV messages. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Step 4 (Optional)switch#show lldp Displays LLDP configurations. This example shows how to set an interface to transmit LLDP packets: switch# configure terminal switch(config)# interface ethernet 1/2 switch(config-if)# lldp transmit Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 160
LLDP Timers holdtime 120 seconds reinit 2 seconds msg_tx_interval 30 seconds This example shows how to display LLDP counters: switch# show lldp traffic LLDP traffic statistics: Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 161
Configuring Interface LLDP Commands Total frames out: 8464 Total Entries aged: 6 Total frames in: 6342 Total frames received in error: 2 Total frames discarded: 2 Total TLVs unrecognized: 0 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
C H A P T E R Configuring the MAC Address Table All Ethernet interfaces on Cisco Nexus 3000 Series switches maintain media access control (MAC) address tables. This chapter describes the configuration of the MAC address tables. It includes the following sections: •...
You can configure the amount of time that an entry (the packet source MAC address and port that packet ingresses) remain in the MAC table. MAC aging time can be configured in either interface configuration mode or in VLAN configuration mode. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Configuring the MAC Address Table Clearing Dynamic Addresses from the MAC Table If the Cisco Nexus 3000 switch is used as a Layer 2 or Layer 3 termination switch, Cisco recommends Note that you set the mac-address-table aging-time to 1800 (higher than the default ARP aging time of 1500 seconds) on all VLANs.
Eth1/3 001c.b05a.5380 dynamic 200 Eth1/3 Total MAC Addresses: 2 This example shows how to display the current aging time: switch# show mac-address-table aging-time Vlan Aging Time ----- ---------- Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
By examining (snooping), Internet Group Management Protocol (IGMP) membership report messages from interested hosts, multicast traffic is limited to the subset of VLAN interfaces on which the hosts reside. This chapter describes the configuration of IGMP snooping on Cisco Nexus 3000 Series switches. It includes the following sections: •...
IGMPv1 does not provide an explicit IGMP leave message, so the software must rely on the membership message timeout to indicate that no hosts remain that want to receive multicast data for a particular group. Cisco NX-OS ignores the configuration of last member query interval when you enable the fast leave Note feature because it does not check for remaining hosts.
IGMP Forwarding The control plane of the Cisco Nexus 3000 Series switch is able to detect IP addresses but forwarding occurs using the MAC address only. When a host connected to the switch wants to join an IP multicast group, it sends an unsolicited IGMP join message, specifying the IP multicast group to join.
The interface to the router must be in the selected VLAN. Static group Configures an interface belonging to a VLAN as a static member of a multicast group. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 171
Configures a snooping querier when you do not enable PIM because querier IP-address multicast traffic does not need to be routed. The IP address is used as the source in messages. The default is disabled. Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
[[vlan] Displays multicast router ports by VLAN. vlan-id] switch# show ip igmp snooping explicit-tracking Displays IGMP snooping explicit tracking information by VLAN. vlan vlan-id Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
Page 173
Switch-querier enabled, address 172.16.24.1, currently running Explicit tracking enabled Fast leave enabled Report suppression enabled Router port detection using PIM Hellos, IGMP Queries Number of router-ports: 1 Number of groups: 1 Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U1(1)
C H A P T E R Configuring Traffic Storm Control This chapter describes how to configure traffic storm control on Cisco Nexus 3000 Series switches. It contains the following sections: • Information About Traffic Storm Control, page 161 •...
For example, a higher threshold allows more packets to pass through. Traffic storm control on the Cisco Nexus 3000 Series switch is implemented in the hardware. The traffic storm control circuitry monitors packets that pass from an Ethernet interface to the switching bus. Using the...