Configuring Ports and Devices

This chapter contains the following sections:

About Cisco Nexus Data Broker Port Types

Cisco Nexus Data Broker enables you to configure different port types. All configured ports are displayed in the Configured Ports table on the Port Types tab.

Edge Ports

Edge ports are the ingress ports where traffic enters the monitor network. Cisco Nexus Data Broker supports the following edge ports:

  • TAP ports—For incoming traffic connected to a physical tap wire.

  • SPAN ports—For incoming traffic connected to an upstream switch that is configured as a SPAN destination.

Configuring an edge port is optional.

Delivery Ports

Delivery ports are the egress ports where the traffic exits the monitor network. These outgoing ports are connected to external monitoring devices. When you configure a monitoring device in Cisco Nexus Data Broker, you can associate a name and an icon to the monitoring device.

Configured devices are displayed in the Monitor Devices table on the Devices tab. The icon appears in the topology diagram with a line that connects it to the node.

VLAN Double Tagging

Cisco Nexus Data Broker enables you to configure a switch port as an edge port and specify a VLAN for that port. When you configure the VLAN ID, and the connection to the Cisco onePK agent is up, Cisco Nexus Data Broker programs the Cisco Nexus 3000 or 3100 Series switch so that all packets received in that port are VLAN tagged, and the VLAN ID is the one configured on the edge port. If the packets received in that port are already VLAN-tagged frames, they get double-tagged, and the outermost VLAN tag contains the VLAN ID that is associated with the configured edge port.

Configuring a Port Type

    Step 1   In the topology diagram, click the node for which you want to configure a port. The Ports area of the sidebar displays the list of ports available to configure for that node.
    Step 2   In the list of ports for the node, click Click to configure under the port identifier of the port that you want to configure.
    Step 3   From the Select a port type drop-down list, choose one of the following:
    • Edge Port-SPAN
    • Edge Port-TAP
    • Monitoring Device

    Edge Port-SPAN—Creates an edge port for incoming traffic connected to an upstream switch that is configured as a SPAN destination.

    Edge Port-TAP—Creates an edge port for incoming traffic connected to a physical TAP port.

    Monitoring Device—Creates a monitoring device for capturing traffic and configures the corresponding delivery port.

    Step 4   (Optional)In the Port Description field, enter a port description.

    The port description can contain between 1 and 256 alphanumeric characters, including the following special characters: underscore ("_"), hyphen ("-"), plus ("+"), equals ("="), open parenthesis ("("), closed parenthesis (")"), vertical bar ("|"), period ("."), or at sign ("@").

    Step 5   (Optional)Enter a VLAN ID.

    The port is configured as dot1q to preserve any production VLAN information.

    Step 6   Click Submit.

    Removing a Port Type Configuration

    Before You Begin

    • At least one port type must be configured.

    • The port type configuration that you want to remove must not be used in a rule. If it is, you must either modify or remove the rule before you can remove the port type configuration.

      Step 1   From the Port Types tab, choose one of the following:
      • The top checkbox to select all Configured Ports for removal.
      • The check box next to the name of only the configured port or ports that you want to remove.
      Step 2   Above the list of Configured Ports, click Remove Port Configuration.
      Step 3   In the Remove Port Configuration confirmation dialog box, click Remove Port Configuration.

      The port configurations are removed.

      Configuring a Monitoring Device

        Step 1   In the topology diagram, click the node for which you want to configure a monitoring device. The Port Types tab displays the list of ports available to configure for that node.
        Step 2   In the list of ports for the node, click Click to configure under the port identifier of the port that you want to configure.
        Step 3   From the Select a port type drop-down list, click Add Monitoring Device.
        Step 4   In the Add Device dialog box, complete the following fields:
        Name Description

        Device Name field

        The name that you want to use for the monitoring device.

        The name can contain between 1 and 256 alphanumeric characters including the following special characters: underscore ("_"), hyphen ("-"), plus ("+"), equals ("="), open parenthesis ("("), closed parenthesis (")"), vertical bar ("|"), period ("."), or at sign ("@").

        Note   

        You can change the device name after the monitoring device has been added.

        Icons selection

        The choice of icons, with the first one selected by default. Choose any icon to use for the monitoring device.

        Note   

        You can change the icon after the monitoring device has been added.
        Step 5   Click Submit.

        Removing A Monitoring Device

        Before You Begin

        • At least one monitoring device must be configured for the port.

        • The monitoring device that you want to remove must not be used in a rule. If it is, you must either modify or remove the rule before you can remove the monitoring device.

          Step 1   Click the Devices tab.
          Step 2   In the Device Name list, choose one of the following:
          • The top checkbox to select all monitoring devices for removal.
          • The checkbox next to the name of only the monitoring device or devices you want to remove.
          Step 3   Above the Device Name list, click Remove Monitoring Devices.
          Step 4   In the Remove Monitoring Devices confirmation dialog box, click Remove Devices.

          Configuring a Root Node

          A root node is automatically selected by Cisco Nexus Data Broker. If the defined root node is too far from the source switches, you can manually configure a different switch. We recommend that you choose a switch with edge ports as your new root node.


          Note

          Root node changes do not take effect until you save the configuration.

            Step 1   From the Root tab, click Configure Root Node.
            Step 2   In the Configure Root Node dialog box, choose a node from the drop-down list.
            Step 3   Click Configure Root Node.

            The Configured Root Node is displayed the Root tab, and below it the Current Root Node, if any.

            Step 4   Click Save in the menu bar.

            The root node addition or change is saved.

            Cisco onePK Agent

            The Cisco onePK plug-in for Cisco Nexus Data Broker communicates with onePK devices through a onePK agent on the device. To support onePK device functions in Cisco Nexus Data Broker, the application must be connected to the onePK agent. The agent is the mediator between Cisco Nexus Data Broker and onePK-enabled devices that are configured in Cisco Nexus Data Broker.

            To secure communication between Cisco Nexus Data Broker onePK-enabled devices, you must configure Transport Layer Security (TLS) in Cisco Nexus Data Broker. See the Cisco Nexus Data Broker Configuration Guide, Release 2.0 for detailed procedures.

            Connecting to a onePK Agent

            You must connect to a onePK agent to support additional functionality in Cisco Nexus Data Broker, including symmetric load balancing, Q-in-Q, timestamp tagging, and packet truncation.

              Step 1   In the topology diagram, click the node to which you wish to connect a onePK agent.

              Step 2   In the sidebar, click Click to enable addtional functionality.
              Step 3   In the Connect to onePK agent dialog box, complete the following fields:
              Name Description

              Address field

              The IP address assigned to the Cisco onePK device.

              Username field

              The username of the user that you want to assign to the device.

              Password field

              The password of the user that you want to assign to the device.

              Step 4   Click Submit.

              Symmetric Load Balancing

              Cisco Nexus Data Broker enables you to configure symmetric load balancing settings on the egress port channels. Load balancing settings are based on Layer 2 source MAC and destination IP addresses, or Layer 2, Layer 3, or Layer 4 source and destination ports. When you configure symmetric load balancing for all the port-channel interfaces on the switch, all the traffic from specific sources and destinations in both directions always flows on the same port-channel member link.


              Note

              Symmetric load balancing in Cisco Nexus Data Broker is available only for Cisco Nexus 3100 Series switches.

              Configuring Symmetric Load Balancing

              Before You Begin

              • Configure a onePK agent for the node.

              • Configure and provision TLS on the switches.

                Step 1   In the topology diagram, click the node for which you wish to configure symmetric load balancing.
                Step 2   In the side bar, from the Symmetric Load Balancing drop-down list, choose one of the following:
                • SOURCE_DESTINATION_IP—source and destination IP address (includes Layer 2)
                • SOURCE_DESTINATION_IP_ONLY—source and destination IP addresses only
                • SOURCE_DESTINATION_PORT—source and destination TCP/UDP port (includes Layer 2 and Layer 3)
                • SOURCE_DESTINATION_PORT_ONLY—source and destination TCP/UDP port only
                Step 3   Click Submit.

                Configuring Q-in-Q


                Note

                The ability to configure Q-in-Q is available only for Cisco Nexus 3000 and 3100 Series switches. Q-in-Q is automatically enabled when you configure a VLAN ID for an edge port, if the VLAN ID is maintained on the edge port.

                  Step 1   In the topology diagram, click the node for which you wish to configure Q-in-Q.
                  Step 2   In the side bar, configure an edge port and set a VLAN ID on that edge port.
                  Step 3   Click Enable QinQ.
                  Step 4   In the Connect to onePK Agent dialog box, complete the following fields:
                  Name Description

                  Address field

                  The IP address assigned to the Cisco onePK device.

                  Username field

                  The username of the user that you want to assign to the device.

                  Password field

                  The password of the user that you want to assign to the device.

                  Step 5   Click Submit.

                  Configuring Packet Truncation


                  Note

                  Packet truncation can only be configured on Cisco Nexus 3500 Series switches.

                  Before You Begin

                  • Configure a onePK device.

                  • Connect to the onePK agent.

                    Step 1   In the topology diagram, click the node for which you wish to configure packet truncation.
                    Step 2   In the side bar, click the port for which you want to configure packet truncation.
                    Step 3   From the Select a port type drop-down list, choose one of the following:
                    • Edge Port-SPAN
                    • Edge Port-TAP
                    Step 4   (Optional)In the Port Description field, enter a port description.

                    The port description can contain between 1 and 256 alphanumeric characters, including the following special characters: underscore ("_"), hyphen ("-"), plus ("+"), equals ("="), open parenthesis ("("), closed parenthesis (")"), vertical bar ("|"), period ("."), or at sign ("@").

                    Step 5   (Optional)Enter a VLAN ID.

                    The port is configured as dot1q to preserve any production VLAN information.

                    Step 6   In the Enable Packet Truncation field, enter the truncated packet length that you want, in bytes.
                    Note   

                    It is recommended that you enter a minimum of 64 bytes, in multiples of 4.

                    Step 7   Click Submit. The port configuration is saved, and the number of bytes for truncated packets is displayed in the label TRUNC=<bytes> beside the port name.

                    Configuring Timestamp Tagging


                    Note

                    Timestamp tagging can only be configured on Cisco Nexus 3500 Series switches.

                    Before You Begin

                    • Configure a delivery device on the node.

                    • Configure a onePK device.

                      Step 1   In the topology diagram, click the node for which you wish to configure timestamp tagging.
                      Step 2   In the side bar, configure a delivery device.
                      Step 3   In side bar, click Click to enable additional functionality.
                      Step 4   In the Connect to onePK Agent dialog box, complete the following fields:
                      Name Description

                      Address field

                      The IP address assigned to the Cisco onePK device.

                      Username field

                      The username of the user that you want to assign to the device.

                      Password field

                      The password of the user that you want to assign to the device.

                      Step 5   Check the check box next to Enable Timestamp Tagging.
                      Step 6   Click Submit. The port is displayed in the Port list with the label TS-Tag.