The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes the Cisco Nexus 1000V commands that begin with S.
To configure MAC distribution mode globally and per bridge domain.
Bridge Domain configuration (config-bd)
|
|
This command specifes the mac distribution mode globally and per bridge-domain
This example shows how to configure the mac distribution mode globally:
n1000v(config)# segment mode unicast-only
n1000v(config)# segment distribution mac
This example shows how to configure the mac distribution mode per bridge-domain:
|
|
---|---|
Configures the segment mode unicast-only globally and per bridge-domain. |
To specify a segment ID to a VXLAN, use the segment id command. To remove the segment ID, use the no form of this command.
The segment id of the VXLAN. The valid values are 4096 to 16777215. (Values 1 - 4095 are reserved for VLANs) |
Bridge Domain configuration (config-bd)
|
|
Only one Bridge Domain can use a particular segment id value.
This example shows how to specify a segment ID to a VXLAN:
n1000v(config)# bridge-domain tenant-red
n1000v(config-bd)# segment id 20480
|
|
---|---|
To configure unicast mode globally and per bridge domain with no MAC distribution enabled.
Bridge Domain configuration (config-bd)
|
|
This command configures the segment mode as unicast-only mode globally and per bridge-domain.
This example shows how to configure the segment mode unicast-only globally:
n1000v(config)# segment mode unicast-only
This example shows how to configure the segment mode unicast-only per bridge-domain:
|
|
---|---|
Configure MAC distribution mode globally and per bridge-domain. |
|
To set the transport-mode to native (VDP) at the global configuration level on the Cisco Nexus 1000V, use the segment transport-mode native command.
segment transport- mode native
Configures the segment transport mode to native (VDP) to enable network-based overlays. |
|
|
The default segment transport-mode is set to VXLAN. Use this command to set it to native (VDP) at the global configuration level, to employ network based overlays.
This example shows the output where the segment transport-mode is set to native globally.:
|
|
---|---|
Specifies the segmentation transport-mode for a bridge-domain configuration. |
|
To configure the transport-mode to native (VDP) or VXLAN for a bridge-domain on the Cisco Nexus 1000V, use the segment transport-mode native command.
segment transport- mode {native | VXLAN}
Sets the transport-mode to VDP to employ the network based overlays. |
|
The segment transport mode (VXLAN or native) set globally by executing the segment transport-mode native command.
bridge-domain configuration (bd-config)
|
|
This example shows running configuration for a bridge-domain with the segment transport-mode set to native(VDP) :
|
|
---|---|
Specifies the segmentation transport-mode to native globally. |
|
To send a message to an open session, use the send command.
send { message | session device message }
network-admin
network-operator
|
|
This example shows how to send a message to an open session:
|
|
---|---|
To send extended community attribute to the neighbor, use the send-community extended command.
network-admin
network-operator
|
|
This example shows how to send extended community attribute to the neighbor:
|
|
---|---|
To configure the RADIUS server as a member of the RADIUS server group, use the server command. To remove a server, use the no form of this command.
server { ipv4-address | server-name }
no server { ipv4-address | server-name }
Radius configuration (config-radius)
|
|
This example shows how to configure the RADIUS server as a member of the RADIUS server group:
This example shows how to remove the server configuration:
n1000v(
config)#
no server 10.10.1.1
Triggers a switchover from an Active service module to a Standby service module paired in HA.
service ha-cluster clusterNo switchover
|
|
Use this command to initiate a switchover between service modules in HA.
This example shows how to configure a switchover of an active service module on a HA cluster:
n1000v(config)# service ha-cluster 1 switchover
Note Command is applicable for service modules configured in HA.
Defines a place holder for mappings. The range is from 1 to 4096.
no service instance (1 - 4096)
Port-profile configuration (config-port-prof)
|
|
This example shows how to configure a service instance:
This example shows how to remove the service instance:
n1000v(config-port-prof)# no service instance 10
Note Port profiles containing the service instance keyword cannot be used for a non-VXLAN gateway module.
|
|
---|---|
Defines a place holder for mappings. The range is from 1 to 4096. |
|
Defines a place holder for remove mappings. The range is from 1 to 4096. |
Configure the service module in high availability (HA) pair.
[no] service mod role standalone
[no] service modNo1 role primary ha-cluster clusterNo
[no] service modNo2 role secondary ha-cluster clusterNo
|
|
Roles can be pre-configured to module numbers in the VSM. When a VXLAN gateway is attached to the
VSM on that module, it inherits the Role and Status of that VSM.
This example shows how to configure service mod role standalone :
n1000v(config)# service 4 role standalone
This example shows how to configure service modNo1 role primary ha-cluster clusterNo:
n1000v(config)# service 4 role primary ha-cluster 1
This example shows how to configure service modNo2 role secondary ha-cluster clusterNo:
n1000v(config)# service 5 role secondary ha-cluster 1
This example shows how to remove the HA related configuration:
To change the currently assigned port-profile name of the service module/VXLAN gateway uplink.
service <mod> update port-profile type ethernet name <Service module uplink port-profile>
Note Starting with Release 5.2(1)SV3(1.15), Cisco Nexus 1000V for VMware vSphere does not support the VXLAN gateway feature.
|
|
Port-profile name of the service module/VXLAN gateway uplink are changed by using this command.
This example shows how to change the currently assigned port-profile name of the service module/VXLAN gateway uplink.
To change the currently assigned port-profile name of the service module/VXLAN gateway VTEP.
service <mod> update port-profile type vethernet name <Service module VTEP port-profile>
Note Starting with Release 5.2(1)SV3(1.15), Cisco Nexus 1000V for VMware vSphere does not support the VXLAN gateway feature.
|
|
Port-profile name of the service module/VXLAN gateway VTEP are changed by using this command.
This example shows how to change the currently assigned port-profile name of the service module/VXLAN gateway VTEP.
To configure a service policy for an interface, use the service-policy command. To remove the service policy configuration, use the no form of this command.
service-policy { input name [ no-stats ] | output name [ no-stats ] | type qos { input name [ no-stats ] | output name [ no-stats ]}}
no service-policy { input name [ no-stats ] | output name [ no-stats ] | type qos { input name [ no-stats ] | output name [ no-stats ]}}
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
This example shows how to add an input QoS service policy called sp10 to vEthernet interface 10 with no statistics:
This example shows how to remove the input QoS service policy called sp10 with no statistics from
vEthernet interface 10:
|
|
---|---|
To configure an inside or outside interface in a virtual service domain (VSD) port profile, use the service-port command. To remove the configuration, use the no form of this command.
service-port { inside | outside } [ default-action { drop | forward }]
Port profile configuration (config-port-prof)
|
|
If a port profile without a service port is configured on an SVM, it will flood the network with packets.
When configuring a port profile on an SVM, first bring the SVM down, This prevents a port-profile that is mistakenly configured without a service port from flooding the network with packets. The SVM can be returned to service after the configuration is complete and verified.
This example shows how to configure an inside interface on a VSD port profile that drops packets if the service port is down:
n1000v# config t
n1000v(
config)# port-profile svm_vsd1_in
n1000v(
config-port-prof)# service-port inside default-action drop
n1000v(
config-port-prof)#
This example shows how to remove a service port configuration:
n1000v# config t
n1000v(
config)# port-profile svm_vsd1_in
n1000v(
config-port-prof)# no service-port
n1000v(
config-port-prof)#
|
|
---|---|
Displays a list of the VSDs currently configured in the VSM, including VSD names and port profiles. |
To limit the number of VSH sessions, use the session-limit command. To remove the limit, use the no form of this command.
Number of VSH sessions. The range of valid values is 1 to 64 |
Line configuration (config-line)
|
|
This example shows how to limit the number of VSH sessions:
n1000v#
configure terminal
This example shows how to remove the limit:
n1000v#
configure terminal
To set QoS class attributes, use the set command. To remove class attributes, use the no form of this command.
set {{ cos cos-val } | { dscp [ tunnel ] { dscp-val | dscp-enum }} | { precedence [ tunnel ] { prec-val | prec-enum }} | { discard-class dis-class-val } | { qos-group qos-grp-val } | {{{ cos cos } | { dscp dscp } | { precedence precedence } | { discard-class discard-class }} table table-map-name } | { cos1 {{ dscp table cos-dscp-map } | { precedence table cos-precedence-map } | { discard-class table cos-discard-class-map }}} | { dscp1 {{ cos table dscp-cos-map } | { prec3 table dscp-precedence-map } | { dis-class3 table dscp-discard-class-map }}} | { prec1 {{ cos3 table precedence-cos-map } | { dscp3 table precedence-dscp-map } | { dis-class3 table precedence-discard-class-map }}} | { dis-class1 {{ cos3 table discard-class-cos-map } | { dscp3 table discard-class-dscp-map } | { prec3 table discard-class-precedence-map }}}}
no set {{ cos cos-val } | { dscp [ tunnel ] { dscp-val | dscp-enum }} | { precedence [ tunnel ] { prec-val | prec-enum }} | { discard-class dis-class-val } | { qos-group qos-grp-val } | {{{ cos cos } | { dscp dscp } | { precedence precedence } | { discard-class discard-class }} table table-map-name } | { cos1 {{ dscp table cos-dscp-map } | { precedence table cos-precedence-map } | { discard-class table cos-discard-class-map }}} | { dscp1 {{ cos table dscp-cos-map } | { prec3 table dscp-precedence-map } | { dis-class3 table dscp-discard-class-map }}} | { prec1 {{ cos3 table precedence-cos-map } | { dscp3 table precedence-dscp-map } | { dis-class3 table precedence-discard-class-map }}} | { dis-class1 {{ cos3 table discard-class-cos-map } | { dscp3 table discard-class-dscp-map } | { prec3 table discard-class-precedence-map }}}}
Specifies DSCP (Differentiated Services Code Point) in IPv4 and IPv6 packets. |
|
Table defining mapping from input to output + Table-map name. |
|
Policy map class configuration (config-pmap-c-qos)
|
|
This example shows how to set class attributes:
n1000v#
configure terminal
n1000v(config)#
policy-map pm1
This example shows how to remove class attributes:
|
|
---|---|
To use the Basic System Configuration Dialog for creating or modifying a configuration file, use the setup command.
This command has no arguments or keywords, but the Basic System Configuration Dialog prompts you for complete setup information (see the example below).
|
|
---|---|
The Basic System Configuration Dialog assumes the factory defaults. Keep this in mind when using it to modify an existing configuration.
All changes made to your configuration are summarized for you at the completion of the setup sequence with an option to save the changes or not.
You can exit the setup sequence at any point by pressing Ctrl-C.
This example shows how to use the setup command to create or modify a basic system configuration:
|
|
---|---|
To shutdown switching on a VLAN, use the shutdown command. To turn on switching, use the no form of this command.
VLAN configuration (config-vlan)
|
|
You cannot shut down the default VLAN, VLAN1, or VLANs 1006 to 4094.
This example shows how to shutdown switching on VLAN 10:
n1000v#
configure terminal
This example shows how to turn on switching on VLAN 10:
n1000v#
configure terminal
|
|
---|---|
To disable an interface, use the shutdown command. To enable an interface, use the no form of this command.
(Optional) Administratively enables or disables an interface. |
Interface configuration (config-if)
|
|
This command shuts down the interface. No traffic passes and the interface displays as administratively down.
This example shows how to administratively disable Ethernet interface 3/1:
This example shows how to administratively enable Ethernet interface 3/1:
|
|
---|---|
To disable all ports in a port profile, use the shutdown command. To enable ports in a port profile, use the no form of this command.
(Optional) Administratively enables or disables all ports in the profile. |
Port profile configuration (config-port-prof)
|
|
This command administratively disables all ports in the profile. No traffic passes and the ports display as administratively down.
This example shows how to administratively enable all ports in the TrunkProf port profile:
This example shows how to administratively disable all ports in the TrunkProf port profile:
|
|
---|---|
To set a sleep time, use the sleep command.
Sleep time, in seconds. The range of valid values is 0 to 2147483647. |
network-admin
network-operator
|
|
This example shows how to set a sleep time:
n1000v#
sleep 100
n1000v#
This example shows how to disable sleep:
n1000v#
sleep 0
n1000v#
To configure how long the AAA-synchronized user configuration stays in the local cache, use the snmp-server aaa-user cache-timeout command. To revert back to the default value of 3600 seconds, use the no form of this command.
snmp-server user aaa-user cache-timeout seconds
no snmp-server user aaa-user cache-timeout seconds
Length of the time for the user configuration to remain in the local cache. The range is 1 to 86400 seconds. |
|
|
This example shows how to configure the AAA-synchronized user configuration to stay in the local cache for 1200 seconds:
n1000v(
config)# snmp-server aaa-user cache-timeout 1200
This example shows how to revert back to the default value of 3600 seconds:
|
|
---|---|
Enables a one-time authentication for SNMP over a TCP session. |
|
Configures an SNMP user with authentication and privacy parameters. |
To create an SNMP community string, use the snmp-server community command. To remove the community, use the no form of this command.
snmp-server community string [ group group-name ] [ ro | rw ]
no snmp-server community string [ group group-name ] [ ro | rw ]
(Optional) Specifies a group to which this community belongs. |
|
|
|
This example shows how to configure read-only access for the SNMP community called public:
n1000v(
config)# snmp-server community public ro
This example shows how to remove the SNMP community called public:
To configure the sysContact, which is the SNMP contact name, use the snmp-server contact command.
To remove or modify the sysContact, use the no form of this command.
no snmp-server contact [ name ]
(Optional) SNMP contact name (sysContact), which can contain a maximum of 32 characters. |
|
|
This example shows how to configure the sysContact to be Admin:
n1000v(
config)# snmp-server contact Admin
This example shows how to remove the sysContact:
To enforce SNMP message encryption for all users, use the snmp-server globalEnforcePriv command.
|
|
This example shows how to enforce SNMP message encryption for all users:
n1000v(config)#
snmp-server mib globalEnforcePriv
To configure a host receiver for SNMPv1 or SNMPv2c traps, use the snmp-server host command. To remove the host, use the no form of this command.
snmp-server host ip-address { traps | informs}{ version { 1 | 2c | 3 }} [ auth | noauth | priv ] community [ udp_port number ]
no snmp-server host ip-address { traps | informs} { version { 1 | 2c | 3 }} [ auth | noauth | priv ] community [ udp_port number ]
|
|
This example shows how to configure the host receiver, 192.0.2.1, for SNMPv1 traps:
This example shows how to remove the configuration:
To configure the sysLocation, which is the SNMP location name, use the snmp-server location command.
To remove the sysLocation, use the no form of this command.
no snmp-server location [ name ]
(Optional) SNMP location name (sysLocation), which can contain a maximum of 32 characters. |
|
|
This example shows how to configure the sysLocation to be Lab-7:
n1000v(
config)# snmp-server location Lab-7
This example shows how to remove the sysLocation:
To enable SNMP protocol operations, use the snmp-server protocol enable command. To disable SNMP protocol operations, use the no form of this command.
no snmp-server protocol enable
|
|
This example shows how to enable SNMP protocol operations:
n1000v(config)#
snmp-server protocol enable
This example shows how to disable SNMP protocol operations:
n1000v(config)#
no snmp-server protocol enable
To enable authentication for SNMP over TCP, use the snmp-server tcp-session command. To disable authentication for SNMP over TCP, use the no form of this command.
snmp-server tcp-session [ auth ]
(Optional) Enables one-time authentication for SNMP over the entire TCP session (rather than on a per-command basis). |
|
|
This example shows how to enable one-time authentication for SNMP over TCP:
n1000v(config)#
snmp-server tcp-session auth
This example shows how to disable one-time authentication for SNMP over TCP:
n1000v(config)#
no snmp-server tcp-session
|
|
---|---|
Configures how long the AAA-synchronized user configuration stays in the local cache. |
|
Configures an SNMP user with authentication and privacy parameters. |
To define a user who can access the SNMP engine, use the snmp-server user command. To deny a user access to the SNMP engine, use the no form of this command.
snmp-server user name [ auth { md5 | sha } passphrase-1 [ priv [ aes-128 ] passphrase-2 ] [ engineID id ] [ localizedkey ]]
|
|
This example shows how to provide one-time SNMP authorization for the user, Admin, using the HMAC SHA algorithm for authentication:
n1000v(
config)# snmp-server user Admin auth sha abcd1234 priv abcdefgh
This example shows how to deny a user access to the SNMP engine:
|
|
---|---|
Configures how long the AAA-synchronized user configuration stays in the local cache. |
|
Enables a one-time authentication for SNMP over a TCP session. |
To enable SNMP link-state traps for the interface, use the snmp trap link-status command. To disable SNMP link-state traps for the interface, use the no form of this command.
CLI interface configuration (config-if)
|
|
This example shows how to enable SNMP link-state traps for the interface:
This example shows how to disable SNMP link-state traps for the interface:
|
|
---|---|
Creates a virtual Ethernet interface and enters interface configuration mode. |
|
Enables a one-time authentication for SNMP over a TCP session. |
To specify a source interface for reaching a RADIUS or TACACS+ server group, use the source-interface command. To remove the source interface, use the no form of this command.
source-interface interface-type interface-id
RADIUS server group configuration (config-radius)
TACACS+ server group configuration (config-tacacs+)
|
|
This example shows how to specify source interface mgmt0 to reach the RADIUS server for the RadServer RADIUS server group:
n1000v #
configure terminal
n1000v(config)# aaa group server radius RadServer
n1000v(
config-radius)#
source-interface mgmt0
n1000v(
config-radius)#
This example shows how to remove the source interface from the configuration:
n1000v #
configure terminal
n1000v(config)# aaa group server radius RadServer
n1000v(
config-radius)#
no source-interface
n1000v(
config-radius)#
|
|
---|---|
To add an interface to a flow exporter designating it as the source for NetFlow flow records, use the source command. To remove the source interface from the flow exporter, use the no form of this command.
NetFlow flow exporter configuration ( config-flow-exporter)
|
|
The mgmt0 interface is the only interface that can be added to the flow exporter.
This example shows how to add source management interface 0 to the ExportTest flow exporter:
n1000v#
config t
This example shows how to remove source management interface 0 from the ExportTest flow exporter:
n1000v#
config t
|
|
---|---|
To configure BPDU guard for VETH or Port-profile, use the spanning-tree bpduguard <enable | disable> command.
spanning-tree bpduguard <enable | disable>
|
|
This example shows how to configure BPDU guard for VETH or Port-profile:
|
|
---|---|
Displays the interface status, which includes the speed and duplex mode parameters. |
To enable bpduguard globally, use the spanning-tree port type edge bpduguard default command.
spanning-tree port type edge bpduguard default
|
|
This example shows how to enable bpduguard globally:
|
|
---|---|
Displays the interface status, which includes the speed and duplex mode parameters. |
To set the speed for an interface, use the speed command. To automatically set both the speed and duplex parameters to auto, use the no form of this command.
speed { speed_val | auto [ 10 100 [ 1000 ]]}
no speed [{ speed_val | auto [ 10 100 [ 1000 ]]}]
Sets the interface to autonegotiate the speed with the connecting port. |
|
Interface configuration (config-if)
|
|
If you configure an Ethernet port speed to a value other than auto (for example, 10, 100, or 1000 Mbps), you must configure the connecting port to match. Do not configure the connecting port to negotiate the speed.
This example shows how to set the speed of Ethernet port 1 on the module in slot 3 to 1000 Mbps:
This example shows how to automatically set the speed to auto:
|
|
---|---|
Displays the interface status, which includes the speed and duplex mode parameters. |
To create a Secure Shell (SSH) session, use the ssh command.
ssh [ username @ ]{ ipv4-address | hostname } [ vrf vrf-name ]
|
|
This example shows how to start an SSH session:
|
|
---|---|
To generate the key pair for the switch, which is used if SSH server is enabled, use the ssh key command. To remove the SSH server key, use the no form of this command.
ssh key { dsa [ force ] | rsa [ length [ force ]]}
|
|
The NX-OS software supports SSH version 2.
If you want to remove or replace an SSH server key, you must first disable the SSH server using the no feature ssh command.
This example shows how to create an SSH server key using DSA:
This example shows how to create an SSH server key using RSA with the default key length:
This example shows how to create an SSH server key using RSA with a specified key length:
This example shows how to replace an SSH server key using DSA with the force option:
This example shows how to remove the DSA SSH server key:
This example shows how to remove all SSH server keys:
|
|
---|---|
To set the operational state of a VLAN, use the state command. To disable state configuration, use the no form of this command.
VLAN configuration (config-vlan)
|
|
This example shows how to set the operational state of a VLAN:
n1000v#
configure terminal
This example shows how to disable state configuration:
n1000v#
configure terminal
|
|
---|---|
To set the operational state of a port profile, use the state command.
Port profile configuration (config-port-prof)
|
|
This example shows how to enable or disable the operational state of a port profile:
n1000v#
configure terminal
|
|
---|---|
To collect statistics for each ACL entry, use the statistics per-entry command. To remove statistics, use the no form of this command.
ACL configuration (config-acl)
|
|
This example shows how to collect statistics for each ACL entry:
This example shows how to remove statistics:
|
|
---|---|
To enable the storm-control feature, use the storm-control enable command.
|
|
This example shows how to enable storm-control feature:
|
|
---|---|
Displays the storm control statistics for the respective module. |
To configure interface port channel subgroup assignment, use the sub-group command. To remove this configuration, use the no form of this command.
Interface configuration (config-if)
|
|
Use this command to identify the port channel as being in vPC-HM, which requires traffic to be managed separately for each upstream switch connected to the member ports. If the upstream switches have CDP enabled, the Cisco Nexus 1000V can use this information to automatically assign subgroups. If the upstream switches do not have CDP enabled, then you must configure subgroups manually.
This command overrides any subgroup configuration specified in the port-profile inherited by the port channel interface.
This example shows how to configure a subgroup type for a port channel interface:
This example shows how to remove the configuration:
|
|
---|---|
To configure subgroup IDs for Ethernet member ports of vPC-HM, use the sub-group-id command. To remove the subgroup IDs, use the no form of this command.
Interface configuration (config-if)
|
|
This example shows how to configure an Ethernet member port on subgroup 5:
This example shows how to remove the configuration:
|
|
---|---|
To enable an SVS connection, use the svs connection command. To disable an SVS connection, use the no form of this command.
|
|
This example shows how to enable an SVS connection:
n1000v#
configure terminal
This example shows how to disable an SVS connection:
n1000v#
configure terminal
|
|
---|---|
To configure an SVS domain and enter SVS domain configuration mode, use the svs-domain command.
|
|
This example shows how to enter SVS domain configuration mode to configure an SVS domain:
n1000v#
configure terminal
|
|
---|---|
To transfer licenses from a specified source VEM to another VEM, or to transfer an unused license to the VSM license pool, use the svs license transfer src-vem command.
svs license transfer src-vem module number [ dst-vem module number | license_pool ]
|
|
– The virtual Ethernet interfaces on the source VEM are removed from service.
– The virtual Ethernet interfaces on the destination VEM are brought into service.
– The virtual Ethernet interfaces on the source VEM are removed from service.
This example shows how to transfer a license from VEM 3 to VEM 5, and then display the license configuration:
This example shows how to transfer a license from VEM 3 to the VSM license pool, and then display the license configuration:
n1000v(config)# svs license transfer src-vem 3 license_pool
To enable volatile licenses so that, whenever a VEM is taken out of service, its licenses are returned to the VSM pool of available licenses, use the svs license volatile command. To disable volatile licenses, use the no form of this command.
|
|
This example shows how to enable the volatile license feature for a VSM:
n1000v(config)# svs license volatile
This example shows how to disable the volatile license feature for a VSM:
(
config)#
no svs license volatile
|
|
---|---|
Designates the level of severity at which license messages should be logged. |
|
Transfers licenses from a source VEM to another VEM, or to the VSM pool of available licenses. |
To configure a transport mode for control and packet traffic in the virtual supervisor module (VSM) domain, use the svs mode command.
svs mode { L2 | L3 interface { mgmt0 | control0 }}
Specifies Layer 3 as the transport mode for the VSM domain and configures the Layer 3 transport interface. |
|
SVS domain configuration (config-svs-domain)
|
|
If you use mgmt0 as the Layer 3 control interface, then in the VSM VM, Ethernet adapters 1 and 3 are not used.
If you use control0 as the Layer 3 control interface, then in the VSM VM, Ethernet adapter 3 is not used.
This example shows how to configure mgmt0 as the Layer 3 transport interface for the VSM domain:
n1000v(config-svs-domain)# svs mode l3 interface mgmt0
|
|
---|---|
To configure the Cisco Nexus 1000V switch edition, use the svs switch edition command.
svs switch edition [essential | advanced]
Configures the Cisco Nexus 1000V switch in the essential edition. |
|
Configures the Cisco Nexus 1000V switch in the advanced edition. |
|
|
When the Release 4.2.1SV2(1.1) software is installed, the Essential edition is the default edition. When the switch is configured in the Essential edition, all the features (other than the advancd feafures) are available for free. No licenses are required to operate the Essential edition. The switch edition configuration is global and not per module. In Essential edition, all the modules are automatically licensed. A new command is provided to move the switch from the Essential edition to the Advanced edition and vice versa. The licenses are required only when switch edition is configured as the Advanced edition.
This example shows how to complete the VSM upgrade, notify hosts to switch to the upgraded datapath, and then display the upgrade status:
|
|
---|---|
To complete a VSM software upgrade, and notify hosts to switch to the upgraded datapath, use the svs upgrade complete command.
|
|
This example shows how to complete the VSM upgrade, notify hosts to switch to the upgraded datapath, and then display the upgrade status:
|
|
---|---|
Starts a manual VSM upgrade and saves upgrade information at the standby. |
To start a manual VSM upgrade and save upgrade information at the standby, use the svs upgrade start command. To stop a manual upgrade, use the no form of this command.
svs upgrade start mgmt0 { ip ipaddress | ipv6 ipv6address } + [control0 ip ipaddr]
|
|
Before starting a manual VSM upgrade:
To preserve access to VSM2 during software upgrade, this process requires you to assign an alternate management IP address to VSM2.
This example shows how to start a manual VSM upgrade and assign a temporary IP address.
|
|
---|---|
Completes a VSM software upgrade, and notifies hosts to switch to the upgraded datapath. |
|
Displays information about all available VSMs and VEMs in the system. |
|
To enable the VSM to remove all manual configuration on a vEthernet interface when the system administrator changes a port profile on the interface, use the svs veth auto-config-purge command. To remove this control, use the no form of this command.
|
|
This example shows how to enable the VSM to remove all manual configuration on a vEthernet interface when the system administrator changes a port profile on the interface :
n1000v(config)# svs veth auto-config-purge
This example shows how to remove the xxx configuration:
n1000v(config)# no svs veth auto-config-purge
To e nable the VSM to automatically delete DVPorts no longer used by a vNIC or hypervisor port, use the svs veth auto-delete command. To disable this control, use the no form of this command.
|
|
This example shows how to enable the VSM to automatically delete DVPorts no longer used by a vNIC or hypervisor port :
n1000v(config)# svs veth auto-delete
This example shows how to disable the automatic deletion of DVPorts that are no longer used by a vNIC or hypervisor port :
n1000v(config)# no svs veth auto-delete
To enable the VSM to automatically create a vEthernet interface when a new port is activated on a host, use the svs veth auto-setup command. To remove this control, use the no form of this command.
|
|
This example shows how to configure xxx:
n1000v(
config)#
xxx
This example shows how to remove the xxx configuration:
n1000v(
config)#
no xxx
To configure the hostname for the device, use the switchname command. To revert to the default, use the no form of this command.
Name for the device. The name is alphanumeric, case sensitive, can contain special characters, and can have a maximum of 32 characters. |
|
|
---|---|
The Cisco NX-OS software uses the hostname in command-line interface (CLI) prompts and in default configuration filenames.
The switchname command performs the same function as the hostname command.
This example shows how to configure the device hostname:
This example shows how to revert to the default device hostname:
|
|
---|---|
To assign a VXLAN bridge domain to a port profile, use the switchport access bridge-domain command. To remove the VXLAN bridge domain, use the no form of this command.
switchport access bridge-domain bd-name
no switchport access bridge-domain
Port profile configuration (config-port-prof)
|
|
This example shows how to assign a VXLAN bridge domain to a port profile:
n1000v(config-port-prof)# switchport mode access
|
|
---|---|
Displays the running configuration of the specified port profile. |
|
To set the access mode of an interface, use the switchport access vlan command. To remove access mode configuration, use the no form of this command.
VLAN identification number. The range of valid values is 1 to 3967. |
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
This example shows how to set the access mode of an interface:
n1000v#
configure terminal
This example shows how to remove access mode configuration:
n1000v#
configure terminal
|
|
---|---|
To set the port mode of an interface, use the switchport mode command. To remove the port mode configuration, use the no form of this command.
switchport mode {access | private-vlan {host | promiscuous} | trunk}
no switchport mode {access | private-vlan {host | promiscuous} | trunk}
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
This example shows how to set the port mode of an interface:
n1000v#
configure terminal
This example shows how to remove mode configuration:
n1000v#
configure terminal
|
|
---|---|
To set the port security characteristics of an interface, use the switchport port-security command. To remove the port security configuration, use the no form of this command.
switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address { address [vlan id ] |sticky} | maximum number [vlan id ] | violation {protect | restrict | shutdown}]
no switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address { address [vlan id ] |sticky} | maximum number [vlan id ] | violation {protect | restrict | shutdown}]}
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
This example shows how to set the port security aging inactivity timer:
n1000v#
configure terminal
This example shows how to remove the port security aging inactivity timer:
n1000v#
configure terminal
|
|
---|---|
To define a private VLAN association for an isolated or community port, use the switchport private-vlan host-association command. To remove the private VLAN association from the port, use the no form of this command.
switchport private-vlan host-association { primary-vlan-id } { secondary-vlan-id }
no switchport private-vlan host-association
Number of the primary VLAN of the private VLAN relationship. |
|
Number of the secondary VLAN of the private VLAN relationship. |
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
There is no run-time effect on the port unless it is in private VLAN-host mode. If the port is in private VLAN-host mode but neither of the VLANs exist, the command is allowed but the port is made inactive. The port also may be inactive when the association between the private VLANs is suspended.
This example shows how to configure a host private VLAN port with a primary VLAN (VLAN 18) and a secondary VLAN (VLAN 20):
n1000v(config-if)#
switchport private-vlan host-association 18 20
n1000v(config-if)#
This example shows how to remove the private VLAN association from the port:
n1000v(config-if)#
no switchport private-vlan host-association
n1000v(config-if)#
|
|
---|---|
To define the private VLAN association for a promiscuous port, use the switchport private-vlan mapping command. To clear all mapping from the primary VLAN, use the no form of this command.
switchport private-vlan mapping { primary-vlan-id } {[ add ] secondary-vlan-list | remove secondary-vlan-list }
no switchport private-vlan mapping
Number of the primary VLAN of the private VLAN relationship. |
|
Number of the secondary VLAN of the private VLAN relationship. |
|
Clears the association between the secondary VLANs and the primary VLAN. |
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
There is no run-time effect on the port unless it is in private VLAN-promiscuous mode. If the port is in private VLAN-promiscuous mode but the primary VLAN does not exist, the command is allowed but the port is made inactive.
This example shows how to configure the associate primary VLAN 18 to secondary isolated VLAN 20 on a private VLAN promiscuous port:
n1000v(config-if)#
switchport private-vlan mapping 18 20
n1000v(config-if)#
This example shows how to add a VLAN to the association on the promiscuous port:
n1000v(config-if)#
switchport private-vlan mapping 18 add 21
n1000v(config-if)#
This example shows how to remove the all private VLAN association from the port:
n1000v(config-if)#
no switchport private-vlan mapping
|
|
---|---|
Displays information on all interfaces configured as switchports. |
|
Displays the information about the private VLAN mapping for VLAN interfaces, or SVIs. |
To designate the primary private VLAN, use the switchport private-vlan trunk mapping trunk command. To remove the primary private VLAN, use the no form of this command.
switchport private-vlan trunk native vlan id
no switchport private-vlan trunk native vlan
VLAN identification number. The range of valid values is 1 to 3967. |
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
When you use this command, you must either add a secondary VLAN, or remove a VLAN.
This example shows how to designate the primary private VLAN:
n1000v#
configure terminal
This example shows how to remove the primary private VLAN:
n1000v#
configure terminal
|
|
---|---|
To set the allowed VLANs when the interface is in private-vlan promiscuous trunking mode, use the switchport private-vlan trunk allowed command. To clear all VLANs from the private-vlan promiscuous trunking mode, use the no form of this command.
switchport private-vlan trunk allowed vlan { vlan-ids | add vlan-ids | all | except vlan-ids | none | remove vlan-ids }
no switchport private-vlan trunk allowed vlan vlan-ids
VLAN IDs of the allowed VLANs when interface is in trunking mode. |
|
Allows all the VLANs on the interface except the specified ones. |
|
Removes VLAN IDs from existing allowed VLANs on the interface. |
Port profile configuration (config-port-prof)
Interface configuration (config-if)
|
|
---|---|
This command is used to allow only the normal VLANs on the promiscuous trunk port.
This example shows how to set the allowed VLANs when the interface is in private VLAN trunking mode:
|
|
---|---|
To set the list of allowed VLANs on the trunking interface, use the switchport trunk allowed vlan command. To allow all VLANs on the trunking interface, use the no form of this command.
switchport trunk allowed vlan { vlan-list | all | none | [ add | except | remove { vlan-list }]}
no switchport trunk allowed vlan
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
You must enter the switchport command without any keywords to configure the LAN interface as a Layer 2 interface before you can enter the switchport trunk allowed vlan command. This action is required only if you have not entered the switchport command for the interface.
If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic in VLAN 1.
This example shows how to add a series of consecutive VLANs to the list of allowed VLANs on a trunking port:
n1000v(config-if)#
switchport trunk allowed vlan add 40-50
n1000v(config-if)#
|
|
---|---|
Displays the administrative and operational status of a switching (nonrouting) port. |
To configure trunking parameters on an interface, use the switchport trunk native vlan command. To remove the configuration, use the no form of this command.
switchport trunk native vlan id
no switchport trunk native vlan
VLAN identification number. The range of valid values is 1 to 3967. |
Interface configuration (config-if)
Port profile configuration (config-port-prof)
|
|
This example shows how to configure trunking parameters on an interface:
|
|
---|---|
To configure the inter-supervisor heartbeat time, use system inter-sup-heartbeat time command.
system inter-sup-heartbeat time <7-30>
|
|
This example shows how to configure the inter-supervisor heartbeat time:
To configure a system-wide jumbo frame size, specifying the maximum frame size that Ethernet ports can process, use the system jumbomtu command.
Size, in bytes, of the Layer 2 Ethernet interface jumbo maximum transmission unit (MTU). Frames larger than this are dropped. The setting must be an even number between 1500 and 9000 bytes. |
|
|
This example shows how to configure a system-wide maximum frame size of 8000 bytes:
To configure a redundancy role for the VSM, use the system redundancy role command. To revert to the default setting, use the no form of the command.
system redundancy role {primary | secondary | standalone}
no system redundancy role {primary | secondary | standalone}
|
|
This example shows how to configure no redundant VSM:
|
|
---|---|
To detect and configure storage connectivity losses, use the system storage-loss command. To disable storage loss checking, use the no form of the command.
system storage-loss { log | reboot } [ time <interval> ]
no system storage-loss { log | reboot } [ time <interval> ]
The time interval at which the VSM checks for storage connectivity status. The default time interval is 30 seconds. |
|
|
This example shows how to enable storage loss detection to be performed every 50 seconds.
This example shows how to disable the storage loss checking:
|
|
---|---|
To switch over to the standby supervisor, use the system switchover command.
|
|
This example shows how to switch over to the standby supervisor:
|
|
---|---|
To change the software version supported on VEMs, use the system update vem feature level command.
system update vem feature level [ version_number ]
|
|
This example shows how to change the software version supported:
n1000v#
system update vem feature level
|
|
---|---|
To add the system VLAN to a port profile, use the system vlan command. To remove the system VLAN from a port profile, use the no form of this command.
List of VLAN IDs, separated by commas. The allowable range is 1–3967 and 4048–4093. |
Port profile configuration (config-port-prof)
|
|
A system VLAN is used to configure and bring up physical or vEthernet ports before the Virtual Supervisor Module (VSM) has established communication with the Virtual Ethernet Module (VEM).
This example shows how to add system VLANs 260 and 261 to the port profile:
This example shows how to remove all system VLANs from the port profile:
|
|
---|---|
Displays the status of all VLANs and the ports that are configured on them. |
|