Configuring CFS
This chapter describes how to use Cisco Fabric Services (CFS), a Cisco proprietary feature that distributes data, including configuration changes, to all Cisco NX-OS devices in a network.
This chapter includes the following sections:
•Information About CFS
•Licensing Requirements for CFS
•Prerequisites for CFS
•Guidelines and Limitations
•Configuring CFS Distribution
•Verifying the CFS Configuration
•Default Settings
•Additional References
•Feature History for CFS
Information About CFS
You can use CFS over IP (CFSoIP) to distribute and synchronize a configuration on one Cisco device or with all other Cisco devices in your network. CFSoIP provides you with consistent and, in most cases, identical configurations and behavior in your network.
This section includes the following topics:
•Merging Application Databases
•Applications that Use CFS to Distribute Configuration Changes
•CFS Distribution
•CFS Regions
•High Availability
•Virtualization Support
Merging Application Databases
When a new device is detected in your network, CFS manages the merging, or synchronizing, of its configuration with that of the other devices. CFS also coordinates and minimizes the number of merges by designating one device to manage merges per application per region. The other devices do not play any role in the merge process.
During a merger of two networks, their designated managers exchange configuration databases. The application on one of them merges the databases, decides if the merger is successful, and notifies all other devices.
If the merger is successful, the merged database is distributed to all devices in the combined fabric and the entire new fabric emerges in a consistent state. You can recover from a merge failure by starting a distribution from any device in the new fabric. This distribution restores all peers in the fabric to the same configuration database.
Applications that Use CFS to Distribute Configuration Changes
CFS distributes configuration changes for the applications shown in Table 2-2.
Table 2-1 CFS-Supported Applications
|
|
RADIUS |
Disabled |
TACACS+ |
Disabled |
User and administrator roles |
Disabled |
Call Home |
Disabled |
NTP |
Disabled |
CFS Distribution
CFS distributes configuration changes to multiple devices in a defined region or across a complete network.
The following steps provide an overview of how CFS distributes application configurations.
1. You enable CFS to distribute configurations for an application, such as Call Home.
2. You enter a command to change the configuration for a CFS application, such as Call Home.
3. CFS checks if an active fabric lock indicates that a configuration change is already in progress for this application.
Note Only one CFS session for an application can be active at a time. CFS uses locks to enforce this restriction. Distribution is not allowed to start if locks are in place for the application anywhere else in the fabric.
4. One of the following occurs:
–If an active fabric lock exists for this application, CFS rejects the command. No changes are permitted until the existing fabric lock is released.
–If there is not an active fabric lock for this application, then CFS starts a session and locks the fabric for this application.
5. You enter the remaining configuration commands for the application.
6. You commit the configuration by using the commit command.
7. CFS distributes the configuration and releases the lock.
CFS Regions
A CFS region is a user-defined subset of devices for a given feature or application. You will usually define regions to localize or restrict distribution based on devices that are close to one another.
When a network covers many geographies with many different administrators who are responsible for subsets of devices, you can manage the physical scope of an application by setting up a CFS region.
CFS regions are identified by numbers 0 through 200. Region 0 is the default region. You can configure region number 1 through 200.
Note If a feature is moved, that is, assigned to a new region, its scope is restricted to that region and it ignores all other regions for distribution or merging purposes.
You can set up a CFS region to distribute configurations for multiple features. However, on a given device, you can configure only one CFS region at a time to distribute the configuration for a given feature. Once you assign a feature to a CFS region, its configuration cannot be distributed within another CFS region.
Note The default region is used to distribute changes to all devices in a fabric. Region 0 is reserved as the default region and contains every device in the fabric. If you remove an application from a region and do not assign it to a different region, it is added to the default region (region 0).
High Availability
Stateless restarts are supported for CFS. After a reboot or a supervisor switchover, the running configuration is applied. For more information on high availability, see the Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide.
Virtualization Support
CFS is configured per VDC.
When you access Cisco NX-OS, it places you in the default VDC unless you specify a different VDC. For more information on VDCs, see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 4.x.
Licensing Requirements for CFS
|
|
NX-OS |
CFS requires no license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide. |
Prerequisites for CFS
CFS has the following prerequisites:
•CFS is enabled by default. All devices in the fabric must have CFS enabled or they do not receive distributions.
•If CFS is disabled for an application, then that application does not distribute any configuration and it does not accept a distribution from other devices in the fabric.
Guidelines and Limitations
CFS has the following configuration guidelines and limitations:
•If the virtual port channel (vPC) feature is enabled for your device, do not disable CFS over Ethernet.
Caution
CFS over Ethernet must be enabled for the vPC feature to work.
•CFS distributions for application data use directed unicast.
•All CFS over IP enabled devices with similar multicast addresses form one CFS over IP fabric.
•Make sure that CFS is enabled for the applications you want to configure. For detailed information, see the "Enabling CFS Distribution for Applications" procedure.
•Any time you lock a fabric, your username is remembered across restarts and switchovers.
•Any time you lock a fabric, configuration changes attempted by anyone else are rejected.
•While a fabric is locked, the application holds a working copy of configuration changes in a pending database or temporary storage area—not in the running configuration.
•Configuration changes that have not been committed yet (still saved as a working copy) are not in the running configuration and do not display in the output of show commands.
•The working copy overwrites the running configuration when you commit the changes.
•If you start a CFS session that requires a fabric lock but forget to end the session, an administrator can clear the session. For more information, see the "Clearing a Locked Session" procedure.
• CFSoIP and CFSoE are not supported for use together.
•CFS regions can be applied only to CFSoIP and CFSoFC clients.
•An empty commit is allowed if configuration changes are not previously made. In this case, the commit command results in a session that acquires locks and distributes the current database.
•You can only use the commit command on the specific device where the fabric lock was acquired.
Configuring CFS Distribution
This section describes how to configure CFS and includes the following topics:
•Enabling CFS Distribution for Applications
•Specifying a CFS Distribution Mode
•Configuring an IP Multicast Address for CFS Over IP
•Configuring CFS Regions
•Creating and Distributing a CFS Configuration
•Discarding a Configuration
•Disabling CFS Distribution Globally
Enabling CFS Distribution for Applications
This section includes the following topics:
•Enabling CFS to Distribute Call Home Configurations
•Enabling CFS to Distribute RADIUS Configurations
•Enabling CFS to Distribute TACACS+ Configurations
•Enabling CFS to Distribute Role Configurations
•Enabling CFS to Distribute NTP Configurations
Note See the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.x for more information on CFS for RADIUS, TACACS+, and roles. See Chapter 6, "Configuring Smart Call Home" for more information on Call Home, and see Chapter 3, "Configuring NTP" for more information on NTP.
Enabling CFS to Distribute Call Home Configurations
You can enable CFS to distribute Call Home configurations.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. callhome
3. distribute
4. show application_name status
5. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
switch(config)# callhome
Example: switch(config)# callhome switch(config-callhome)# |
Places you in callhome configuration mode. |
Step 3 |
switch(config)# distribute
Example: switch(config-callhome)# distribute switch(config-callhome)# |
Enables CFS to distribute Call Home configuration updates. |
Step 4 |
show application_name status
Example: switch(config-callhome)# show callhome status |
(Optional) For the specified application, displays the CFS distribution status. |
Step 5 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
This example shows how to enable CFS to distribute Call Home configurations:
switch(config-callhome)# distribute
switch(config-callhome)# show callhome status
switch(config-callhome)# copy running-config startup-config
[########################################] 100%
Enabling CFS to Distribute RADIUS Configurations
You can enable CFS to distribute RADIUS configurations.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. radius distribute
3. show radius status
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
switch(config)# radius distribute
Example: switch(config)# radius distribute |
For the specified application, enables the device to receive configuration updates that are distributed through CFS. |
Step 3 |
show radius status
Example: switch(config)# show radius status |
(Optional) For the specified application, displays the CFS distribution status. |
Step 4 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
This example shows how to enable CFS to distribute RADIUS configurations:
switch(config)# radius distribute
switch(config)# show radius status
switch(config)# copy running-config startup-config
[########################################] 100%
Enabling CFS to Distribute TACACS+ Configurations
You can enable CFS to distribute TACACS+ configurations.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. tacacs+ distribute
3. show tacacs+ status
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
switch(config)# tacacs+ distribute
Example: switch(config)# tacacs+ distribute |
Enables CFS to distribute configuration updates for TACACS+. |
Step 3 |
show tacacs+ status
Example: switch(config)# show tacacs+ status |
(Optional) Displays the CFS distribution status for TACACS+. |
Step 4 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
This example shows how to enable CFS to distribute TACACS+ configurations:
switch(config)# tacacs+ distribute
switch(config)# show tacacs+ status
Last operational state: No session
switch(config)# copy running-config startup-config
[########################################] 100%
Enabling CFS to Distribute Role Configurations
You can enable CFS to distribute role configurations.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. role distribute
3. show role status
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
switch(config)# role distribute
Example: switch(config)# role distribute |
Enables CFS to distribute role configurations. |
Step 3 |
show role status
Example: switch(config)# show role status |
(Optional) Displays the CFS distribution status. |
Step 4 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
This example shows how to enable CFS to distribute Call Home configurations:
switch(config)# role distribute
switch(config)# show role status
switch(config)# copy running-config startup-config
[########################################] 100%
Enabling CFS to Distribute NTP Configurations
You can enable CFS to distribute NTP configurations.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. ntp distribute
3. show application_name status
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
ntp distribute
Example: switch(config)# ntp distribute |
Enables CFS to distribute NTP configuration updates. |
Step 3 |
show application_name status
Example: switch(config)# show ntp status |
(Optional) For the specified application, displays the CFS distribution status. |
Step 4 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
This example shows how to enable CFS to distribute Call Home configurations:
switch(config)# ntp distribute
switch(config)# show ntp status
switch(config)# copy running-config startup-config
[########################################] 100%
Specifying a CFS Distribution Mode
You can specify and enable a CFS distribution mode (Ethernet or IPv4).
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. cfs [eth | ipv4] distribute
3. show cfs status
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
cfs [eth | ipv4] distribute
Example: switch(config)# cfs ipv4 distribute switch(config)# |
Globally enables CFS distribution over one of the following for all applications on the device. •Ethernet •IPv4 In this example, CFS distribution is enabled over IPv4. |
Step 3 |
show cfs status
Example: switch(config)# show cfs status Distribution : Enabled Distribution over IP : Enabled - mode IPv4 IPv4 multicast address : 239.255.70.83 switch(config)#
|
Shows the current state of CFS including distribution mode. In this example, CFS is shown as being distributed over IPv4. |
Step 4 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Configuring an IP Multicast Address for CFS Over IP
For CFS protocol-specific distributions, such as the keepalive mechanism for detecting network topology changes, use the IP multicast address to send and receive information.
You can configure the IP multicast address used to distribute CFS over IP for either of the following:
•IPv4—The default IPv4 multicast address is 239.255.70.83.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
You must disable CFS IP distribution before changing the multicast address.
SUMMARY STEPS
1. config t
2. no cfs [ipv4] distribute
3. cfs [ipv4] mcast-address ip_address
4. show cfs status
5. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
no cfs [ipv4] distribute
Example:
switch(config)# no cfs ipv4 distribute
This will prevent CFS from distributing over IPv4 network. Are you sure? (y/n) [n] y switch(config)# |
Globally disables CFS over IP distribution for all applications on the device. Note CFS over IP must be disabled before you can change the multicast address. |
Step 3 |
cfs [ipv4] mcast-address ip_address
Example: switch(config)# cfs ipv4 mcast-address 239.255.1.1 Distribution over this IP type will be affected Change multicast address for CFS-IP ? Are you sure? (y/n) [n] y |
Configures the multicast address for CFS distribution over IPv4. The ranges of valid IPv4 addresses are 239.255.0.0 through 239.255.255.255 and 239.192/16 through 239.251/16. The default IPv4 address is 239.255.70.83. |
Step 4 |
show cfs status
Example: switch(config)# show cfs status Distribution : Enabled Distribution over IP : Enabled - mode IPv4 IPv4 multicast address : 239.255.1.1 switch(config)#
|
Shows the current state of CFS including whether it is enabled, its IP mode, and its multicast addresses. In this example, CFS is shown as being distributed over IPv4 on 239.255.1.1. |
Step 5 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Configuring CFS Regions
This section describes how to create and configure a CFS region and includes the following topics:
•Creating a CFS Region
•Moving an Application to a Different Region
•Removing an Application from a Region
•Deleting a CFS Region
Creating a CFS Region
You can create a CFS region and add an application, such as Call Home, to it.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. cfs region region_number
3. application_name
4. show cfs region brief
5. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
cfs region region_number
Example: switch(config)# cfs region 4 switch(config-cfs-region)# |
Creates the region and places you into Configuration mode for the specified region. In this example, region 4 is created. |
Step 3 |
application_name
Example: switch(config-cfs-region)# callhome switch(config-cfs-region)# |
For the specified region, adds the named applications. |
Step 4 |
show cfs region brief
Example: switch(config-cfs-region)# show cfs region brief
--------------------------------------- Region Application Enabled --------------------------------------- 4 callhome yes
switch(config-cfs-region)#
|
(Optional) Shows all configured regions and applications (does not show peers). In this example, the Call Home application is shown in region 4. |
Step 5 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Moving an Application to a Different Region
You can move an application to a different region, for example, you can move NTP from region 1 to region 2.
Note When an application is moved, its scope is restricted to the new region; it ignores all other regions for distribution or merging purposes.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. cfs region region_number
3. application_name
4. show cfs region
5. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
cfs region region_number
Example: switch(config)# cfs region 2 switch(config-cfs-region)# |
Places you in configuration mode for the target/destination region. |
Step 3 |
application_name
Example: switch(config-cfs-region)# callhome switch(config-cfs-region)# radius |
Specifies applications to be moved. In this example, the Call Home application is moved to region 2. |
Step 4 |
show cfs region name application_name
Example:
switch(config-cfs-region)# show cfs
region name callhome
|
Displays peers and region information for a given application. |
Step 5 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
This example shows how to move the Call Home application to CFS region 2:
switch# config t
switch(config)# cfs region 2
switch(config-cfs-region)# callhome
switch(config-cfs-region)# show cfs region name callhome
-------------------------------------------------------------------------
-------------------------------------------------------------------------
20:00:00:22:55:79:a4:c1 172.28.230.85 [Local]
Total number of entries = 1
switch(config-cfs-region)#
Removing an Application from a Region
You can remove an application from a region. Removing an application from a region is the same as moving the application back to the default region, The default region is usually region 0. This action brings the entire fabric into the scope of distribution for the application.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. cfs region region_number
3. no application_name
4. Repeat Step 3 for each application you want to remove from this region.
5. show cfs region brief
6. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
cfs region region_number
Example: switch(config)# cfs region 2 switch(config-cfs-region)# |
Places you in Configuration mode for the specified region. |
Step 3 |
no application_name
Example: switch(config-cfs-region)# no ntp
|
Removes the specified application from the region. |
Step 4 |
(Optional) Repeat Step 3 for each application you want to remove from this region. |
— |
Step 5 |
show cfs region brief
Example: switch(config-cfs-region)# show cfs region brief
--------------------------------------- Region Application Enabled ---------------------------------------
4 tacacs+ yes 6 radius yes
switch(config-cfs-region)#
|
Shows all configured regions and applications (does not show peers). |
Step 6 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Deleting a CFS Region
You can delete a region and move all included applications back to the default region.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. no cfs region region_number
3. show cfs region brief
4. show cfs application name application-name
5. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
no cfs region region_number
Example: switch(config)# no cfs region 4 WARNING: All applications in the region wiil be moved to default region. Are you sure? (y/n) [n] switch(config)#
|
Deletes the specified region after warning that this action causes all applications in the region to move to the default region. After deleting the region, you are returned to global configuration mode. |
Step 3 |
show cfs region brief
Example: switch(config)# show cfs region brief
--------------------------------------- Region Application Enabled --------------------------------------- 6 radius no
switch(config)#
|
Shows all configured regions and applications (does not show peers). In this example, region 4 is absent. |
Step 4 |
show cfs application name application-name
Example: switch# show cfs application name callhome
Enabled : Yes Timeout : 20s Merge Capable : Yes Scope : Physical-fc-ip Region : Default
switch#
|
Shows local application information by name. In this case, the Call Home application is shown as now belonging to the default region. |
Step 5 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Creating and Distributing a CFS Configuration
You can create a configuration change for an application and then distribute it to its application peers.
Caution
If you do not commit the changes, they are not distributed and saved in the running configuration of application peer devices.
Caution
If you do not save the changes to the startup configuration in every application peer device where distributed, then changes are retained only in their running configurations.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. application_name
3. application_command
4. Repeat Step 3 for each configuration command you want to make.
5. show application_name status
6. commit
7. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
application_name
Example: switch(config)# callhome switch(config-callhome)# |
Specifies that CFS starts a session for the specified application name and locks the fabric. |
Step 3 |
application_command
Example: switch(config-callhome)# email-contact admin@Mycompany.com |
Specifies that configuration changes are saved as a working copy and are not saved in the running configuration until you enter the commit command. |
Step 4 |
(Optional) Repeat Step 3 for each configuration command you want to make. |
— |
Step 5 |
show application_name status
Example: switch(config-callhome)# show callhome status Distribution : Enabled switch(config-callhome)# |
(Optional) For the specified application, displays the CFS distribution status. In this example, the output shows that distribution is enabled for Call Home. |
Step 6 |
commit
Example: switch(config-callhome)# commit
|
CFS distributes the configuration changes to the running configuration of every application peer device. If one or more external devices report a successful status, the software overwrites the running configuration with the changes from the CFS working copy and releases the fabric lock. If none of the external devices report a successful status, no changes are made and the fabric lock remains in place. |
Step 7 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration in all devices in the fabric. |
This example shows how to configure and distribute the contact information for Call Home:
switch# config t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# snmp-server contact personname@companyname.com
switch(config)# callhome
switch(config-callhome)# email-contact admin@Mycompany.com
switch(config-callhome)# phone-contact +1-800-123-4567
switch(config-callhome)# street-address 123 Anystreet st. Anytown,AnyWhere
switch(config-callhome)# commit
switch(config-callhome)# copy running-config startup-config
[######################################] 100%
Clearing a Locked Session
You can clear a lock held by an application from any device in the fabric.
You must have admin permissions to release a lock.
Caution
When you clear a lock in the fabric, any pending configurations in any device in the fabric are discarded.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. show application_name status
3. clear application_name session
4. show application_name status
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
show application_name status
switch(config)# show ntp status Distribution : Enabled Last operational state: Fabric Locked switch(config)# |
Shows the current application state. In this example, NTP is shown as locked. |
Step 3 |
clear application_name session
Example: switch# clear ntp session switch# |
Clears the application configuration session and releases the lock on the fabric. All pending changes are discarded. |
Step 4 |
show application_name status
Example: switch# show ntp status Distribution : Enabled Last operational state: No session switch#
|
Shows the current application state. This example shows that the lock is removed from the NTP application. |
Discarding a Configuration
You can discard configuration changes and release the lock.
Caution
If you discard configuration changes, the application flushes the pending database and releases locks in the fabric.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
1. application_name abort
2. show application_name session status
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t switch(config)# |
Places you in global configuration mode. |
Step 2 |
switch(config)# application_name abort y
Example:
switch(config)# no cfs distribute
This will prevent CFS from distributing the
configuration to other switches.
Are you sure? (y/n) [n] y
|
Aborts the application configuration after requesting confirmation. In this case, the NTP configuration is aborted, the changes to the configuration are discarded, the CFS session is closed, and the fabric lock is released. Note The abort command is supported only on the device where the fabric lock is acquired. |
Step 3 |
show application_name session status
Example: switch(config)# show ntp session status Last Action Time Stamp : Wed Nov 12 16:07:25 2008 Last Action : Abort Last Action Result : Success Last Action Failure Reason : none switch(config)#
|
(Optional) For the specified application, displays the CFS session status. In this example, the output shows that the CFS session was aborted. |
Disabling CFS Distribution Globally
You can disable CFS distribution for a device, isolating the applications using CFS from fabric-wide distributions while maintaining physical connectivity.
When CFS is globally disabled on a device, CFS operations are restricted to the device and all CFS commands continue to function as if the device were physically isolated.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. config t
2. no cfs distribute
3. show cfs status
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t
Example: switch# config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# |
Places you in global configuration mode. |
Step 2 |
switch(config)# no cfs distribute
Example:
switch(config)# no cfs distribute
This will prevent CFS from distributing the
configuration to other switches.
Are you sure? (y/n) [n] y
switch(config)# |
Globally disables CFS distribution for all applications on the device. Note If the virtual port channel (vPC) feature is enabled, then only IP distribution is disabled. You must first disable vPC before you can disable CFS distribution. |
Step 3 |
show cfs status
Example: switch(config)# show cfs status Distribution : Enabled Distribution over IP : Disabled IPv4 multicast address : 239.255.70.83 Distribution over Ethernet : Disabled switch(config)#
|
(Optional) Displays the global CFS distribution status (enabled/disabled) for the device. |
Step 4 |
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration. |
Verifying the CFS Configuration
To display the CFS configuration information, perform one of the following tasks:
|
|
show cfs application |
Displays the applications that are currently CFS- enabled. |
show cfs application name |
Displays the details for a particular application, including enabled/disabled state, timeout as registered with CFS, merge capability if registered with CFS for merge support, distribution scope, and distribution region. |
show application_name session status |
Displays the configuration session status, including the last action, the result, and the reason if there was a failure. |
show cfs internal |
Displays information internal to CFS including memory statistics, event history, and so on. |
show cfs lock |
Displays all active locks. |
show cfs merge status name [detail] |
Displays the merge status for a given application. |
show cfs peers |
Displays all the peers in the physical fabric |
show cfs regions |
Displays all the applications with peers and region information. |
show cfs static |
Displays the status of all static peers. |
show cfs status |
Displays the status of CFS distribution on the device as well as IP distribution information. |
show logging level cfs |
Displays the CFS logging configuration. |
show tech-support cfs |
Displays information about the CFS configuration required by technical support when resolving a CFS issue. |
Default Settings
Table 2-2 lists the default settings for CFS parameters.
Table 2-2 Default CFS Parameters
|
|
CFS distribution on the device |
Enabled |
CFS over IP |
Disabled |
IPv4 multicast address |
239.255.70.83 |
Additional References
For additional information, see the following sections:
•Related Documents
•MIBs
Related Documents
|
|
CFS CLI commands |
Cisco Nexus 7000 Series NX-OS System Management Command Reference |
CFS configuration for Call Home |
Configuring Smart Call Home, page 6-1 |
VDCs and VRFs |
Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 4.x |
CFS configuration for TACACS+ |
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.x |
CFS configuration for RADIUS |
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.x |
CFS configuration for roles |
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.x |
MIBs
Feature History for CFS
This section provides the CFS release history.
|
|
|
CFS protocol |
4.1(2) |
This feature was introduced. |