Configuring Session Manager
This chapter describes how to configure Session Manager on Cisco NX-OS devices.
This chapter includes the following sections:
Information About Session Manager
This section includes the following topics:
Session Manager Overview
Session Manager allows you to implement configuration changes in batch mode, using the following phases:
- Configuration session—Creates a list of commands that you want to implement in Session Manager mode.
- Validation—Provides a basic semantic check on your configuration. Cisco NX-OS returns an error if the semantic check fails on any part of the configuration.
- Verification—Verifies the configuration as a whole, based on the existing hardware and software configuration and resources. Cisco NX-OS returns an error if the configuration does not pass this verification phase.
- Commit—Cisco NX-OS verifies the complete configuration and applies the changes to the device. If a failure occurs, Cisco NX-OS reverts to the original configuration.
- Abort—Discards the configuration changes before implementation.
You can optionally end a configuration session without committing the changes. You can also save a configuration session.
High Availability
Session Manager sessions remain available after a supervisor switchover. Sessions are not persistent across a software reload.
Virtualization Support
By default, Cisco NX-OS places you in the default VDC. See the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x.
Licensing Requirements for Session Manager
|
|
Cisco NX-OS |
Session Manager requires no license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide. |
Prerequisites for Session Manager
If you configure VDCs, install the Advanced Services license and go to the specific VDC. For more information, see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x.
Make sure that you have the privilege level required to support the Session Manager commands that you plan to use.
Guidelines and Limitations
Session Manager has the following configuration guidelines and limitations:
- Session Manager supports only the ACL and QoS features.
- You can create up to 32 configuration sessions per VDC.
- You cannot issue an in-service software upgrade (ISSU) if an active session is in progress. You must commit the session, save it, or abort it before issuing an ISSU.
- You can configure a maximum of 20,000 commands across all sessions in a VDC.
- You cannot simultaneously execute configuration commands in more then one configuration session or configuration terminal mode. Parallel configurations (for example, one configuration session and one configuration terminal) may cause validation or verification failures in the configuration session.
- If an interface reloads while you are configuring that interface in a configuration session, Session Manager may accept the commands even though the interface is not present in the device at that time.
Configuring Session Manager
This section includes the following topics:
Note Be aware that the Cisco NX-OS commands may differ from Cisco IOS commands.
Creating a Session
You can create up to 32 configuration sessions.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. configure session name
2. show configuration session [ name ]
3. save location
DETAILED STEPS
|
|
|
Step 1 |
configure session name Example: switch# configure session myACLs switch(config-s)# |
Creates a configuration session and enters session configuration mode. The name can be any alphanumeric string. |
Step 2 |
show configuration session [ name ] Example: switch(config-s)# show configuration session myACLs |
(Optional) Displays the contents of the session. |
Step 3 |
save location Example: switch(config-s)# save bootflash:sessions/myACLs |
(Optional) Saves the session to a file. The location can be in bootflash:, slot0:, or volatile: |
Configuring ACLs in a Session
You can configure ACLs within a configuration session.
BEFORE YOU BEGIN
Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.
SUMMARY STEPS
1. configure session name
2. ip access-list name
3. permit protocol source destination
4. interface interface-type number
5. ip access-group name { in | out }
6. show configuration session [ name ]
DETAILED STEPS
|
|
|
Step 1 |
configure session name Example: switch# configure session myacls switch(config-s)# |
Creates a configuration session and enters session configuration mode. The name can be any alphanumeric string. |
Step 2 |
ip access-list name Example: switch(config-s)# ip access-list acl1 switch(config-s-acl)# |
Creates an ALC and enters a configuration mode for that ACL. |
Step 3 |
permit protocol source destination Example: switch(config-s-acl)# permit tcp any any |
(Optional) Adds a permit statement to the ACL |
Step 4 |
interface interface-type number Example: switch(config-s-acl)# interface e 2/1 switch(config-s-if)# |
Enters interface configuration mode |
Step 5 |
ip access-group name { in | out } Example: switch(config-s-if)# ip access-group acl1 in |
Specifies the direction of traffic the access group is applied to. |
Step 6 |
show configuration session [ name ] Example: switch(config-s)# show configuration session myacls |
(Optional) Displays the contents of the session. |
Verifying a Session
Use the following command in session mode to verify a session:
|
|
verify [ verbose ] Example : switch(config-s)# verify |
Verifies the configuration as a whole, based on the existing hardware and software configuration and resources. Cisco NX-OS returns an error if the configuration does not pass this verification. |
Committing a Session
Use the following command in session mode to commit a session:
|
|
commit [ verbose ] Example : switch(config-s)# commit |
Validates the configuration changes made in the current session and applies valid changes to the device. If the validation fails, Cisco NX-OS reverts to the original configuration. |
Saving a Session
Use the following command in session mode to save a session:
|
|
save location Example: switch(config-s)# save bootflash:sessions/myACLs |
(Optional) Saves the session to a file. The location can be in bootflash:, slot0:, or volatile:. |
Discarding a Session
Use the following command in session mode to discard a session:
|
|
abort Example : switch(config-s)# abort switch# |
Discards the configuration session without applying the changes. |
Verifying the Session Manager Configuration
To display the Session Manager configuration information, perform one of the following tasks:
|
|
show configuration session [ name ] |
Displays the contents of the configuration session. |
show configuration session status [ name ] |
Displays the status of the configuration session. |
show configuration session summary |
Displays a summary of all the configuration session. |
Configuration Example for Session Manager
This example shows how to create and commit an ACL configuration using Session Manager:
switch# configure session ACL_tcp_in
Config Session started, Session ID is 1
Enter configuration commands, one per line. End with CNTL/Z.
switch(config-s)# ip access-list ACL1
switch(config-s-acl)# permit tcp any any
switch(config)# interface e 7/1
switch(config-if)# ip access-group ACL1 in
switch# config session ACL_tcp_in
Config Session started, Session ID is 1
Enter configuration commands, one per line. End with CNTL/Z.
Additional References
For additional information related to implementing Session Manager, see the following sections:
Related Documents
|
|
Session Manager CLI commands |
Cisco Nexus 7000 Series NX-OS System Management Command Reference |
Configuration files |
Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide, Release 5.x |
VDCs |
Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x |
Standards
|
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. |
— |
Feature History for Session Manager
Table 11-1 lists the release history for this feature.
Table 11-1 Feature History for Session Manager
|
|
|
Session Manager |
5.2(1) |
No change from Release 5.1. |
Session Manager |
5.1(1) |
No change from Release 5.0. |
Session Manager |
5.0(2) |
No change from Release 4.2. |