Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 4.0
Creating VDCs
Download this chapter
Creating VDCsCreating VDCs
Download the complete book
Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Version 4.0Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Version 4.0 (PDF - 1 MB)
give_us_feedback

Table Of Contents

Creating VDCs

Information About Creating VDCs

VDC Resource Templates

High-Availability Policies

Allocating Interfaces

VDC Management Connections

Initializing a New VDC

Licensing Requirements for VDCs

Prerequisites for Creating VDCs

Guidelines and Limitations

Process for Creating VDCs

Creating VDCs

Initializing a VDC

Verifying the VDC Configuration

Example VDC Creation and Initialization

Example VDC Configurations

Example Running Configuration From the Default VDC

Example Running Configuration From a Nondefault VDC

Default Settings

Additional References

Related Documents

Feature History for Creating VDCs


Creating VDCs

This chapter describes how to create virtual device contexts (VDCs) on NX-OS devices.

This chapter includes the following sections:

Information About Creating VDCs

Licensing Requirements for VDCs

Prerequisites for Creating VDCs

Guidelines and Limitations

Creating VDCs

Initializing a VDC

Verifying the VDC Configuration

Example VDC Creation and Initialization

Example VDC Configurations

Default Settings

Additional References

Feature History for Creating VDCs

Information About Creating VDCs

In Cisco NX-OS, only a user with the network-admin role can create VDCs. You can create up to three VDCs.

This section includes the following topics:

VDC Resource Templates

High-Availability Policies

Allocating Interfaces

VDC Management Connections

Initializing a New VDC

VDC Resource Templates

VDC resource templates describe the minimum and maximum resources that the VDC can use. If you do not specify a VDC resource template when you create a VDC, the NX-OS software uses the default template, vdc-default. Table 3-1 and Table 3-2 list the default VDC resource template limits.

Table 3-1 Default VDC Resource Template Limits for Cisco NX-OS Release 4.0(1a) and Earlier Releases

Resource
Minimum
Maximum

IPv4 route memory1

8

256

IPv6 route memory1

4

256

Port channels

0

256

SPAN sessions

0

2

VLANs

16

4094

VRFs2

16

8192

1 Route memory limits are in megabytes.

2 VRFs = virtual routing and forwarding instances


Table 3-2 Default VDC Resource Template Limits for Cisco NX-OS Release 4.0(2) and Later Releases

Resource
Minimum
Maximum

IPv4 route memory1

8

320

IPv6 route memory1

4

192

Port channels

0

256

SPAN sessions

0

2

VLANs

16

4094

VRFs

16

8192

1 Route memory limits are in megabytes.


Note You can have a maximum of two SPAN monitoring sessions on your physical device.

For information about configuring VDC resource templates, see Chapter 2, "Configuring VDC Resource Templates."

You can change the individual resource limits after you create the VDC as follows:

Change an individual resource limit for a single VDC.

Change the resource limits in a nondefault VDC resource template and apply the template to the VDC.

For information on managing VDC resource limits after you create a VDC, see Chapter 4, "Managing VDCs."

High-Availability Policies

The high-availability (HA) policies for a VDC defines the action the NX-OS software takes when an unrecoverable VDC fault occurs.

You can specify the HA policies for single supervisor module and dual supervisor module configurations when you create the VDC. The HA policy options are as follows:

Single supervisor module configuration:

Bringdown—Puts the VDC in the failed state. To recover from the failed state, you must reload the physical device.

Reload— Reloads the supervisor module.

Restart—Takes down the VDC and recreates it using the startup configuration.

Dual supervisor module configuration:

Bringdown—Puts the VDC in the failed state. To recover from the failed state, you must reload the physical device.

Restart—Takes down the VDC and recreates it using the startup configuration.

Switchover—Initiates a supervisor module switchover.

The default HA policies for a nondefault VDC that you create is restart for a single supervisor modules configuration and switchover for a dual supervisor module configuration. The default HA policy for the default VDC is reload for a single supervisor module configuration and switchover for a dual supervisor module configuration.

For information on changing the HA policies after you create a VDC, see Chapter 4, "Managing VDCs."

Allocating Interfaces

The only physical resources that you can allocate to a VDC are the physical interfaces. You can assign an interface to only one VDC. When you move an interface from one VDC to another VDC, the interface loses all its configuration.

When you first create a VDC, you can specifically allocate interfaces to it. All interfaces initially reside in the default VDC (VDC 1). After you allocate the interfaces to a VDC, you can only view and configure them from that specific VDC. You can also remove interfaces from a VDC by moving them back to the default VDC.

Caution When you move an interface, all configuration on the interface is lost and the interfaces are in the down state.

You must be aware of the hardware architecture of your platform when allocating interfaces to a VDC. For example, the Cisco Nexus 7000 Series 32-port 10-Gbps Ethernet module (N7K-M132XP-12) requires that you assign all four interfaces in a port group to the same VDC

You can allocate the interfaces on your physical device in any combination, except for the interfaces on the Cisco Nexus 7000 Series 32-port 10-Gbps Ethernet module (N7K-M132XP-12). This module has eight port groups that consist of four interfaces each. You must you assign all four interfaces in a port group to the same VDC. Table 3-3 shows the port numbering for the port groups.

Table 3-3 Port Numbers for Port Groups on the Cisco Nexus 7000 Series 32-port 10-Gbps Ethernet Module

Port Group
Port Numbers

Group 1

1, 3, 5, 7

Group 2

2, 4, 6, 8

Group 3

9, 11, 13, 15

Group 4

10, 12, 14, 16

Group 5

17, 19, 21, 23

Group 6

18, 20, 22, 24

Group 7

25, 27, 29, 31

Group 8

26, 28, 30, 32


For more information on port groups on the Cisco Nexus 7000 Series 32-port 10-Gbps Ethernet module, see the Cisco Nexus 7000 Series Hardware Installation and Reference Guide.

For information changing the interface allocation after you create a VDC, see Chapter 4, "Managing VDCs."

VDC Management Connections

The NX-OS software provides a virtual management (mgmt 0) interface for out-of-band management of each VDC. You can configure this interface with a separate IP address that is accessed through the physical mgmt 0 interface. You also use one of the Ethernet interfaces on the physical device for in-band management. For more information on management connections, see the "VDC Management Connections" section on page 1-8.

Initializing a New VDC

A new VDC is similar to a new physical device. You must set the VDC admin user account password and perform the basic configuration to establish connectivity to the VDC.

Licensing Requirements for VDCs

The following table shows the licensing requirements for this feature:

Product
License Requirement

NX-OS

Creating nondefault VDCs requires an Advanced Services license. For a complete explanation of the NX-OS licensing scheme and how to obtain and apply licenses, see the Cisco Nexus 7000 Series NX-OS Licensing Guide, Release 4.1.

Note The NX-OS software allows a grace period to create and use nondefault VDCs without an Advanced Services license. If the grace period expires before you obtain a license, all VDC configuration is removed from the physical device.


Prerequisites for Creating VDCs

VDC creation has the following prerequisites:

You are logged on to the default VDC with a username that has the network-admin user role.

The Advance Services license is installed.

You have a name for the VDC.

You have resources available on the physical device to allocate to the VDCs.

You have an IPv4 or IPv6 address to use for configuring connectivity to the VDC.

Guidelines and Limitations

VDCs have the following guidelines and limitations:

VDCs cannot share interfaces, VLANs, VRFs, or port channels.

You can create a maximum of three VDCs on a physical device.

Only users with the network-admin role can create VDCs.

You can create VDCs only from the default VDC.

Process for Creating VDCs

To create VDCs, follow these steps:

Step 1 If necessary, create a VDC resource template (see Chapter 2, "Configuring VDC Resource Templates").

Step 2 Create the VDC and allocate interfaces (see the "Creating VDCs" section).

Note Allocating interfaces to a VDC is optional. You can allocate the interfaces after you have verified the VDC configuration. For information about allocating interface, see the "Allocating Interfaces to a VDC" section on page 4-4.

Step 3 Initialize the VDC (see the "Initializing a VDC" section).

Creating VDCs

You must create a VDC before you can use it. You can create up to three VDCs on your physical device.

Note VDC creation can take a few minutes to complete. Use the show vdc command to verify that completion of the create request.

BEFORE YOU BEGIN

Log on to the default VDC as a network administrator.

Choose a VDC resource template if you want to use resource limits other than those provided in the default VDC resource template. If there is no resource template available with the limits you want to use, see Chapter 2, "Configuring VDC Resource Templates."

SUMMARY STEPS

1. config t

2. vdc vdc-name [ha-policy {dual-sup {bringdown | restart | switchover} [single-sup {bringdown | reload | restart}]} | single-sup {bringdown | reload | restart} [dual-sup {bringdown | restart | switchover}]}] [id vdc-number] [template template-name]

3. show vdc membership

4. allocate interface ethernet slot/port

allocate interface ethernet slot/port - last-port

allocate interface ethernet slot/port, ethernet slot/port, ...

5. exit

6. show vdc

7. copy running-config startup-config

DETAILED STEPS

 
Command
Purpose

Step 1 

config t


Example:

switch# config t

switch(config)#

Enters configuration mode.

Step 2 

vdc vdc-name
[ha-policy {dual-sup {bringdown | restart | switchover} [single-sup {bringdown | reload | restart}]} | single-sup {bringdown | reload | restart} [dual-sup {bringdown | restart | switchover}]}]
[id vdc-number] [template template-name]


Example:

switch(config)# vdc admin-vdc

Creates a VDC and enters VDC configuration mode. The VDC name can be a maximum of 32 characters that are not case sensitive. The VDC name cannot begin with a number.

Valid VDC numbers range from 1 to 8. The default VDC number is the first available number.

Note VDC number 1 is reserved for the default VDC.

The default resource template is used if you do not specify one.

The ha-policy option keywords are as follows:

dual-sup:

bringdown—Puts the VDC in the failed state. To recover from the failed state, you must reload the physical device.

restart—Takes down the VDC and recreates it using the startup configuration.

switchover — Initiates a supervisor module switchover.

single-sup:

bringdown—Puts the VDC in the failed state. To recover from the failed state, you must reload the physical device.

reload — Reloads the supervisor module.

restart—Takes down the VDC and recreates it using the startup configuration.

The HA policy default for the dual-sup keyword is switchover and for the single-sup keyword is restart.

Note The vdc command for a new VDC can take a few minutes to complete depending on the amount of resources that must be reserved.

Step 3 

show vdc membership


Example:

switch(config-vdc) show vdc membership

(Optional) Displays the interface membership for the VDCs.

Step 4 

allocate interface ethernet slot/port


Example:

switch(config-vdc)# allocate interface ethernet 2/1

Moving ports will cause all config associated to them in source vdc to be removed. Are you sure you want to move the ports? [yes] yes

(Optional) Allocates one interface to the VDC.

allocate interface ethernet slot/port - last-port


Example:

switch(config-vdc)# allocate interface ethernet 2/1 - 4

Moving ports will cause all config associated to them in source vdc to be removed. Are you sure you want to move the ports? [yes] yes

(Optional) Allocates a range of interfaces on the same module to the VDC.

allocate interface ethernet slot/port, ethernet slot/port, ...


Example:

switch(config-vdc)# allocate interface ethernet 2/1, ethernet 2/3, ethernet 2/5

Moving ports will cause all config associated to them in source vdc to be removed. Are you sure you want to move the ports? [yes] yes

(Optional) Allocates a list of interfaces to the VDC.

Step 5 

exit


Example:

switch(config-vdc)# exit

switch(config)#

Exits VDC configuration mode.

Step 6 

show vdc


Example:

switch(config)# show vdc

(Optional) Displays VDC status information.

Step 7 

copy running-config startup-config


Example:

switch(config)# copy running-config startup-config

Copies the running configuration to the startup configuration.

Note After you create a VDC, you must copy the default VDC running configuration to the startup configuration so that a VDC user can copy the new VDC running configuration to the startup configuration.

Initializing a VDC

A newly created VDC is much like a new physical device. To access a VDC, you must first initialize it. The initialization process includes setting the VDC admin user account password and optionally running the setup script (see the "Example VDC Creation and Initialization" section). The setup script helps you perform basic configuration tasks such as creating more user accounts and configuring the management interface.

Note The VDC admin user account in the nondefault VDC is separate from the network admin user account in the default VDC. The VDC admin user account has its own password and user role.

BEFORE YOU BEGIN

Log on to the default VDC as a network administrator.

Obtain an IPv4 or IPv6 address for the management interface (mgmt 0) if you want to use out-of-band management for the VDC.

SUMMARY STEPS

1. switchto vdc vdc-name

2. show vdc current-vdc

DETAILED STEPS

 
Command
Purpose

Step 1 

switchto vdc vdc-name


Example:

switch# switchto vdc NewVDC

switch-NewVDC#

Switches to the VDC.

Step 2 

show vdc current-vdc


Example:

switch-NewVDC# show vdc current-vdc

(Optional) Displays the current VDC number.

Verifying the VDC Configuration

To display VDC configuration information, perform one of the following tasks:

Command
Purpose

show running-config {vdc | vdc-all}

Displays the VDC information in the running configuration. Use this command in the default VDC to display the configuration for all VDCs on the physical device.

show vdc [vdc-name] [detail]

Displays the VDC status information. Use this command in the default VDC to display the status of all VDCs.

show vdc current-vdc

Displays the current VDC number.

show vdc membership [status]

Displays the VDC interface membership information. Use this command to ensure that you move the correct interfaces to a VDC.

show vdc resource template

Displays the VDC template configuration. Use this command to verify the configuration of a VDC resource template before using it to create your VDC.


For detailed information about the fields in the output from these commands, see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Command Reference, Release 4.1.

Example VDC Creation and Initialization

The following example shows how to create and initialize a VDC: 

switch# config t

switch(config)# vdc test

switch(config-vdc)# allocate interface ethernet 2/46

Moving ports will cause all config associated to them in source vdc to be removed. Are you 
sure you want to move the ports?  [yes] yes

switch(config-vdc)# exit

switch(config)# switchto vdc test



         ---- System Admin Account Setup ----



  Enter the password for "admin":<password>

  Confirm the password for "admin":<password>


         ---- Basic System Configuration Dialog ----


This setup utility will guide you through the basic configuration of

the system. Setup configures only enough connectivity for management

of the system.


Please register Cisco Nexus7000 Family devices promptly with your

supplier. Failure to register may affect response times for initial

service calls. Nexus7000 devices must be registered to receive

entitled support services.


Press Enter at anytime to skip a dialog. Use ctrl-c at anytime

to skip the remaining dialogs.


Would you like to enter the basic configuration dialog (yes/no): yes



  Create another login account (yes/no) [n]: n


  Configure read-only SNMP community string (yes/no) [n]: n


  Configure read-write SNMP community string (yes/no) [n]: n


  Enter the switch name : Test


  Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]: 


    Mgmt0 IPv4 address : 10.10.5.5


    Mgmt0 IPv4 netmask : 255.255.254.0


  Configure the default gateway? (yes/no) [y]: y


    IPv4 address of the default gateway : 10.10.5.1


  Configure advanced IP options? (yes/no) [n]: 


  Enable the telnet service? (yes/no) [y]: 


  Enable the ssh service? (yes/no) [n]: y


    Type of ssh key you would like to generate (dsa/rsa/rsa1) : rsa


    Number of  key bits <768-2048> : 768


  Configure the ntp server? (yes/no) [n]: 


  Configure default switchport interface state (shut/noshut) [shut]:


  Configure default switchport trunk mode (on/off/auto) [on]:


The following configuration will be applied:

  switchname Test

interface mgmt0

ip address 10.10.5.5 255.255.254.0

no shutdown

exit

vrf context management

ip route 0.0.0.0/0 10.10.5.1

exit

  telnet server enable

  ssh key rsa 768 force

  ssh server enable

  system default switchport shutdown

  system default switchport trunk mode on


Would you like to edit the configuration? (yes/no) [n]: 


Use this configuration and save it? (yes/no) [y]: 


[########################################] 100%


Cisco Data Center Operating System (NX-OS) Software

TAC support: http://www.cisco.com/tac

Copyright (c) 2002-2007, Cisco Systems, Inc. All rights reserved.

The copyrights to certain works contained herein are owned by

other third parties and are used and distributed under license.

Some parts of this software may be covered under the GNU Public

License or the GNU Lesser General Public License. A copy of

each such license is available at

http://www.gnu.org/licenses/gpl.html and

http://www.gnu.org/licenses/lgpl.html

switch-test# exit

switch#

Example VDC Configurations

This section includes the following topics:

Example Running Configuration From the Default VDC

Example Running Configuration From a Nondefault VDC

Example Running Configuration From the Default VDC

The following example shows a nondefault VDC configuration from the running configuration of the default VDC: 

vdc payroll id 2

  limit-resource vlan minimum 16 maximum 4094

  limit-resource monitor-session minimum 0 maximum 2

  limit-resource vrf minimum 16 maximum 8192

  limit-resource port-channel minimum 0 maximum 192

  limit-resource u4route-mem minimum 8 maximum 80

  limit-resource u6route-mem minimum 4 maximum 48

Example Running Configuration From a Nondefault VDC

The following example shows the initial running configuration from a nondefault VDC: 

version 4.0(1)

username admin password 5 $1$/CsUmTw5$/.3SZpb8LRsk9HdWAsQ501  role vdc-admin

telnet server enable

ssh key rsa 768 force

aaa group server radius aaa-private-sg

    use-vrf management

snmp-server user admin vdc-admin auth md5 0x061d8e733d8261dfb2713a713a95e87c priv 
0x061d8e733d8261dfb2713a713a95e87c localizedkey

vrf context management

  ip route 0.0.0.0/0 10.10.5.1


interface Ethernet2/46


interface mgmt0

  ip address 10.10.5.5/23

Default Settings

Table 3-4 lists the default settings for VDC parameters.

Table 3-4 Default VDC Parameters 

Parameters
Default

HA policy for single supervisor module configurations

Reload for the default VDC

Restart for nondefault VDCs

HA policy for dual supervisor module configurations

Switchover

VDC ID

First available

Interface allocation

None


Additional References

For additional information related to creating VDC, see the following sections:

Related Documents

Related Documents

Related Topic
Document Title

DCNM Licensing

Cisco Nexus 7000 Series NX-OS Licensing Guide, Release 4.1

Cisco Nexus 7000 Series 32-port 10-Gbps Ethernet module

Cisco Nexus 7000 Series Hardware Installation and Reference Guide

Command reference

Cisco Nexus 7000 Series NX-OS Virtual Device Context Command Reference, Release 4.1


Feature History for Creating VDCs

Table 3-5 lists the release history for this feature.

Table 3-5 Feature History for Creating VDCs 

Feature Name
Releases
Feature Information

IPv4 unicast route memory resource

4.0(2)

Changed the default maximum value from 256 to 320.

IPv6 unicast route memory resource

4.0(2)

Changed the default maximum value from 256 to 192.