The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
A port profile is a collection of interface-level configuration attributes that are combined to create a port classification on the Microsoft SCVMM server. Using port profiles allows the network administrator to configure a consistent network policy on the Virtual and Physical Ethernet interfaces across all the hosts managed by the Cisco Nexus 1000V Virtual Supervisor Module .
Port profiles are created on the VSM and are published to the Microsoft SCVMM server. A port profile that is published to the Microsoft SCVMM server should be added to a port classification before it can be used.
Port profiles in Microsoft Hyper-V do not contain the network information. A network administrator creates a port profile to enable the Microsoft SCVMM administrator to create port classification. Port Classification is a combination of one or more port profiles (one per extension). When Cisco Nexus 1000V is used as a forwarding extension, you have only profile per classification since the forwarding extension can perform both filter and monitoring functions.
A VM is deployed to the virtual access layer by choosing the port classification and the VM network/VM subnet. When the VM is deployed, a port profile is dynamically created on the Cisco Nexus 1000V for each unique combination of the port classification and the VM network/VM subnet. All other VMs deployed with the same policy to this network reuse this dynamic port profile. This dynamic port profile is a combination of network isolation and network policy. When the number of VMs that use this dynamic profile goes to zero, the dynamic profile is deleted.
Use the show commands on the VSM to view the Ethernet and vEthernet port profiles. vEthernet port profiles are published to Microsoft SCVMM and the Ethernet port profiles are never published to Microsoft SCVMM.
Port profiles are not static entities but dynamic policies that can change as network needs change. Changes to active port profiles are applied to each switch port that is using the profile, which simplifies the process of applying new network policies or changing an existing policy.
You can apply the configuration from an existing port profile as the default configuration for another port profile. This process is called inheritance. The configuration of the parent is copied to and stored in the child port profile. You can also override the inheritance by configuring the attributes explicitly in the child port profile.
You can also explicitly remove port profile inheritance, so that a port profile returns to the default settings, except where there has been a direct configuration.
To maintain a consistent configuration among the interfaces in a port profile, the entire port profile configuration is applied to its member interfaces (this process is sometimes referred to as inheritance). If the entire configuration is not applied to its member interfaces, the inheritance fails and the configuration is rejected.
When you update the configuration in a port profile, its member interfaces are also updated. If the configuration fails, the port profile and its member interfaces are rolled back to the last known good configuration for the port profile.
Port profile interfaces are sectioned off and shut down when a port profile configuration is in error. This process is called an Interface Quarantine.
When an interface is quarantined, it maintains its mapping to the port profile, but is administratively shut down until you explicitly bring it up using the no shutdown command. If the port profile configuration is still in error, then the interface is again shut.
If you create a port profile with a command error, such as a private VLAN mapping error or service policy map error, and then attempt to apply this port profile to an interface, the interface shuts down. The error is not copied to the interface and a system message is generated with details of the error. In this case, you must correct the error in the port profile, return the interface to service, and apply the corrected port profile to the interface.