The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes the Cisco Nexus 1000V commands that begin with the letter S.
To send a message to an open session, use the send command.
send {message | session message}
message |
Message. The message has a maximum length of one line. |
session |
Specifies a specific session. |
None
Any
network-admin
network-operator
This example shows how to send a message to an open session:
n1000v# send session sessionOne testing
n1000v#
|
|
---|---|
show banner |
Displays a banner. |
To configure the Remote Access Dial-In User Service (RADIUS) server as a member of the RADIUS server group, use the server command. To remove a server, use the no form of this command.
server {ipv4-address | server-name}
no server {ipv4-address | server-name}
ipv4-address |
IPV4 address of the RADIUS server. |
server-name |
RADIUS server name. The name is alphanumeric, case sensitive, and has a maximum of 256 characters. |
None
Radius configuration (config-radius)
network-admin
This example shows how to configure the RADIUS server as a member of the RADIUS server group:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# aaa group server radius RadServer
n1000v(config-radius)# server 10.10.1.1
n1000v(config-radius)#
This example shows how to remove the server configuration:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# aaa group server radius RadServer
n1000v(
config)#
no server 10.10.1.1
To configure a service policy for an interface, use the service-policy command. To remove the service policy configuration, use the no form of this command.
service-policy {input name [no-stats] | output name [no-stats] | type qos {input name [no-stats] | output name [no-stats]}}
no service-policy {input name [no-stats] | output name [no-stats] | type qos {input name [no-stats] | output name [no-stats]}}
None
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
This example shows how to add an input QoS service policy called sp10 to virtual Ethernet interface 10 with no statistics:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface vethernet 10
n1000v(config-if)# service-policy type qos input sp10 no-stats
n1000v(config-if)#
This example shows how to remove the input QoS service policy called sp10 with no statistics from
virtual Ethernet interface 10:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface vethernet 10
n1000v(config-if)# no service-policy type qos input sp10 no-stats
n1000v(config-if)#
To limit the number of virtual shell (VSH) sessions, use the session-limit command. To remove the limit, use the no form of this command.
session-limit number
no session-limit number
number |
Number of VSH sessions. The range is from 1 to 64 |
No limit is set.
Line configuration (config-line)
network-admin
This example shows how to limit the number of VSH sessions:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# line vty
n1000v(config-line)# session-limit 10
n1000v(config-line)#
This example shows how to remove the limit:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# line vty
n1000v(config-line)# no session-limit 10
n1000v(config-line)#
To set quality of service (QoS) class attributes, use the set command. To remove class attributes, use the no form of this command.
set {{cos cos-value} | {dscp [tunnel] {dscp-value}} | {precedence [tunnel] {prec-value}} | {discard-class dis-class-val} | {qos-group qos-grp-val} | {{{cos cos} | {dscp dscp} | {precedence precedence} | {discard-class discard-class}} table table-map-name} | {cos1 {{dscp table cos-dscp-map} | {precedence table cos-precedence-map} | {discard-class table cos-discard-class-map}}} | {dscp1 {{cos table dscp-cos-map} | {prec3 table dscp-precedence-map} | {dis-class3 table dscp-discard-class-map}}} | {prec1 {{cos3 table precedence-cos-map} | {dscp3 table precedence-dscp-map} | {dis-class3 table precedence-discard-class-map}}} | {dis-class1 {{cos3 table discard-class-cos-map} | {dscp3 table discard-class-dscp-map} | {prec3 table discard-class-precedence-map}}}}
no set{{cos cos-value} | {dscp [tunnel] {dscp-value}} | {precedence [tunnel] {prec-value}} | {discard-class dis-class-val} | {qos-group qos-grp-val} | {{{cos cos} | {dscp dscp} | {precedence precedence} | {discard-class discard-class}} table table-map-name} | {cos1 {{dscp table cos-dscp-map} | {precedence table cos-precedence-map} | {discard-class table cos-discard-class-map}}} | {dscp1 {{cos table dscp-cos-map} | {prec3 table dscp-precedence-map} | {dis-class3 table dscp-discard-class-map}}} | {prec1 {{cos3 table precedence-cos-map} | {dscp3 table precedence-dscp-map} | {dis-class3 table precedence-discard-class-map}}} | {dis-class1 {{cos3 table discard-class-cos-map} | {dscp3 table discard-class-dscp-map} | {prec3 table discard-class-precedence-map}}}}}
None
Policy map class configuration (config-pmap-c-qos)
network-admin
This example shows how to set class attributes:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
policy-map pm1
n1000v(config-pmap-qos)# class class-default
n1000v(config-pmap-c-qos)# set qos-group 1
n1000v(config-pmap-c-qos)#
This example shows how to remove class attributes:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# policy-map pm1
n1000v(config-pmap-qos)# class class-default
n1000v(config-pmap-c-qos)# no set qos-group 1
n1000v(config-pmap-c-qos)#
|
|
---|---|
show policy-map |
Displays policy maps. |
To use the Basic System Configuration Dialog (BSCD) for creating or modifying a configuration file, use the setup command.
setup
This command has no arguments or keywords, but the BSCD prompts you for complete setup information (see the example below).
None
Any
network-admin
The BSCD assumes the factory defaults.
All changes made to your configuration are summarized for you at the completion of the setup sequence with an option to save the changes or not.
You can exit the setup sequence at any point by pressing Ctrl-C.
This example shows how to create or modify a basic system configuration:
n1000v# setup
Enter the domain id<1-1023>: 400
Enter HA role[standalone/primary/secondary]: standalone
[########################################] 100%
---- Basic System Configuration Dialog ----
This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
*Note: setup is mainly used for configuring the system initially,
when no configuration is present. So setup always assumes system
defaults and not the current system configuration values.
Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.
Would you like to enter the basic configuration dialog (yes/no): y
Create another login account (yes/no) [n]: n
Configure read-only SNMP community string (yes/no) [n]: n
Configure read-write SNMP community string (yes/no) [n]: n
Enter the switch name : n1000v
Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]:
Mgmt0 IPv4 address :
Configure the default gateway? (yes/no) [y]: n
Configure advanced IP options? (yes/no) [n]:
Enable the telnet service? (yes/no) [y]:
Enable the ssh service? (yes/no) [n]:
Configure the ntp server? (yes/no) [n]:
Configure vem feature level? (yes/no) [n]:
The following configuration will be applied:
switchname n1000v telnet server enable no feature ssh feature http-server svs-domain no control vlan no packet vlan svs mode L3 interface mgmt0 domain id 400
vlan 400
vlan 405
Would you like to edit the configuration? (yes/no) [n]:
Use this configuration and save it? (yes/no) [y]: n
n1000v#
|
|
---|---|
show running-config |
Displays the running configuration. |
To shut down switching on a VLAN, use the shutdown command. To turn on switching, use the no form of this command.
shutdown
no shutdown
This command has no arguments or keywords.
no shutdown
VLAN configuration (config-vlan)
network-admin
You cannot shut down the default VLAN, VLAN1, or VLANs 1006 to 4094.
This example shows how to shut down switching on VLAN 10:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# vlan 10
n1000v(config-vlan)# shutdown
n1000v(config-vlan)#
This example shows how to turn on switching on VLAN 10:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# vlan 10
n1000v(config-vlan)# no shutdown
n1000v(config-vlan)#
|
|
---|---|
show vlan |
Displays VLAN information. |
To disable an interface, use the shutdown command. To enable an interface, use the no form of this command.
shutdown [force]
no shutdown [force]
force |
(Optional) Administratively enables or disables an interface. |
No shutdown
Interface configuration (config-if)
network-admin
This command shuts down the interface. No traffic passes and the interface displays as administratively down.
This example shows how to administratively disable Ethernet interface 3/1:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface ethernet 3/1
n1000v(config-if)# shutdown
n1000v(config-if)#
This example shows how to administratively enable Ethernet interface 3/1:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface ethernet 3/1
n1000v(config-if)# no shutdown
n1000v(config-if)#
To disable all ports in a port profile, use the shutdown command. To enable ports in a port profile, use the no form of this command.
shutdown [force]
no shutdown [force]
force |
(Optional) Administratively enables or disables all ports in the profile. |
all ports administratively disabled
Port profile configuration (config-port-prof)
network-admin
This command administratively disables all ports in the profile. No traffic passes and the ports display as administratively down.
This example shows how to administratively enable all ports in the TrunkProf port profile:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# port-profile TrunkProf
n1000v(config-port-prof)# no shutdown
n1000v(config-port-prof)#
This example shows how to administratively disable all ports in the TrunkProf port profile:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# port-profile TrunkProf
n1000v(config-port-prof)# shutdown
n1000v(config-port-prof)#
|
|
---|---|
port-profile |
Creates a port profile configuration. |
show port-profile name |
Displays the named port profile configuration. |
To set a sleep time, use the sleep command.
sleep time
time |
Sleep time. The range is from 0 to 2147483647 seconds. |
Sleep time is not set.
Any
network-admin
network-operator
When you set time to 0, sleep is disabled.
This example shows how to set a sleep time:
n1000v#
sleep 100
n1000v#
This example shows how to disable sleep:
n1000v#
sleep 0
n1000v#
To configure how long the accounting, authorization, and authentication (AAA) synchronized user configuration stays in the local cache, use the snmp-server aaa-user cache-timeout command. To revert back to the default value of 3600 seconds, use the no form of this command.
snmp-server user aaa-user cache-timeout seconds
no snmp-server user aaa-user cache-timeout seconds
seconds |
Length of the time for the user configuration to remain in the local cache. The range is from 1 to 86400 seconds. |
The default timeout is 3600 seconds.
Global configuration (config)
network-admin
This example shows how to configure the AAA synchronized user configuration to stay in the local cache for 1200 seconds:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)# snmp-server aaa-user cache-timeout 1200
This example shows how to revert back to the default value of 3600 seconds:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no snmp-server aaa-user cache-timeout 1200
To create an Simple Network Management Protocol (SNMP) community string, use the snmp-server community command. To remove the community, use the no form of this command.
snmp-server community string [group group-name] [ro | rw | use-acl acl-name]
no snmp-server community string [group group-name] [ro | rw | use-acl acl-name]
None
Global configuration (config)
network-admin
You can create SNMP communities for SNMPv1 or SNMPv2c.
This example shows how to configure read-only access for the SNMP community called public:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)# snmp-server community public ro
This example shows how to remove the SNMP community called public:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no snmp-server community public
To configure the sysContact, which is the Simple Network Management Protocol (SNMP) contact name, use the snmp-server contact command.
To remove or modify the sysContact, use the no form of this command.
snmp-server contact [name]
no snmp-server contact [name]
name |
(Optional) SNMP contact name (sysContact), which can contain a maximum of 32 characters. |
None
Global configuration (config)
network-admin
You can create SNMP communities for SNMPv1 or SNMPv2c.
This example shows how to configure the sysContact to be Admin:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)# snmp-server contact Admin
This example shows how to remove the sysContact:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no snmp-server contact
To enforce Simple Network Management Protocol (SNMP) message encryption for all users, use the snmp-server globalEnforcePriv command.
snmp-server globalEnforcePriv
This command has no arguments or keywords.
None
Global configuration (config)
network-admin
This example shows how to enforce SNMP message encryption for all users:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
snmp-server globalEnforcePriv
To configure a host receiver for Simple Network Management Protocol Version 1 (SNMPv1) or SNMPv2c traps, use the snmp-server host command. To remove the host, use the no form of this command.
snmp-server host ip-address {traps | informs}{version {1 | 2c | 3}} [auth | noauth | priv] community [udp_port number]
no snmp-server host ip-address {traps | informs} {version {1 | 2c | 3}} [auth | noauth | priv] community [udp_port number]
None
Global configuration (config)
network-admin
This example shows how to configure the host receiver, 192.0.2.1, for SNMPv1 traps:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# snmp-server host 192.0.2.1 traps version 1 public
This example shows how to remove the configuration:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no snmp-server host 192.0.2.1 traps version 1 public
To configure the sysLocation, which is the Simple Network Management Protocol (SNMP) location name, use the snmp-server location command.
To remove the sysLocation, use the no form of this command.
snmp-server location [name]
no snmp-server location [name]
name |
(Optional) SNMP location name (sysLocation). The name can contain a maximum of 32 characters. |
None
Global configuration (config)
network-admin
This example shows how to configure the sysLocation to be Lab-7:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)# snmp-server location Lab-7
This example shows how to remove the sysLocation:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no snmp-server location
To enable Simple Network Management Protocol (SNMP) protocol operations, use the snmp-server protocol enable command. To disable SNMP protocol operations, use the no form of this command.
snmp-server protocol enable
no snmp-server protocol enable
This command has no arguments or keywords.
This command is enabled by default.
Global configuration (config)
network-admin
This example shows how to enable SNMP protocol operations:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
snmp-server protocol enable
This example shows how to disable SNMP protocol operations:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
no snmp-server protocol enable
To enable authentication for Simple Network Management Protocol (SNMP) over TCP, use the snmp-server tcp-session command. To disable authentication for SNMP over TCP, use the no form of this command.
snmp-server tcp-session [auth]
no snmp-server tcp-session
auth |
(Optional) Enables one-time authentication for SNMP over the entire TCP session (rather than on a per-command basis). |
This command is disabled by default.
Global configuration (config)
network-admin
This example shows how to enable one-time authentication for SNMP over TCP:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
snmp-server tcp-session auth
This example shows how to disable one-time authentication for SNMP over TCP:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
no snmp-server tcp-session
To define a user who can access the Simple Network Management Protocol (SNMP) engine, use the snmp-server user command. To deny a user access to the SNMP engine, use the no form of this command.
snmp-server user name [auth {md5 | sha} passphrase-1 [priv [aes-128] passphrase-2] [engineID id] [localizedkey]]
no snmp-server user name
None
Global configuration (config)
network-admin
This example shows how to provide one-time SNMP authorization for the user, Admin, using the HMAC SHA algorithm for authentication:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)# snmp-server user Admin auth sha abcd1234 priv abcdefgh
This example shows how to deny a user access to the SNMP engine:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no snmp-server user Admin
To enable Simple Network Management Protocol (SNMP) link-state traps for the interface, use the snmp trap link-status command. To disable SNMP link-state traps for the interface, use the no form of this command.
snmp trap link-status
no snmp trap link-status
This command has no arguments or keywords.
None
CLI interface configuration (config-if)
network-admin
This command is enabled by default.
This example shows how to enable SNMP link-state traps for the interface:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface veth 2
n1000v(config-if)# snmp trap link-status
n1000v(config-if)#
This example shows how to disable SNMP link-state traps for the interface:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface veth 2
n1000v(config-if)# no snmp trap link-status
n1000v(config-if)#
To specify a source interface for reaching a Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access Control System Plus (TACACS+) server group, use the source-interface command. To remove the source interface, use the no form of this command.
source-interface interface-type interface-id
no source-interface
None
RADIUS server group configuration (config-radius)
TACACS+ server group configuration (config-tacacs+)
network-admin
This example shows how to specify source interface mgmt0 to reach the RADIUS server for the RadServer RADIUS server group:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# aaa group server radius RadServer
n1000v(
config-radius)#
source-interface mgmt0
n1000v(
config-radius)#
This example shows how to remove the source interface from the configuration:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# aaa group server radius RadServer
n1000v(
config-radius)#
no source-interface
n1000v(
config-radius)#
To configure the port(s) in a Encapsulated Remote Switch Port Analyzer (ERSPAN) session to act as a source(s) for copied packets, use the source interface command. To remove the source interface, use the no form of this command.
source interface {ethernet slot/chassis_num / port/slot_num | port-channel number | vethernet veth-number}
no source interface {ethernet slot/chassis_num / port/slot_num | port-channel number | vethernet veth-number}
None
ERSPAN monitor configuration (config-monitor)
network-admin
ERSPAN source ports must already be configured as either access or trunk ports.
ERSPAN sessions are created in the shut state by default.
When you create a ERSPAN session that already exists, any additional configuration is added to that session. To make sure the session is cleared of any previous configuration, you can delete the session first by using the no monitor session command.
This example shows how to configure ethernet interfaces 2/5 and 3/7 in a ERSPAN session to act as a source for copied packets:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
monitor session 8
n1000v(config-monitor)#
source interface ethernet 2/5, ethernet 3/7
This example shows how to remove the ERSPAN configuration from source ethernet interface 2/5:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
monitor session 8
n1000v(config-monitor)#
no source interface ethernet 2/5
To configure the port(s) in a Switch Port Analyzer (SPAN) session to act as a source for copied packets, use the source interface command. To remove the source interface, use the no form of this command.
source interface {ethernet slot/chassis_num / port/slot_num | port-channel number | vethernet veth-number}
no source interface {ethernet slot/chassis_num / port/slot_num | port-channel number | vethernet veth-number}
None
SPAN monitor configuration (config-monitor)
network-admin
SPAN source ports must already be configured as either access or trunk ports.
SPAN sessions are created in the shut state by default.
When you create a SPAN session that already exists, any additional configuration is added to that session. To make sure the session is cleared of any previous configuration, you can delete the session first by using the no monitor session command.
This example shows how to configure ethernet interfaces 2/5 and 3/7 in a SPAN session to act as a source for copied packets:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
monitor session 8
n1000v(config-monitor)#
source interface ethernet 2/5, ethernet 3/7
This example shows how to remove the SPAN configuration from source ethernet interface 2/5:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)#
monitor session 8
n1000v(config-monitor)#
no source interface ethernet 2/5
To add an interface to a flow exporter that designates it as the source for NetFlow flow records, use the source command. To remove the source interface from the flow exporter, use the no form of this command.
source lc-exp0
no source lc-exp0
mgmt 0 |
Adds the mgmt 0 interface to the flow exporter. |
None
NetFlow flow exporter configuration (config-flow-exporter)
network-admin
The mgmt0 interface is the only interface that can be added to the flow exporter.
This example shows how to add source management interface 0 to the ExportTest flow exporter:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# flow exporter ExportTest
n1000v(config-flow-exporter)# source lc-exp0
This example shows how to remove source management interface 0 from the ExportTest flow exporter:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# flow exporter ExportTest
n1000v(config-flow-exporter)# no source lc-exp0
To set the speed for an interface, use the speed command. To automatically set both the speed and duplex parameters to auto, use the no form of this command.
speed {10 | 100 | 1000 | auto [10 [100 [1000]]]}
no speed {10 | 100 | 1000 | auto [10 [100 [1000]]]}
None
Interface configuration (config-if)
network-admin
If you configure an Ethernet port speed to a value other than auto (for example, 10, 100, or 1000 Mbps), you must configure the connecting port to match. Do not configure the connecting port to negotiate the speed.
This example shows how to set the speed of Ethernet port 1 on the module in slot 3 to 1000 Mbps:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface ethernet 2/1
n1000v(config-if)# speed 1000
This example shows how to automatically set the speed to auto:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface ethernet 2/1
n1000v(config-if)# no speed 1000
To create a Secure Shell (SSH) session, use the ssh command.
ssh [username@]{ipv4-address | hostname} [vrf vrf-name]
Default VRF
Any
network-admin
The Cisco Nexus 1000V software supports SSH version 2.
This example shows how to start an SSH session:
n1000v# ssh 10.10.1.1 vrf management
The authenticity of host '10.10.1.1 (10.10.1.1)' can't be established.
RSA key fingerprint is 9b:d9:09:97:f6:40:76:89:05:15:42:6b:12:48:0f:d6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.1.1' (RSA) to the list of known hosts.
User Access Verification
Password:
|
|
---|---|
clear ssh session |
Clears SSH sessions. |
feature ssh |
Enables the SSH server. |
To generate the key pair for the switch, which is used if the Secure Shell (SSH) server is enabled, use the ssh key command. To remove the SSH server key, use the no form of this command.
ssh key {dsa [force] | rsa [length [force]]}
no ssh key [dsa | rsa]
1024-bit length
Global configuration (config)
network-admin
The Cisco Nexus 1000V software supports SSH version 2.
If you want to remove or replace an SSH server key, you must first disable the SSH server using the no feature ssh command.
This example shows how to create an SSH server key using DSA:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# ssh key dsa
generating dsa key(1024 bits).....
..
generated dsa key
This example shows how to create an SSH server key using RSA with the default key length:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# ssh key rsa
generating rsa key(1024 bits).....
.
generated rsa key
This example shows how to create an SSH server key using RSA with a specified key length:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# ssh key rsa 768
generating rsa key(768 bits).....
.
generated rsa key
This example shows how to replace an SSH server key using DSA with the force option:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no feature ssh
n1000v(config)# ssh key dsa force
deleting old dsa key.....
generating dsa key(1024 bits).....
.
generated dsa key
n1000v(config)# feature ssh
This example shows how to remove the DSA SSH server key:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no feature ssh
XML interface to system may become unavailable since ssh is disabled
n1000v(config)# no ssh key dsa
n1000v(config)# feature ssh
This example shows how to remove all SSH server keys:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no feature ssh
XML interface to system may become unavailable since ssh is disabled
n1000v(config)# no ssh key
n1000v(config)# feature ssh
|
|
---|---|
feature ssh |
Enables the SSH server. |
show ssh key |
Displays the SSH server key information. |
To set the operational state of a port profile, use the state command.
state enabled
enabled |
Enables or disables the port profile. |
Disabled
Port profile configuration (config-port-prof)
network-admin
This example shows how to enable or disable the operational state of a port profile:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# port-profile testprofile
n1000v(config-port-prof)# state enabled
n1000v(config-port-prof)#
|
|
---|---|
show port-profile |
Displays port profile information. |
To configure subgroup IDs for Ethernet member ports of vPC-HM, use the sub-group-id command. To remove the subgroup IDs, use the no form of this command.
sub-group-id group_id
no sub-group-id
group_id |
Subgroup ID number. The range is from 0 to 31. |
None
Interface configuration (config-if)
network-admin
This example shows how to configure an Ethernet member port on subgroup 5:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface Ethernet 3/2
n1000v(config-if)# sub-group-id 1
This example shows how to remove the configuration:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface Ethernet 3/2
n1000v(config-if)# no sub-group-id
|
|
---|---|
show interface ethernet |
Displays information about Ethernet interfaces. |
To configure a software virtual switch (SVS) domain and enter the SVS domain configuration mode, use the svs-domain command.
svs-domain {control | domain | no | packet | svs | switch-guid | end | exit | pop | push | where}
None
SVS domain configuration (config-svs-domain)
network-admin
This example shows how to enter SVS domain configuration mode:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs-domain
n1000v(config-svs-domain)#
This example shows how to enter the SVS domain and show the CLI context:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs-domain
n1000v(config-svs-domain)# where
conf; svs-domain admin@n1000v
n1000v(config-svs-domain)#
|
|
---|---|
show svs |
Displays SVS information. |
To transfer licenses from a specified source Virtual Ethernet Module (VEM) to another VEM, or to transfer an unused license to the Virtual Supervisor Module (VSM) license pool, use the svs license transfer src-vem command.
svs license transfer src-vem module number [dst-vem module number | license_pool]
module-number |
Module number. The range is from 3 to 66. |
dst-vem |
(Optional) Specifies the VEM to receive the transferred license. |
license_pool |
Transfers a license back to the VSM license pool. |
None
Global configuration (config)
network-admin
Follow these guidelines:
•Licenses cannot be transferred to a VEM unless there are sufficient licenses in the pool for all CPUs on that VEM.
•When licenses are successfully transferred from one VEM to another, the following occurs:
–The virtual Ethernet interfaces on the source VEM are removed from service.
–The virtual Ethernet interfaces on the destination VEM are brought into service.
•When licenses are successfully transferred from a VEM to the VSM license pool, the virtual Ethernet interfaces on the source VEM are removed from service.
This example shows how to transfer a license from VEM 3 to VEM 5 and then display the license configuration:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs license transfer src-vem 3 dst-vem 5
n1000v(config)# show license usage NEXUS1000V_LAN_SERVICES_PKG
Application
-----------
VEM 5 - Socket 1
VEM 5 - Socket 2
VEM 4 - Socket 1
VEM 4 - Socket 2
-----------
n1000v#
This example shows how to transfer a license from VEM 3 to the VSM license pool and then display the license configuration:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs license transfer src-vem 3 license_pool
n1000v(config)# show license usage NEXUS1000V_LAN_SERVICES_PKG
Application
-----------
VEM 4 - Socket 1
VEM 4 - Socket 2
-----------
n1000v#
To enable volatile licenses so whenever a Virtual Ethernet Module (VEM) is taken out of service, its licenses are returned to the Virtual Supervisor Module (VSM) pool of available licenses, use the svs license volatile command. To disable volatile licenses, use the no form of this command.
svs license volatile
no svs license volatile
This command has no arguments or keywords.
Disabled
Global configuration (config)
network-admin
This example shows how to enable the volatile license feature for a VSM:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs license volatile
This example shows how to disable the volatile license feature for a VSM:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)#
no svs license volatile
To configure Layer 3 as the transport mode for the Virtual Supervisor Module (VSM) domain and configure the Layer 3 transport interface, use the svs mode l3 interface command.
svs mode l3 interface {mgmt0 | control0}
mgmt0 |
Specifies mgmt0 as the Layer 3 transport interface. |
control0 |
Specifies control0 as the Layer 3 transport interface. |
Layer 3 mode.
Software virtual switch (SVS) domain configuration (config-svs-domain)
network-admin
If you use mgmt0 as the Layer 3 control interface in the VSM VM, Ethernet adapters 1 and 3 are not used.
If you use control0 as the Layer 3 control interface in the VSM VM, Ethernet adapter 3 is not used.
This example shows how to configure mgmt0 as the Layer 3 transport interface for the VSM domain:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs-domain
n1000v(config-svs-domain)# svs mode l3 interface mgmt0
n1000v(config-svs-domain)#
|
|
---|---|
show svs-domain |
Displays the VSM domain configuration. |
svs-domain |
Creates and configures the VSM domain. |
To enable the Virtual Supervisor Module (VSM) to remove all manual configuration on a virtual Ethernet interface when the system administrator changes a port profile on the interface, use the svs veth auto-config-purge command. To remove this control, use the no form of this command.
svs veth auto-config-purge
no svs veth auto-config-purge
This command has no arguments or keywords.
Enabled
Global configuration (config)
network-admin
This example shows how to enable the VSM to remove all manual configuration on a virtual Ethernet interface when the system administrator changes a port profile on the interface:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs veth auto-config-purge
n1000v(config)#
This example shows how to remove the configuration:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no svs veth auto-config-purge
n1000v(config)#
To enable the Virtual Supervisor Module (VSM) to automatically delete Distributed Virtual Port (DVPorts) that are no longer used by a virtual network interface card (vNIC) or hypervisor port, use the svs veth auto-delete command. To disable this control, use the no form of this command.
svs veth auto-delete
no svs veth auto-delete
This command has no arguments or keywords.
Enabled
Global configuration (config)
network-admin
This example shows how to enable the VSM to automatically delete DVPorts that are no longer used by a vNIC or hypervisor port:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# svs veth auto-delete
n1000v(config)#
This example shows how to disable the automatic deletion of DVPorts that are no longer used by a vNIC or hypervisor port:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no svs veth auto-delete
n1000v(config)#
To enable the Virtual Supervisor Module (VSM) to automatically create a virtual Ethernet interface when a new port is activated on a host, use the svs veth auto-setup command. To remove this control, use the no form of this command.
svs veth auto-setup
no svs veth auto-setup
This command has no arguments or keywords.
Enabled
Global configuration (config)
network-admin
This example shows how to create a virtual Ethernet interface when a new port is activated on a host:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)#
svs veth auto-setup
This example shows how to remove a virtual Ethernet interface when a new port is activated on a host:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(
config)#
no svs veth auto-setup
To configure the hostname for the device, use the switchname command. To revert to the default, use the no form of this command.
switchname name
no switchname
name |
Device name. The name is alphanumeric, case-sensitive, it can contain special characters, and can have a maximum of 32 characters. |
switch
Global configuration (config)
network-admin
The Cisco Nexus 1000V software uses the hostname in command-line interface (CLI) prompts and in default configuration filenames.
The switchname command performs the same function as the hostname command.
This example shows how to configure the device hostname:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# switchname Engineering2
n1000v(config)#
This example shows how to revert to the default device hostname:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# no switchname
n1000v(config)#
|
|
---|---|
hostname |
Configures the device hostname. |
show switchname |
Displays the device hostname. |
To set the access mode of an interface, use the switchport access vlan command. To remove access mode configuration, use the no form of this command.
switchport access vlan id
no switchport access vlan
id |
VLAN identification number. The range is from 1 to 3967. |
Access mode is not set.
Interface configuration (config-if)
Network segment configuration (config-net-seg)
network-admin
Note VLAN configuration must be done only via network segments.
This example shows how to set the access mode of an interface:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment vlan_800
n1000v(config-net-seg)# switchport access vlan 800
n1000v(config-net-seg)#
This example shows how to remove the access mode configuration:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment vlan_800
n1000v(config-net-seg)# no switchport access vlan 800
n1000v(config-net-seg)#
|
|
---|---|
show interface |
Displays interface information. |
show nsm |
Displays NSM information. |
To set the port mode of an interface, use the switchport mode command. To remove the port mode configuration, use the no form of this command.
switchport mode {access | private-vlan {host {community | isolated } | primary | promiscuous}}
no switchport mode {access | private-vlan {host {community | isolated } | primary | promiscuous}}
Switchport mode is not set.
Interface configuration (config-if)
Network segment configuration (config-net-seg)
network-admin
Note VLAN/PVLAN configuration must be done only via network segments.
This example shows how to set the network segment mode to a community VLAN:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment pvlan_host
n1000v(config-net-seg)# switchport mode private-vlan host community
n1000v(config-net-seg)#
This example shows how to remove the network segment mode community VLAN:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment pvlan_host
n1000v(config-net-seg)# no switchport mode private-vlan host community
n1000v(config-net-seg)#
|
|
---|---|
show interface |
Displays interface information. |
show nsm network segment |
Displays NSM network segment information. |
To set the port mode of an uplink object, use the switchport mode command. To remove the port mode an uplink object, use the no form of this command.
switchport mode {trunk | private-vlan-trunk}
no switchport mode {trunk | private-vlan-trunk}
trunk |
Sets the uplink to stay in trunk mode even when PVLAN segment pools are present |
private-vlan |
Sets the uplink to stay in PVLAN trunk mode even when no PVLAN segment pools are present. |
Switchport mode is not set.
Uplink network configuration (config-uplink-net)
network-admin
This command forces an uplink object to stay on trunk or pvlan trunk mode irrespective of the allowed network segment pool.
This example shows how to force the uplink to stay in trunk mode even when PVLAN network segment pools are present:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network uplink pvlan
n1000v(config-uplink-net)# switchport mode trunk
n1000v(config-uplink-net)#
This example shows how to remove the uplink from trunk mode:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network uplink pvlan
n1000v(config-uplink-net)# no switchport mode trunk
n1000v(config-uplink-net)#
|
|
---|---|
show interface |
Displays interface information. |
show nsm |
Displays NSM information. |
To set the port security characteristics of an interface, use the switchport port-security command. To remove the port security configuration, use the no form of this command.
switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address {address [vlan vlan_id] | sticky} | maximum number [vlan vlan_id] | violation {protect | shutdown}]
no switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address {address [vlan vlan_id] | sticky} | maximum number [vlan vlan_id] | violation {protect | shutdown}]}
None
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
This example shows how to set the port security aging inactivity timer:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface vethernet 1
n1000v(config-if)# switchport port-security aging type inactivity
n1000v(config-if)#
This example shows how to remove the port security aging inactivity timer:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface vethernet 1
n1000v(config-if)# no switchport port-security aging type inactivity
n1000v(config-if)#
|
|
---|---|
show interface |
Displays interface information. |
show port-security |
Displays port security information. |
To define a private VLAN (PVLAN) association for an isolated or community port, use the switchport private-vlan host-association command. To remove the PVLAN association from the port, use the no form of this command.
switchport private-vlan host-association {primary-vlan-id} {secondary-vlan-id}
no switchport private-vlan host-association
None
Interface configuration (config-if)
Network segment configuration (config-net-seg)
network-admin
There is no run-time effect on the port unless it is in PVLAN host mode. If the port is in PVLAN host mode but neither of the VLANs exist, the command is allowed but the port is made inactive. The port also may be inactive when the association between the PVLANs is suspended.
The secondary VLAN may be an isolated or community VLAN.
Note PVLAN association configuration must be done only via network segments.
This example shows how to configure a host PVLAN port with a primary VLAN (VLAN 18) and a secondary VLAN (VLAN 20):+
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment pvlan_host
n1000v(config-net-seg)# switchport private-vlan host-association 18 20 n1000v(config-net-seg)#
This example shows how to remove the PVLAN association from the port:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment pvlan_host
n1000v(config-net-seg)# no switchport private-vlan host-association 18 20 n1000v(config-net-seg)#
|
|
---|---|
show nsm network segment |
Displays NSM network segment information. |
show vlan private-vlan |
Displays information about PVLANs. |
To define the private VLAN (PVLAN) association for a promiscuous port, use the switchport private-vlan mapping command. To clear all mapping from the primary VLAN, use the no form of this command.
switchport private-vlan mapping {primary-vlan-id} {[add] secondary-vlan-list | remove secondary-vlan-list}
no switchport private-vlan mapping
None
Interface configuration (config-if)
Network segment configuration (config-net-seg)
network-admin
There is no run-time effect on the port unless it is in PVLAN promiscuous mode. If the port is in PVLAN promiscuous mode but the primary VLAN does not exist, the command is allowed but the port is made inactive.
The secondary VLAN may be an isolated or community VLAN.
Note PVLAN association configuration must only be done via network segments.
This example shows how to configure the associate primary VLAN 18 to secondary isolated VLAN 20 on a private VLAN promiscuous port:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment pvlan_host
n1000v(config-net-seg)# switchport private-vlan mapping 18 20
n1000v(config-net-seg)#
This example shows how to remove the association between all PVLANs from the port:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface vethernet 1
n1000v(config-if)#
switchport private-vlan mapping 18 add 21
n1000v(config-if)#
This example shows how to remove the all PVLAN associations from the port:
n1000v#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# interface vethernet 1
n1000v(config-if)#
no switchport private-vlan mapping
n1000v(config-if)#
|
|
---|---|
show interface switchport |
Displays information about all interfaces configured as switchports. |
show nsm network segment |
Displays NSM network segment information. |
To designate the primary private VLAN, use the switchport private-vlan trunk mapping trunk command. To remove the primary private VLAN, use the no form of this command.
switchport private-vlan mapping trunk native vlan id
no switchport private-vlan mapping trunk native vlan
id |
VLAN identification number. The range is from 1 to 3967 and from 4048 to 4093. |
None
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
Note This command is auto generated by the network segmentation manager (NSM). The user should not run this command directly for configuration or any other purposes.
This example shows how to display PVLAN information:
n1000v# show running-config port-profile vic-uplink
!Command: show running-config port-profile vic-uplink
!Time: Fri May 24 03:28:00 2013
version 5.2(1)SM1(5.1)
port-profile type ethernet vic-uplink
inherit port-profile vmdata-vpc-mac
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 255 256-257
switchport private-vlan mapping trunk 258 259
switchport private-vlan trunk allowed vlan 240-254,280
switchport private-vlan trunk native vlan 240
no shutdown
guid 1d8703cd-40b4-4848-867d-296be908921e
max-ports 512
description NSM created profile. Do not delete.
system vlan 240,251,280
state enabled
|
|
---|---|
show nsm network segment |
Displays NSM network segment information. |
show vlan |
Displays VLAN information. |
To set the allowed VLANs when the interface is in private VLAN (PVLAN) promiscuous trunking mode, use the switchport private-vlan trunk allowed command. To clear all VLANs from the PVLAN promiscuous trunking mode, use the no form of this command.
switchport private-vlan trunk allowed vlan {vlan-ids | add vlan-ids | all | except vlan-ids | none | remove vlan-ids}
no switchport private-vlan trunk allowed vlan vlan-ids
None
Port profile configuration (config-port-prof)
Interface configuration (config-if)
network-admin
Note This command is auto generated by the network segmentation manager (NSM). The user should not run this command directly for configuration or any other purposes.
This example shows how to display PVLAN trunking information:
n1000v# show running-config port-profile vic-uplink
!Command: show running-config port-profile vic-uplink
!Time: Fri May 24 03:28:00 2013
version 5.2(1)SM1(5.1)
port-profile type ethernet vic-uplink
inherit port-profile vmdata-vpc-mac
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 255 256-257
switchport private-vlan mapping trunk 258 259
switchport private-vlan trunk allowed vlan 240-254,280
switchport private-vlan trunk native vlan 240
no shutdown
guid 1d8703cd-40b4-4848-867d-296be908921e
max-ports 512
description NSM created profile. Do not delete.
system vlan 240,251,280
state enabled
|
|
---|---|
show vlan |
Displays VLAN information. |
To set the list of allowed VLANs on the trunking interface, use the switchport trunk allowed vlan command. To allow all VLANs on the trunking interface, use the no form of this command.
switchport trunk allowed vlan {vlan-list | all | none | [add | except | remove {vlan-list}]}
no switchport trunk allowed vlan
All VLANs
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic in VLAN 1.
Note This command is auto generated by the network segmentation manager (NSM). The user should not run this command directly for configuration or any other purposes.
This example shows how to display a list of allowed VLANs on the trunking interface:
n1000v#
show running-config port-profile vic-uplink
!Command: show running-config port-profile vic-uplink
!Time: Fri May 24 03:28:00 2013
version 5.2(1)SM1(5.1)
port-profile type ethernet vic-uplink
inherit port-profile vmdata-vpc-mac
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 255 256-257
switchport private-vlan mapping trunk 258 259
switchport private-vlan trunk allowed vlan 240-254,280
switchport private-vlan trunk native vlan 240
no shutdown
guid 1d8703cd-40b4-4848-867d-296be908921e
max-ports 512
description NSM created profile. Do not delete.
system vlan 240,251,280
state enabled
|
|
---|---|
show interface switchport |
Displays the administrative and operational status of a switching (nonrouting) port. |
To configure trunking parameters on an interface, use the switchport trunk native vlan command. To remove the configuration, use the no form of this command.
switchport trunk native vlan id
no switchport trunk native vlan id
id |
VLAN identification number. The range is from 1 to 3967 and from 4048 to 4093. |
None
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
Note This command is auto generated by the network segmentation manager (NSM). The user should not run this command directly for configuration or any other purposes.
This example shows how to display trunking parameters on an interface:
n1000v# show running-config port-profile vic-uplink
!Command: show running-config port-profile vic-uplink
!Time: Fri May 24 03:28:00 2013
version 5.2(1)SM1(5.1)
port-profile type ethernet vic-uplink
inherit port-profile vmdata-vpc-mac
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 255 256-257
switchport private-vlan mapping trunk 258 259
switchport private-vlan trunk allowed vlan 240-254,280
switchport private-vlan trunk native vlan 240
no shutdown
guid 1d8703cd-40b4-4848-867d-296be908921e
max-ports 512
description NSM created profile. Do not delete.
system vlan 240,251,280
state enabled
|
|
---|---|
show vlan |
Displays VLAN information. |
To configure a network segment as a system network segment, use the system network segment command. To revert to the original network configuration , use the no form of this command.
system network segment
no system network segment
This command has no arguments or keywords.
None
Network segment configuration (config-net-seg)
network-admin
A system network segment is for ports that need to be active even when the VSM is not connected to the VEM. Typical examples are server management ports, storage ports, etc.
This example shows how to configure a network segment as a system segment:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment system_segment
n1000v(config-net-seg)# switchport access vlan 900
n1000v(config-net-seg)# system network segment
n1000v(config-net-seg)#
This example shows how to deconfigure a network segment as a system segment:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network segment system_segment
n1000v(config-net-seg)# switchport access vlan 900
n1000v(config-net-seg)# no system network segment
n1000v(config-net-seg)#
|
|
---|---|
show nsm network segment |
Displays NSM network segment information. |
To enable a system VLAN on uplink objects, use the system network uplink command. To disable a system VLAN on uplink objects , use the no form of this command.
system network uplink
no system network uplink
This command has no arguments or keywords.
None
Uplink network configuration (config-net-seg)
network-admin
The system network uplink command is used to configure system VLANs on an uplink object . This command should be enabled when system network segments are part of an uplink object
This example shows how to enable a system VLAN on an uplink object:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network uplink system_uplink
n1000v(config-uplink-net)# system network uplink
n1000v(config-uplink-net)#
This example shows how to disable a system VLAN on an uplink object:
n1000v# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
n1000v(config)# nsm network uplink system_uplink
n1000v(config-uplink-net)# no system network uplink
n1000v(config-uplink-net)#
|
|
---|---|
show nsm network uplink |
Displays NSM network uplink information. |
To configure a redundancy role for the Virtual Supervisor Module (VSM), use the system redundancy role command. To revert to the default setting, use the no form of this command.
system redundancy role {primary | secondary | standalone}
no system redundancy role {primary | secondary | standalone}
primary |
Specifies the primary redundant VSM. |
secondary |
Specifies the secondary redundant VSM. |
standalone |
Specifies no redundant VSM. |
None
EXEC
network-admin
This example shows how to configure no redundant VSM:
n1000v# system redundancy role standalone
n1000v#
|
|
---|---|
show system redundancy |
Displays the system redundancy status. |
To detect and configure storage connectivity losses, use the system storage-loss command. To disable storage loss checking, use the no form of this command.
system storage-loss {log | reboot} [time time-interval]
no system storage-loss {log | reboot} [time time-interval]
The default time interval is 30 seconds.
EXEC
network-admin
This example shows how to enable storage loss detection to be performed every 50 seconds.
n1000v# system storage-loss log time 50
n1000v#
This example shows how to disable the storage loss checking:
n1000v# no system storage-loss
|
|
---|---|
show system redundancy |
Displays the system redundancy status. |
To switch over to the standby supervisor, use the system switchover command.
system switchover
This command has no arguments or keywords.
None
EXEC
network-admin
This example shows how to switch over to the standby supervisor:
n1000v# system switchover
n1000v#
|
|
---|---|
show system redundancy |
Displays the system redundancy status. |
To add the system VLAN to a port profile, use the system vlan command. To remove the system VLAN from a port profile, use the no form of this command.
system vlan vlan-ID-list
no system vlan
vlan-ID-list |
VLAN identification number list, separated by commas. The range is from 1 to 3967 and from 4048 to 4093. |
None
Port profile configuration (config-port-prof)
network-admin
A system VLAN is used to configure and bring up physical or virtual Ethernet ports before the Virtual Supervisor Module (VSM) has established communication with the Virtual Ethernet Module (VEM).
This example shows how to display system VLAN information:
n1000v# show running-config port-profile vic-uplink
!Command: show running-config port-profile vic-uplink
!Time: Fri May 24 03:28:00 2013
version 5.2(1)SM1(5.1)
port-profile type ethernet vic-uplink
inherit port-profile vmdata-vpc-mac
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 255 256-257
switchport private-vlan mapping trunk 258 259
switchport private-vlan trunk allowed vlan 240-254,280
switchport private-vlan trunk native vlan 240
no shutdown
guid 1d8703cd-40b4-4848-867d-296be908921e
max-ports 512
description NSM created profile. Do not delete.
system vlan 240,251,280
state enabled