- New and Changed Information
- Preface
- Overview
- Tools
- Installation
- Licenses
- Upgrade
- High Availability
- VSM and VEM Modules
- L3Sec
- Ports
- Port Profiles
- Port Channels and Trunking
- Layer 2 Switching
- VLANs
- Private VLANs
- NetFlow
- ACLs
- Quality of Service
- SPAN
- Multicast IGMP
- DHCP, DAI, and IPSG
- Storm Control
- System
- Before Contacting Technical Support
- Network Segmentation Manager
- VXLANs
- VDP
- Cisco TrustSec
- vCenter Plug-in
- Ethanalyzer
- 802.1X
Ports
This chapter describes how to identify and resolve problems with ports and includes the following sections:
Information About Ports
This section includes the following topics:
- Information About Interface Characteristics
- Information About Interface Counters
- Information About Link Flapping
- Information About Port Security
Information About Interface Characteristics
Before a switch can relay frames from one data link to another, you must define the characteristics of the interfaces through which the frames are received and sent. The configured interfaces can be Ethernet (physical) interfaces, virtual Ethernet interfaces, and the management interface.
Each interface has the following:
The administrative configuration does not change unless you modify it. This configuration has attributes that you can configure in administrative mode.
The operational state of a specified attribute, such as the interface speed. This state cannot be changed and is read-only. Some values might not be valid when the interface is down (such as the operation speed).
For a complete description of port modes, administrative states, and operational states, see the Cisco Nexus 1000V Interface Configuration Guide.
Information About Interface Counters
Port counters are used to identify synchronization problems. Counters can show a significant disparity between received and transmitted frames. To display interface counters, use the following command:
show interface ethernet slot number counters
See Example 9-11 on page 9-14 .
Values stored in counters can be meaningless for a port that has been active for an extended period. Clearing the counters provides a better idea of the actual link behavior at the present time. Create a baseline first by clearing the counters.
Information About Link Flapping
When a port continually goes up and down, it is said to be flapping, or link flapping. When a port is flapping, it cycles through the following states, in this order, and then starts over again:
1. Initializing—The link is initializing.
2. Offline—The port is offline.
3. Link failure or not connected—The physical layer is not operational and there is no active device connection.
To troubleshoot link flapping, see the “Information About Link Flapping” section.
Information About Port Security
The port security feature allows you to secure a port by limiting and identifying the MAC addresses that can access the port. Secure MAC addresses can be manually configured or dynamically learned.
For detailed information about port security, see the Cisco Nexus 1000V Security Configuration Guide.
|
|
---|---|
To troubleshoot problems with port security, see the following:
Port Diagnostic Checklist
Use the following checklist to diagnose port interface activity.
For more information about port states, see the Cisco Nexus 1000V Interface Configuration Guide.
|
|
|
---|---|---|
See Example 9-1 on page 9-11 . |
||
See Example 9-3 on page 9-12 . |
||
On vSphere Client connected to vCenter Server, verify that the required port profiles are assigned to the physical NICs and the virtual NICs. |
||
See Example 9-8 on page 9-13 . |
||
Problems with Ports
This section includes possible causes and solutions for the following symptoms:
- Cannot Enable an Interface
- Port Link Failure or Port Not Connected
- Link Flapping
- Port ErrDisabled
- VM Cannot Ping a Secured Port
- Port Security Violations
- Port State is Blocked on a VEM
Cannot Enable an Interface
Port Link Failure or Port Not Connected
Link Flapping
When you are troubleshooting unexpected link flapping, it is important to have the following information:
- Who initiated the link flap.
- The actual reason for the link being down.
- For a definition of link flapping, see the “Link Flapping” section.
Port ErrDisabled
|
|
---|---|
1. Verify the physical cabling. |
|
You attempted to add a port to a port channel that was not configured identically, and the port is then errdisabled. |
1. Display the switch log file and identify the exact configuration error in the list of port state changes. 2. Correct the error in the configuration and add the port to the port channel. |
1. Identify the component that had an error while you were bringing up the port. show logging logfile | grep interface_number See Example 9-7 on page 9-13 . 2. Identify the error transition. show system internal ethpm event-history interface interface_number 3. Open a support case and submit the output of the above commands. For more information see the “Contacting Cisco or VMware Customer Support” section. |
VM Cannot Ping a Secured Port
Port Security Violations
For detailed information about port security, see the Cisco Nexus 1000V Security Configuration Guide.
Port State is Blocked on a VEM
Port Troubleshooting Commands
You can use the commands in this section to troubleshoot problems related to ports.
|
|
---|---|
Displays the state of a module. See Example 9-1 on page 9-11 . |
|
Displays the domain configuration. See Example 9-2 on page 9-12 . |
|
Displays the Cisco Nexus 1000V connections. See Example 9-3 on page 9-12 . |
|
Displays the neighbors connected to an interface. See Example 9-4 on page 9-12 . |
|
Displays information about the internal state transitions of the port. See Example 9-5 on page 9-12 . |
|
Displays logged system messages. See Example 9-6 on page 9-12 . |
|
Displays logged system messages for a specified interface. See Example 9-7 on page 9-13 . |
|
Displays a table of interface states. See Example 9-8 on page 9-13 . |
|
Displays the configuration for a named Ethernet interface, including the following:
See Example 9-9 on page 9-13 . |
|
Displays port counters for identifying synchronization problems. For information about counters, see the “Information About Interface Counters” section. |
|
Displays the virtual port mapping for all vEthernet interfaces. |
|
Displays the port security status of the port. If enabled, the output shows an LTL connected to the VM network adapter. |
|
Displays information about secure addresses on an interface. |
For detailed information about show command output, see the Cisco Nexus 1000V Command Reference.
EXAMPLES
Example 9-1 show module Command
Example 9-2 show svs domain Command
Example 9-3 show svs connections Command
Example 9-4 show cdp neighbors Command
Example 9-5 show port internal event-history interface Command
Example 9-6 show logging logfile Command
Example 9-7 show logging logfile | grep Command
Example 9-8 show interface brief Command
Example 9-9 show interface ethernet Command
Example 9-10 show interface ethernet Command
Example 9-11 show interface ethernet counters Command
Example 9-12 show interface vEthernet Command
Example 9-13 show interface capabilities Command
Example 9-14 show interface virtual port-mapping Command
Example 9-15 module vem execute vemcmd show portsec status Command
cyp1-switch# module vem 3 execute vemcmd show portsec status
LTL if_index Max Aging Aging DSM Sticky VM
Secure Time Type Bit Enabled Name
56 1c0000a0 5 0 Absolute Clr No Ostinato-Upgrade-VM1.eth1
Example 9-16 show port-security Command
Example 9-17 show port-security address interface vethernet Command