Contents

Configuring Session Manager

This chapter contains the following sections:

Information About Session Manager

Session Manager allows you to implement your configuration changes in batch mode. Session Manager works in the following phases:

  • Configuration session—Creates a list of commands that you want to implement in session manager mode.

  • Validation—Provides a basic semantic check on your configuration. Cisco NX-OS returns an error if the semantic check fails on any part of the configuration.

  • Verification—Verifies the configuration as a whole, based on the existing hardware and software configuration and resources. Cisco NX-OS returns an error if the configuration does not pass this verification phase.

  • Commit— Cisco NX-OS verifies the complete configuration and implements the changes atomically to the device. If a failure occurs, Cisco NX-OS reverts to the original configuration.

  • Abort—Discards the configuration changes before implementation.

You can optionally end a configuration session without committing the changes. You can also save a configuration session.

Configuration Guidelines and Limitations

Session Manager has the following configuration guidelines and limitations:

  • Session Manager supports only the ACL feature.

  • You can create up to 32 configuration sessions.

  • You can configure a maximum of 20,000 commands across all sessions.

Configuring Session Manager

Creating a Session

You can create up to 32 configuration sessions. To create a configuration session, perform this task:

SUMMARY STEPS

    1.    switch# configure session name

    2.    (Optional) switch(config-s)# show configuration session [name]

    3.    (Optional) switch(config-s)# save location


DETAILED STEPS
     Command or ActionPurpose
    Step 1 switch# configure session name
     

    Creates a configuration session and enters session configuration mode. The name can be any alphanumeric string.

     
    Step 2 switch(config-s)# show configuration session [name]
          		(Optional)

    Displays the contents of the session.

     
    Step 3 switch(config-s)# save location
          		(Optional)

    Saves the session to a file. The location can be in bootflash or volatile.

     

    Configuring ACLs in a Session

    You can configure ACLs within a configuration session. To configure ACLs within a configuration session, perform this task:

    SUMMARY STEPS

      1.    switch# configure session name

      2.    switch(config-s)# ip access-list name

      3.    (Optional) switch(config-s-acl)# permit protocol source destination

      4.    switch(config-s-acl)# interface interface-type number

      5.    switch(config-s-if)# ip port access-group name in

      6.    (Optional) switch# show configuration session [name]


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 switch# configure session name
       

      Creates a configuration session and enters session configuration mode. The name can be any alphanumeric string.

       
      Step 2 switch(config-s)# ip access-list name
       

      Creates an ACL.

       
      Step 3 switch(config-s-acl)# permit protocol source destination
              		(Optional)

      Adds a permit statement to the ACL.

       
      Step 4 switch(config-s-acl)# interface interface-type number
       

      Enters interface configuration mode.

       
      Step 5 switch(config-s-if)# ip port access-group name in
       

      Adds a port access group to the interface.

       
      Step 6 switch# show configuration session [name]
              		(Optional)

      Displays the contents of the session.

       

      Verifying a Session

      To verify a session, use the following command in session mode:

      Command

      Purpose

      switch(config-s)# verify [verbose]

      Verifies the commands in the configuration session.

      Committing a Session

      To commit a session, use the following command in session mode:

      Command

      Purpose

      switch(config-s)# commit [verbose]

      Commits the commands in the configuration session.

      Saving a Session

      To save a session, use the following command in session mode:

      Command

      Purpose

      switch(config-s)# save location

      (Optional) Saves the session to a file. The location can be in bootflash or volatile.

      Discarding a Session

      To discard a session, use the following command in session mode:

      Command

      Purpose

      switch(config-s)# abort

      Discards the configuration session without applying the commands.

      Session Manager Example Configuration

      This example shows how to create a configuration session for ACLs: 

      switch# configure session name test2

      switch(config-s)# ip access-list acl2

      switch(config-s-acl)# permit tcp any any

      switch(config-s-acl)# exit

      switch(config-s)# interface Ethernet 1/4

      switch(config-s-ip)# ip port access-group acl2 in

      switch(config-s-ip)# exit

      switch(config-s)# verify

      switch(config-s)# exit

      switch# show configuration session test2

      Verifying Session Manager Configuration

      To verify Session Manager configuration information, use the following commands:

      Command

      Purpose

      switch# show configuration session [name]

      Displays the contents of the configuration session.

      switch# show configuration session status [name]

      Displays the status of the configuration session.

      switch# show configuration session summary

      Displays a summary of all the configuration sessions.

      Configuring Session Manager

      Configuring Session Manager

      This chapter contains the following sections:

      Information About Session Manager

      Session Manager allows you to implement your configuration changes in batch mode. Session Manager works in the following phases:

      • Configuration session—Creates a list of commands that you want to implement in session manager mode.

      • Validation—Provides a basic semantic check on your configuration. Cisco NX-OS returns an error if the semantic check fails on any part of the configuration.

      • Verification—Verifies the configuration as a whole, based on the existing hardware and software configuration and resources. Cisco NX-OS returns an error if the configuration does not pass this verification phase.

      • Commit— Cisco NX-OS verifies the complete configuration and implements the changes atomically to the device. If a failure occurs, Cisco NX-OS reverts to the original configuration.

      • Abort—Discards the configuration changes before implementation.

      You can optionally end a configuration session without committing the changes. You can also save a configuration session.

      Configuration Guidelines and Limitations

      Session Manager has the following configuration guidelines and limitations:

      • Session Manager supports only the ACL feature.

      • You can create up to 32 configuration sessions.

      • You can configure a maximum of 20,000 commands across all sessions.

      Configuring Session Manager

      Creating a Session

      You can create up to 32 configuration sessions. To create a configuration session, perform this task:

      SUMMARY STEPS

        1.    switch# configure session name

        2.    (Optional) switch(config-s)# show configuration session [name]

        3.    (Optional) switch(config-s)# save location


      DETAILED STEPS
         Command or ActionPurpose
        Step 1 switch# configure session name
         

        Creates a configuration session and enters session configuration mode. The name can be any alphanumeric string.

         
        Step 2 switch(config-s)# show configuration session [name]
                  		(Optional)

        Displays the contents of the session.

         
        Step 3 switch(config-s)# save location
                  		(Optional)

        Saves the session to a file. The location can be in bootflash or volatile.

         

        Configuring ACLs in a Session

        You can configure ACLs within a configuration session. To configure ACLs within a configuration session, perform this task:

        SUMMARY STEPS

          1.    switch# configure session name

          2.    switch(config-s)# ip access-list name

          3.    (Optional) switch(config-s-acl)# permit protocol source destination

          4.    switch(config-s-acl)# interface interface-type number

          5.    switch(config-s-if)# ip port access-group name in

          6.    (Optional) switch# show configuration session [name]


        DETAILED STEPS
           Command or ActionPurpose
          Step 1 switch# configure session name
           

          Creates a configuration session and enters session configuration mode. The name can be any alphanumeric string.

           
          Step 2 switch(config-s)# ip access-list name
           

          Creates an ACL.

           
          Step 3 switch(config-s-acl)# permit protocol source destination
                      		(Optional)

          Adds a permit statement to the ACL.

           
          Step 4 switch(config-s-acl)# interface interface-type number
           

          Enters interface configuration mode.

           
          Step 5 switch(config-s-if)# ip port access-group name in
           

          Adds a port access group to the interface.

           
          Step 6 switch# show configuration session [name]
                      		(Optional)

          Displays the contents of the session.

           

          Verifying a Session

          To verify a session, use the following command in session mode:

          Command

          Purpose

          switch(config-s)# verify [verbose]

          Verifies the commands in the configuration session.

          Committing a Session

          To commit a session, use the following command in session mode:

          Command

          Purpose

          switch(config-s)# commit [verbose]

          Commits the commands in the configuration session.

          Saving a Session

          To save a session, use the following command in session mode:

          Command

          Purpose

          switch(config-s)# save location

          (Optional) Saves the session to a file. The location can be in bootflash or volatile.

          Discarding a Session

          To discard a session, use the following command in session mode:

          Command

          Purpose

          switch(config-s)# abort

          Discards the configuration session without applying the commands.

          Session Manager Example Configuration

          This example shows how to create a configuration session for ACLs: 

          switch# configure session name test2

          switch(config-s)# ip access-list acl2

          switch(config-s-acl)# permit tcp any any

          switch(config-s-acl)# exit

          switch(config-s)# interface Ethernet 1/4

          switch(config-s-ip)# ip port access-group acl2 in

          switch(config-s-ip)# exit

          switch(config-s)# verify

          switch(config-s)# exit

          switch# show configuration session test2

          Verifying Session Manager Configuration

          To verify Session Manager configuration information, use the following commands:

          Command

          Purpose

          switch# show configuration session [name]

          Displays the contents of the configuration session.

          switch# show configuration session status [name]

          Displays the status of the configuration session.

          switch# show configuration session summary

          Displays a summary of all the configuration sessions.