Session Manager

This chapter describes how to configure Session Manager on Cisco NX-OS devices.

This chapter contains the following sections:

Session Manager

Session Manager allows you to implement your configuration changes in batch mode.

Session Manager works in five phases:

  • Configuration session—Creates a list of commands that you want to implement in Session Manager mode.

  • Validation—Provides a basic semantic check on your configuration. NX-OS returns an error if the semantic check fails on any part of the configuration.

  • Verification—Verifies the configuration as a whole, based on the existing hardware and software configuration and resources. NX-OS returns an error if the configuration does not pass this verification phase.

  • Commit—NX-OS verifies the complete configuration and applies the changes to the device. If a failure occurs, NX-OS reverts to the original configuration.

  • Abort—Discards the configuration changes before implementation.

You can optionally end a configuration session without committing the changes. You can also save a configuration session.

High Availability

Session Manager sessions remain available after a supervisor switchover. Sessions are not persistent across a software reload.

Prerequisites for Session Manager

Make sure that you have the privilege level required to support the Session Manager commands that you plan to use.

Guidelines and limitations for Session Manager

The configuration guidelines and limitations for Session Manager are:

  • Configuration for only one service access point (SAP) can be performed using one session.

  • Configuration sessions are not persistent across reloads.

  • Session Manager supports only access control list (ACL) and quality of service (QoS) features.

  • You can create up to 32 configuration sessions.

  • You can configure a maximum of 20,000 commands across all sessions.

  • You cannot simultaneously execute configuration commands in more than one configuration session or configuration terminal mode. Parallel configurations (for example, one configuration session and one configuration terminal) could cause validation or verification failures in the configuration session.

  • If an interface reloads while you are configuring it in a configuration session, Session Manager can accept the commands even if the interface is not present in the device.

  • Beginning from the mentioned NX-OS Release, any network admin user can configure or delete existing sessions.

    • 10.5(1)F

Configure Session Manager


Note
Be aware that the NX-OS commands might differ from IOS commands.

Create a session

You can create up to 32 configuration sessions.

Procedure

Step 1

Display the contents of the session using the configure session name command.

Example:

switch(config-s)# save bootflash:sessions/myACLs

This command creates a configuration session and enters session configuration mode. The name can be any alphanumeric string.

Step 2

(Optional) Display the contents of the session using the show configuration session [name] command.

Example:

switch(config-s)# show configuration session myACLs

Step 3

(Optional) Save the session to a file using the save location command. The location can be in bootflash:, slot0:, or volatile:.

Example:

switch(config-s)# save bootflash:sessions/myACLs

Configure ACLs in a session

You can configure ACLs within a configuration session.

Procedure

Step 1

Create a configuration session and enter session configuration mode using the configure session name command. The name can be any alphanumeric string.

Example:

switch# configure session myacls
switch(config-s)#

Step 2

Create an ACL and enter a configuration mode for that ACL using the ip access-list name command.

Example:

switch(config-s)# ip access-list acl1
switch(config-s-acl)#

Step 3

(Optional) Add a permit statement to the ACL using the permit protocol source destination command.

Example:

switch(config-s-acl)# permit tcp any any

Step 4

Enter interface configuration mode using the interface interface-type number command.

Example:

switch(config-s-acl)# interface ethernet 2/1
switch(config-s-if)#

Step 5

Specify the direction of traffic the access group is applied to using the ip access-group name {in | out} command.

Example:

switch(config-s-if)# ip access-group acl1 in

Step 6

(Optional) Display the contents of the session using the show configuration session [name] command.

Example:

switch(config-s-if)# show configuration session myacls

Verify a session

Use this command in session mode to verify a session.

Procedure

Verify the configuration as a whole, based on the existing hardware and software configuration and resources using the verify [verbose] command.

Example:

switch(config-s)# verify

NX-OS returns an error if the configuration does not pass this verification.

Commit a session

Use this command in session mode to commit a session.

Procedure

Validate the configuration changes made in the current session and apply valid changes to the device using the commit [verbose] command.

Example:

switch(config-s)# commit

If the validation fails, NX-OS reverts to the original configuration.

Save a session

Use this command in session mode to save a session.

Procedure

(Optional) Save the session to a file using the save location command. The location can be in bootflash:, slot0:, or volatile:.

Example:

switch(config-s)# save bootflash:sessions/myACLs

Discard a Session

Use this command in session mode to discard a session.

Procedure

Discard the configuration session without applying the changes using the abort command.

Example:

switch(config-s)# abort
switch#

Commands for verifying Session Manager configuration

To display the Session Manager configuration information, perform any of the required show commands listed in the table.

Command

Purpose

show configuration session [name]

Displays the contents of the configuration session.

show configuration session status [name]

Displays the status of the configuration session.

show configuration session summary

Displays a summary of all the configuration sessions.

Configuration example for Session Manager

This example shows how to create and commit an ACL configuration using Session Manager.

switch# configure session ACL_tcp_in
Config Session started, Session ID is 1
Enter configuration commands, one per line. End with CNTL/Z.
switch(config-s)# ip access-list ACL1
switch(config-s-acl)# permit tcp any any
switch(config)# interface e 7/1
switch(config-if)# ip access-group ACL1 in
switch(config-if)# exit
switch(config)# exit
switch# config session ACL_tcp_in
Config Session started, Session ID is 1
Enter configuration commands, one per line. End with CNTL/Z.
switch(config-s)# verify
Verification Successful
switch(config-s)# commit
Commit Successful
switch#

Additional references

Related documents

This reference provides information about related documents for configuration files.

Related Topic

Document Title

Configuration files

Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide