Configuring IP Fabric for Media

This chapter describes how to configure the Cisco Nexus 9000 Series switches for Cisco's IP fabric for media solution.

Prerequisites

Cisco's IP fabric for media solution has the following prerequisites:

  • Cisco Nexus 9200 and 9300 Series leaf and spine switches must be running Cisco NX-OS Release 7.0(3)I4(5) or a later release.


    Note

    Leaf switches must run Cisco NX-OS Release 7.0(3)I6(1) or a later release when used with spine switches that are running Cisco NX-OS Release 7.0(3)F2(1) or a later release.

  • Cisco Nexus 9500 Series spine switches (with N9K-X9732C-EX, N9K-X9736C-EX, and N9K-X97160YC-EX line cards) must be running Cisco NX-OS Release 7.0(3)I6(1) or a later release.

  • The Cisco Nexus 9508 spine switch (with N9K-X9636C-R and N9K-X9636Q-R line cards) must be running Cisco NX-OS Release 7.0(3)F2(1) or a later release.

  • TCAM carving must be configured on leaf switches using the hardware access-list tcam region ing-racl 512 and hardware access-list tcam region ing-nbm 1536 commands. For more information on TCAM carving, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.

  • For Cisco Nexus 9500 Series switches with N9K-X9732C-EX, N9K-X9736C-EX, and N9K-X97160YC-EX line cards, enable the multicast NBM template using the system routing template-multicast-nbm command. For more information, see the Cisco Nexus 9000 Series Multicast Routing Configuration Guide.

  • To use PIM SSM, which is supported beginning with Cisco NX-OS Release 7.0(3)I7(1), you must define an SSM group on the switch. For more information, see the Cisco Nexus 9000 Series Multicast Routing Configuration Guide.


    Note

    The default SSM multicast group range is 232.0.0.0/8. If you do not want to use the default range, you must use the ip pim ssm command to change it across the fabric.

  • For controller-based deployments, you must install one of the following Cisco DCNM Releases. For installation instructions, see the Cisco DCNM Installation Guide for your DCNM release.

    Cisco NX-OS Release Running on Switches

    Cisco DCNM Release

    7.0(3)I4(5)

    10.1

    7.0(3)F2(1) or a later release

    or

    7.0(3)I6(1) or a later release

    10.2(1) or later

    7.0(3)I7(2) or a later release

    10.4(2) or later

  • After the DCNM OVA file is installed, you must SSH into the DCNM VM as root and enter the appmgr set-mode media-controller command on the DCNM server to enable the DCNM Media Controller.

Guidelines and Limitations

Cisco's IP fabric for media solution has the following guidelines and limitations:

  • The number of leaf switches depends on the number of uplinks that are used and the number of ports available on the spine switch.

  • Make sure that there is always connectivity to the controller by ensuring redundant paths.

  • Cisco Nexus 9508 switches with the N9K-X9636C-R and N9K-X9636Q-R line cards do not support PTP, policing, DSCP remarking, and flow statistics.

  • We recommend using a Layer 3 routed port to an endpoint.

  • For a deployment of Cisco Nexus 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards and with SVIs and endpoints that are connected using a Layer 2 port, the maximum number of flows is 2000.

  • SVIs are not supported for Cisco Nexus 9500 platform switches with N9K-X9732C-EX, N9K-X9736C-EX, and N9K-X97160YC-EX line cards. (This restriction does not apply to Cisco Nexus 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards.)

  • For Cisco Nexus 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards, six fabric modules are needed when all six ports of a 100G line card are connected to an ASIC and forwarding multicast traffic with full capacity (600G). Five fabric modules are needed when all 12 ports of 40G line cards are connected to an ASIC and forwarding multicast traffic with full capacity (480G).

  • To ensure non-blocking performance, make sure that the uplink bandwidth from each leaf switch is greater than or equal to the bandwidth provided to the endpoints.

  • When possible, spread the endpoints across different leaf switches such that there is an equal distribution of sources and receivers on all leaf switches.

  • If possible, we recommend overprovisioning uplinks to account for failures.

  • As a best practice, use Layer 3 ports that go to the endpoints with a /30 mask. Assign one IP address to the endpoint and another to the switch interface.

  • Design redundant IP networks (2022-7), and do not connect the two networks together. They are meant to be independent.

  • The network is designed primarily to carry multicast flows. Ensure that there is minimal unicast traffic as the bandwidth management does not track unicast flows.

  • The solution supports IGMPv2 and IGMPv3 joins and PIM Any Source Multicast (ASM), which allows only one source to send to a given multicast group. Beginning with Cisco NX-OS Release 7.0(3)I7(1), the solution also supports PIM SSM, which allows two sources to transmit to the same multicast group at once.

  • Statistics are available only on the switch where senders are connected.

  • The host cannot be connected to the spine.

  • Other than the configuration required to set up the fabric, do not use custom ACL or QoS policies. Such policies are pushed from the host or flow policy in DCNM (and not from CLI commands).

  • Once the host is deleted from DCNM, the switch does not repunt the ARP to DCNM. To repunt the ARP, use the clear ip arp force-delete host-ip-address command on the switch.

  • Do not use CLI commands to modify any policy that is pushed from DCNM. Any modifications must be made using DCNM.

  • NBM is not supported with enhanced ISSU. Do not use the [no] boot mode lxc command in IP fabric for media setups.

  • Before moving from a noncontroller deployment to a controller deployment (or conversely), delete the existing configuration from the switches (by performing a write erase and reload) and then reconfigure the switches using POAP or Cisco NX-OS CLI commands.

  • The exchange of flows between the fabric and an external network using a border leaf works only with the PIM SSM range. There is no support for flow exchange with PIM ASM.

  • To conserve resources when running Cisco NX-OS Release 7.0(3)I7(2) or a later release, we recommend disabling statistics when using the service-policy type qos command.

  • Cisco NX-OS Release 7.0(3)I7(2) supports only one border leaf per fabric. Multiple border leafs per fabric are not supported. In a 2022-7/Redundant Network deployment, each fabric can have a single border leaf.

  • Cisco NX-OS Release 7.0(3)I7(3) supports only the spine-leaf topology without the DCNM Media Controller. To use a different deployment method, use a release prior to Cisco NX-OS Release 7.0(3)I7(3).

  • NBM running on a VXLAN enabled switch is not supported. Feature NBM may disrupt VXLAN underlay multicast forwarding.

Guidelines and Limitations for Unicast PTP

The following guidelines and limitations apply to unicast PTP:

  • Configure every unicast PTP interface with a unique PTP unicast source address.

  • The global PTP source and the unicast interface PTP source should not be the same.

  • Unicast and multicast are not supported on the same interface.

  • Unicast PTP is supported only for the following platforms:

    • Cisco Nexus 9236C, 9272Q, and 92160YC-X switches

    • Cisco Nexus 9348GC-FXP, 9364C, 93108TC-FX, and 93180YC-FX switches

    • Cisco Nexus 9500 Series switches with the N9K-X9732C-EX, N9K-X9736C-EX, and N9K-X97160YC-EX line cards

Guidelines and Limitations for the DCNM Media Controller

The following guidelines and limitations apply to DCNM in general:

  • Make sure that there is always connectivity to the controller by ensuring redundant paths.

  • Do not use CLI commands to modify any policy that is pushed from DCNM. Make any modifications using DCNM.

  • When you change any IP fabric for media-related server properties using DCNM Administration > DCNM Server > Server Properties, you must restart DCNM by running appmgr restart dcnm on a standalone DCNM or appmgr restart ha-apps on a native HA DCNM.

The following guidelines and limitations apply to the flow setup:

  • DCNM notifies the broadcast controller or user if an API call is unsuccessful, which requires the broadcast controller or user to retry.

  • When the receiver leaf switch reloads, flows must be set up again by reinitiating the API call after the switch reboots. This statement applies to DCNM 10.1 only.

  • Static API is not supported with SVIs.

  • VM snapshot is not supported. You cannot roll back to a previous DCNM snapshot.

The following guidelines and limitations apply to the flow policy:

  • As a best practice, make any default policy changes before flows are active on the fabric.

  • A flow policy cannot be modified when the flow is active. Modification is possible when the sender stops the flow and all receivers unsubscribe the flow.

  • Account for 5% more than the flow bit rate to accommodate a certain amount of burst without the flow being policed. For example, provision a 3G flow as 3.15 Gbps.

  • Ensure that any changes to the default flow policy are completed before any flow is active on the network.

The following guidelines and limitations apply to the host policy:

  • When a sender host policy changes from “allow” to “deny,” the flow is deleted immediately.

  • When a receiver host policy is applied to a host connected via a Layer 2 port and an SVI, the policy applies to all joins sent by all hosts on that VLAN and cannot be applied to a single receiver.

  • If no ARP request or reply comes from the host when an allowed policy is installed, the host is not added in DCNM, and IGMP packets are dropped. For allowed policies, you must add the host through ARP before sending IGMP joins.

  • Ensure that any changes to the default host policy are completed before any active host appears on the network. Define default host policy definitions ("deny all default" versus "allow all default") before the hosts are added to the network. Changes to host-specific policies are allowed at any time; however, the default policy edits are allowed only before hosts are introduced into the DCNM system.

The following guidelines and limitations apply to network and DCNM connections:

  • Make sure that switches are discovered by DCNM before any hosts are detected or flows are set up on the fabric.

  • The DCNM HA pair must be on the same VLAN.

  • The advantage of using MGMT as the interconnect is the ability to separate the management or control plane and the data plane.

  • The advantage of using INBAND is added redundancy.

  • Latency between the switch and DCNM must be less than 1 ms to ensure that flow programming takes place within an acceptable delay.

  • Once the switch has been discovered, do not delete it from the DCNM database. In order to decommission a switch, make sure that all switch interfaces that are connected to endpoints are shut down and flows age out. Once flows age out, delete the hosts that are discovered on the switch and then delete the switch from the DCNM LAN switch database.

Licensing Requirements for DCNM Media Controller

Product

License Requirement

Cisco DCNM

The Cisco DCNM Media Controller requires the Advanced Server DCNM license. For more information on this license, see the Cisco DCNM Installation Guide.

Configuring NBM

The procedure for configuring non-blocking multicast (NBM) varies depending on which deployment method you are using for your IP fabric for media solution.

  • Spine-leaf topology (with or without the DCNM Media Controller)

  • Single modular switch (with or without the DCNM Media Controller)

Configuring NBM for a Spine-Leaf Deployment with DCNM

After you have set up the IP fabric, you must enable the non-blocking multicast (NBM) feature and establish a connection to the DCNM server. The NBM feature ensures that the bandwidth that is coming into the fabric is exactly the same as the bandwidth that is going out.

Follow this procedure to configure NBM for switches in a spine-leaf deployment with DCNM.

Before you begin

Enable the PIM feature (using the feature pim command).

Enable the OSPF feature (using the feature ospf command), if you are using the OSPF unicast routing protocol.

SUMMARY STEPS

  1. configure terminal
  2. [no] feature nxapi
  3. [no] feature nbm
  4. nbm mode controller
  5. controller ip dcnm-server-ip-or-vip vrf management
  6. controller-credentials username username password [0 | 7] password
  7. (Optional) switch-role border-leaf

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no] feature nxapi

Example:

switch(config)# feature nxapi

Enables the NX-API feature. The no form of this command disables this feature.

Step 3

[no] feature nbm

Example:

switch(config)# feature nbm

Enables the NBM feature. The no form of this command disables this feature.

Step 4

nbm mode controller

Example:

switch(config)# nbm mode controller
switch(config-nbm-controller)#

Informs the switch of the presence of the DCNM Media Controller.

Step 5

controller ip dcnm-server-ip-or-vip vrf management

Example:

switch(config-nbm-controller)# controller ip 10.1.1.1 vrf management

Specifies the IP address of the DCNM server or the virtual IP address of the DCNM native HA server.

Step 6

controller-credentials username username password [0 | 7] password

Example:

switch(config-nbm-controller)# controller-credentials username admin password 7 7h56ab9

Configures the login information for the DCNM server.

The 0 option indicates that the password is clear text, and the 7 option indicates that the password is encrypted. The default is 0 (clear text).

Step 7

(Optional) switch-role border-leaf

Example:

switch(config-nbm-controller)# switch-role border-leaf
 (Optional)

Configures a leaf switch as a border leaf in order to connect multiple fabrics directly to each other.

This command is supported beginning with Cisco NX-OS Release 7.0(3)I7(2). In previous releases, you can only exchange traffic that is directly connected to the fabric itself. Any remote traffic that comes in is not seen on the fabric. This command allows you to have two separate installations, both of them as IP fabric for media or one that is IP fabric for media and another with an external Layer 3 network that is directly connected and has the traffic flowing through it.

Note 

To support the exchange of media flows between an IP fabric for media and external systems, make sure to configure the ip pim sparse-mode command on the WAN links and the ip pim passive command only on the NBM fabric interfaces (and not toward the external systems).

Configuring NBM for a Spine-Leaf Topology without DCNM

Follow this procedure to configure NBM for switches in a spine-leaf deployment without DCNM. In this mode, you can enable PIM active mode on spine and leaf switches. This feature provides multicast flow setup intelligence within the fabric. It supports multiple spines and variable flow size.

The spine-leaf topology without DCNM deployment model utilizes NBM in conjunction with Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) for provisioning flows within the fabric. The fabric must be configured with the PIM sparse mode and MSDP configurations described in Configuring PIM on Spine and Leaf Switches and Configuring MSDP on Spine Switches.

Before you begin

Enable the PIM feature (using the feature pim command).

Enable the OSPF feature (using the feature ospf command), if you are using the OSPF unicast routing protocol.

SUMMARY STEPS

  1. configure terminal
  2. [no] feature nbm
  3. (Optional) [no] nbm reserve unicast fabric bandwidth value
  4. (Optional) [no] nbm flow asm range [group-range-prefixes]
  5. [no] nbm flow bandwidth flow-bandwidth
  6. [no] nbm flow-policy
  7. [no] policy policy-name
  8. [no] bandwidth flow-bandwidth
  9. [no] dscp value
  10. [no] ip group-range ip-address to ip-address

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no] feature nbm

Example:

switch(config)# feature nbm

Enables the NBM feature and PIM active mode, which allows the NBM fabric to form a multicast flow without assistance from an external controller.

When you enter the feature nbm command, the following commands are also enabled automatically:

  • nbm mode pim-active

  • ip multicast multipath nbm

  • ip pim ssm range none

  • ip pim prune-on-expiry

  • cdp enable

The no form of this command disables the following commands: feature nbm , nbm mode pim-active , ip multicast multipath nbm , ip pim ssm range none , and ip pim prune-on-expiry .

Step 3

(Optional) [no] nbm reserve unicast fabric bandwidth value

Example:

switch(config)# nbm reserve unicast fabric bandwidth 2
 (Optional)

Reserves a percentage of bandwidth on fabric ports for unicast flows. NBM flow management does not use this bandwidth for flow setup and reserves it on all fabric interfaces for the unicast traffic. The range is from 0 to 100 percent, and the default value is 0.

Step 4

(Optional) [no] nbm flow asm range [group-range-prefixes]

Example:

switch(config)# nbm flow asm range 224.0.0.0/8 225.0.0.0/8 226.0.0.0/8 227.0.0.0/8
 (Optional)

Programs the NBM ASM group range for *,G joins. The IGMP joins in this group range are expected to be V2 joins or (*, G) joins. You can configure up to 20 group ranges. The default is no configured group range.

Step 5

[no] nbm flow bandwidth flow-bandwidth

Example:

switch(config)# nbm flow bandwidth 3000

Configures the global NBM flow bandwidth in Mbps. If any of the flows do not match the NBM mode flow group range, the default flow bandwidth is used for bandwidth management and flow setup. The range is from 1 to 25,000 Mbps, and the default value is 3000 Mbps.

Note 

The NBM flow bandwidth should be configured when you are initially setting up the IP fabric and should not be changed at random. Also, any change to the existing flow bandwidth value takes effect only after the device is rebooted.

Step 6

[no] nbm flow-policy

Example:

switch(config)# nbm flow-policy
switch(config-nbm-flow)#

Configures the flow bandwidth per flow.

Step 7

[no] policy policy-name

Example:

switch(config-nbm-flow)# policy nbmflow10
switch(config-nbm-flow-policy)#

Configures the NBM flow policy. You can specify a maximum of 63 alphanumeric characters for the policy name.
Step 8

[no] bandwidth flow-bandwidth

Example:

switch(config-nbm-flow-policy)# bandwidth 10

Configures the flow bandwidth in Mbps for multicast groups matching this policy. The range is from 1 to 25,000 Mbps.

Step 9

[no] dscp value

Example:

switch(config-nbm-flow-policy)# dscp 10

Configures the differentiated services code point (DSCP) value on the first-hop redundancy for flows matching in the group range below.

Step 10

[no] ip group-range ip-address to ip-address

Example:

switch(config-nbm-flow-policy)# ip group-range 224.19.10.1 to 224.19.255.1
switch(config-nbm-flow-policy)# ip group-range 224.20.10.1 to 224.20.255.1

Specifies the IP address range for multicast groups associated to this policy.

What to do next

Configure PIM and MSDP.

Configuring PIM on Spine and Leaf Switches

Follow these steps to configure PIM for spine and leaf switches in a spine-leaf topology without the DCNM Media Controller. The configuration should be the same on all nodes.

Before you begin

Configure NBM for a spine-leaf topology without DCNM.

SUMMARY STEPS

  1. configure terminal
  2. ip pim rp-address rp-address group-list ip-prefix
  3. ip pim ssm range none
  4. ip pim spt-threshold infinity group-list route-map-name
  5. route-map policy-name permit sequence-number
  6. match ip multicast group policy-name permit sequence-number
  7. interface interface-type slot/port
  8. mtu mtu-size
  9. ip address ip-prefix
  10. ip ospf passive-interface
  11. ip router ospf instance-tag area area-id
  12. ip pim sparse-mode
  13. ip igmp version number
  14. ip igmp immediate-leave
  15. ip pim pre-build-spt force
  16. Configure an RP interface.

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:
switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

ip pim rp-address rp-address group-list ip-prefix

Example:
switch(config)# ip pim rp-address 1.2.1.1 group-list 224.0.0.0/4

Configures a PIM static RP address for a multicast group range.

Step 3

ip pim ssm range none

Example:
switch(config)# ip pim ssm range none

Removes all group ranges for SSM.

Step 4

ip pim spt-threshold infinity group-list route-map-name

Example:
switch(config)# ip pim spt-threshold infinity group-list mcast-all

Creates the IPv4 PIM (*, G) state only, for the group prefixes defined in the specified route map.

Step 5

route-map policy-name permit sequence-number

Example:
switch(config)# route-map mcast-all permit 10
switch(config-route-map)#

Enters route-map configuration mode.

Step 6

match ip multicast group policy-name permit sequence-number

Example:
switch(config-route-map)# match ip multicast group 224.0.0.0/4

Matches the group specified. Make sure that the route-map group address matches the NBM flow ASM range group address.

Step 7

interface interface-type slot/port

Example:
switch(config)# interface ethernet 2/1
switch(config-if)#

Specifies an interface to configure and enters interface configuration mode.

Step 8

mtu mtu-size

Example:
switch(config-if)# mtu 9216

Configures an MTU size to support jumbo traffic. It should be configured on all host and fabric interfaces.

Step 9

ip address ip-prefix

Example:
switch(config-if)# ip address 10.3.10.1/24
Configures an IP address for this interface.
Step 10

ip ospf passive-interface

Example:
switch(config-if)# ip ospf passive-interface

Suppresses routing updates on the interface. This command overrides the router or VRF command mode configuration. OSPF runs passive on host-facing interfaces only. This configuration is needed only on endpoint interfaces and is not needed on fabric interfaces.

Step 11

ip router ospf instance-tag area area-id

Example:
switch(config-if)# ip router ospf p1 area 0.0.0.0

Enables OSPF on the interface.

Step 12

ip pim sparse-mode

Example:
switch(config-if)# ip pim sparse-mode

Enables PIM sparse mode on the interface.

Step 13

ip igmp version number

Example:
switch(config-if)# ip igmp version 3

Enables IGMPv3 packet support on endpoint interfaces only.

Step 14

ip igmp immediate-leave

Example:
switch(config-if)# ip igmp immediate-leave

Configures IGMP immediate leave on endpoint interfaces only.

Step 15

ip pim pre-build-spt force

Example:
switch(config)# ip pim pre-build-spt force

Prebuilds the shortest path tree (SPT) for all known (S,G) routes in the routing table by triggering PIM joins upstream.

Note 

Enter this command only on spine switches.

Step 16

Configure an RP interface.

Example:
switch(config)# interface loopback0
  ip address 1.2.1.1/32
  ip router ospf p1 area 0.0.0.0
  ip pim sparse-mode

Make sure that the RP interface IP address is the same on each spine switch.

Note 

Enter this configuration only on spine switches.

Configuring MSDP on Spine Switches

Follow these steps to configure MSDP for spine switches in a spine-leaf topology without the DCNM Media Controller.


Note

MSDP is only needed in a multi-spine deployment that uses an ASM range. In a single-spine deployment, MSDP is not needed.

Before you begin

Enable the MSDP feature (using the feature msdp command).

SUMMARY STEPS

  1. configure terminal
  2. Configure a loopback interface to establish an MSDP session between the spine switches.
  3. ip msdp originator-id interface
  4. ip msdp peer peer-ip-address connect-source interface
  5. ip msdp sa-policy peer-ip-address policy-name out
  6. route-map policy-name permit sequence-number
  7. match ip multicast group policy-name permit sequence-number

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:
switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

Configure a loopback interface to establish an MSDP session between the spine switches.

Example:
interface loopback1
  ip address 2.2.3.3/32
  ip router ospf p1 area 0.0.0.0
  ip pim sparse-mode

Establishes an MSDP session between the spine switches.

Step 3

ip msdp originator-id interface

Example:
switch(config)# ip msdp originator-id loopback1

Configures the IP address used in the RP field of a Source-Active (SA) message entry.

Step 4

ip msdp peer peer-ip-address connect-source interface

Example:
switch(config)# ip msdp peer 2.2.1.1 connect-source loopback1

Configures an MSDP peer with the specified peer IP address.

Step 5

ip msdp sa-policy peer-ip-address policy-name out

Example:
switch(config)# ip msdp sa-policy 2.2.1.1 msdp-mcast-all out

Enables a route-map policy for outgoing SA messages. By default, all registered sources are sent in SA messages.

Step 6

route-map policy-name permit sequence-number

Example:
switch(config)# route-map msdp-mcast-all permit 10
switch(config-route-map)#

Enters route-map configuration mode.

Step 7

match ip multicast group policy-name permit sequence-number

Example:
switch(config-route-map)# match ip multicast group 224.0.0.0/8

Matches the group specified. Make sure that the route-map group address matches the NBM flow ASM range group address.

Configuring NBM for a Single Modular Switch with DCNM

After you have set up the IP fabric, you must enable the non-blocking multicast (NBM) feature and establish a connection to the DCNM server. The NBM feature ensures that the bandwidth that is coming into the fabric is exactly the same as the bandwidth that is going out.

Follow this procedure to configure NBM for a single modular switch with the DCNM Media Controller.

Before you begin

Enable the PIM feature (using the feature pim command).

Enable the OSPF feature (using the feature ospf command), if you are using the OSPF unicast routing protocol.

SUMMARY STEPS

  1. configure terminal
  2. [no] feature nxapi
  3. [no] feature nbm
  4. nbm mode controller
  5. controller ip dcnm-server-ip-or-vip vrf management
  6. controller-credentials username username password [0 | 7] password
  7. (Optional) show nbm controller

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no] feature nxapi

Example:

switch(config)# feature nxapi

Enables the NX-API feature. The no form of this command disables this feature.

Step 3

[no] feature nbm

Example:

switch(config)# feature nbm

Enables the NBM feature. The no form of this command disables this feature.

Step 4

nbm mode controller

Example:

switch(config)# nbm mode controller
switch(config-nbm-controller)#

Informs the switch of the presence of the DCNM Media Controller.

Step 5

controller ip dcnm-server-ip-or-vip vrf management

Example:

switch(config-nbm-controller)# controller ip 10.1.1.1 vrf management

Specifies the IP address of the DCNM server or the virtual IP address of the DCNM native HA server.

Step 6

controller-credentials username username password [0 | 7] password

Example:

switch(config-nbm-controller)# controller-credentials username admin password 7 7h56ab9

Configures the login information for the DCNM server.

The 0 option indicates that the password is clear text, and the 7 option indicates that the password is encrypted. The default is 0 (clear text).

Step 7

(Optional) show nbm controller

Example:

switch(config-nbm-controller)# show nbm controller
VRF         IP          Role    Status   Online-Since
---         ---         ----    ------   ------------
management  10.10.10.1  ACTIVE  ONLINE   2016-11-04 17:08:33.080791
(Optional)

Displays the status of the DCNM Media Controller.

Configuring NBM for a Single Modular Switch without DCNM

After you have set up the IP fabric, you must enable the NBM feature on the switch. The NBM feature ensures that the bandwidth that is coming into the fabric is exactly the same as the bandwidth that is going out.

Follow this procedure to configure NBM for a single modular switch without the DCNM Media Controller.


Note

Steps 3 through 8 in this procedure are not applicable to the Cisco Nexus 9508 switch with N9K-X9636C-R and N9K-X9636Q-R line cards.

Before you begin

Enable the PIM feature (using the feature pim command).

Enable the OSPF feature (using the feature ospf command), if you are using the OSPF unicast routing protocol.

SUMMARY STEPS

  1. configure terminal
  2. [no] feature nbm
  3. [no] nbm flow bandwidth flow-bandwidth
  4. [no] nbm flow-policy
  5. [no] policy policy-name
  6. [no] bandwidth flow-bandwidth
  7. [no] ip group ip-address
  8. [no] ip group-range ip-address to ip-address
  9. (Optional) show nbm flows bandwidth

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no] feature nbm

Example:

switch(config)# feature nbm

Enables the NBM feature. The no form of this command disables this feature.

Step 3

[no] nbm flow bandwidth flow-bandwidth

Example:

switch(config)# nbm flow bandwidth 150

Configures the global NBM flow bandwidth in Mbps. The range is from 1 to 25,000 Mbps, and the default value is 3000 Mbps.

Note 

The NBM flow bandwidth should be configured when you are initially setting up the IP fabric. It should not be changed at random. Also, any change to the existing flow bandwidth value takes effect only after the device is rebooted.

Step 4

[no] nbm flow-policy

Example:

switch(config)# nbm flow-policy
switch(config-nbm-flow)#

Configures the flow bandwidth per flow.

Step 5

[no] policy policy-name

Example:

switch(config-nbm-flow)# policy 1.5gbps
switch(config-nbm-flow-policy)#

Configures the NBM flow policy. You can specify a maximum of 63 alphanumeric characters for the policy name.
Step 6

[no] bandwidth flow-bandwidth

Example:

switch(config-nbm-flow-policy)# bandwidth 1500

Configures the flow bandwidth in Mbps for multicast groups matching this policy. The range is from 1 to 25,000 Mbps.

Step 7

[no] ip group ip-address

Example:

switch(config-nbm-flow-policy)# ip group 228.0.0.15
switch(config-nbm-flow-policy)# ip group 228.0.255.15

Specifies the IP address for /32 multicast groups.
Step 8

[no] ip group-range ip-address to ip-address

Example:

switch(config-nbm-flow-policy)# ip group-range 239.255.255.121 to 239.255.255.130
switch(config-nbm-flow-policy)# ip group-range 239.255.255.131 to 239.255.255.140
switch(config-nbm-flow-policy)# ip group-range 239.255.255.141 to 239.255.255.150
switch(config-nbm-flow-policy)# ip group-range 239.255.255.151 to 239.255.255.160

Specifies the IP address range for multicast groups associated to this policy.

Step 9

(Optional) show nbm flows bandwidth

Example:

switch(config-nbm-flow-policy)# show nbm flows bandwidth
 (Optional)

Displays the configured and applied NBM bandwidth per flow.

Example

The following example shows a sample configuration: 

nbm flow-policy
  policy Audio
    bandwidth 2
    ip group-range 225.3.5.2 to 225.3.5.255
  policy Video
    bandwidth 3000
    ip group-range 228.255.255.1 to 228.255.255.255

Enabling Multicast and Unicast Flows (Optional)

Beginning with Cisco NX-OS Release 7.0(3)I7(1), IP fabric for media can be used for multicast as well as unicast flows. You can assign multicast traffic to a priority queue (7) and unicast traffic to the default queue (0). This configuration ensures that unicast traffic does not congest multicast traffic.


Note

For spine switches, traffic classification is based on access control list (ACL) and Differentiated Services Code Point (DSCP) values. For sender leaf switches, classification and marking are based on flow programming (S,G) from the DCNM Media Controller.

Before you begin

For spine switches, configure TCAM carving using the following command, save the configuration, and reload the switch:

  • hardware access-list tcam region ing-racl 256

  • hardware access-list tcam region ing-l3-vlan-qos 256

For leaf switches, configure TCAM carving using the following commands, save the configuration, and reload the switch:

  • hardware access-list tcam region ing-racl 256

  • hardware access-list tcam region ing-l3-vlan-qos 256

  • hardware access-list tcam region ing-nbm 1536


Note

We recommend the TCAM sizes shown above, but you can adjust the values to meet your network requirements. For more information on ACL TCAM regions, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.

SUMMARY STEPS

  1. configure terminal
  2. ip access-list acl-name
  3. sequence-number permit protocol source destination
  4. exit
  5. ip access-list acl-name
  6. sequence-number permit protocol source destination
  7. exit
  8. class-map type qos match-all unicast-class-name
  9. match access-group name acl-name
  10. exit
  11. class-map type qos match-any multicast-class-name
  12. match access-group name acl-name
  13. exit
  14. policy-map type qos policy-map-name
  15. class unicast-class-map-name
  16. set qos-group 0
  17. exit
  18. class multicast-class-map-name
  19. set qos-group 7
  20. exit
  21. exit
  22. interface ethernet slot/port
  23. service-policy type qos input policy-map-name
  24. (Optional) copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

ip access-list acl-name

Example:

switch(config)# ip access-list pmn-ucast
switch(config-acl)#

Creates an IP ACL and enters IP ACL configuration mode.

Step 3

sequence-number permit protocol source destination

Example:

switch(config-acl)# 10 permit ip any 0.0.0.0/1
switch(config-acl)# 20 permit ip any 128.0.0.0/2
switch(config-acl)# 30 permit ip any 192.0.0.0/3

Creates a rule in the IP ACL to match all unicast IP addresses (Class A, B, and C).

Step 4

exit

Example:

switch(config-acl)# exit
switch(config)#

Exits IP ACL configuration mode.

Step 5

ip access-list acl-name

Example:

switch(config)# ip access-list pmn-mcast
switch(config-acl)#

Creates an IP ACL and enters IP ACL configuration mode.

Step 6

sequence-number permit protocol source destination

Example:

switch(config-acl)# 2 permit ip any 224.0.0.0/4

Creates a rule to match all multicast flows.

Step 7

exit

Example:

switch(config-acl)# exit
switch(config)#

Exits IP ACL configuration mode.

Step 8

class-map type qos match-all unicast-class-name

Example:

switch(config)# class-map type qos match-all pmn-ucast
switch(config-cmap-qos)#

Creates a class map for unicast traffic and enters class-map configuration mode.

Step 9

match access-group name acl-name

Example:

switch(config-cmap-qos)# match access-group name pmn-ucast

Configures the traffic class by matching packets based on the ACL for unicast traffic.

Step 10

exit

Example:

switch(config-cmap-qos)# exit
switch(config)#

Exits class-map configuration mode.

Step 11

class-map type qos match-any multicast-class-name

Example:

switch(config)# class-map type qos match-any pmn-mcast
switch(config-cmap-qos)#

Creates a class map for multicast traffic and enters class-map configuration mode.

Step 12

match access-group name acl-name

Example:

switch(config-cmap-qos)# match access-group name pmn-mcast

Configures the traffic class by matching packets based on the ACL for multicast traffic.

Step 13

exit

Example:

switch(config-cmap-qos)# exit
switch(config)#

Exits class-map configuration mode.

Step 14

policy-map type qos policy-map-name

Example:

switch(config)# policy-map type qos pmn-qos
switch(config-pmap-qos)#

Creates a policy map and enters policy-map configuration mode.

Step 15

class unicast-class-map-name

Example:

switch(config-pmap-qos)# class pmn-ucast
switch(config-pmap-c-qos)#

Creates a class for unicast traffic and enters policy-map class configuration mode.

Step 16

set qos-group 0

Example:

switch(config-pmap-c-qos)# set qos-group 0

Configures the QoS group value to match on for classification of traffic into the PMN unicast class map.

Step 17

exit

Example:

switch(config-pmap-c-qos)# exit
switch(config-pmap-qos)#

Exits policy-map class configuration mode.

Step 18

class multicast-class-map-name

Example:

switch(config-pmap-qos)# class pmn-mcast
switch(config-pmap-c-qos)#

Creates a class for multicast traffic and enters policy-map class configuration mode.

Step 19

set qos-group 7

Example:

switch(config-pmap-c-qos)# set qos-group 7

Configures the QoS group value to match on for classification of traffic into the PMN multicast class map.

Step 20

exit

Example:

switch(config-pmap-c-qos)# exit
switch(config-pmap-qos)#

Exits policy-map class configuration mode.

Step 21

exit

Example:

switch(config-pmap-qos)# exit
switch(config)#

Exits policy-map configuration mode.

Step 22

interface ethernet slot/port

Example:

switch(config)# interface ethernet 1/49
switch(config-if)#

Creates an interface and enters interface configuration mode. This command should be used only for fabric interfaces.

Step 23

service-policy type qos input policy-map-name

Example:

switch(config-if)# service-policy type qos input pmn-qos

Adds the policy-map name to the input packets of the interface.

Step 24

(Optional) copy running-config startup-config

Example:

switch(config-if)# copy running-config startup-config
(Optional)

Copies the running configuration to the startup configuration.

Example

Configuration example: 

ip access-list pmn-ucast
  10 permit ip any 0.0.0.0 31.255.255.255
  20 permit ip any 128.0.0.0 31.255.255.255
  30 permit ip any 192.0.0.0 31.255.255.255

ip access-list pmn-mcast
  10 permit ip any 224.0.0.0/4

class-map type qos match-all pmn-ucast
  match access-group name pmn-ucast
class-map type qos match-any pmn-mcast
  match access-group name pmn-ucast

policy-map type qos pmn-qos
  class pmn-ucast
    set qos-group 0
  class pmn-mcast
    set qos-group 7

interface ethernet 1/49
  service-policy type qos input pmn-qos

Verifying the NBM Configuration

To display the NBM configuration information, perform one of the following tasks.

show nbm flows [active [interface type slot/port] | all [interface type slot/port] | detail [interface type slot/port] | group multicast-group | group-based [interface type slot/port] | inactive [interface type slot/port] | interface type slot/port | m-group multicast-group | no-receiver [interface type slot/port] |source ip-address ]

Displays the NBM flows.

show nbm flows bandwidth

Displays the configured and applied NBM bandwidth per flow.

Note 

This command is not supported for Cisco Nexus 9508 switches with N9K-X9636C-R and N9K-X9636Q-R line cards.

show nbm flows statistics

Displays the NBM flow statistics.

Note 

This command is not supported for spine switches in a spine-leaf topology and for single modular switches with N9K-X9636C-R and N9K-X9636Q-R line cards.

show running-config nbm

Displays the running configuration information for NBM.

Sample Output for Show Commands

This section provides output examples for single modular switches without the DCNM Media Controller. In controller-based deployments, statistics are available in the DCNM Media Controller GUI.

Sample Output for Switches Running Cisco NX-OS Release 7.0(3)F2(1) or Later

This example shows sample output for the show nbm flows command: 

switch# show nbm flows
NBM Active Source-Group-Based Flows :
Start-Time         Src-Intf  Mcast-Group   Src-IP      LID   Status  Num Rx  Bw Mbps  CFG Bw Mbps  Src-slot  Unit  Slice
04/27 05:32:01.536 Eth3/13/1 230.13.2.244  210.1.1.2   1070  ACTIVE  1       3000.000 3000.000     3         1     0     
04/27 05:32:01.535 Eth3/13/1 230.13.2.243  210.1.1.2   582   ACTIVE  1       3000.000 3000.000     3         1     0     
04/27 05:32:01.535 Eth3/13/1 230.13.2.242  210.1.1.2   1298  ACTIVE  1       3000.000 3000.000     3         1     0     
04/27 05:32:01.534 Eth3/13/1 230.13.2.241  210.1.1.2   1407  ACTIVE  1       3000.000 3000.000     3         1     0

This example shows sample output for the show nbm flows group multicast-group command: 

switch# show nbm flows group 230.13.2.244
NBM Active Source-Group-Based Flows :
Start-Time         Src-Intf  Mcast-Group   Src-IP     LID   Status  Num Rx  Bw Mbps  CFG Bw Mbps  Src-slot  Unit  Slice
04/27 05:32:01.536 Eth3/13/1 230.13.2.244  210.1.1.2  1070  ACTIVE  1       3000.000 3000.000     3         1     0

This example shows sample output for the show ip igmp groups command: 

switch# show ip igmp groups
IGMP Connected Group Membership for VRF "default" - 500 total entries
Type: S - Static, D - Dynamic, L - Local, T - SSM Translated
Group Address      Type  Interface           Uptime    Expires   Last Reporter
230.13.2.241         D   Ethernet4/25/1      00:08:16  00:02:54  210.13.1.2
230.13.2.242         D   Ethernet4/25/1      00:08:16  00:02:58  210.13.1.2
230.13.2.243         D   Ethernet4/25/1      00:08:16  00:02:56  210.13.1.2
230.13.2.244         D   Ethernet4/25/1      00:08:16  00:02:54  210.13.1.2

This example shows sample output for the show ip igmp groups interface command: 

switch# show ip igmp groups eth4/25/1
IGMP Connected Group Membership for Interface "Eth4/25/1" - 500 total entries
Type: S - Static, D - Dynamic, L - Local, T - SSM Translated
Group Address      Type  Interface         Uptime    Expires   Last Reporter
230.13.2.241         D   Ethernet4/25/1    00:08:16  00:02:54  210.13.1.2
230.13.2.242         D   Ethernet4/25/1    00:08:16  00:02:58  210.13.1.2
230.13.2.243         D   Ethernet4/25/1    00:08:16  00:02:56  210.13.1.2
230.13.2.244         D   Ethernet4/25/1    00:08:16  00:02:54  210.13.1.2

This example shows sample output for the show ip igmp groups multicast-group command: 

switch# show ip igmp groups 230.13.2.244
IGMP Connected Group Membership for VRF "default" - matching  Group "230.13.2.244"
Type: S - Static, D - Dynamic, L - Local, T - SSM Translated
Group Address      Type Interface           Uptime    Expires   Last Reporter
230.13.2.244       D    Ethernet4/25/1      00:09:09  00:03:55  210.13.1.2

This example shows sample output for the show running-config nbm command: 

switch# show running-config nbm
!Command: show running-config nbm
!Time: Thu Apr 27 05:39:23 2017

version 7.0(3)F2(1)
feature nbm

Sample Output for Switches Running Cisco NX-OS Release 7.0(3)I6(1) or Later

This example shows sample output for the show nbm controller command: 

switch# show nbm controller
VRF              IP                   Status          Online-Since
---              ---                  ------          ------------
management      172.31.203.198        ONLINE          2017-08-23 16:19:22.488835

This example shows sample output for the show nbm flows command: 

switch# show nbm flows
NBM Active Source-Group-Based Flows :
Mcast-Group Src-IP Start-Time Src-Intf L4-S L4-D LID Status Num Rx Bw Mbps CFG Bw Mbps Src-slot Unit Slice DSCP QOS
228.2.10.3 10.12.85.10 08/21 18:45:27.429 Vlan1000 0 0 0 ACTIVE 7 66.000 66.000 1 0 0 48 7 
228.1.3.3 10.10.85.10 08/21 18:45:27.324 Vlan1000 0 0 0 ACTIVE 8 18.000 18.000 1 0 0 24 7 
228.1.4.1 10.10.85.10 08/21 18:45:27.068 Vlan1000 0 0 0 ACTIVE 8 19.000 19.000 1 0 0 32 7 
228.1.9.1 10.10.85.10 08/21 18:45:26.732 Vlan1000 0 0 0 ACTIVE 8 31.000 31.000 1 0 0 32 7

This example shows sample output for the show nbm flows group multicast-group command: 

switch# show nbm flows group 228.2.10.3
NBM Active Source-Group-Based Flows :
Mcast-Group Src-IP Start-Time Src-Intf L4-S L4-D LID Status Num Rx Bw Mbps CFG Bw Mbps Src-slot Unit Slice DSCP QOS
228.2.10.3 10.12.85.10 08/21 18:45:27.429 Vlan1000 0 0 0 ACTIVE 7 66.000 66.000 1 0 0 48 7

This example shows sample output for the show ip igmp groups command: 

switch# show ip igmp groups
IGMP Connected Group Membership for VRF "default" - 61520 total entries
Type: S - Static, D - Dynamic, L - Local, T - SSM Translated
Group Address      Type Interface           Uptime    Expires   Last Reporter
225.3.5.1          D    Ethernet3/5         11:48:07  00:03:36  3.5.1.6
225.3.5.2          D    Ethernet3/5         11:48:07  00:03:36  3.5.1.6
225.3.5.3          D    Ethernet3/5         11:48:07  00:03:36  3.5.1.6
225.3.5.4          D    Ethernet3/5         11:48:07  00:03:36  3.5.1.6

This example shows sample output for the show ip igmp groups interface command: 

switch# show ip igmp groups eth3/5
IGMP Connected Group Membership for Interface "Eth3/5" - 1165 total entries
Type: S - Static, D - Dynamic, L - Local, T - SSM Translated
Group Address      Type Interface      Uptime    Expires   Last Reporter
225.3.5.1          D    Ethernet3/5    11:51:22  00:02:24  3.5.1.6
225.3.5.2          D    Ethernet3/5    11:51:22  00:02:24  3.5.1.6
225.3.5.3          D    Ethernet3/5    11:51:22  00:02:24  3.5.1.6
225.3.5.4          D    Ethernet3/5    11:51:22  00:02:24  3.5.1.6

This example shows sample output for the show ip igmp groups multicast-group command: 

switch# show ip igmp groups 225.3.5.1
IGMP Connected Group Membership for VRF "default" - matching Group "225.3.5.1"
Type: S - Static, D - Dynamic, L - Local, T - SSM Translated
Group Address  Type  Interface    Uptime    Expires   Last Reporter
225.3.5.1      D     Ethernet3/5  00:05:20  00:10:10  3.5.1.6

This example shows sample output for the show running-config nbm command: 

switch# show running-config nbm
!Command: show running-config nbm
!Time: Sat May  6 23:10:33 2017

version 7.0(3)I6(1)
feature nbm

nbm flow bandwidth 55
nbm flow-policy
  policy 0mbps
    bandwidth 2
    ip group 225.3.5.1
    ip group-range 225.3.5.2 to 225.3.5.255
  policy 3000
    bandwidth 130
    ip group-range 228.255.255.1 to 228.255.255.255

Sample XML Output for Switches Running Cisco NX-OS Release 7.0(3)I7(1) or Later

This example shows sample XML output for the show nbm controller | xml command: 

switch# show nbm controller | xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<nf:rpc-reply xmlns="http://www.cisco.com/nxos:1.0:pmn" xmlns:nf="urn:ietf:param
s:xml:ns:netconf:base:1.0">
<nf:data>
  <show>
   <nbm>
    <controller>
     <__XML__OPT_Cmd_show_nbm_controller___readonly__>
      <__readonly__>
       <vrf>management</vrf>
       <ip>172.31.203.198</ip>
       <status>ONLINE</status>
       <online_since>2017-08-23 16:19:22.488835</online_since>
      </__readonly__>
     </__XML__OPT_Cmd_show_nbm_controller___readonly__>
    </controller>
   </nbm>
  </show>
</nf:data>
</nf:rpc-reply>
]]>]]>

This example shows sample XML output for the show nbm flow | xml command: 

switch# show nbm flow | xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<nf:rpc-reply xmlns="http://www.cisco.com/nxos:1.0:pmn" xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0">
<nf:data>
  <show>
   <nbm>
    <flows>
     <__XML__OPT_Cmd_show_nbm_flow_info_all>
      <__XML__OPT_Cmd_show_nbm_flow_info_interface>
       <__XML__OPT_Cmd_show_nbm_flow_info___readonly__>
        <__readonly__>
         <TABLE_flows>
          <ROW_flows>
           <mcast_grp_src_ip>232.10.255.50    9.11.0.10       </mcast_grp_src_ip>
           <start_time>08/23 16:48:54.275</start_time>
           <src_intf>Vlan1000</src_intf>
           <l4_sport>0</l4_sport>
           <l4_dport>0</l4_dport>
           <lid>0</lid>
           <status>ACTIVE</status>
           <num_rx>1</num_rx>
           <bw_mbps>333.234</bw_mbps>
           <cfg_mbps>333.234</cfg_mbps>
           <src_slot>1</src_slot>
           <unit>0</unit>
           <slice>0</slice>
           <dscp>8</dscp>
           <qos>7</qos>

This example shows sample XML output for the show nbm flow m-group multicast-group | xml command: 

switch# show nbm flow m-group 232.10.255.1 | xml
<nf:rpc-reply xmlns="http://www.cisco.com/nxos:1.0:pmn" xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0">
<nf:data>
  <show>
   <nbm>
    <flows>
     <__XML__OPT_Cmd_show_nbm_flow_info_all>
      <m-group>
       <group-ip-id>232.10.255.1</group-ip-id>
      </m-group>
      <__XML__OPT_Cmd_show_nbm_flow_info_interface>
       <__XML__OPT_Cmd_show_nbm_flow_info___readonly__>
        <__readonly__>
         <TABLE_flows>
          <ROW_flows>
           <mcast_grp_src_ip>232.10.255.1     9.11.0.10       </mcast_grp_src_ip>
           <start_time>08/23 16:48:53.602</start_time>
           <src_intf>Vlan1000</src_intf>
           <l4_sport>0</l4_sport>
           <l4_dport>0</l4_dport>
           <lid>0</lid>
           <status>ACTIVE</status>
           <num_rx>1</num_rx>
           <bw_mbps>333.234</bw_mbps>
           <cfg_mbps>333.234</cfg_mbps>
           <src_slot>1</src_slot>
           <unit>0</unit>
           <slice>0</slice>
           <dscp>8</dscp>
           <qos>7</qos>
          </ROW_flows>

This example shows sample XML output for the show nbm flow group multicast-group source ip-address | xml command: 

switch# show nbm flow group 232.10.255.1 source 9.11.0.10 | xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<nf:rpc-reply xmlns="http://www.cisco.com/nxos:1.0:pmn" xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0">
<nf:data>
  <show>
   <nbm>
    <flows>
     <__XML__OPT_Cmd_show_nbm_flow_info_all>
      <__XML__OPT_Cmd_show_nbm_flow_info_source>
       <group>
        <group-ip>
         <__XML__PARAM_value>232.10.255.1</__XML__PARAM_value>
         <__XML__OPT_Cmd_show_nbm_flow_info_source>
          <source>
           <source-ip>9.11.0.10</source-ip>
          </source>
         </__XML__OPT_Cmd_show_nbm_flow_info_source>
        </group-ip>
       </group>
      </__XML__OPT_Cmd_show_nbm_flow_info_source>
      <__XML__OPT_Cmd_show_nbm_flow_info_interface>
      <__XML__OPT_Cmd_show_nbm_flow_info___readonly__>
        <__readonly__>
         <TABLE_flows>
          <ROW_flows>
           <mcast_grp_src_ip>232.10.255.1     9.11.0.10       </mcast_grp_src_ip>
           <start_time>08/23 16:48:53.602</start_time>
           <src_intf>Vlan1000</src_intf>
           <l4_sport>0</l4_sport>
           <l4_dport>0</l4_dport>
           <lid>0</lid>
           <status>ACTIVE</status>
           <num_rx>1</num_rx>
           <bw_mbps>333.234</bw_mbps>
           <cfg_mbps>333.234</cfg_mbps>
           <src_slot>1</src_slot>
           <unit>0</unit>
           <slice>0</slice>
           <dscp>8</dscp>
           <qos>7</qos>
          </ROW_flows>
         </TABLE_flows>
        </__readonly__>
       </__XML__OPT_Cmd_show_nbm_flow_info___readonly__>
      </__XML__OPT_Cmd_show_nbm_flow_info_interface>
     </__XML__OPT_Cmd_show_nbm_flow_info_all>
    </flows>
   </nbm>
  </show>
</nf:data>
</nf:rpc-reply>
]]>]]>

This example shows sample XML output for the show nbm flow statistics m-group multicast-group | xml command: 

switch# show nbm flow statistics m-group 232.10.255.10 | xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<nf:rpc-reply xmlns="http://www.cisco.com/nxos:1.0:pmn" xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0">
<nf:data>
  <show>
   <nbm>
    <flows>
     <statistics>
      <__XML__OPT_Cmd_show_nbm_flow_stats_group-based>
       <m-group>
        <group-ip-id>232.10.255.10</group-ip-id>
       </m-group>
       <__XML__OPT_Cmd_show_nbm_flow_stats_interface>
        <__XML__OPT_Cmd_show_nbm_flow_stats___readonly__>
         <__readonly__>
          <TABLE_stats>
           <ROW_stats>
            <mcast_grp_src_ip>232.10.255.10    9.10.96.10      </mcast_grp_src_ip>
            <start_time>08/23 16:28:47.016</start_time>
            <src_intf>Vlan1096</src_intf>
            <packets>54462</packets>
            <bytes>27231000</bytes>
            <allow_bytes>27219500</allow_bytes>
            <drop_bytes>0</drop_bytes>
           </ROW_stats>
           <ROW_stats>
            <mcast_grp_src_ip>232.10.255.10    9.10.97.10      </mcast_grp_src_ip>
            <start_time>08/23 16:28:49.358</start_time>
            <src_intf>Vlan1097</src_intf>
            <packets>53843</packets>
            <bytes>26921500</bytes>
            <allow_bytes>26910000</allow_bytes>
            <drop_bytes>0</drop_bytes>
           </ROW_stats>
           <ROW_stats>
            <mcast_grp_src_ip>232.10.255.10    9.10.98.10      </mcast_grp_src_ip>
            <start_time>08/23 16:28:55.976</start_time>
            <src_intf>Vlan1098</src_intf>
            <packets>53509</packets>
            <bytes>26754500</bytes>
            <allow_bytes>26743000</allow_bytes>
            <drop_bytes>0</drop_bytes>
           </ROW_stats>
           <ROW_stats>
            <mcast_grp_src_ip>232.10.255.10    9.10.99.10      </mcast_grp_src_ip>
            <start_time>08/23 16:28:56.176</start_time>
            <src_intf>Vlan1099</src_intf>
            <packets>51821</packets>
            <bytes>25910500</bytes>
            <allow_bytes>25899000</allow_bytes>
            <drop_bytes>0</drop_bytes>
           </ROW_stats>
           <ROW_stats>
            <mcast_grp_src_ip>232.10.255.10    9.11.0.10       </mcast_grp_src_ip>
            <start_time>08/23 16:28:53.548</start_time>
            <src_intf>Vlan1100</src_intf>
            <packets>51141</packets>
            <bytes>25570500</bytes>
            <allow_bytes>25558500</allow_bytes>
            <drop_bytes>0</drop_bytes>
           </ROW_stats>
          </TABLE_stats>
         </__readonly__>
        </__XML__OPT_Cmd_show_nbm_flow_stats___readonly__>
       </__XML__OPT_Cmd_show_nbm_flow_stats_interface>
      </__XML__OPT_Cmd_show_nbm_flow_stats_group-based>
     </statistics>
    </flows>
   </nbm>
  </show>
</nf:data>
</nf:rpc-reply>
]]>]]>

Configuring Fabric and Host Interfaces

You can configure the fabric and host interfaces using the CLI commands in this section or use the DCNM Media Controller to autoprovision these configurations.


Note

We recommend using a Layer 3 routed port to an endpoint.

Configuring a Fabric Interface

You must configure the fabric interface on each leaf switch. This interface goes from the leaf switch to the spine switch.


Note

If you want to be able to exchange media flows between an IP fabric for media and external systems, which is supported beginning with Cisco NX-OS Release 7.0(3)I7(2), make sure to configure the ip pim sparse-mode command on the WAN links and the ip pim passive command only on the NBM fabric interfaces (and not toward the external systems).

SUMMARY STEPS

  1. configure terminal
  2. interface ethernet slot/port
  3. ip address ip-prefix/length
  4. ip router ospf instance-tag area area-id
  5. ip pim sparse-mode
  6. [no] ip pim passive
  7. no shutdown

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

interface ethernet slot/port

Example:

switch(config)# interface ethernet 1/49
switch(config-if)#

Specifies the fabric interface and enters interface configuration mode.
Step 3

ip address ip-prefix/length

Example:

switch(config-if)# ip address 1.1.1.0/31

Assigns an IP address and subnet mask to this interface.

Step 4

ip router ospf instance-tag area area-id

Example:

switch(config-if)# ip router ospf 100 area 0.0.0.0

Adds the interface to the OSPFv2 instance and area.

Step 5

ip pim sparse-mode

Example:

switch(config-if)# ip pim sparse-mode

Enables PIM sparse mode on this interface.

Step 6

[no] ip pim passive

Example:

switch(config-if)# ip pim passive

Prevents the switch from sending PIM messages on this interface and from accepting PIM messages from other switches across this interface. This command is required as the DCNM Media Controller (rather than the PIM protocol) statically provisions the flow end to end.

Note 

If you want to exchange media flows between an IP fabric for media and external systems, configure the no ip pim passive command on the interfaces toward the external systems.

Step 7

no shutdown

Example:

switch(config-if)# no shutdown

Enables the interface.

Configuring a Layer 3 Host Interface

You must configure the Layer 3 routed host interface on each leaf switch. This interface goes from the leaf switch to an endpoint.

SUMMARY STEPS

  1. configure terminal
  2. interface ethernet slot/port
  3. ip igmp version 3
  4. ip address ip-prefix/length
  5. ip router ospf instance-tag area area-id
  6. ip pim sparse-mode
  7. ip pim passive
  8. ip igmp immediate-leave
  9. no shutdown

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

interface ethernet slot/port

Example:

switch(config)# interface ethernet 1/1
switch(config-if)#

Specifies the host interface and enters interface configuration mode.
Step 3

ip igmp version 3

Example:

switch(config-if)# ip igmp version 3

Sets the IGMP version to 3.

Step 4

ip address ip-prefix/length

Example:

switch(config-if)# ip address 100.1.1.1/24

Assigns an IP address and subnet mask to this interface.

Step 5

ip router ospf instance-tag area area-id

Example:

switch(config-if)# ip router ospf 100 area 0.0.0.0

Adds the interface to the OSPFv2 instance and area.

Step 6

ip pim sparse-mode

Example:

switch(config-if)# ip pim sparse-mode

Enables PIM sparse mode on this interface.

Step 7

ip pim passive

Example:

switch(config-if)# ip pim passive

Prevents the switch from sending PIM messages on this interface and from accepting PIM messages from other switches across this interface. This command is required as the DCNM Media Controller (rather than the PIM protocol) statically provisions the flow end to end.

Step 8

ip igmp immediate-leave

Example:

switch(config-if)# ip igmp immediate-leave

Enables the switch to remove the group entry from the multicast routing table immediately upon receiving a leave message for the group.

Step 9

no shutdown

Example:

switch(config-if)# no shutdown

Enables the interface.

Configuring a Layer 2 with SVI Host Interface

You must configure the Layer 2 with SVI host interface on each leaf switch. This interface goes from the leaf switch to an endpoint.

SUMMARY STEPS

  1. configure terminal
  2. feature interface-vlan
  3. vlan vlan-id
  4. exit
  5. vlan configuration vlan-id
  6. ip igmp snooping
  7. ip igmp snooping fast-leave
  8. exit
  9. interface vlan vlan-id
  10. (Optional) ip igmp version 3
  11. ip router ospf instance-tag area area-id
  12. ip address ip-address
  13. ip pim sparse-mode
  14. ip pim passive
  15. ip igmp suppress v3-gsq
  16. no shutdown
  17. exit
  18. interface ethernet port/slot
  19. switchport
  20. switchport mode {access | trunk}
  21. switchport {access | trunk allowed} vlan vlan-id
  22. no shutdown
  23. exit

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

feature interface-vlan

Example:

switch(config)# feature interface-vlan

Enables the creation of VLAN interfaces.

Step 3

vlan vlan-id

Example:

switch(config)# vlan 5
switch(config-vlan)#

Creates a VLAN. The range is from 2 to 3967. VLAN 1 is the default VLAN and cannot be created or deleted. For more information on VLANs, see the Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide.

Step 4

exit

Example:

switch(config-vlan)# exit
switch(config)#

Exits the VLAN mode.

Step 5

vlan configuration vlan-id

Example:

switch(config)# vlan configuration 5
switch(config-vlan-config)#

Allows you to configure VLANs without actually creating them.

Step 6

ip igmp snooping

Example:

switch(config-vlan-config)# ip igmp snooping

Enables IGMP snooping on the device for the specific VLAN. For more information on IGMP snooping, see the Cisco Nexus 9000 Series NX-OS Multicast Routing Configuration Guide.

Step 7

ip igmp snooping fast-leave

Example:

switch(config-vlan-config)# ip igmp snooping fast-leave

Supports IGMPv2 hosts that cannot be explicitly tracked because of the host report suppression mechanism of the IGMPv2 protocol. When you enable fast leave, the IGMP software assumes that not more than one host is present on each VLAN port. The default is disabled for all VLANs.

Step 8

exit

Example:

switch(config-vlan-config)# exit
switch(config)#

Exits VLAN configuration mode.

Step 9

interface vlan vlan-id

Example:

switch(config)# interface vlan 5
switch(config-if)#

Creates a VLAN interface and enters interface configuration mode. The range is from 2 and 3967.

Step 10

(Optional) ip igmp version 3

Example:

switch(config-if)# ip igmp version 3
 (Optional)

Sets the IGMP version to 3. Enter this command if you are using IGMP version 3.

Step 11

ip router ospf instance-tag area area-id

Example:

switch(config-if)# ip router ospf 201 area 0.0.0.15

Adds the interface to the OSPFv2 instance and area.

Step 12

ip address ip-address

Example:

switch(config-if)# ip address 192.0.2.1/8

Configures an IP address for this interface.

Step 13

ip pim sparse-mode

Example:

switch(config-if)# ip pim sparse-mode

Enables PIM sparse mode on this interface. For more information on PIM, see the Cisco Nexus 9000 Series NX-OS Multicast Routing Configuration Guide.

Step 14

ip pim passive

Example:

switch(config-if)# ip pim passive

Prevents the device from sending PIM messages on the interface or accepting PIM messages from other devices across this interface. The device instead considers that it is the only PIM device on the network and acts as the designated router and designated forwarder for all Bidir PIM group ranges.

Step 15

ip igmp suppress v3-gsq

Example:

switch(config-if)# ip igmp suppress v3-gsq

Prevents the router from generating a query when it receives an IGMPv3 leave report.

Step 16

no shutdown

Example:

switch(config-if)# no shutdown

Clears the errors on the interfaces and VLANs where policies correspond with hardware policies. This command allows policy programming to continue and the port to come up.

Note 

Apply this command only after you have entered the previous multicast commands.

Step 17

exit

Example:

switch(config-if)# exit
switch(config)#

Exits the VLAN interface configuration mode.

Step 18

interface ethernet port/slot

Example:

switch(config-if)# interface ethernet 2/1

Configures an Ethernet interface.

Step 19

switchport

Example:

switch(config-if)# switchport

Sets the interface as a Layer 2 interface.

Step 20

switchport mode {access | trunk}

Example:

switch(config-if)# switchport mode trunk

Configures one of the following options:

access—Sets the interface as a nontrunking, nontagged, single-VLAN Layer 2 interface. An access port can carry traffic in one VLAN only. By default, an access port carries traffic for VLAN 1.

trunk—Sets the interface as a Layer 2 trunk port. A trunk port can carry traffic in one or more VLANs on the same physical link. (VLANs are based on the trunk-allowed VLANs list.) By default, a trunk interface can carry traffic for all VLANs.

Step 21

switchport {access | trunk allowed} vlan vlan-id

Example:

switch(config-if)# switchport trunk allowed vlan 5

Configures one of the following options:

access—Specifies the VLAN for which this access port will carry traffic. If you do not enter this command, the access port carries traffic on VLAN 1 only.

trunk allowed—Specifies the allowed VLANs for the trunk interface. The default is to allow all VLANs on the trunk interface: 1 to 3967 and 4048 to 4094. VLANs 3968 to 4047 are the default VLANs reserved for internal use by default.

Step 22

no shutdown

Example:

switch(config-if)# no shutdown

Clears the errors on the interfaces and VLANs where policies correspond with hardware policies. This command allows policy programming to continue and the port to come up.

Step 23

exit

Example:

switch(config-if)# exit
switch(config)#

Exits the interface configuration mode.

Configuring PTP for Media (Optional)

Cisco's IP fabric for media solution supports the following IEEE 1588 PTP profiles:

  • Audio Engineering Society 67 profile (AES67) - For high-performance streaming audio over IP

  • Professional Broadcast Environment profile (SMPTE-2059-2) - For high-performance streaming video over IP

The solution also introduces mixed mode PTP support with multicast sync and announce messages as well as unicast delay request and response messages.

To configure PTP for media, you should use one of these profiles.


Note

The PTP configuration for media is different from the PTP configuration for a non-media network. However, you can refer to the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide for more information on PTP.

Before you begin

Enable PTP boundary mode functionality on the switch. PTP packets cannot be routed as regular multicast packets within the fabric.

SUMMARY STEPS

  1. configure terminal
  2. [no] feature ptp
  3. [no] ptp source ip-address [vrf vrf]
  4. (Optional) [no] ptp offload
  5. interface ethernet slot/port
  6. [no] ptp
  7. (Optional) [no] ptp announce interval [aes67 | smpte-2059] log-seconds
  8. (Optional) [no] ptp announce timeout [aes67 | smpte-2059] count
  9. (Optional) [no] ptp delay-request minimum interval [aes67 | smpte-2059] log-seconds
  10. (Optional) [no] ptp sync interval [aes67 | smpte-2059] log-seconds
  11. (Optional) [no] ptp vlan vlan-id
  12. (Optional) show ptp brief
  13. (Optional) show ptp port interface interface slot/port
  14. (Optional) copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no] feature ptp

Example:

switch(config)# feature ptp

Enables or disables PTP on the device.

Note 

Enabling PTP on the switch does not enable PTP on each interface.

Step 3

[no] ptp source ip-address [vrf vrf]

Example:

switch(config)# ptp source 10.10.10.1

Configures the source IPv4 address for all PTP packets. We recommend that the source IP address be a valid IP address for any interface on the switch.

Step 4

(Optional) [no] ptp offload

Example:

switch(config)# ptp offload
 (Optional)

Increases the number of PTP sessions by offloading some timers to the line card.

Note 

This command is supported only for Cisco Nexus 9500 Series switches with X9700-EX line cards, beginning with Cisco NX-OS Release 7.0(3)I6(1).

Step 5

interface ethernet slot/port

Example:

switch(config)# interface ethernet 2/1
switch(config-if)#

Specifies the interface on which you are enabling PTP and enters the interface configuration mode.

Step 6

[no] ptp

Example:

switch(config-if)# ptp

Enables or disables PTP on an interface.

Step 7

(Optional) [no] ptp announce interval [aes67 | smpte-2059] log-seconds

Example:

switch(config-if)# ptp announce interval aes67 3
 (Optional)

Configures the interval between PTP announce messages on an interface.

Table 1. PTP Announcement Interval Range and Default Values

Option

Range

Default Value

aes67

0 to 4 log seconds

1 log second

smpte-2059

–3 to 1 log seconds

1 log second

Without the aes67 or smpte-2059 option

0 to 4 log seconds

1 log second

Step 8

(Optional) [no] ptp announce timeout [aes67 | smpte-2059] count

Example:

switch(config-if)# ptp announce timeout aes67 2
 (Optional)

Configures the number of PTP intervals before a timeout occurs on an interface.

Table 2. PTP Announcement Timeout Range and Default Values

Option

Range

Default Value

aes67

2 to 10 intervals

3 intervals

smpte-2059

2 to 10 intervals

3 intervals

Without the aes67 or smpte-2059 option

2 to 4 intervals

3 intervals

Step 9

(Optional) [no] ptp delay-request minimum interval [aes67 | smpte-2059] log-seconds

Example:

switch(config-if)# ptp delay-request minimum interval aes67 -1
 (Optional)

Configures the minimum interval allowed between PTP delay messages when the port is in the primary state.

Table 3. PTP Delay-Request Minimum Interval Range and Default Values

Option

Range

Default Value

aes67

–4 to 5 log seconds

0 log seconds

smpte-2059

–4 to 5 log seconds

0 log seconds

Without the aes67 or smpte-2059 option

–1 to 6 log seconds (where –1 = 1 frame per second)

0 log seconds

Step 10

(Optional) [no] ptp sync interval [aes67 | smpte-2059] log-seconds

Example:

switch(config-if)# ptp sync interval aes67 1
 (Optional)

Configures the interval between PTP synchronization messages on an interface.

Table 4. PTP Synchronization Interval Range and Default Values

Option

Range

Default Value

aes67

–4 to 1 log seconds

–2 log seconds

smpte-2059

–4 to –1 log seconds

–2 log seconds

Without the aes67 or smpte-2059 option

–3 to 1 log seconds

–2 log seconds

Step 11

(Optional) [no] ptp vlan vlan-id

Example:

switch(config-if)# ptp vlan 1
 (Optional)

Specifies the VLAN for the interface where PTP is being enabled. You can enable PTP only on one VLAN on an interface.

The range is from 1 to 4094.

Step 12

(Optional) show ptp brief

Example:

switch(config-if)# show ptp brief
 (Optional)

Displays the PTP status.

Step 13

(Optional) show ptp port interface interface slot/port

Example:

switch(config-if)# show ptp port interface ethernet 2/1
 (Optional)

Displays the status of the PTP port.

Step 14

(Optional) copy running-config startup-config

Example:

switch(config-if)# copy running-config startup-config
(Optional)

Copies the running configuration to the startup configuration.

Configuring Unicast PTP Peers

You must configure both master and slave unicast PTP peers.

SUMMARY STEPS

  1. configure terminal
  2. interface ethernet slot/port
  3. ptp transport ipv4 ucast {master | slave}
  4. {master | slave} ipv4 ip-address
  5. ptp ucast-source ip-address
  6. (Optional) show ptp brief
  7. (Optional) show ptp counters interface ethernet slot/port ipv4 ip-address
  8. (Optional) copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

interface ethernet slot/port

Example:

switch(config)# interface ethernet 1/1
switch(config-if)#

Specifies the interface on which you are enabling unicast PTP and enters the interface configuration mode.

Step 3

ptp transport ipv4 ucast {master | slave}

Example:

switch(config-if)# ptp transport ipv4 ucast master

Configures the master or slave unicast PTP peer.

Step 4

{master | slave} ipv4 ip-address

Example:

switch(config-if)# slave ipv4 81.0.0.2

Specifies the IP address of the master or slave unicast PTP peer.

Step 5

ptp ucast-source ip-address

Example:

switch(config-if)# ptp ucast-source 81.0.0.1

Specifies the IP address of the PTP unicast source.

Step 6

(Optional) show ptp brief

Example:

switch(config-if)# show ptp brief
 (Optional)

Displays the PTP status.

Step 7

(Optional) show ptp counters interface ethernet slot/port ipv4 ip-address

Example:

switch(config-if)# show ptp counters interface ethernet 1/1 ipv4 81.0.0.2
 (Optional)

Displays the unicast PTP counters.

Step 8

(Optional) copy running-config startup-config

Example:

switch(config-if)# copy running-config startup-config
(Optional)

Copies the running configuration to the startup configuration.

Example

The following example shows how to configure master and slave unicast PTP peers: 

interface Ethernet1/1
  ptp transport ipv4 ucast master
    slave ipv4 81.0.0.2
  ptp ucast-source 81.0.0.1
  ip address 81.0.0.1/24
  ip router ospf 1 area 0.0.0.2
  no shutdown

interface Ethernet1/2
  ptp transport ipv4 ucast slave
    master ipv4 83.0.0.2
  ptp ucast-source 83.0.0.1
  ip address 83.0.0.1/24
  no shutdown 

show ptp counters interface eth1/1 ipv4 81.0.0.2
PTP Packet Counters of IP 81.0.0.2:
----------------------------------------------------------------
Packet Type                  TX                      RX
----------------    --------------------    --------------------
Announce                     9                       0
Sync                         70                      0
FollowUp                     70                      0
Delay Request                0                       18
Delay Response               18                      0
PDelay Request               0                       0
PDelay Response              0                       0
PDelay Followup              0                       0
Management                   0                       0
----------------------------------------------------------------