The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter includes the following sections:
Configuring vNIC Templates
This policy defines how a vNIC on a server connects to the LAN. This policy is also referred to as a vNIC LAN connectivity policy.
You need to include this policy in a service profile for it to take effect.
Command or Action | Purpose | |
---|---|---|
Step 1 | UCS-A# scope org org-name | Enters organization mode for the specified organization. To enter the root organization mode, type / as the org-name. |
Step 2 | UCS-A /org # create vnic-templ vnic-templ-name [eth-if vlan-name] [fabric {a | b}] [target [adapter | vm]] | Creates a vNIC template and enters organization vNIC template mode. |
Step 3 | UCS-A /org/vnic-templ # set descr description | (Optional) Provides a description for the vNIC template. |
Step 4 | UCS-A /org/vnic-templ # set fabric {a | b} | (Optional) Specifies the fabric to use for the vNIC. If you did not specify the fabric when creating the vNIC template in Step 2, you have the option to specify it with this command. |
Step 5 | UCS-A /org/vnic-templ # set mac-pool mac-pool-name | Specifies the MAC pool to use for the vNIC. |
Step 6 | UCS-A /org/vnic-templ # set mtu mtu-value | Specified the maximum transmission unit, or packet size, that the vNIC accepts. |
Step 7 | UCS-A /org/vnic-templ # set nw-control-policy policy-name | Specifies the network control policy to use for the vNIC. |
Step 8 | UCS-A /org/vnic-templ # set pin-group group-name | Specifies the LAN pin group to use for the vNIC. |
Step 9 | UCS-A /org/vnic-templ # set qos-policy policy-name | Specifies the QoS policy to use for the vNIC. |
Step 10 | UCS-A /org/vnic-templ # set stats-policy policy-name | Specifies the server and server component statistics threshold policy to use for the vNIC. |
Step 11 | UCS-A /org/vnic-templ # set type {initial-template | updating-template} | Specifies the vNIC template update type. If you do not want vNIC instances created from this template to be automatically updated when the template is updated, use the initial-template keyword; otherwise, use the updating-template keyword to ensure that all vNIC instance are updated when the vNIC template is updated. |
Step 12 | UCS-A /org/vnic-templ # commit-buffer | Commits the transaction to the system configuration. |
The following example configures a vNIC template and commits the transaction:
UCS-A# scope org / UCS-A /org* # create vnic template VnicTempFoo UCS-A /org/vnic-templ* # set descr "This is a vNIC template example." UCS-A /org/vnic-templ* # set fabric a UCS-A /org/vnic-templ* # set mac-pool pool137 UCS-A /org/vnic-templ* # set mtu 8900 UCS-A /org/vnic-templ* # set nw-control-policy ncp5 UCS-A /org/vnic-templ* # set pin-group PinGroup54 UCS-A /org/vnic-templ* # set qos-policy QosPol5 UCS-A /org/vnic-templ* # set stats-policy ServStatsPolicy UCS-A /org/vnic-templ* # set type updating-template UCS-A /org/vnic-templ* # commit-buffer UCS-A /org/vnic-templ #
Command or Action | Purpose | |
---|---|---|
Step 1 | UCS-A# scope org org-name | Enters organization mode for the specified organization. To enter the root organization mode, type / as the org-name. |
Step 2 | UCS-A /org # delete vnic-templ vnic-templ-name | Deletes the specified vNIC template. |
Step 3 | UCS-A /org # commit-buffer | Commits the transaction to the system configuration. |
The following example deletes the vNIC template named VnicTempFoo and commits the transaction:
UCS-A# scope org / UCS-A /org # delete vnic template VnicTempFoo UCS-A /org* # commit-buffer UCS-A /org #
Configuring Ethernet Adapter Policies
These policies govern the host-side behavior of the adapter, including how the adapter handles traffic. For example, you can use these policies to change default settings for the following:
Queues
Interrupt handling
Performance enhancement
RSS hash
Failover in an cluster configuration with two fabric interconnects
By default, Cisco UCS provides a set of Ethernet adapter policies and Fibre Channel adapter policies. These policies include the recommended settings for each supported server operating system. Operating systems are sensitive to the settings in these policies. Storage vendors typically require non-default adapter settings. You can find the details of these required settings on the support list provided by those vendors.
We recommend that you use the values in these policies for the applicable operating system. Do not modify any of the values in the default policies unless directed to do so by Cisco Technical Support.
However, if you are creating an Ethernet adapter policy for a Windows OS (instead of using the default Windows adapter policy), you must use the following formulas to calculate values that work with Windows:
For example, if Transmit Queues = 1 and Receive Queues = 8 then:
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 | UCS-A# scope org org-name | Enters organization mode for the specified organization. To enter the root organization mode, type / as the org-name. |
||
Step 2 | UCS-A /org # create eth-policy policy-name | Creates the specified Ethernet adapter policy and enters organization Ethernet policy mode. |
||
Step 3 | UCS-A /org/eth-policy # set comp-queue count count | (Optional) Configures the Ethernet completion queue. |
||
Step 4 | UCS-A /org/eth-policy # set descr description | (Optional) Provides a description for the policy.
|
||
Step 5 | UCS-A /org/eth-policy # set failover timeout timeout-sec | (Optional) Configures the Ethernet failover. |
||
Step 6 | UCS-A /org/eth-policy # set interrupt {coalescing-time sec | coalescing-type {idle | min} | count count | mode {intx | msi | msi-x}} | (Optional) Configures the Ethernet interrupt. |
||
Step 7 | UCS-A /org/eth-policy # set offload {large-receive | tcp-rx-checksum | tcp-segment | tcp-tx-checksum} {disabled | enabled} | (Optional) Configures the Ethernet offload. |
||
Step 8 | UCS-A /org/eth-policy # set recv-queue {count count | ring-size size-num} | (Optional) Configures the Ethernet receive queue. |
||
Step 9 | UCS-A /org/eth-policy # set rss receivesidescaling {disabled | enabled} | (Optional) Configures the RSS. |
||
Step 10 | UCS-A /org/eth-policy # set trans-queue {count count | ring-size size-num} | (Optional) Configures the Ethernet transmit queue. |
||
Step 11 | UCS-A /org/eth-policy # commit-buffer | Commits the transaction to the system configuration. |
The following example configures an Ethernet adapter policy, and commits the transaction:
UCS-A# scope org / UCS-A /org* # create eth-policy EthPolicy19 UCS-A /org/eth-policy* # set comp-queue count 16 UCS-A /org/eth-policy* # set descr "This is an Ethernet adapter policy example." UCS-A /org/eth-policy* # set failover timeout 300 UCS-A /org/eth-policy* # set interrupt count 64 UCS-A /org/eth-policy* # set offload large-receive disabled UCS-A /org/eth-policy* # set recv-queue count 32 UCS-A /org/eth-policy* # set rss receivesidescaling enabled UCS-A /org/eth-policy* # set trans-queue UCS-A /org/eth-policy* # commit-buffer UCS-A /org/eth-policy #
Command or Action | Purpose | |
---|---|---|
Step 1 | UCS-A# scope org org-name | Enters organization mode for the specified organization. To enter the root organization mode, type / as the org-name. |
Step 2 | UCS-A /org # delete eth-policy policy-name | Deletes the specified Ethernet adapter policy. |
Step 3 | UCS-A /org # commit-buffer | Commits the transaction to the system configuration. |
The following example deletes the Ethernet adapter policy named EthPolicy19 and commits the transaction:
UCS-A# scope org / UCS-A /org # delete eth-policy EthPolicy19 UCS-A /org* # commit-buffer UCS-A /org #
Configuring Network Control Policies
This policy configures the network control settings for the Cisco UCS instance, including the following:
Whether the Cisco Discovery Protocol (CDP) is enabled or disabled
How the VIF behaves if no uplink port is available in end-host mode
Whether the server can use different MAC addresses when sending packets to the fabric interconnect
The network control policy also determines the action that Cisco UCS Manager takes on the remote Ethernet port or the vEthernet interface when the associated border port fails. By default, the Action on Uplink Fail property in the network control policy is configured with a value of link-down. This default behavior directs Cisco UCS Manager to bring the remote Ethernet or vEthernet port down if the border port fails.
Note |
The default behaviour of the Action on Uplink Fail property is optimal for most Cisco UCS that support link failover at the adapter level or only carry Ethernet traffic. However, for those converged network adapters that support both Ethernet and Fibre Channel traffic, such as the Cisco UCS CNA M72KR-Q and the Cisco UCS CNA M72KR-E, the default behavior can affect and interrupt Fibre Channel traffic as well. Therefore, if the server includes one of those converged network adapters and the the adapter is expected to handle both Ethernet and Fibre Channel traffic, we recommend that you configure the Action on Uplink Fail property with a value of warning. Please note that this configuration may result in an Ethernet teaming driver not being able to detect a link failure when the border port goes down. |
Command or Action | Purpose | |
---|---|---|
Step 1 | UCS-A# scope org / | Enters the root organization mode. |
Step 2 | UCS-A /org # create nwctrl-policy policy-name | Creates the specified network control policy, and enters organization network control policy mode. |
Step 3 | UCS-A /org/nwctrl-policy # {disable | enable} cdp | Disables or enables Cisco Discovery Protocol (CDP). |
Step 4 | UCS-A /org/nwctrl-policy # set uplink-fail-action {link-down | warning} | Specifies the action to be taken when no uplink port is available in end-host mode. Use the link-down keyword to change the operational state of a vNIC to down when uplink connectivity is lost on the fabric interconnect, and facilitate fabric failover for vNICs. Use the warning keyword to maintain server-to-server connectivity even when no uplink port is available, and disable fabric failover when uplink connectivity is lost on the fabric interconnect. The default uplink failure action is link-down. |
Step 5 | UCS-A /org/nwctrl-policy # {create mac-security | Enters organization network control policy MAC security mode |
Step 6 | UCS-A /org/nwctrl-policy/mac-security # {set forged-transmit {allow | deny} | Allows or denies the forging of MAC addresses when sending traffic. MAC security is disabled when forged MAC addresses are allowed, and MAC security is enabled when forged MAC addresses are denied. By default, forged MAC addresses are allowed (MAC security is disabled). |
Step 7 | UCS-A /org/nwctrl-policy/mac-security # commit-buffer | Commits the transaction to the system configuration. |
The following example creates a network control policy named ncp5, enables CDP, sets the uplink fail action to link-down, denies forged MAC addresses (enables MAC security), and commits the transaction:
UCS-A# scope org / UCS-A /org # create nwctrl-policy ncp5 UCS-A /org/nwctrl-policy* # enable cdp UCS-A /org/nwctrl-policy* # set uplink-fail-action link-down UCS-A /org/nwctrl-policy* # create mac-security UCS-A /org/nwctrl-policy/mac-security* # set forged-transmit deny UCS-A /org/nwctrl-policy/mac-security* # commit-buffer UCS-A /org/nwctrl-policy/mac-security #
Command or Action | Purpose | |
---|---|---|
Step 1 | UCS-A# scope org / | Enters the root organization mode. |
Step 2 | UCS-A /org # delete nwctrl-policy policy-name | Deletes the specified network control policy. |
Step 3 | UCS-A /org # commit-buffer | Commits the transaction to the system configuration. |
The following example deletes the network control policy named ncp5 and commits the transaction:
UCS-A# scope org / UCS-A /org # delete nwctrl-policy ncp5 UCS-A /org* # commit-buffer UCS-A /org #