Blog‎ > ‎

Nexus NX-OS Overview

posted Nov 12, 2013, 10:42 AM by Rick McGee   [ updated Mar 5, 2014, 8:53 PM ]
Nexus NX-OS Overview    
    Fabric Path
        Early version of TRILL (Transparent Interconnect of Lots of Links)
        L2 Ethernet Routing (Not Really Ethernet like TRILL)
        Uses IS-IS own protocol wrapped n a L3 packet
Nexus 7K
    Dual Supervisors run as a HA Pair
    Is Primary SUP goes down, standby SUP takes over in a stateful manner
        Doesn't have to rebuild the control plane (STP, OSFP, Global ARP, and MAC
        Data Plane= User traffic web or DB traffic no t destined to local switch is not effected
SSO
    Stateful Switch Over
    Users Graceful Restart / Nonstop Forwarding (NSF) to signal other devices about the switch over
    Goal is to forward Data Plane traffic while switchover occurs, during a control plane reset
    Graceful Restart is the standard term for Cisco NSF (also known as Non Stop Routing NSR)
2 Roles in Graceful Restart
    GR Capable Device
        Local Device going through the control plane restart
     GR Helper/Aware Device
        Remote Device learning about the restart
 
    GR Capable signals helper about the restart
        E.G. OSPF Grace LSA (Type 9 Opaque LSA)
        Signaling Grace Period of 60 seconds
            This is how long the helper should wait for the restarting device to come back online
        Helper continues to forward data plane traffic towards the restarting device until....
  1. Grace period expires and neighbor is torn down (ungraceful)
  2. Convergence event occurs and the neighbor is torn down (ungraceful)
  3. Neighbor comes back online before grace period expires and control plane reconverges (Graceful)  
No configuration needed for GR/NSF
    A prerequisite you have to have dual supervisors in the Nexus 7K series switch
    Commands to check status 
  1. "Show Environment"     
  2. "Show system redundancy"
 
 
 
 

In Service Software Updates/Downgrades

 
SSO or Stateful Switch Over
    SSO capabilities of the Nexus 7K supervisor to allow hit less NX-OS software upgrades/downgrades
    This might allow one not having to schedule maintenance windows (I still would)
 
How it would work in Theory
    1 Primary SUP with 5.1(x)
    2 Standby SUP
 
    1 Standby SUP
    2 Active SUP with 6.0 (x)
 
Download image to flash on standby SUP
    Nexus 7K will perform a SSO to make the standby SUP Active
    Active SUP now runs new NX-OS version
Download image to flash of the new standby SUP (what as the primary)
    Install image on new standby SUP
    The whole process will take anywhere from 30-45 minutes depending on if there is EPLD upgrades to perform as well.
 
Always check release notes carefully before performing ISSU/ISSD in production
    FPGA/EPLD Field programmable gate arrays/Electronic programmable logical devices
    These devices are on the N7K line card modules which may cause the line card module to reboot
        If you had you vPC Peerlink on these line cards that would cause all the southbound switches to not have a northbound link out of the         network.  
    To see what version you currently have in a N7K series switch enter the following command
        " show version module (slot#) epld
 
Switch Supervisors while in command line
    "system switchover" (not a graceful restart)
 
Nexus 5K's    
    5550 UP (unified ports)
    Ethernet ports start on port 1 and up
    Fiber channel ports allocated at the last port (which would include a installed module) and counts down
The N5K's will require a reboot to re-allocate port roles (the same the Cisco UCS fabric interconnects)
    This is the same for the module or platform of the switch
    Example
        Slot 1
        port 31-32 type FC
    Nexus 5548/96 support Fabricpath
 
Nexus 2K's
    No console or VTY ports
    NX-OS automatically downloads NX-OS from the parent switch (Nexus 5K/7K)
    NO LOCAL SWITCHING
    Using a VN-TAG/802.11BR and is not an Ethernet switch
    
 
This can impact designs!
    Is there a lot of East to West traffic
    Think of a DC with 4 Racks with ToR N2K1 and N2K2 and Servers 1 and 2 in 3 of the racks and the 4th with a N5K EoR design
    For server 1 to talk to server 2 it would have to go to the upstream N2K1 -------> N5K (EOR)----->N2K2-----> finally to Server 2 all in the
    same rack. For low latency applications this may not be the best design.
 
How to turn on FEX capabilities in the N5/7K
    Command "feature fex"
                      "show fex detail"
    Port from parent switch connecting to the N2k
    Command "fex associate 100"
                     " interface Ethernet 100/1/1" 
 
 
 
The N5K's to N2K's can be crossed and create multiple vPC's, while the N7K's to N2K's have to form a trunk with LACP 802.3ad then create the vPC from the N2k's southbound to the Server. This is supposedly changing with NX-OS 7.0 Gibraltar this will allow the N2K's to be uplinked to two separate N7K's.
 

 

Comments