Bon finalement j’ai le temps de faire un lab avec çà :
[long et technique]
Le lab est toujours up, si quelqu'un veut que je fasse une bidouille
différente, demandez.
n3k-spare# write erase
Warning: This command will erase the startup-configuration.
Do you wish to proceed anyway? (y/n) [n] y
n3k-spare# reload
This command will reboot the system. (y/n)? [n] y
2013 Dec 4 08:56:20 n3k-spare %$ VDC-1 %$ %PLATFORM-2-PFM_SYSTEM_RESET: Manual
system restart from Command Line Interface
Press ctrl L to go to loader prompt in 2 secs
Booting kickstart image: bootflash:/nxos.7.0.3.I4.6.bin
[...]
switch# conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# no password strength-check
switch(config)# username admin password cisco role network-admin
switch(config)# hardware profile portmode 48x10G+4x40G
timezone PST -8 0
cWarning: This command will take effect only after saving the configuration and
reload! Port configurations could get lost when port
mode is changed! We suggest you clean up the impacted interfaces config and
redo them after boot up!
lock summer-time PDT 2 Sun Mar 02:00 1 Sun Nov 02:00 60
cli alias name wr copy running-config startup-config
banner motd ^
Nexus n3064PQ Spare
no IP
no VLANS
switch(config)# clock timezone PST -8 0
switch(config)# clock summer-time PDT 2 Sun Mar 02:00 1 Sun Nov 02:00 60
switch(config)# cli alias name wr copy running-config startup-config
switch(config)# banner motd ^
Enter TEXT message. End with the character '^'.
> Nexus n3064PQ Spare
> no IP
> no VLANS
> ^
switch(config)# host n3k-spare
n3k-spare# exit
n3k-spare# wr
[########################################] 100%
Copy complete, now saving to disk (please wait)...
n3k-spare# reload
[...]
n3k-spare# sh ver
BIOS: version 4.0.0
NXOS image file is: bootflash:///nxos.7.0.3.I4.6.bin
Hardware
cisco Nexus3064 Chassis
Intel(R) Celeron(R) CPU P4505 @ 1.87GHz with 3903304 kB of memory.
Sans aucune surprise, une config par défaut relativement complète est installée
automatiquement :
n3k-spare# sh run
!Command: show running-config
!Time: Wed Dec 4 09:14:32 2013
version 7.0(3)I4(6)
hostname n3k-spare
vdc n3k-spare id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 104
limit-resource u4route-mem minimum 128 maximum 128
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8
feature lldp
no password strength-check
username admin password 5 $5$mnxxpAh/$l7R9Ow5xXr5rSiUHIHrXNtzETSkJgQzPq8ZpBdVBul
D role network-admin
banner motd ^
Nexus c3064PQ Spare
no IP
no VLANS
^
ip domain-lookup
service unsupported-transceiver
ip access-list copp-system-acl-eigrp
10 permit eigrp any 224.0.0.10/32
ipv6 access-list copp-system-acl-eigrp6
10 permit eigrp any ff02::a/128
ip access-list copp-system-acl-icmp
10 permit icmp any any
ip access-list copp-system-acl-igmp
10 permit igmp any any
ip access-list copp-system-acl-ntp
10 permit udp any any eq ntp
20 permit udp any eq ntp any
ip access-list copp-system-acl-pimreg
10 permit pim any any
ip access-list copp-system-acl-ping
10 permit icmp any any echo
20 permit icmp any any echo-reply
ip access-list copp-system-acl-routingproto1
10 permit tcp any gt 1024 any eq bgp
20 permit tcp any eq bgp any gt 1024
30 permit udp any 224.0.0.0/24 eq rip
40 permit tcp any gt 1024 any eq 639
50 permit tcp any eq 639 any gt 1024
70 permit ospf any any
80 permit ospf any 224.0.0.5/32
90 permit ospf any 224.0.0.6/32
ip access-list copp-system-acl-routingproto2
10 permit udp any 224.0.0.0/24 eq 1985
20 permit 112 any 224.0.0.0/24
ip access-list copp-system-acl-snmp
10 permit udp any any eq snmp
20 permit udp any any eq snmptrap
ip access-list copp-system-acl-ssh
10 permit tcp any any eq 22
20 permit tcp any eq 22 any
ip access-list copp-system-acl-stftp
10 permit udp any any eq tftp
20 permit udp any any eq 1758
30 permit udp any eq tftp any
40 permit udp any eq 1758 any
50 permit tcp any any eq 115
60 permit tcp any eq 115 any
ip access-list copp-system-acl-tacacsradius
10 permit tcp any any eq tacacs
20 permit tcp any eq tacacs any
30 permit udp any any eq 1812
40 permit udp any any eq 1813
50 permit udp any any eq 1645
60 permit udp any any eq 1646
70 permit udp any eq 1812 any
80 permit udp any eq 1813 any
90 permit udp any eq 1645 any
100 permit udp any eq 1646 any
ip access-list copp-system-acl-telnet
10 permit tcp any any eq telnet
20 permit tcp any any eq 107
30 permit tcp any eq telnet any
40 permit tcp any eq 107 any
ipv6 access-list copp-system-acl-v6routingProto2
10 permit udp any ff02::66/128 eq 2029
20 permit udp any ff02::fb/128 eq 5353
30 permit 112 any ff02::12/128
ipv6 access-list copp-system-acl-v6routingproto1
10 permit 89 any ff02::5/128
20 permit 89 any ff02::6/128
30 permit udp any ff02::9/128 eq 521
ip access-list copp-system-dhcp-relay
10 permit udp any eq bootps any eq bootps
class-map type control-plane match-any copp-icmp
match access-group name copp-system-acl-icmp
class-map type control-plane match-any copp-ntp
match access-group name copp-system-acl-ntp
class-map type control-plane match-any copp-s-arp
class-map type control-plane match-any copp-s-bfd
class-map type control-plane match-any copp-s-bpdu
class-map type control-plane match-any copp-s-dai
class-map type control-plane match-any copp-s-default
class-map type control-plane match-any copp-s-dhcpreq
class-map type control-plane match-any copp-s-dhcpresp
match access-group name copp-system-dhcp-relay
class-map type control-plane match-any copp-s-dpss
class-map type control-plane match-any copp-s-eigrp
match access-group name copp-system-acl-eigrp
match access-group name copp-system-acl-eigrp6
class-map type control-plane match-any copp-s-glean
class-map type control-plane match-any copp-s-igmp
match access-group name copp-system-acl-igmp
class-map type control-plane match-any copp-s-ipmcmiss
class-map type control-plane match-any copp-s-l2switched
class-map type control-plane match-any copp-s-l3destmiss
class-map type control-plane match-any copp-s-l3mtufail
class-map type control-plane match-any copp-s-l3slowpath
class-map type control-plane match-any copp-s-mpls
class-map type control-plane match-any copp-s-pimautorp
class-map type control-plane match-any copp-s-pimreg
match access-group name copp-system-acl-pimreg
class-map type control-plane match-any copp-s-ping
match access-group name copp-system-acl-ping
class-map type control-plane match-any copp-s-ptp
class-map type control-plane match-any copp-s-routingProto1
match access-group name copp-system-acl-routingproto1
match access-group name copp-system-acl-v6routingproto1
class-map type control-plane match-any copp-s-routingProto2
match access-group name copp-system-acl-routingproto2
class-map type control-plane match-any copp-s-selfIp
class-map type control-plane match-any copp-s-ttl1
class-map type control-plane match-any copp-s-v6routingProto2
match access-group name copp-system-acl-v6routingProto2
class-map type control-plane match-any copp-s-vxlan
class-map type control-plane match-any copp-snmp
match access-group name copp-system-acl-snmp
class-map type control-plane match-any copp-ssh
match access-group name copp-system-acl-ssh
class-map type control-plane match-any copp-stftp
match access-group name copp-system-acl-stftp
class-map type control-plane match-any copp-tacacsradius
match access-group name copp-system-acl-tacacsradius
class-map type control-plane match-any copp-telnet
match access-group name copp-system-acl-telnet
policy-map type control-plane copp-system-policy
class copp-s-default
police pps 400
class copp-s-l2switched
police pps 200
class copp-s-ping
police pps 100
class copp-s-l3destmiss
police pps 100
class copp-s-glean
police pps 500
class copp-s-selfIp
police pps 500
class copp-s-l3mtufail
police pps 100
class copp-s-ttl1
police pps 100
class copp-s-ipmcmiss
police pps 400
class copp-s-l3slowpath
police pps 100
class copp-s-dhcpreq
police pps 300
class copp-s-dhcpresp
police pps 300
class copp-s-dai
police pps 300
class copp-s-igmp
police pps 400
class copp-s-routingProto2
police pps 1300
class copp-s-v6routingProto2
police pps 1300
class copp-s-eigrp
police pps 200
class copp-s-pimreg
police pps 200
class copp-s-pimautorp
police pps 200
class copp-s-routingProto1
police pps 1000
class copp-s-arp
police pps 200
class copp-s-ptp
police pps 1000
class copp-s-vxlan
police pps 1000
class copp-s-bfd
police pps 350
class copp-s-bpdu
police pps 12000
class copp-s-dpss
police pps 1000
class copp-s-mpls
police pps 100
class copp-icmp
police pps 200
class copp-telnet
police pps 500
class copp-ssh
police pps 500
class copp-snmp
police pps 500
class copp-ntp
police pps 100
class copp-tacacsradius
police pps 400
class copp-stftp
police pps 400
control-plane
service-policy input copp-system-policy
snmp-server user admin network-admin auth md5 0x769a258e8bbe8ce111d127efe28958cc
priv 0x769a258e8bbe8ce111d127efe28958cc localizedkey
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
vlan 1
vrf context management
no system urpf disable
no port-channel load-balance resilient
hardware profile portmode 48x10G+4x40G
interface Ethernet1/1 <== 10G
interface Ethernet1/2 <== 10G
[...]
interface Ethernet1/49 <== 40G
interface Ethernet1/50 <== 40G
interface Ethernet1/51 <== 40G
interface Ethernet1/52 <== 40G
interface mgmt0
vrf member management
clock timezone PST -8 0
clock summer-time PDT 2 Sun Mar 02:00 1 Sun Nov 02:00 60
cli alias name wr copy running-config startup-config
line console
line vty
boot nxos bootflash:/nxos.7.0.3.I4.6.bin
n3k-spare# sh inte e1/49 | inc MTU
MTU 1500 bytes, BW 40000000 Kbit, DLY 10 usec
n3k-spare# show queuing interface ethernet 1/49 | incl MTU
HW MTU of Ethernet1/49 : 1500 bytes
n3k-spare#
https://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/118994-config-nexus-00.html
n3k-spare# conf t
Enter configuration commands, one per line. End with CNTL/Z.
n3k-spare(config)# policy-map type network-qos jumbo
type network-qos class-default
mtu 9216
system qos
n3k-spare(config-pmap-nqos)# class type network-qos class-default
n3k-spare(config-pmap-nqos-c)# mtu 9216
n3k-spare(config-pmap-nqos-c)# system qos
n3k-spare(config-sys-qos)# service-policy type network-qos jumbo
n3k-spare(config-sys-qos)# 2013 Dec 4 09:23:23 n3k-spare %$ VDC-1 %$
%IPQOSMGR-2-QOSMGR_NETWORK_QOS_POLICY_CHANGE: Policy jumbo is now active
n3k-spare(config-sys-qos)# end
n3k-spare# sh inte e1/49 | inc MTU
MTU 1500 bytes, BW 40000000 Kbit, DLY 10 usec
n3k-spare# show queuing interface ethernet 1/49 | incl MTU
HW MTU of Ethernet1/49 : 9216 bytes
n3k-spare# wr
[########################################] 100%
Copy complete, now saving to disk (please wait)...
n3k-spare# reload
This command will reboot the system. (y/n)? [n] y
2013 Dec 4 09:25:29 n3k-spare %$ VDC-1 %$ %PLATFORM-2-PFM_SYSTEM_RESET: Manual
system restart from Command Line Interface
[...]
n3k-spare#
n3k-spare# sh inte e1/49 | inc MTU
MTU 1500 bytes, BW 40000000 Kbit, DLY 10 usec
n3k-spare# show queuing interface ethernet 1/49 | incl MTU
HW MTU of Ethernet1/49 : 9216 bytes
n3k-spare#
n3k-spare(config)# inte e1/49
n3k-spare(config-if)# mtu 1500
^
% Invalid command at '^' marker.
Moralité :
Pas de MTU par interface sur le mien. Ce qui est reporté par "show interface"
çà ne vaut pas un caramel mou.
Michel.
---------------------------
Liste de diffusion du FRnOG
http://www.frnog.org/
