Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples

I just took three day Cisco Nexus 1000V training before Christmas. It’s a pretty good experience to play with the commands in the VSM appliance although I am still not quite familiar with these commands yet. Nevertheless, I managed to run through all the 9 labs thanks to the online lab that I could access even after class. To help myself to remember what I did, I listed a few commands that often needed in managing Nexus 1000V.

The key point from the training is that Nexus 1000V returns the control of networking back to network administrators so that there is a clear boundary between server administrators and network administrators. For small businesses, one administrator may wear multiple hats so one person manages server, network, and storage. In these cases, clear separation may not be a benefit at all.

Lost VMs or Containers? Too Many Consoles? Too Slow GUI? Time to learn how to "Google" and manage your VMware and clouds in a fast and secure HTML5 App.

For the big IT shops, story may be different. Not only are there different teams in charge of servers and networking, but also two teams don’t like each other much as I heard from others and confirmed by the folks I met in the training. Here the clear separation is definitely a big advantage. With Nexus 1000V, networking team can take care of the virtual networking in the same way using same commands as the physical networking.

If that is true, will it an attractive product that is packaged as virtual appliance as Cisco VSM but manages VMware distributed virtual switch using the same commands? I know feature wise, VMware version lags a bit behind the Cisco one but close enough and good enough for most customers. Please feel free to share your thoughts? Especially if you are server or network administrators.

Last but not least is that Cisco has made Nexus 1000V free if you’ve got the high end of vSphere license with which you can run VMware distributed virtual switch. Originally I thought you can install Nexus 1000V with lower license, but I guessed wrong. Anyway, you should always check with both Cisco and VMware on license compliance.

Now, let’s take a look at the Nexus VSM commands I had run in my training. They are necessarily complete, neither do they follow the exact sequence. It’s at your own risk to try them out. For complete command lines, check out Cisco Nexus 1000V System Management Configuration Guide

# configure
# hostname N1KV-VSM
# svs-domain
# domain id 1
# control vlan 102
# control vlan 103
# exit
# svs connection MY-VCENTER
# protocol vmware-vim
# remote ip address 100.0.1.21
# vmware dvs datacenter-name MY-Datacenter
# connect
# end
# show svs connections
# show svs domain
# show module
# show system redundancy status
# copy run start
# system redundancy role primary

# attach module 2
# show system resources
# exit
# system switchover

#  vlan 101
# name vMotion/Storage
# vlan 102
# name Control
# vlan 103
# name Packet
# vlan 104
# name Production
# exit
# show vlan
# port-profile type Ethernet Host-Uplinks
# description “Uplinks from ESXi hosts to switch”
# vmware port-group VMNIC-Uplinks
# switchport mode trunk
# switchport trunk allowed vlan 1, 101-104
# no shutdown
# system vlan 1, 102-103
# state enabled
# exit

# cli alias name wr copy running-config startup-config
# wr
# show port-profile name Host-Uplinks
# show interface brief
# show port-profile expand-interface
# show interface vethernet 1 status

# show mac address-table vlan 104
# interface vethernet 1
# shutdown
# no shutdown
# exit
# show interface vethernet 1

# show version
# dir
# copy tftp://100.0.1.21/nexus-1000v-kickstart-mz.4.2.1.SV1.5.2.bin bootflash: nexus-1000v-kickstart-mz.4.2.1.SV1.5.2.bin vrf management
# copy tftp://100.0.1.21/nexus-1000v-mz.4.2.1.SV1.5.2.bin bootflash: nexus-1000v-mz.4.2.1.SV1.5.2.bin vrf management
# show install all impact kickstart bootflash: nexus-1000v-kickstart-mz.4.2.1.SV1.5.2.bin system nexus-1000v-mz.4.2.1.SV1.5.2.bin
# install all impact kickstart bootflash: nexus-1000v-kickstart-mz.4.2.1.SV1.5.2.bin system nexus-1000v-mz.4.2.1.SV1.5.2.bin
# vmware vem upgrade notify
# vmware vem upgrade complete
# configure
# port-profile type Ethernet Host-Uplinks
# channel-group auto mode on map-pinning
# exit
# show port-channel summary
# show port-profile name Host-Uplinks

# module vem 2 execute vemcmd show port
# show interface virtual

# show port-profile virtual usage
# ip access-list ProtectVM
# statistics per-entry
# deny udp any any eq 123
# permit ip any any
# show access-list
# show access-lists summary
# terminal monitor
# interface vethernet 1
# shutdown
# switchport port-security
# switchport port-security mac-address 0050.5687.5a40
# no shutdown
# show running-config interface vethernet 1
# no svs veth auto-config-purge
# show port-security address
# show port-security interface vethernet 1
# show port-security

# dhcp
# ip dhcp snooping
# ip dhcp snooping vlan 104
# port-profile Production-VMs
# show running-config dhcp
# show ip verify source
# show ip dhcp snooping binding
# no feature dhcp
# show running-config | grep dhcp-snooping-vlan

# class-map type qos RTP
# match ip rtp 16384-32767
# show class-map type qos
# policy-map type qos VMQoS
# class type qos RTP
# set cos 5
# set dscp ef

# show policy-map type qos
# port-profile Production-VMs
# service-policy type qos input VMQoS

# show run ipqos

# policy-map type qos VMQoS
# class type qos FTP
# police 1 Mbps conform transmit violate drop
# show policy-map VMQoS
# police 1 Mbps conform transmit violate set dscp dscp table pir-markdown-map
# class-map type queuing match-all Control
# match protocol n1k_control
# policy-map type queuing CBWFQ
# class type queuing Control
# bandwidth percent 5

# radius-server host 100.0.1.21 key secretkey
# show radius-server
# aaa group server radius RadiusSG
# server 100.0.1.21
# source-interface mgmt 0
# use-vrf management
# exit
# show radius-server groups
# test aaa group RadiusSG radius dc123
# show aaa authentication
# aaa authentication login error-enable
# show aaa authentication login error-enable
# show radius-server statistics 100.0.1.21
# show role
# show password strength-check
# username readonly password <a href="mailto:1234@Cisco">1234@Cisco</a> role network-operator

# role name network-support
# description First Level Support
# rule 1 permit read
# rule 2 permit read-write feature ping
# rule 3 permit read-write feature vlan
# rule 4 permit read-write feature syslog
# show role name network-support

# where

# monitor session 1
# description “Local SPAN of DoubleCloudVM”
# source interface vethernet 1 both
# destination interface vethernet 9
# show monitor session 1
# no shutdown
# show

# no monitor session 1
# monitor session 2 type erspan-source
# description “ERSPAN of DoubleCloudVM”
# source interface vethernet 1 both
# destination ip 100.0.14.3
# erspan-id 1
# no shutdown
# show monitor session 2

# capability l3control
# module vem 3 execute vemcmd show span

# show port-profile virtual usage
# monitor session 2 type erspan-source
# show interface virtual | grep WinServer1

This entry was posted in Virtualization and tagged , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

10 Comments

  1. Posted January 3, 2013 at 2:36 am | Permalink

    Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples http://t.co/85xnXd81 via @sjin2008

  2. Posted January 3, 2013 at 3:41 am | Permalink

    Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples (DoubleCloud) http://t.co/28kthRhA

  3. Posted January 3, 2013 at 4:11 am | Permalink

    Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples (DoubleCloud) http://t.co/XLTb9wZW

  4. Posted January 3, 2013 at 4:56 am | Permalink

    Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples – http://t.co/N9vT5hFH http://t.co/N9vT5hFH

  5. Posted January 3, 2013 at 8:54 am | Permalink

    #Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples http://t.co/wSXRj1uW (via @sjin2008)

  6. Posted January 3, 2013 at 10:15 am | Permalink

    #Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples http://t.co/HlcbJrTf (via @sjin2008)

  7. Posted January 3, 2013 at 11:50 am | Permalink

    #Cisco Nexus 1000V Distributed Virtual Switch: Command Line Examples http://t.co/sFkx94PW (via @sjin2008)

  8. Hilary Cosper
    Posted May 19, 2016 at 8:04 pm | Permalink

    Good writing . I am thankful for the points – Does anyone know where I could possibly access a template FL 12.910(a) version to work with ?

  9. Marian Chick
    Posted May 20, 2016 at 2:41 am | Permalink

    Hi Hilary Cosper, my colleague accessed a template a form version using this http://goo.gl/qfRGNZ

  10. Posted June 3, 2016 at 2:43 am | Permalink

    Having read this I thought it was really enlightening. I appreciate you
    finding the time and effort to put this article together. I once again find myself personally spending a lot of time both reading and leaving comments.

    But so what, it was still worth it!

One Trackback

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

  • NEED HELP?


    My company has created products like vSearch ("Super vCenter"), vijavaNG APIs, EAM APIs, ICE tool. We also help clients with virtualization and cloud computing on customized development, training. Should you, or someone you know, need these products and services, please feel free to contact me: steve __AT__ doublecloud.org.

    Me: Steve Jin, VMware vExpert who authored the VMware VI and vSphere SDK by Prentice Hall, and created the de factor open source vSphere Java API while working at VMware engineering. Companies like Cisco, EMC, NetApp, HP, Dell, VMware, are among the users of the API and other tools I developed for their products, internal IT orchestration, and test automation.