Useful commands for Nexus (7000, 5000, 2000) switches
HSRP
hsrp 102 preempt delay minimum 60 priority 120 ip 172.19.102.254
Command to lock the configuration when entering configuration mode
configure terminal lock
Show the port profiles config under the int (the inhereted config)
show port-profile expand-interface
Show vpc usage
show vpc usage
Check witch ports are pinned to FEX Uplink port
show int e1/6 fex-int
Redistibute fex static pinning (need to update the pinning max links firts)
fex pinning redistibute 101
Disable VDC combined host names
no vdc combined-hostname
Backup license
copy licenses bootflash://license.tar copy bootflash://license.tar tftp://1.1.1.1/license.tar
Save commands history to disk
archive log config logging enable logging size 200 hidekeys notify syslog
Save log to disk
logging buffered logging persistent url disk0:/syslog size 134217728 filesize 16384
Check what is synced with CFS
show cfs application
Turn on CFS over IP (over mgmt port)
cfs eth distribute cfs ipv4 distribute
Turn on CFS for NTP
ntp distribute
Commit ntp changes when using CFS
ntp commit
Check fabric modules status
show module xbar
Disable LAN trafic on FCoE port
interface ethernet slot/port shutdown lan
Unicast RPF
interface Ethernet2/3 ip address 172.23.231.240/23 ip verify unicast source reachable-via any show ip interface vlan 10 | i unicast
Check modules hardware capabilities
show hardware capacity forwarding
Fabric utilization
show hardware capacity fabric-utilization
Check if was an interfaces drops on a module
show hardware capacity interface
Check port quees
show policy-map interface Ethernet 1/1 input type queuing
Tern on locator led
beacon
Tern on locator led – N2K
conf t fex 101 beacon
Ccancel combined-hostname at hostnames
no vdc combined-hostname
Start new evaluation for license (Only for nexus 7000)
license grace-period
Check mac address table at hardware: (UCS)
A(nxos)# show platform fwm in replmac | in %Mac%
Jumbo frames
switch(config)#system jumbomtu 9216 switch(config)#interface ethernet x/x switch(config-if)#switchport switch(config-if)#mtu 9216 switch(config-if)#exit switch(config)# policy-map type network-qos jumbo switch(config-pmap-nq)# class type network-qos class-default switch(config-pmap-c-nq)# mtu 9216 switch(config-pmap-c-nq)# exit switch(config-pmap-nq)# exit switch(config)# system qos switch(config-sys-qos)# service-policy type network-qos jumbo
Upgrade nexus
copy ftp://a@73.192.99.217/n5000-uk9-kickstart.5.1.3.N1.0.328.bin bootflash: copy ftp://a@73.192.99.217/n5000-uk9.5.1.3.N1.0.328.bin bootflash: install all kickstart bootflash:n5000-uk9-kickstart.5.1.3.N1.0.328.bin system bootflash:n5000-uk9.5.1.3.N1.0.328.bin
Clock client – NXOS
>ntp server 10.0.0.10 prefer use-vrf default
Add fex (N2K) to N5K
fex 101 interface port-channel101 switchport mode fex-fabric vpc 101 fex associate 101 interface Ethernet1/1-2 switchport mode fex-fabric fex associate 101 channel-group 101
Check Po load balancing statistics
show port-channel traffic
vPC track
track 10 list boolean or object 11 object 12 track 11 interface port-channel10 line-protocol track 12 interface Ethernet1/1 line-protocol vpc domain 10 role priority 32767 system-priority 1 track 10 peer-keepalive destination 192.168.100.2 source 192.168.100.1 vrf peerkeepalive
Sync config (for Nexus 5000 vPC peers)
cfs ipv4 distribute cfs eth distribute switch-profile sync-test sync-peers destination 10.10.10.252
DHCP snooping
ip dhcp snooping ip dhcp snooping information option no ip dhcp snooping verify mac-address no ip dhcp relay ip dhcp snooping vlan 1-3967,4048-4093 interface port-channel1 ip dhcp snooping trust interface Ethernet101/1/48 ip dhcp snooping trust
Arp inspect (protect DG)
ip arp inspection vlan 1-3967 ip arp inspection filter Protect_DG vlan 1-3967 arp access-list Protect_DG 10 permit ip 0.0.0.254 0.0.0.255 mac 0000.0c07.ac00 FFFF.FFFF.FF00 20 permit ip 0.0.0.254 0.0.0.255 mac 0000.5E00.0100 FFFF.FFFF.FF00 30 deny ip host 172.19.102.254 mac any log 40 permit ip any mac any