Nexus 5020 Lab Guide

Overview
This lab guide describes the lab activities that are included in the course, Implementing and Configuring Nexus 5000 Switches. This lab guide describes each activity and provides step- by-step instructions for completing each exercise.

Lab List
This guide includes these activities: Lab 1: Analyzing FCoE Packet Traces Lab 2: Configuring the FCoE and Switch Mode Lab 3: NPV Lab 4: QOS Lab Lab 5a: Trace Tools Lab 5b: Trace Tools

2008 Cisco Systems, Inc. All rights reserved

1 of 52

Lab Topology

Pods 1-4

2008 Cisco Systems, Inc. All rights reserved

2 of 52

Pods 5-8

IP address assignments

2008 Cisco Systems, Inc. All rights reserved

3 of 52

Password:
Terminal server Login password: labops. Enable password: nuovanuova Nexus 5000: admin/nbv12345 Windows Server: administrator/nuovanuova Fabric Manager: admin/password

2008 Cisco Systems, Inc. All rights reserved

4 of 52

Fabric Manager Switch Mode View

LUN Mapping
FC 1/17 target has 11 g lun number 1 for server 1 FC 1/18 target has 12 g lun number 1 for server 2 FC 1/19 target has 13 g lun number 1 for server 3 FC 1/20 target has 14 g lun number 1 for server 4 FC 1/21 target has 15 g lun number 1 for server 5 FC 1/22 target has 16 g lun number 1 for server 6 FC 1/23 target has 17 g lun number 1 for server 7 FC 1/8 target has luns for server 8

Students will use Remote Desktop to access the Servers

2008 Cisco Systems, Inc. All rights reserved

5 of 52

Student Lab Student has PC with one embedded Gigabit NIC and one 2 port CNA Nexus 5020 Switch Cat 6500 Chassis (shared) MDS 9134 (shared) 1 LUN of Storage (Pod 8 will have more)

Pod Layout (Pod 3)

JBOD for Pod 8 FC 1/8 & 1/16 HP array Storage for Pods 1-7

VSAN 13

2/3

1/3

CNA port 2 CNA port 1

Server

2008 Cisco Systems, Inc. All rights reserved

6 of 52

Cat6500

2008 Cisco Systems, Inc. All rights reserved

7 of 52

Lab 1: Analyzing FCoE Packet Traces

Activity Objective
In this exercise, you will analyze a canned FCoE trace using Wireshark. After completing this exercise, you will be able to meet these objectives: Use Wireshark to identify the components of an FCoE frame

Activity Procedure
Connect to the server in your POD using Remote Desktop with username/password of administrator/nuovanuova. Complete these steps:
Step 1

Launch the Wireshark application.

Step 2

Open a canned FCoE traffic buffer. The filename is [Link].

2008 Cisco Systems, Inc. All rights reserved

8 of 52

Step 3

Review an FCoE frame.

2008 Cisco Systems, Inc. All rights reserved

9 of 52

Step 4

Find the Ethertype of the FCoE frame.

2008 Cisco Systems, Inc. All rights reserved

10 of 52

Step 5

Find the start of frame of the FCoE frame.

Step 6

Find the CRC of the FCoE frame.

2008 Cisco Systems, Inc. All rights reserved

11 of 52

Step 7

Find the end of frame of the FCoE frame.

2008 Cisco Systems, Inc. All rights reserved

12 of 52

Lab 2: Configuring FCoE in Switch Mode

Activity Objective
In this exercise you will configure basic connectivity to the switch, 802.1q trunking, LACP Port Channels, Fibre Channel Port Channels, and FCoE connectivity. Note: The exercises

in the lab were performed on POD 1. Please use the correct switches, VSANs, VLANs, IP addresses, storage ports, and host associated with your assigned POD.

Activity Procedure
For this first part of the lab you will need to Telnet into the Terminal Server and access the console of the N5K, as remote access through the management port has not been setup.

Step 1.
Telnet to [Link], sign on with a password of labops Issue the show host command: Nuova_TermServer>show host [snip] Host Address(es) tm1 tm2 tm3 tm4 tm5 tm6 tm7 tm9 tm8 Port 2033 2034 2035 2036 2037 2038 2039 2044 2040 Flags Age Type IP IP IP IP IP IP IP IP IP [Link] [Link] [Link] [Link] [Link] [Link] [Link] [Link] [Link]

(perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21

2008 Cisco Systems, Inc. All rights reserved

13 of 52

tm6500 mds

2042 2047

(perm, OK) 21 (perm, OK) 21

IP IP

[Link] [Link]

Console in to the 5020 for your pod, for example, POD 1 would be TM1 Nuova_TermServer>tm1 Translating "tm1" Trying tm1 ([Link], 2033)... % Connection refused by remote host Deleting login session If you see the above error message you will need to get enable access to the terminal server and clear the line as shown below. The enable password is nuovanuova. If you do not see the error message above you can proceed to step 2 Nuova_TermServer>ena Password: Nuova_TermServer#clear line 33 [confirm] <- Hit enter [OK] Nuova_TermServer#tm1 Translating "tm1" Trying tm1 ([Link], 2033)... Open here switch# <- Should see this prompt Hit enter

Step 2.

Configure the switch name for the 5020 in your pod, management VRF, enable SSH server, and verify connectivity through the management port.

switch# configure switch(config)# switchname TM1 POD Specific

TM1(config)# vrf context management TM1(config-vrf)# ip route [Link]/0 [Link]

2008 Cisco Systems, Inc. All rights reserved

14 of 52

TM1(config-vrf)# exit TM1(config)# ssh key rsa 1024 TM1(config)# ssh server enable

Verify you can now telnet and SSH into the 5020 for your POD.

Step 3.

Using Telnet or SSH, configure the switch for 802.1q trunking and LACP port channels. Please use the VLAN specific to your POD.

TM1(config)# vlan 21x with your POD number.

VLAN for your POD. Replace x Again POD specific

TM1(config-vlan)# name podx_VLAN TM1(config-vlan)# exit

TM1(config)# feature lacp TM1(config)# interface port-channel x specific TM1(config-if-range)# exit TM1(config)# interface ethernet 1/3-4 TM1(config-if-range)# channel-group x mode active POD specific Ethernet1/3 Ethernet1/4 added to port-channel1 TM1(config-if-range)# interface port-channel x specific TM1(config-if)# switchport mode trunk TM1(config-if)# switchport trunk allowed vlan 21x POD specific TM1(config-if)# no shut Again Again POD Again Again POD

Verify the Port channel is up and both interfaces are up and active in the port channel TM1# sh port-channel summary Flags: D - Down I - Individual P - Up in port-channel (members) H - Hot-standby (LACP only)

2008 Cisco Systems, Inc. All rights reserved

15 of 52

s - Suspended S - Switched

r - Module-removed R - Routed

U - Up (port-channel) -------------------------------------------------------------------------Group PortChannel -------------------------------------------------------------------------1 Po1(SU) Eth LACP Eth1/3(P) Eth1/4(P) Type Protocol Member Ports

Step 4.

In this next step you will configure SAN Port Channels and VSANs

First turn on the FCoE feature. This will require a reboot of the switch to go into effect. TM1(config)# feature fcoe 2008 Aug 13 [Link] switch %$ VDC-1 %$ %PFMA-2FC_LICENSE_DESIRED: FCoE/FC feature will be enabled after the configuration is saved followed by a reboot

TM1# copy run startup-config [########################################] 100% Packaging and storing to flash: \ TM1# reload

Once the switch comes back up create the vsan needed for your POD TM1#configure TM1(config)# vsan data TM1(config-vsan-db)# vsan 1x Replace x with your POD number. VSAN for your POD.

TM1(config-vsan-db)# exit

2008 Cisco Systems, Inc. All rights reserved

16 of 52

Next create the SAN port channel, prune it for the correct VSANs (VSAN 1 and your POD VSAN #) and add the FC interfaces.

TM1(config)# interface san-port-channel 1x specfic. Replace x with your POD number.

POD

TM1(config-if)# switchport trunk allowed vsan 1 TM1(config-if)# switchport trunk allowed vsan add 1x

TM1(config-if)# interface fc3/3-4 TM1(config-if)# channel-group 1x force fc3/3 fc3/4 added to san-port-channel 11 and disabled please do the same operation on the switch at the other end of the channel, then do "no shutdown" at both ends to bring them up TM1(config-if)# no shut

TM1(config)# interface san-port-channel 1x TM1(config-if)# no shut TM1(config-if)# end

Verify the SAN Port Channel is up and Trunking. TM1# show interface san-port-channel 1x san-port-channel 11 is trunking Hardware is Fibre Channel Port WWN is [Link] Admin port mode is auto, trunk mode is on snmp link state traps are enabled Port mode is TE Port vsan is 1

2008 Cisco Systems, Inc. All rights reserved

17 of 52

Speed is 8 Gbps Trunk vsans (admin allowed and active) (1,11) Trunk vsans (up) Trunk vsans (isolated) Trunk vsans (initializing) [snip] (1,11) () ()

TM1# sh san-port-channel summary ------------------------------------------------------------------------Group Port Ports Channel ------------------------------------------------------------------------11 (P) (P) san-port-channel 11 FC NONE U fc3/3 fc3/4 Type Protocol Status Member

Step 5.

In this next step you will configure a VLAN to be a FCoE capable VSAN. This is VLAN to VSAN mapping. Create virtual FC interface, assign to Ethernet interface and add the vfc to the VSAN

Configure the Virtual Interface Group, and bind it to the real ethernet interface of your host. TM1(config)# vlan 21x TM1(config-vlan)# fcoe vsan 1x

Create the virtual Fibre Channel interface, and move it to the VSAN assigned to your pod. (VSAN 11 = Pod1, VSAN 12 = Pod2) TM1(config-if)# interface vfc28

2008 Cisco Systems, Inc. All rights reserved

18 of 52

TM1(config-if)# no shut TM1(config-if)# bind interface Ethernet1/28

Add Virtual Fibre Channel (vfc) Interface to the VSAN database TM1 (config-vsan-db)#vsan database TM1 (config-vsan-db)#vsan 1x interface vfc 28

Add the Ethernet interface to your FCoE vlan TM1(config)# int ethernet 1/28 TM1(config-if)# switchport access vlan 21x

Note: The vFC interface will be down awaiting the VLAN assignment vfc27 is down (STP not forwarding in FCoE Mapped VLAN)

Verify your CNA host is logged into the fabric and registered with the name server TM1# sh flogi data vsan 1x ------------------------------------------------------------------INTERFACE NODE NAME VSAN FCID PORT NAME

----------------------------------------------------------------vfc28 11 0x2e0001 [Link] [Link]

Total number of flogi = 1.

TM1# sh fcns database vsan 1x

VSAN 11:

2008 Cisco Systems, Inc. All rights reserved

19 of 52

------------------------------------------------------------------FCID TYPE FC4-TYPE:FEATURE PWWN (VENDOR)

------------------------------------------------------------------0x080000 N scsi-fcp:target 0x2e0001 N scsi-fcp:init [Link] (HP) [Link]

Total number of entries = 2

Step 6.

Understanding what is zoned in your Nexus 5020. Actual zoning is not done in the lab for it is all pre-provisioned in the core MDS and applied when the ISLs are connected from your Nexus 5020 in your pod

Current zoning pushed out by the 9134 Core switch to all Pods, taken from MDS 9134

GOLD-LAB-MDS9134# sh zoneset active zoneset name ZS_V11 vsan 11 zone name Z_V11 vsan 11 * fcid 0x2e0001 [pwwn [Link] * fcid 0x5c0400 [pwwn [Link]

zoneset name ZS_V12 vsan 12 zone name Z_V12 vsan 12 * fcid 0x710001 [pwwn [Link] * fcid 0x8d0600 [pwwn [Link]

zoneset name ZS_V13 vsan 13 zone name Z_V13 vsan 13

2008 Cisco Systems, Inc. All rights reserved

20 of 52

* fcid 0x030100 [pwwn [Link] * fcid 0xa50001 [pwwn [Link]

zoneset name ZS_V14 vsan 14 zone name Z_V14 vsan 14 * fcid 0x410001 [pwwn [Link] * fcid 0xd40100 [pwwn [Link]

zoneset name ZS_V15 vsan 15 zone name Z_V15 vsan 15 * fcid 0x680002 [pwwn [Link] * fcid 0x780500 [pwwn [Link]

zoneset name ZS_V16 vsan 16 zone name Z_V16 vsan 16 * fcid 0x1e0002 [pwwn [Link] * fcid 0xa70600 [pwwn [Link]

zoneset name ZS_V17 vsan 17 zone name Z_V17 vsan 17 * fcid 0xd90000 [pwwn [Link] * fcid 0xc70900 [pwwn [Link]

Verify your pod zoneset is active on your Nexus 5020 (example showing pod 13 zone)

TM3(config)# show zoneset active

2008 Cisco Systems, Inc. All rights reserved

21 of 52

zoneset name ZS_V13 vsan 13 zone name Z_V13 vsan 13 * fcid 0x030100 [pwwn [Link] * fcid 0xa50001 [pwwn [Link] LUN CNA

Step 7. Remote desktop into the server for your POD and verify the host can see storage. Server1 should have an 11G disk defined, Server2 should have a 12G disk defined, and so on..

2008 Cisco Systems, Inc. All rights reserved

22 of 52

Step 8.

Open Disk Management.

Step 9.

Find the LUN allocated for your server based on the size.

2008 Cisco Systems, Inc. All rights reserved

23 of 52

Step 10.

Verify Ethernet and FC devices are viewable in Device Manager.

2008 Cisco Systems, Inc. All rights reserved

24 of 52

Step 11.

Load the SANSurfer or HBAnywhere utility and get familiar with the parameters available for the CNA

2008 Cisco Systems, Inc. All rights reserved

25 of 52

Step 12.

The next step will be to configure an IP address on the CNA and see if you can ping through the 5K Port Channel, to the VLAN interface configured for your POD on the CAT6k. If you cant identify the correct CNA port to use ask your instructore for help. For example, POD1:

Pod1: CAT VLAN 211 IP Address = [Link]/24 [Link]/24 Pod2: CAT VLAN 212 IP Address = [Link]/24 [Link]/24 Pod3: CAT VLAN 213 IP Address = [Link]/24 [Link]/24 Pod4: CAT VLAN 214 IP Address = [Link]/24 [Link]/24 Pod5: CAT VLAN 215 IP Address = [Link]/24 [Link]/24 Pod6: CAT VLAN 216 IP Address = [Link]/24 [Link]/24 Pod7: CAT VLAN 217 IP Address = [Link]/24 [Link]/24 Pod8: CAT VLAN 218 IP Address = [Link]/24 [Link]/24

Server IP Address = Server IP Address = Server IP Address = Server IP Address = Server IP Address = Server IP Address = Server IP Address = Server IP Address =

2008 Cisco Systems, Inc. All rights reserved

26 of 52

 2008 Cisco Systems, Inc. All rights reserved

27 of 52

Lab 3: Configuring NPV

Note to instructor: The Lab instructor will need to delete the port-channels from the core MDS9134, and set all F-ports going to the N5Ks from E to auto, assign the ports to proper VSANs.

Activity Objective
In this exercise you will configure FCoE with the N5K running in NPV mode.

Note: The exercises in the lab were performed on POD 1. Please use the correct switches, VSAN, storage port, and host associated with your assigned POD.

Activity Procedure
Step 1

For this first part of the lab you will need to Telnet into the Terminal Server and access the console of the N5K, as NPV will do a write erase and reboot the switch.

Telnet to [Link], sign on with a password of labops Issue the show host command: Nuova_TermServer>show host [snip] Host Address(es) tm1 [Link] tm2 [Link] tm3 [Link] tm4 [Link] tm5 [Link] Port 2033 2034 2035 2036 2037 Flags Age Type IP IP IP IP IP

(perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21

2008 Cisco Systems, Inc. All rights reserved

28 of 52

tm6 [Link] tm7 [Link] tm9 [Link] tm8 [Link] tm6500 [Link] mds [Link]

2038 2039 2044 2040 2042 2047

(perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21 (perm, OK) 21

IP IP IP IP IP IP

Console in to the 5020 for your pod, for example, POD 1 would be TM1 Nuova_TermServer>tm1 Translating "tm1" Trying tm1 ([Link], 2033)... % Connection refused by remote host Deleting login session If you see the above error message you will need to get enable access to the terminal server and clear the line as shown below. The enable password is nuovanuova. If you do not see the error message above you can proceed to step 2 Nuova_TermServer>ena Password: Nuova_TermServer#clear line 33 [confirm] <- Hit enter [OK] Nuova_TermServer#tm1 Translating "tm1" Trying tm1 ([Link], 2033)... Open switch# <- Should see this prompt Hit enter here

2008 Cisco Systems, Inc. All rights reserved

29 of 52

Step 2

Configure the switch for NPV mode.

TM1(config)# npv enable Verify that boot variables are set and the changes are saved. Changing to npv mode erases the current configuration and reboots the switch in npv mode. Do you want to continue? (y/n):y

When the switch boots, you will notice the following:

POST is completed Checking all filesystems..... done. . Loading system software Uncompressing system [Link]

image:

bootflash:/n5000-

n_port virtualizer mode.n_port virtualizer mode.

Verify you can now telnet and SSH back into the 5020 for your POD. Notice that all IP and boot imformation was retained. Same is true for management VRF, switchname, and the FCoE feature that you enabled in the previous lab. Note however, that all the Ethernet Port channel, VLAN, VSAN, VIG, zoning, and SAN port channel infromation is gone.

Notice your FC ports now default to NP ports:

TM1# sh int brief --------------------------------------------------------------------------Interface Vsan Admin Mode Admin Trunk Mode Status SFP Oper Mode Oper Speed (Gbps) Port Channel

-------------------------------------------------------------------------fc3/1 -fc3/2 -1 NP -sfpAbsent ---

NP

--

sfpAbsent

--

--

2008 Cisco Systems, Inc. All rights reserved

30 of 52

fc3/3 -fc3/4 --

NP

--

down

swl

--

NP

--

down

swl

--

Step 3

In this next step you will configure the VSAN for your POD, assign the NP ports to this VSAN, no shut the ports, and verify. Ask the instructor to do the same on the MDS core switch.

TM1# configure TM1(config)# vsan data TM1(config-vsan-db)# vsan 1x Again POD specific Again

TM1(config-vsan-db)# vsan 1x interface fc3/3-4 POD specific TM1(config-vsan-db)# show vsan mem vsan 1 interfaces: fc3/1 fc3/2

vsan 11 interfaces: fc3/3 fc3/4

vsan 4094(isolated_vsan) interfaces:

TM1(config-vsan-db)# int fc3/3-4 TM1(config-if)# no shut TM1(config-if)# sh int brief [snip]

fc3/3 NP fc3/4 NP

11 4 11 4

NP NP

---

up up

swl swl

TM1(config-if)# exit

2008 Cisco Systems, Inc. All rights reserved

31 of 52

Step 4

In this next step you will configure your host with CNA for FCoE connectivity. All hosts should be connected to port 1/28.

Configure the Virtual Interface Group, and bind it to the real ethernet interface of your host. TM1(config)# vlan 21x TM1(config-vsan-db)# fcoe vsan 1x

Create the virtual Fibre Channel interface, and move it to the VSAN assigned to your pod. (VSAN 11 = Pod1, VSAN 12 = Pod2) TM1(config-if)# interface vfc28 TM1(config-if)# no shut TM1(config-if)# bind interface Ethernet1/28

Add Virtual Fibre Channel (vfc) Interface to the VSAN database TM1 (config-vsan-db)#vsan database TM1 (config-vsan-db)#vsan 1x interface vfc 28

Add the Ethernet interface to your FCoE vlan TM1(config)# int ethernet 1/28 TM1(config-if)# switchport access vlan 21x

Note: The vFC interface will be down awaiting the VLAN assignment vfc27 is down (STP not forwarding in FCoE Mapped VLAN)

Verify your CNA host is logged into the fabric

TM1# sh npv flogi-table ------------------------------------------------------------------------------SERVER EXTERNAL

2008 Cisco Systems, Inc. All rights reserved

32 of 52

INTERFACE VSAN FCID INTERFACE

PORT NAME

NODE NAME

------------------------------------------------------------------------------vfc28 11 0x080101 [Link] [Link] fc3/3

Total number of flogi = 1.

Step 5

The zoning should be in place from the previous lab, work with your instructor to verify and correct as needed if this is not the case. You will not be able to verify zoning on the NPV N5K switch.

Verify zoneset is active on core switch MDS(config)# show zoneset active vsan 1x zoneset name pod1_fcoe_zs vsan 11 zone name pod1_fcoe_zone vsan 11 * fcid 0x080000 [pwwn [Link] * fcid 0x2e0001 [pwwn [Link] zone name $default_zone$ vsan 11

2008 Cisco Systems, Inc. All rights reserved

33 of 52

Step 6

Remote desktop into the server for your POD and verify the host can see storage. Server1 should have an 11G disk defined, Server2 should have a 12G disk defined, and so on.

Step 7

Start Computer Management and select Disk Management.

2008 Cisco Systems, Inc. All rights reserved

34 of 52

 2008 Cisco Systems, Inc. All rights reserved

35 of 52

Step 8

Find the LUN allocated for your server based on the size. For POD 1, the size of the LUN is 10.99GB. For POD 2, the size of the LUN is 11.99GB and so on.

Step 9

Verify Ethernet and FC devices are viewable in Device Manager.

2008 Cisco Systems, Inc. All rights reserved

36 of 52

 2008 Cisco Systems, Inc. All rights reserved

37 of 52

Step 10

Load the SANSurfer or HBAnywhere utility and get familiar with the parameters available for the CNA

Step 11

Run the following NPV commands on the N5K and verify all is

working.
TM1# show npv internal errors TM1# show npv internal info external-interface all TM1# show npv internal info server-interface all TM1# show npv internal info vsan (podvsan) TM1# sh npv status vsan (podvsan)

2008 Cisco Systems, Inc. All rights reserved

38 of 52

Lab 4: QOS lab

Section Objective: Configure and setup System Policies and QOS mapping. marked End results will be to set jumbo support for a marked COS value At the end of the session, the participants should be able to: Define NX5000 System Classes Understand Configuration Steps based on MQC Configure Class-map Configure Policy-map Apply Policy to System Apply Policy to Ingress Interface Apply Policy to Egress Interface
The platform has four default classes: class-fcoeCannot be deleted, but can be modified Sup-Hi-EthernetCannot be deleted or modified Sup-Lo-EthernetCannot be deleted or modified class-defaultBest-effort class Up to four custom classes can be added

Note: The system jumbo mtu default and minimum are both 2214 bytes; the maximum is 9 K

Lab Configuration Steps to set Jumbo frames for COS 2 across complete system

2008 Cisco Systems, Inc. All rights reserved

39 of 52

1) Create Class Map to have traffic with cos 2 use classmap test1
TM3(config)#class-map test1 match cos 2

2) Create Policy Map for the cos 2 traffic to use MTU Jumbo & no-drop
policy-map training class test1 mtu 9216 pause no-drop

3) Apply Policy to System QOS for use by complete switch

TM3(config)# system qos TM3(config-sys-qos)# service-policy training

Applying a Policy to Egress interface police limit of 20 percent for cos 4

1) Create the map name you will use to look for the COS marking class-map map1 match cos 4 2) Create a policy map name to assign your class map to and apply the options for the policy policy-map egress1 class map1 bandwidth percent 20

2008 Cisco Systems, Inc. All rights reserved

40 of 52

class class-default

need to reduce the class-default from the default of 50 to 30 to fit the 20% for class map1 bandwidth percent 30

3) Go back into the existing policy map used by system and add the new class-map policy-map training class test1 mtu 9216 pause no-drop class map1

These are all ready applied

4) Apply the policy-map that is use to police COS 4 to 20 percent of bandwidth interface Ethernet1/1 service-policy output egress1

Show commands for verification

Show class-map Show policy-map interface sho int priority-flow-control show system qos

TM1# sh class-map Class Map test1 Match cos 2 Class Map map1 Match cos 4 Class Map testing Match none Class Map class-fcoe

2008 Cisco Systems, Inc. All rights reserved

41 of 52

Match cos 3 Class Map class-default Match any TM1# show system qos System QoS configuration -----------------------System qos service-policy : training

TM1# sh policy-map interface ethernet 1/1 Ethernet1/1 Service-policy system: training class-map: map1 Statistics: Pkts received over the port :0 Ucast pkts sent to the cross-bar :0 Ucast pkts received from the cross-bar : 0 Pkts sent to the port :0 Pkts discarded on ingress :0 Per-priority-pause status : Rx (Inactive), Tx (Inactive)

2008 Cisco Systems, Inc. All rights reserved

42 of 52

Lab 5a: Trace Tools

Activity Objective
In this exercise, you will use the span/monitor function of the N5K to direct Fibre Channel frames (source) to a 10GE port (destination) connected to a host running WireShark and equiped with a CNA.

Activity Procedure

Step 1.

Configure the span session on the N5K. You must choose a port that is currently not being used for FCoE or you will see an error message and the configuration wont take. In our case we will us ethe second port of the CNA.

First setup the monitor port using the second unbound CNA port. TM1(config)# interface ethernet 1/27 TM1(config-if)# switchport monitor TM1(config-if)# no shut

Create the monitor session, using the VFC interface you setup previously as the source and the monitor port you configured above as the detsination. TM1(config-if)# monitor session 1 TM1(config-monitor)# source interface vfc28? <CR> , both rx tx Comma Hyphen both ingress egress

TM1(config-monitor)# source interface vfc28 both

2008 Cisco Systems, Inc. All rights reserved

43 of 52

TM1(config-monitor)# destination interface ethernet 1/27 TM1(config-monitor)# no shut

Verify the monitor session is up

TM1(config-monitor)# sh monitor session 1 session 1 --------------type state source intf rx tx both source VLANs rx source VSANs rx : local : up : : vfc28 : vfc28 : vfc28 : : : :

destination ports : Eth1/27

Step 2.

Remote desktop to the server in your POD and open Wireshark.

2008 Cisco Systems, Inc. All rights reserved

44 of 52

Step 3.

Prepare the interface.

Step 4.

Find and select the correct adaptor to the WireShark. Start capture packets on the interface that is not being used for FCoE, which is the interface that doesnt have the address 11.1.X.5(X is your POD number).

2008 Cisco Systems, Inc. All rights reserved

45 of 52

Step 5. Remove any filter, and un-check the Update list of packets in real time and Hide capture info dialog boxes.

2008 Cisco Systems, Inc. All rights reserved

46 of 52

Step 6.

Flap the VFC port that you used as a source port, and stop the trace when the device FLOGIs back into the switch

TM1(config-monitor)# int vfc28 TM1(config-if)# shut TM1(config-if)# no shut TM1(config-if)# sh npv flogi-table No flogi sessions found. TM1(config-if)# sh npv flogi-table
-------------------------------------------------------------------------INTERFACE NODE NAME VSAN FCID PORT NAME

-------------------------------------------------------------------------vfc28 11 0x2e0001 [Link] [Link]

Total number of flogi = 1.

Step 7.

Filter the PAUSE frames to make the trace readable.

2008 Cisco Systems, Inc. All rights reserved

47 of 52

Step 8.
T11

You should see your Fibre Channel Frames, decodes as pre FC-

2008 Cisco Systems, Inc. All rights reserved

48 of 52

 2008 Cisco Systems, Inc. All rights reserved

49 of 52

Lab 5b: Trace Tools

Activity Objective
In this exercise, you will use Ethanalyzer feature to capture a CNA logging into the N5K.

Configure the EthAnalyzer function to capture a fabric login of your host. For this exercise you will need two SSH or Telnet connections to the switch. You will configure Ethanalyzer in one session, and shut/ no shut the VFC interface in the other.

Step 1.

Telnet Session 1
TM1(config-if)# shut TM1(config-if)# no shut
TM1(config-if)# sh npv flogi-table -------------------------------------------------------------------------INTERFACE NAME VSAN FCID PORT NAME NODE

-------------------------------------------------------------------------vfc28 11 0x2e0001 [Link] [Link]

Total number of flogi = 1.

Telnet Session2
Once you see the VFC interface logged in in the FLOGI database display in Telnet session 1, press Ctrl-C in this Telnet session. TM1(config)# ethanalyzer local interface inbound-hi brief limit-captured-frames 0 2008-08-14 [Link].133555 [Link] -> [Link] 6 0 [Link] -> [Link] 0xffff SW_ILS HLO 0x510

2008 Cisco Systems, Inc. All rights reserved

50 of 52

2008-08-14 [Link].134230 [Link] -> [Link] 6 0 [Link] -> [Link] 0x43b FC Link Ctl, ACK1 2008-08-14 [Link].383471 [Link] -> [Link] 4 0 [Link] -> [Link] 0xffff SW_ILS HLO 2008-08-14 [Link].384203 [Link] -> [Link] 4 0 [Link] -> [Link] 0xd6ec FC Link Ctl, ACK1 2008-08-14 [Link].653732 [Link] -> [Link] 5 0 [Link] -> [Link] 0x0 0x0 STP RST. Root = 4096/[Link] Cost = 1 Port = 0x8081 2008-08-14 [Link].762873 [Link] -> [Link] 5 0 [Link] -> [Link] 0x0 0x0 STP RST. Root = 4096/[Link] Cost = 0 Port = 0x8681 [snip] 2008-08-14 [Link].625256 [Link] -> [Link] 6 0 00.00.00 -> [Link] FC ELS FLOGI 2008-08-14 [Link].645838 [Link] -> [Link] 6 0 [Link] -> 2e.00.01 FC ELS ACC (FLOGI) 2008-08-14 [Link].646026 [Link] -> [Link] 6 0 2e.00.01 -> [Link] FC ELS PLOGI 2008-08-14 [Link].646116 [Link] -> [Link] 6 0 [Link] -> 2e.00.01 FC ELS ACC (PLOGI) 2008-08-14 [Link].646028 [Link] -> [Link] 6 0 2e.00.01 -> [Link] FC ELS SCR 2008-08-14 [Link].646395 [Link] -> [Link] 6 0 [Link] -> 2e.00.01 FC ELS ACC (SCR) 2008-08-14 [Link].646985 [Link] -> [Link] 6 0 [Link].2e -> [Link].08 0xffff SW_ILS SW_RSCN [snip]

0x510

0x156c

0x156c

0x5 0xffff

0x5 0x513

0x6 0xffff

0x6 0x514

0x7 0xffff

0x7 0x515

0x516

2008 Cisco Systems, Inc. All rights reserved

51 of 52

153 packets captured

2008 Cisco Systems, Inc. All rights reserved

52 of 52