cisco 7600 tech training - anandp

8/14/2019 Cisco 7600 Tech Training - Anandp

1/90

1 2004 Cisco Systems, Inc. All rights reserved.

Session Number

Presentation_ID

Cisco 7600Technical Training

Anand Patil

[email protected]

Part - II


2/90

222 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID

First Time Configuration


3/90


First Time ConfigurationFirst time configuration occurs when the switch boots for the first time or when the setup

command is executed Both instances will run the user through the same process

Setup is started by entering enable mode and running the setup command as followsSwitch# setup

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: yes

Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system

Would you like to enter basic management setup? [yes/no]: no

First, would you like to see the current interface summary? [yes]: no

Configuring global parameters:

Enter host name [Switch]:

Switch# setup

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: yes

Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you

to configure each interface on the system

Would you like to enter basic management setup? [yes/no]: no

First, would you like to see the current interface summary? [yes]: no

Configuring global parameters:

Enter host name [Switch]:

From this point, the dialog will prompt the user

for answers to questions that will prime an

initial set of parameters


4/90


Initial Configuration RequirementsThe following will step you through some of the basic configuration options you

can choose to implement on your switch

Changing the hostname using the hostname command

Switch# conf t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# hostname 6500

6500(config)#

Switch# conf t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# hostname 65006500(config)#

Setting the enable password

6500(config)# enable password ABC1236500(config)# enable password ABC123

Setting the enable secret password (this takes precedence over the enable password

6500(config)# enable secret 5 DEF4566500(config)# enable secret 5 DEF456


5/90


Initial Configuration RequirementsWhen the enable password is entered it will be displayed in the configuration in

clear text as follows

This can be better secured by encrypting the password when the configuration is

displayed

6500# show runBuilding configuration...

enable password cisco

!

6500# show run

Building configuration...

enable password cisco

!

6500(config)# service password-encryption

6500# show run


enable password 7 070C285F4D06

!

6500(config)# service password-encryption

6500# show run


enable password 7 070C285F4D06

!Password is now displayed

in encrypted format

Password is displayed in

clear text format


6/90


Initial Configuration RequirementsAdding a hostname

6500(config)# ip host my-gtwy 10.1.1.1

6500(config)# ^Z

6500# ping my-gtwy

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4

ms6500#

6500(config)# ip host my-gtwy 10.1.1.1

6500(config)# ^Z

6500# ping my-gtwy

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4

ms6500#

Adding a default route

6500(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1

6500(config)# ^Z

6500# show ip route

S* 0.0.0.0/0 [1/0] via 10.1.1.1

6500(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1

6500(config)# ^Z6500# show ip route

S* 0.0.0.0/0 [1/0] via 10.1.1.1


7/90


Initial Configuration RequirementsSetting the clock

6500# clock set 15:14:00 30 October 2003

6500# show clock

15:14:02.507 UTC Thu Oct 30 2003

6500#

6500# clock set 15:14:00 30 October 2003

6500# show clock

15:14:02.507 UTC Thu Oct 30 20036500#

Configuring a Login Banner

6500(config)# banner motd #Enter TEXT message. End with the character '#'.

Welcome to the Catalyst 6500 Bootcamp

#

6500(config)#

6500(config)# banner motd #

Enter TEXT message. End with the character '#'.

Welcome to the Catalyst 6500 Bootcamp

#

6500(config)#

Enable subnet zero

6500(config)# ip subnet-zero6500(config)# ip subnet-zero


8/90


Enable Password Recovery


9/90


Recovering a Lost Enable PasswordRecovering a lost enable password requires changing the configuration

register. This register is located in NVRAM and contains a 16 bit setting. One

of the bits can be reset to ignore the configuration when the switch starts

up

15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0

16 bit Configuration Register

Bit 8 (highlighted in red above 0x0100) is used to

tell the switch whether to ignore the switch

configuration in NVRAM on startup.

A value of 1 indicates that the configuration should

be used a value of 0 instructs the switch to

ignore the system configuration on startup


10/90


Recovering a Lost Enable PasswordThe default configuration register value can be seen using the show

version command as follows

6500# show version

Cisco Internetwork Operating System Software

IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY

DEPLOY)TAC Support: http://www.cisco.com/tac

Copyright (c) 1986-2003 by cisco Systems, Inc.

Compiled Tue 27-May-03 20:40 by ccai

Image text-base: 0x40008C10, data-base: 0x41ACE000

65536K bytes of Flash internal SIMM (Sector size 512K).

Configuration register is 0x2102

6500# show version

Cisco Internetwork Operating System Software

IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY

DEPLOY)

TAC Support: http://www.cisco.com/tac

Copyright (c) 1986-2003 by cisco Systems, Inc.

Compiled Tue 27-May-03 20:40 by ccai

Image text-base: 0x40008C10, data-base: 0x41ACE000

65536K bytes of Flash internal SIMM (Sector size 512K).

Configuration register is 0x2102 The 1 in 0x2102 indicates that the switch

should use the configuration in NVRAM at

startup


11/90


12/90


Recovering a Lost Enable PasswordNext step you need to change the configuration register you do this by

using the :CONFREG command to change bit 8 in the configuration

register as follows

STEP TWO

rommon 1 > confreg

Configuration Summary enabled are:

load rom after netboot fails

ignore system config info

console baud: 9600

boot: image specified by the boot system commands

or default to: cisco2-c6k_sup2

do you wish to change the configuration? y/n [n]:

rommon 1 > confreg

Configuration Summary enabled are:load rom after netboot fails

ignore system config info

console baud: 9600

boot: image specified by the boot system commands

or default to: cisco2-c6k_sup2

do you wish to change the configuration? y/n [n]: Enter y here


13/90


Recovering a Lost Enable PasswordAccept all defaults to the prompts except when it asks about

STEP THREE

do you wish to change the configuration? y/n [n]: y

enable "diagnostic mode"? y/n [n]:

enable "use net in IP bcast address"? y/n [n]:

disable "load rom after netboot fails"? y/n [n]:

enable "use all zero broadcast"? y/n [n]:

enable "break/abort has effect"? y/n [n]:

disable "ignore system config info"? y/n [n]:

change console baud rate? y/n [n]:

change the boot characteristics? y/n [n]:

do you wish to change the configuration? y/n [n]: y

enable "diagnostic mode"? y/n [n]:

enable "use net in IP bcast address"? y/n [n]:

disable "load rom after netboot fails"? y/n [n]:enable "use all zero broadcast"? y/n [n]:

enable "break/abort has effect"? y/n [n]:

disable "ignore system config info"? y/n [n]:

change console baud rate? y/n [n]:

change the boot characteristics? y/n [n]:

Enter y here


14/90


Recovering a Lost Enable PasswordWhen this has finished, enter n for modifying the configuration any further

and then use the boot command to boot the switch with the new

configuration register setting as follows

STEP FOUR

do you wish to change the configuration? y/n [n]: n

rommon 2 > boot

Self decompressing the image :

################################################]

Restricted Rights Legend

Use, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph

(c) of the Commercial Computer Software - Restricted

Rights clause at FAR sec. 52.227-19 and subparagraph

Switch continues to boot.

do you wish to change the configuration? y/n [n]: n

rommon 2 > boot

Self decompressing the image :

################################################]

Restricted Rights Legend

Use, duplication, or disclosure by the Government is

subject to restrictions as set forth in subparagraph

(c) of the Commercial Computer Software - Restricted

Rights clause at FAR sec. 52.227-19 and subparagraph

Switch continues to boot.


15/90


16/90


Configuring Supervisor 720


17/90


Configuring a Supervisor 720Compact Flash Slots

The Supervisor 720 has two compact flash II slots that are capable of supporting a CFII card or

the IBM compact flash microdrive Compact flash cards used in these slots can be accessed

by the local Supervisor file management system they are referenced as disk0: and disk1:

respectively

DISK0:

DISK1:

Supervisor 720


18/90


Configuring a Supervisor 720Compact Flash Slots

Contents of compact flash in these slots can be viewed by using the DIR command shown

as follows

6500# dir disk0:

Directory of disk0:/

1 -rw- 26672876 Sep 09 2003 23:13:50 s72033-ps-mz.122-14.SX1.bin

256417792 bytes total (229744640 bytes free)

6500#

6500# dir disk0:

Directory of disk0:/

1 -rw- 26672876 Sep 09 2003 23:13:50 s72033-ps-mz.122-14.SX1.bin

256417792 bytes total (229744640 bytes free)

6500#

NOTE If no compact flash card is located in the

slot, then you will get an error using this command

6500# dir disk0:

%Error opening disk1:/ (No device available)

6500# dir disk0:

%Error opening disk1:/ (No device available)


19/90


Configuring a Supervisor 720Front Ethernet Ports

The Supervisor 720 has three GE ports on the front panel Port 1 is a Small Form Factor

Pluggable (SFP) Port 2 consists of an SFP (active by default) and one 10/100/1000 RJ45

when the 10/100/1000 is activated, Port 2 SFP will be disabled

Supervisor 720

Port 2 SFP and

10/100/1000

Port 1

SFP


20/90


Configuring a Supervisor 720Front Ethernet Ports

The 10/100/1000 Port can be activated by choosing the RJ45 media type when in interface

configuration mode

6500(config)#interface g5/2

6500(config-if)#media-type ?rj45 Use RJ45 connector

sfp Use SFP connector

6500(config)#interface g5/2

6500(config-if)#media-type ?rj45 Use RJ45 connector

sfp Use SFP connector

If the 10/100/1000 port is active, the SFP port can be reactivated (shutting down the RJ45 port)by using one of the following

6500(config-if)# no media-type6500(config-if)# no media-type 6500(config-if)# media-type sfp6500(config-if)# media-type sfp


21/90


Configuring a Supervisor 720Switch Fabric Module

Switch Fabric

The Supervisor 720 has an integrated Switch Fabric Module providing 18 fabric channels that

are apportioned across each of the slots in the chassis. Each fabric channel can run at 8-Gbps

or 20-Gbps depending on the attached linecard (FDX numbers are 16-Gbps and 40-Gbps per

channel)


22/90


Configuring a Supervisor 720Switch Fabric Module

Slot1 Slot2 Slot3 Slot4

Slot6 Slot7 Slot8 Slot9

Slot 5

Fabric ASIC Fabric ASIC Fabric ASIC Fabric ASIC

Fabric ASIC Fabric ASIC Fabric ASIC Fabric ASIC

The SFM provides 2 fabric channels to each linecard slot in the 6 and 9 slot chassis


23/90


Configuring a Supervisor 720Switch Fabric Module Modes

The status of the Switch Fabric can be inspected by using the following command

6500# show fabric status

slot channel speed module fabricstatus status

1 0 8G OK OK

2 0 8G OK OK

3 0 8G OK OK

5 0 20G OK OK

6500# show fabric status

slot channel speed module fabricstatus status

1 0 8G OK OK

2 0 8G OK OK

3 0 8G OK OK

5 0 20G OK OK

6500# show fabric utilization

slot channel speed Ingress % Egress %

1 0 8G 28 0

2 0 8G 0 0

3 0 8G 0 25

5 0 20G 0 0

6500# show fabric utilization

slot channel speed Ingress % Egress %

1 0 8G 28 02 0 8G 0 0

3 0 8G 0 25

5 0 20G 0 0

The utilization of the Switch Fabric can be inspected by using the following command


24/90


Configuring a Supervisor 720Switch Fabric Module Modes

During troubleshooting, the Switch Fabric Module can be inspected for transmission errors

the command to inspect for errors on the Switch fabric module is as follows.

6500# show fabric errors

Module errors:

slot channel crc hbeat sync DDR sync

1 0 0 0 0 0

2 0 0 0 0 0

3 0 0 0 0 0

5 0 0 0 0 0

Fabric errors:

slot channel sync buffer timeout

1 0 0 0 0

2 0 0 0 0

3 0 0 0 05 0 0 0 0

6500#

6500# show fabric errors

Module errors:

slot channel crc hbeat sync DDR sync

1 0 0 0 0 0

2 0 0 0 0 0

3 0 0 0 0 0

5 0 0 0 0 0

Fabric errors:

slot channel sync buffer timeout

1 0 0 0 0

2 0 0 0 0

3 0 0 0 0

5 0 0 0 0

6500#


25/90


Configuring Interfaces


26/90


Understanding InterfacesEach Ethernet interface type uses nomenclature unique to its operating characteristics. Each

of the interface types is explained below

6500(config)# interface ethernet x/y6500(config)# interface ethernet x/y

6500(config)# interface Fastthernet x/y6500(config)# interface Fastthernet x/y

6500(config)# interface Gigabitethernet x/y6500(config)# interface Gigabitethernet x/y

6500(config)# interface Tengigabitethernet x/y6500(config)# interface Tengigabitethernet x/y

All ports referenced by X/Y indicatethe following

X is the slot number slot

numbers start from 1 at the top for

of the chassis (horizontal mountedlinecards)

Y is the actual port number on

the linecard itself port numbers

start from 1 from the left hand sideof the linecard

All ports referenced by X/Y indicatethe following

X is the slot number slot

numbers start from 1 at the top for

of the chassis (horizontal mountedlinecards)

Y is the actual port number on

the linecard itself port numbers

start from 1 from the left hand sideof the linecard

In this mode, only a single interface is configured at any one time


27/90


Shutting and Restarting InterfacesWhen the switch powers up for the first time, it will revert all interfaces into shutdown mode

interfaces need to be enabled before normal operation can begin

6500#show interface g1/3

GigabitEthernet1/3 is administratively down, line protocol is down (disabled)

Hardware is C6k 1000Mb 802.3, address is 000b.45e3.8080 (bia 000b.45e3.8080)

6500#show interface g1/3GigabitEthernet1/3 is administratively down, line protocol is down (disabled)


Identifies port is shutdown

6500(config)# interface g1/36500(config-if)# shutdown

6500(config)# interface g1/3

6500(config-if)# shutdown Places port in shutdown mode


6500(config-if)# no shutdown


6500(config-if)# no shutdown Enables port


GigabitEthernet1/3 is up, line protocol is up (connected)






28/90


Configuring InterfacesWhen running IOS, Ethernet ports can be configured with one of three interface types, Access,

Trunk or Router. Interfaces in IOS assume a different default behavior than those same ports

under CatOS in that they default to Layer 3 ports and are shutdown on initial startup.

SupervisorSupervisor MSFCMSFC

SVI SVI

Linecard

Supervisor Engine

Layer 3 VLANInterface

Access

Ports

Trunk

Port

L3 Routed

Ports

Shutdown Shutdown


29/90


Interface RangesIOS allows a group of ports to be configured at the same time with the same CLI command.

This is achieved using the range command. Once the range command has been entered,

you will enter the interface range configuration mode and subsequent commands entered in

this mode will apply to the interface range just specified

6500(config)#interface range gigabitEthernet 1/12 - 16

6500(config-if-range)#no shutdown

6500(config-if-range)#

1w4d: %LINK-3-UPDOWN: Interface GigabitEthernet1/12, changed state to up






6500(config)#interface range gigabitEthernet 1/12 - 16

6500(config-if-range)#no shutdown








This example shows 5 Gigabit Ethernet interfaces being enabled at the same time


30/90


Interface Range MacroIf a group of interfaces is configured on a regular basis, it might be more pertinent to define a

macro that associates a name with that group of interfaces. This way, the entrance into range

configuration mode can be made much easier

6500(config)# define interface-range macro macro_name (vlan vlan_id vlan_id ) | type

port/slot - port

6500(config)# define interface-range macro macro_name (vlan vlan_id vlan_id ) | type

port/slot - port

S

W

I

TC

H

INT G1/1

INT G1/2

INT G1/3

INT G1/4

6500(config)# define interface-range admin g1/1 - 4

6500(config)# interface range macro admin


6500(config)# define interface-range admin g1/1 - 4

6500(config)# interface range macro admin


The four gigabit interfaces have been associated with the

admin macro


31/90


Other Interface Configuration Options

Port speed can be configured on multi speed ports including 10/100 and 10/100/1000 ports

6500(config-if)# speed ?

10 Force 10 Mbps operation



auto Enable AUTO speed configuration

6500(config-if)# speed ?




auto Enable AUTO speed configuration

SWITCH A SWITCH B

10/100/1000 Port

Speed

setting

can be

modified

If speed is set to AUTO then

duplex is also set to AUTO


32/90


Other Interface Configuration Options

Duplex setting can be configured on multi speed ports including 10/100 and 10/100/1000

ports The duplex setting defines the ports transmission ability to send and receive

simultaneously (full duplex), or, to send OR receive (but not at the same time also known

as half duplex)

SWITCH A SWITCH B

10/100/1000 Port

Duplex

setting

can be

modified

6500(config-if)# duplex ?

full Force full duplex operation

half Force half-duplex operation

6500(config-if)# duplex ?

full Force full duplex operation

half Force half-duplex operation

If speed is set to AUTO then

duplex is also set to AUTO


33/90


Understanding Jumbo Frames

Jumbo Frame support allows an Ethernet port to switch an Ethernet packet larger than the

default maximum size of 1518 bytes It is configured by specifying a global MTU size and a

per port (or per VLAN ) MTU size

DATAHDR

DATAHDR

1548 Bytes

9216 Bytes

Default MAX MTU Size

Note - Jumbo frame support across different vendor platforms differs slightly in the jumbo

frame size that they support


34/90


Configuring Jumbo Frames

The size of the frame on INGRESS is compared to the global LAN MTU size ingress packets

larger than this value are dropped

SwitchData

6500(config)# system jumbo ?

Jumbo mtu size in Bytes, default is 9216

6500(config)# system jumbo ?

Jumbo mtu size in Bytes, default is 9216

Global LAN MTU is defined as follows

Check incoming packet

MTU against Global LANMTU

THIS CHECK IS FOR 10Mb,10/100Mb, 100Mb and 10GE

GE Ports ARE DIFFERENT!!

With Non Default MTU size, any frame over

64 bytes is accepted, BUT, GE ports DO

NOT check for oversized frames


35/90


Configuring Jumbo FramesPFC check for routed traffic

When the source and destination interfaces contain large enough MTU sizes, the PFC will

successfully layer 3 switch jumbo frames IF the egress MTU is not large enough, and Do

not Fragment bit is NOT set, the packet is forwarded to MSFC for fragmentation, otherwise

its dropped

PFCIngress EgressData

MSFC

MTU=A MTU=B MTU=C

If MTU of C is >= MTU A AND

packets DO NOT FRAGMENT bit is

not set, then forward to MSFC for

fragmentation

If MTU of C is >= MTU A AND

packets DO NOT FRAGMENT bit is

not set, then forward to MSFC for

fragmentation

1

1

2

If MTU of C is >= MTU A AND packets

DO NOT FRAGMENT bit SET, then DROP

packet

If MTU of C is >= MTU A AND packets

DO NOT FRAGMENT bit SET, then DROP

packet

2


36/90


Monitoring Interfaces

Show interface displays a number of statistics about the running operation of that interface

6500# show interface g1/5

GigabitEthernet1/5 is up, line protocol is up (connected)Hardware is C6k 1000Mb 802.3, address is 0009.11f0.5284 (bia

0009.11f0.5284)

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Auto-duplex, Auto Speed, media type is RJ45

output flow-control is unsupported, input flow-control is unsupported,

1000Mbs

Clock mode is auto

input flow-control is off, output flow-control is off

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output 00:00:22, output hang never

Last clearing of "show interface" counters neverInput queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

6500# show interface g1/5


Hardware is C6k 1000Mb 802.3, address is 0009.11f0.5284 (bia

0009.11f0.5284)

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Auto-duplex, Auto Speed, media type is RJ45

output flow-control is unsupported, input flow-control is unsupported,1000Mbs

Clock mode is auto

input flow-control is off, output flow-control is off

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output 00:00:22, output hang never

Last clearing of "show interface" counters neverInput queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo


37/90


Configuring L2 Interfaces


38/90


Configuring VLANs


39/90


Spanning Tree


40/90


IP Routing


41/90

41 2004 Cisco Systems, Inc. All rights reserved.

Session Number

Presentation_ID

Cisco 7600 NSF/SSO

(Non-Stop Forwarding/Stateful SwitchOver)


42/90


Physical redundancy

Redundant supervisors, power supplies,switch fabrics, clocks

NSF/SSO

Standby is active within3 seconds. Graceful L3switchover.

RPR+

Standby is active within 30+seconds. Line cards do not reset.

SSO

Standby is active within 3 seconds..Interfaces stay up. Stateful L2 switchover.

Cisco 7600 Supervisor RedundancyOverview

RPR

Standby is active within 90+ seconds.Line cards reload. Interfaces reset.L2/L3 protocols restarted.


43/90


Data DataLine CardLine Card

Line Card

Line Card

Non Stop Forwarding

Continues to forward on

the pre-switchover FIB

until the routing

protocols update it.

Non Stop Forwarding

Continues to forward on

the pre-switchover FIB

until the routing

protocols update it.

Stateful Switchover

Allows the standby RP

to take immediatecontrol and maintain

connectivity protocols.

Stateful Switchover

Allows the standby RP

to take immediate

control and maintain

connectivity protocols.

Active

Standby

Data Data

Non Stop Forwarding (NSF) with Stateful Switch Over (SSO) allows the standy Supervisor to

take control and continue forwarding data in the event of the active Supervisor failing.

Non Stop Forwarding & Stateful Switchover(NSF/SSO)

NSF/SSO


44/90


NSF prevents FIB purge, L3protocols being restarted, androute flapping.

NSF requires NSF-awareneighbors to help update therouting tables since the lastvalid update.

NSF awareness and capabilityis supported in BGP, EIGRP,OSPF, and IS-IS routingprotocols.

Cisco 7600 is NSF-aware andNSF-capable. Cisco 7600 with

Dual sup720s

Line Card

Line Card

Line Card

Line Card

NSF-awareneighbor

Failover time:0-3s

NSF/SSONSF-Aware Neighbors

NSF/SSO


45/90


NSF/SSOOperation

RP

SP

PFCx

DFCx

RP

SP

PFCx

Active Standby

STP, Port, VTP States,

L2, L3 FIB, Netflow, ACL Tables

L2, L3 FIB, Netflow, ACL Tables

New RP learns RIB

out of band from NSF-aware neighbors

L3 Traffic forwardson last known FIB in HW

DFCs Not affected bySupervisor Failover

ActiveStandby

FIB and adjacency tables


46/90


Configuring and MonitoringNSF/SSO

464646 2003, Cisco Systems, Inc. All rights reserved.Presentation_ID


47/90


Sup720(config)#redundancy

Sup720(config-red)#mode ?

rpr Route Processor Redundancy

rpr-plus Route Processor Redundancy Plus

sso Stateful Switchover

Sup720(config)#redundancy

Sup720(config-red)#mode ?

rpr Route Processor Redundancy

rpr-plus Route Processor Redundancy Plussso Stateful Switchover

EIGRP NSF configurationRouter(config)#router eigrp 1Router(config-router)#nsf

OSPF NSF configurationRouter(config)#router ospf 1

Router(config-router)#nsf

ISIS NSF configurationRouter(config)#router isis


BGP NSF configurationRouter(config)#router bgp 1

Router(config-router)#bgp graceful-restart

EIGRP NSF configuration

Router(config)#router eigrp 1Router(config-router)#nsf

OSPF NSF configurationRouter(config)#router ospf 1


ISIS NSF configurationRouter(config)#router isisRouter(config-router)#nsf

BGP NSF configurationRouter(config)#router bgp 1

Router(config-router)#bgp graceful-restart

SSO configuration

NSF configuration

Configuring NSF/SSO


48/90


Router#show redundancy

Redundant System Information :------------------------------

Available system uptime = 4 days, 16 hours, 49 minutesSwitchovers system experienced = 1

Standby failures = 0Last switchover reason = user initiated

Hardware Mode = DuplexConfigured Redundancy Mode = ssoOperating Redundancy Mode = sso

Maintenance Mode = DisabledCommunications = Up

Current Processor Information :-------------------------------

Active Location = slot 5Current Software state = ACTIVEUptime in current state = 2 minutes

Peer Processor Information :

----------------------------

Standby Location = slot 6Current Software state = STANDBY HOT

Uptime in current state = 1 minute

Router#show redundancy

Redundant System Information :------------------------------

Available system uptime = 4 days, 16 hours, 49 minutesSwitchovers system experienced = 1

Standby failures = 0Last switchover reason = user initiated

Hardware Mode = Duplex

Configured Redundancy Mode = ssoOperating Redundancy Mode = sso

Maintenance Mode = DisabledCommunications = Up

Current Processor Information :

-------------------------------Active Location = slot 5

Current Software state = ACTIVEUptime in current state = 2 minutes

Peer Processor Information :----------------------------

Standby Location = slot 6Current Software state = STANDBY HOT

Uptime in current state = 1 minute

Switchover mode and status

Monitoring Redundancy


49/90


Monitoring Redundancy

Sup720#show redundancy switchover

Switchovers this system has experienced : 2

Last switchover reason : User initiated.Uptime since this supervisor switched to active : 1 week, 3 days,

21 hours, 20 minutes

Total system uptime from reload : 1 week, 3 days,


Sup720#show redundancy switchover

Switchovers this system has experienced : 2

Last switchover reason : User initiated.

Uptime since this supervisor switched to active : 1 week, 3 days,


Total system uptime from reload : 1 week, 3 days,


Sup720#show redundancy ?

clients Redundancy Facility (RF) client list

counters Redundancy Facility (RF) operational counters

events Redundancy Facility (RF) events list

history Redundancy Facility (RF) historylinecard-group Line card redundancy group information

states Redundancy Facility (RF) states

switchover Redundancy Facility (RF) switchover

| Output modifiers

Sup720#show redundancy ?

clients Redundancy Facility (RF) client list

counters Redundancy Facility (RF) operational counters

events Redundancy Facility (RF) events list

history Redundancy Facility (RF) historylinecard-group Line card redundancy group information

states Redundancy Facility (RF) states

switchover Redundancy Facility (RF) switchover

| Output modifiers

Reason and time of last switchover

Other Redundancy show commands


50/90


Triggering Manual Switchover

Router#redundancy force-switchover

Router#reload slot

Router#diagnostic schedule module test .

Router#redundancy force-switchover

Router#reload slot

Router#diagnostic schedule module test .


51/90


Router#show cef nsf

Last switchover occured: 00:08:06.340 ago

Routing convergence duration: 00:02:03.252FIB stale entry purge durations: 00:00:00.000 - Default

SwitchoverSlot Count Type Quiesce Period

7/0 1 sso 00:00:00.0005/0 1 sso 00:00:00.336No NSF stats available for the following linecards: 6/0

Router#show cef nsf

Last switchover occured: 00:08:06.340 ago

Routing convergence duration: 00:02:03.252FIB stale entry purge durations: 00:00:00.000 - Default

SwitchoverSlot Count Type Quiesce Period7/0 1 sso 00:00:00.000

5/0 1 sso 00:00:00.336No NSF stats available for the following linecards: 6/0

Router#show cef state

CEF Status [RP]CEF enabled/runningdCEF enabled/running

CEF switching enabled/runningCEF default capabilities:

CEF NSF capable: yesRPR+/SSO standby capable: yesRRP state:

Config Redundancy mode: sso(7)

Operating Redundancy mode: sso(7)

CEF NSF: enabled/running

Router#show cef stateCEF Status [RP]

CEF enabled/runningdCEF enabled/running

CEF switching enabled/runningCEF default capabilities:

CEF NSF capable: yesRPR+/SSO standby capable: yes

RRP state:

Config Redundancy mode: sso(7)Operating Redundancy mode: sso(7)

CEF NSF: enabled/running

CEF NSF information

NSF and redundancy mode information

Monitoring NSF


52/90


Understanding Power and Environmental


53/90


Understanding Power

All Catalyst 7600 chassis options support redundant power supplies. Power Supply options

include both AC and DC versions

Power Supply 1 Power Supply 2

For normal operation, both power suppliesshould be the same wattage

The 6500 does support two power supplies with

different wattages this scenario is targeted for

upgrade scenarios and is not recommended fornormal operation

The 6500 also supports an AC and DC power

supply installed at the same time, but again,

this is more designed for upgrade purposesand NOT normal operation


54/90


Understanding Power Redundancy

The 6500 can utilize two power supplies to work in either combined or redundant mode

Redundant Mode Combined Mode

In redundant mode, each power supply

operates at 50% capacity and provides thesame total power as a single power supply

if one fails, the backup reverts to

providing 100% power

In combined mode, each power supply

operates at 83% - if one fails, then therunning supply provides 100% of its power

capacity


50% 50%

Switch


83% 83%

Switch

Effects of Power Changes


55/90


Effects of Power ChangesRedundant to Non Redundant

When changing from redundant mode to non redundant mode, the following occurs

Switch Switch

1. System log and SYSLOG messages generated

2. System power is increased to 83% for both supplies, this providing 167% of power

supply total capacity

3. If any modules were marked power deny due to insufficient power will be brought

online if enough power is available

50% 50% 83% 83%




56/90


Effects of Power ChangesNon Redundant to Redundant

When changing from Non redundant mode to redundant mode, the following occurs

Switch Switch


2. This mode should only be done when both power supplies are of the same wattage

3. System power is decreased to power of one power supply - each power supply would

normally revert to 50% operational capacity

4. If module configuration exceeds available power, modules powered down from bottom

slot upwards inline devices are powered down from highest port to lowest port until

power requirement is within available limits

50%

Combined Mode Redundant Mode

50%83% 83%



57/90


Effects of Power ChangesEqual PSU added to Redundant configuration

When adding a Power Supply to a redundant mode switch, the following occurs

Switch Switch


2. System power is decreased in first power supply to 50%

3. Second power supply run up to 50% capacity

4. There is no change in power status for modules as there is not a change in available

power

Empty

100% 50%

Redundant Mode Redundant Mode

50%



58/90


Effects of Power ChangesEqual PSU added to Combined configuration

When adding a Power Supply to a combined mode switch, the following occurs

Switch Switch


2. Total system power is increased to 167% of combined power capacity




Empty

100%

Combined Mode Combined Mode

83% 83%



59/90


gUnequal PSU added to Combined configuration

When adding an unequal power supply to a combined mode switch, the following occurs

Switch Switch


2. Total system power is increased to 167% of combined power capacity




Empty

100%

Combined Mode Combined Mode

83% 83%



60/90


gPSU removed Redundant configuration

When adding a Power Supply to a redundant mode switch, the following occurs

Switch Switch


2. System power is increased in first power supply to 100%

3. There is no change in power status for modules as there is not a change in available

power

50% 100%


Empty

50%

Effects of Power ChangesB ti ith U l PSU i R d d t fi ti


61/90


Booting with Unequal PSU in Redundant configuration

When booting with unequal power supplies in redundant mode, the following occurs

Switch Switch


2. System does not allow different sized power supplies to be booted in redundant mode

3. Smaller Power Supply is shut down

4. Only the larger power supply is booted this is run at 100% capacity

Power

Supply

X Watts


100%PowerSupply

Y Watts

Effects of Power ChangesB ti ith U l PSU i C bi d fi ti


62/90


Booting with Unequal PSU in Combined configuration

When booting with unequal power supplies in redundant mode, the following occurs

Switch Switch


2. System allows different sized power supplies to be booted in combined mode

3. Both Supplies run up at 167%

Power

Supply

X Watts


Power

Supply

Y Watts

83% 83%

Understanding Power


63/90


Powering Modules On and Off and Power Cycling

The 6500 power management code allows individual modules to be powered on and off or

power cycled selectively this is an important feature especially for some service modules

which require to be powered down prior to removing them from the chassis

PSU

#1

PSU

#2

Sup720Sup720

Linecard #7Linecard #8Linecard #9

Linecard #4Linecard #3Linecard #2Linecard #1

PSU

#1

PSU

#2

Sup720Sup720

Linecard #7Linecard #8Linecard #9

Linecard #4Linecard #3Linecard #2Linecard #1

Selective Modules can

be shutdown

In this example, module

2 and 7 are shutdownwhile others continue to

operate normally

Catalyst 6509 Catalyst 6509

Show Power


64/90


Show Power

The power status of the 6500 can be viewed using the following command

6500# show power

system power redundancy mode = combinedsystem power total = 3885.00 Watts (92.5 Amps @ 42V)

system power used = 774.90 Watts (18.45 Amps @ 42V)

system power available = 3110.10 Watts (74.05 Amps @ 42V)

Power-Capacity PS-Fan Output Oper

PS Type Watts A @42V Status Status State

---- ------------------ ------- ------ ------ ------ -----

1 WS-CAC-2500W 2331.00 55.50 OK OK on

2 WS-CAC-2500W 2331.00 55.50 OK OK on

Pwr-Requested Pwr-Allocated Admin Oper

Slot Card-Type Watts A @42V Watts A @42V State State

---- ------------------ ------- ------ ------- ------ ----- -----

1 WS-X6516-GE-TX 144.90 3.45 144.90 3.45 on on

5 WS-SUP720-BASE 315.00 7.50 315.00 7.50 on on6 - - 315.00 7.50 - -

6500#

6500# show power

system power redundancy mode = combined

system power total = 3885.00 Watts (92.5 Amps @ 42V)

system power used = 774.90 Watts (18.45 Amps @ 42V)

system power available = 3110.10 Watts (74.05 Amps @ 42V)

Power-Capacity PS-Fan Output Oper

PS Type Watts A @42V Status Status State

---- ------------------ ------- ------ ------ ------ -----

1 WS-CAC-2500W 2331.00 55.50 OK OK on2 WS-CAC-2500W 2331.00 55.50 OK OK on

Pwr-Requested Pwr-Allocated Admin Oper

Slot Card-Type Watts A @42V Watts A @42V State State

---- ------------------ ------- ------ ------- ------ ----- -----

1 WS-X6516-GE-TX 144.90 3.45 144.90 3.45 on on

5 WS-SUP720-BASE 315.00 7.50 315.00 7.50 on on

6 - - 315.00 7.50 - -

6500#


65/90


Environmentals

Understanding Environmentals


66/90



The Catalyst 6500 monitors key environment indicators in the chassis and these indicators can

be displayed using a set of special commands as follows

6500# show environment ?

alarm show environmental alarmscooling show cooling parameters

status operational status of FRU

temperature temperature readings

| Output modifiers

6500# show environment ?

alarm show environmental alarms

cooling show cooling parameters

status operational status of FRU

temperature temperature readings

| Output modifiers

Any environmental alarms that have been triggered can be viewed as follows

6500# show environment alarm ?

status show alarm status

thresholds show alarm thresholds

| Output modifiers

6500# show environment alarm

environmental alarms:

no alarms

6500# show environment alarm ?

status show alarm status

thresholds show alarm thresholds

| Output modifiers

6500# show environment alarm

environmental alarms:

no alarms



67/90



Cooling information can also be displayed as follows

6500# show environment cooling ?

all selects all FRU-types

fan-tray specify fan-tray

module specify module

| Output modifiers

6500# show environment cooling fan-tray

fan-tray 1:

fan-tray 1 version: 2fan-tray 1 fan-fail: OK

6500# show environment cooling module 1

module 1 cooling requirement: 30 cfm

6500#

6500# show environment cooling ?


fan-tray specify fan-tray

module specify module | Output modifiers

6500# show environment cooling fan-tray

fan-tray 1:

fan-tray 1 version: 2fan-tray 1 fan-fail: OK

6500# show environment cooling module 1

module 1 cooling requirement: 30 cfm

6500#



68/90



Temperature information can also be displayed as follows

6500# show environment temperature ?


backplane specify backplane

earl specify earl

module specify module

rp specify RP (MSFC)

vdb specify vdb

vtt specify VTT

| Output modifiers

6500# show environment temperature module 1

module 1 outlet temperature: 36C

module 1 inlet temperature: 25C

6500#

6500# show environment temperature ?


backplane specify backplane

earl specify earl module specify module

rp specify RP (MSFC)

vdb specify vdb

vtt specify VTT

| Output modifiers

6500# show environment temperature module 1

module 1 outlet temperature: 36C

module 1 inlet temperature: 25C

6500#


70/90


Unicast vs. Multicast

Host

Router

Unicast

Host

Router

Multicast

Multicast Protocols


71/90


Multicast Protocols

Source

No signaling

Multicast routing protocols

Intradomain: DVMRP, PIM,MOSPF, CBT,...

Interdomain: MBGP/MSDP

IGMP

Source

Supervisor 720 IP Multicast Overview


72/90


Supervisor 720 IP Multicast Overview

Supervisor 720 supports central anddistributed hardware switching of IPv4multicast traffic

IP multicast forwarding in hardware withperformance up to 215Mpps! IPv4 PIM-SM/BiDir multicast

Off-loads forwarding tasks from RPRPonly handles control plane functions (run

multicast protocols, maintain state) Supports (S,G) and (*,G) in hardware

Also supports BiDir (*,G) in hardware

Application of ACLs, QoS, & other

features on multicast traffic in hardware

IP Multicast Control Plane


73/90


u t cast Co t o a e

Both RP and SP provides support to IP multicast control planefunctions.

RP runs all of the mcast routing protocols in software, also manage

mcast state.Control plane protocolsPIM, IGMP, AutoRP, BSR, MSDP, routing protocols

Calculating RPF interfaces

Managing software IP mroute table

Downloading IP mroute table entries to SP for installation in the PFC hardware

SP handles:Programming the PFCs/DFC3 hw with mcast FIB and ADJ table entries

Programming the MET in the mcast replication engines

IGMP Snooping/PIM Snooping packet processing

Identifying the mcast router ports

Send IGMP general queries when IGMP querier function is enabled

Periodically polling the hw mcast statistics and send updates to the RP CPU

Supervisor 720 Hardware MulticastSwitching


74/90


g

RP CPU builds multicast routing table

L3 mroute information is saved in HW inMulticast FIB TCAM, Adjacencies table,and Multicast Expansion Tables (MET)

Multicast FIB consists of(S,G) and (*,G)entries, and RPF VLAN

Adjacency table contains rewrite info andMET index

MET contains output interface lists (OILs)i.e., lists of interfaces requiring replication

RP CPU downloads tables to SP CPU

SP CPU installs tables in the appropriatehardware

Multicast FIB and Adjacency tables installedin PFC/DFC hardware

MET installed in replication engines

SP CPU manages L2 table for IGMPsnooping

QoS for Multicast


75/90


Supervisor Engine 720 offers extensive Quality of Service (QoS)features in hardware for IPv4 multicast traffic:

ClassificationBased on port trust configuration or based on Layer 3

and Layer 4 information using QoS ACLs. Ingress SchedulingBased on the Class of Service (COS) value on

ingress ISL or 802.1Q trunk interfaces

Egress SchedulingBased on COS, IP Precedence, or DifferentiatedServices Code Point (DSCP) values

MarkingBased on a variety of parameters, including full Layer 3 andLayer 4 information using QoS ACLs

PolicingBased on a variety of parameters, including full Layer 3 andLayer 4 information using QoS ACLs


76/90


IGMP Snooping and PIMSnooping


IGMP Snooping


77/90


g

PurposeConstrains multicast flooding on Layer 2 ports

Implementation across all Switching products very similar

PFC ASICs recognize IGMP packets and redirect them to SP CPU(protocol redirection logic)

Switch installs static Layer 2 forwarding entriesfor each multicast group MAC

Multicast data traffic forwarded toappropriate interfaces according toMAC address table entries (per VLAN)

Does not affect performance for multicast

data trafficProtocol redirection ONLY redirects IGMP packets, not UDP (data)packets

IGMP Snooping


78/90


PIM Snooping


79/90


PIM Snooping


80/90


Without PIM Snooping, IGMP snooping functionalways includes all of the router ports in the list of

intf joined to each multicast group.

When turn on PIM snooping, SP handle all PIMpacket and keep a list of router ports which are

interested in certain multicast group. Similar to IGMP snooping, this application is

handled by SP and need to be rate-limited

Multicast Routing Protocols Supported on Sup720


81/90


PIM-DM

PIM-SM

PIM-SSM

Bidir-PIM

MSDP

Auto-RP

MVPN

IGMP


82/90


Multicast Configuration andMonitoring


PIM SM Configuration Commands


83/90


ip multicast-routing

router(config)#

Enables multicast routing

ip pim { sparse-mode | sparse-dense-mode }router(config-if)#

Enables PIM Sparse mode on an interface. Sparse-

dense-mode enables mixed sparse / dense groups

Configuring Rendezvous-Point


84/90


ip pim rp-address ip-address [group-access-list-number] [override]

router(config)#

Configures the address of a PIM rendezvous point(RP) for a particular group

group-access-list-numberNumber of an access

list that defines for which multicast groups the

RP should be used. This is a standard IP accesslist.

overrideIndicates that if there is a conflict

between the RP configured with this command

and one learned by Auto-RP, the RP configuredwith this command prevails

Finding PIM Neighbors


85/90


show ip pim interface [type number] [count]

router#

Displays information about interfaces configured

for PIM

show ip pim neighbor [type number]

router#

Lists the PIM neighbors discovered by the Cisco

IOS Software

mrinfo [hosthanme | address]

router#

Queries what neighboring multicast routers are

peering with the local router

Checking RP information


86/90


show ip pim rp [group-name | group-address | mapping]

router(config)#

Displays active rendezvous points (RPs) that arecached with associated multicast routing entries

Mappingdisplays all group-to-RP mappings

that the router is aware of

show ip rpf {address | name }

router(config)#

Displays how IP multicast routing does Reverse-

Path Forwarding (RPF) Address IP address of a source of an RP

Inspecting Multicast Routing Table


87/90


show ip mroute [group-address] [summary] [count] [active kbps]

router#

Displays the contents of the IP multicast routing table Summarydisplays a one-line, abbreviated

summary of each entry in the IP multicast routing

table.

Countdisplays statistics about the group andsource, including number of packets, packets per

second, average packet size, and bits per second.

Activedisplays the rate that active sources are

sending to multicast groups. Active sources arethose sending at a rate ofkbps or higher. The kbps

argument defaults to 4 kbps.

Monitoring PIM and PIM Snooping State


88/90


Show ip igmp group

Show mac-address-table multicast igmp-snooping [count]

Show ip pim interface detail Show ip pim neighbor

Show ip pim rp

Show ip [vlan] snooping

Show ip pim snooping [vlan] statistics Show ip pim snooping [vlan] neighbor

Show ip pim snooping [vlan] mroute

Show ip pim snooping [vlan] mac-group

Monitoring IGMP and IGMP Snooping State


89/90


Show ip igmp group

Show mac-address-table multicast igmp-snooping[count]

Show ip igmp interface

Show ip igmp snooping mroute Show ip igmp rate-limiting [statistics]


90/90


cisco 7600 tech training - anandp

Documents