Overview

This chapter provides an overview of the Cisco NX-OS software.

Software Compatibility

The Cisco NX-OS software interoperates with Cisco products that run any variant of the Cisco IOS software. The Cisco NX-OS software also interoperates with any networking operating system that conforms to the IEEE and RFC compliance standards.

Modular Software Design

The Cisco NX-OS software supports distributed multithreaded processing on symmetric multiprocessors (SMPs), multi-core CPUs, and distributed data module processors. The Cisco NX-OS software offloads computationally intensive tasks, such as hardware table programming, to dedicated processors distributed across the data modules. The modular processes are created on demand, each in a separate protected memory space. Processes are started and system resources are allocated only when you enable a feature. A real-time preemptive scheduler helps to ensure the timely processing of critical functions.

Serviceability

The Cisco NX-OS software has serviceability functions that allow the device to respond to network trends and events. These features help you with network planning and improving response times.

Switched Port Analyzer

The Switched Port Analyzer (SPAN) feature allows you to analyze all traffic between ports (called the SPAN source ports) by nonintrusively directing the SPAN session traffic to a SPAN destination port that has an external analyzer attached to it. For more information about SPAN, see the .

Call Home

The Call Home feature continuously monitors hardware and software components to provide e-mail-based notification of critical system events. A versatile range of message formats is available for optimal compatibility with pager services, standard e-mail, and XML-based automated parsing applications. It offers alert grouping capabilities and customizable destination profiles.You can use this feature, for example, to directly page a network support engineer, send an e-mail message to a network operations center (NOC), and employ Cisco AutoNotify services to directly generate a case with the Cisco Technical Assistance Center (TAC). For more information about Call Home, see the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide.

Online Diagnostics

Cisco generic online diagnostics (GOLD) verify that hardware and internal data paths are operating as designed. Boot-time diagnostics, continuous monitoring, and on-demand and scheduled tests are part of the Cisco GOLD feature set. GOLD allows rapid fault isolation and continuous system monitoring. For information about configuring GOLD, see the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide.

Embedded Event Manager

Cisco Embedded Event Manager (EEM) is a device and system management feature that helps you to customize behavior based on network events as they happen. For information about configuring EEM, see the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide.

Consistency Checker

Overview

This section describes how to use the Consistency Checker feature.

The Consistency Checker feature is a tool to assist troubleshooting a switch. It can be used to validate various internal tables that are distributed between processes and modules. Using such programmatic algorithms remove human error from checking large and complex tables manually; thereby, quickly confirming the status of the tables and reducing the mean time to resolve such issues.

The Consistency Checker commands are used to validate software and hardware table states. The result is displayed as pass or fail. A failure result causes detailed information about the detected inconsistencies to be logged for further investigation.

Each Consistency Checker command may take several minutes to execute depending on the size of the configuration and number of modules in the switch. The check may fail if any of the tables under assessment change state during the check. Checks do not differentiate if the failure is due to normal changes, such as zoning changes, port flaps, or genuine errors. Thus, it is important to verify that a failure was not caused by normal events that occurred during the check. Rerun the failed check several times over a period of minutes to confirm if the failure is persistent. Persistent failure means that the detailed failure information does not change. If a persistent failure is found, contact your vendor for further analysis.

Currently, this feature only supports on-demand execution of commands; they are not run automatically by the system.

The Consistency Checker feature supports verification of table consistency for the following features:

Cisco NX-OS Release 8.4(1)

  • Access control list (ACL) Tables

  • Forwarding information base (FIB) Tables

  • Persistent Storage Service (PSS)

ACL Tables

The ACL Consistency Checker verifies the programming consistency between software and hardware for ACL tables including the following checks:

  • Hardware and software synchronization: This validation checks if entries present in the hardware table is same as in the software table and vice versa. This check flags errors if there is a mismatch in the entries between the two tables or if the error is present in one of the tables.

  • Hardware and software duplicate entries check: This validation compares entries in the hardware and software tables to find any duplicate entries and flags them as errors.

Use the show consistency-checker acl-table-status [module number] command to run the ACL Consistency Checker. The ACL Consistency Checker is not run automatically or periodically by the system.

FIB Tables

The FIB Consistency Checker verifies the programming consistency between software and hardware entries for Fibre Channel forwarding and adjacency tables. If there is an inconsistency, the CLI prints the mismatch entries between the hardware and software entries of the forwarding and adjacency tables.

Use the show consistency-checker fib-table-status [module number] command to run the FIB Consistency Checker. The FIB Consistency Checker is not run automatically or periodically by the system.

Persistent Storage Service (PSS)

The PSS Consistency Checker verifies the consistency between run-time and cached configuration data for the following features:

  • Spanning Tree

  • Certain ingress and egress forwarding parameters for interfaces (ELTM)

  • Interface state (ETHPM)

  • VLAN information (Vlan-manager)

Use the show consistency-checker pss command to run the PSS Consistency Checker. The PSS Consistency Checker is not run automatically or periodically by the system.

SAN Analytics

The SAN Analytics Consistency Checker feature identifies inconsistencies in SAN Analytics components such as NPU, modules, queries, database, analytics ACL entries, and so on.

Use the ShowAnalyticsConsistency command in Cisco MDS NX-OS Release 8.5(1) or the show consistency-checker analytics command in Cisco MDS NX-OS Release 9.2(1) or later to run the SAN Analytics Consistency Checker.

Use the command to run the SAN Analytics Consistency Checker.

This command is a troubleshooting tool that helps to identify inconsistencies in SAN Analytics components such as NPU, modules, queries, database, port-sampling configuration and so on. Such inconsistencies are abnormal and may lead to issues on the switch.

This command should be used as part of troubleshooting when SAN Analytics issues are suspected. The specified consistency check is done at the time the command is issued and the results are displayed. Detailed information about the detected inconsistencies is displayed to direct further detailed debugging.


Note

The SAN Analytics Consistency Checker does not work when port sampling or smart zoning is enabled.

Guidelines and Limitations

  • The Consistency Checker feature is supported only on the following hardware:

    • Cisco MDS 9132T 32-Gbps 32-Port Fibre Channel Switch

    • Cisco MDS 9148T 32-Gbps 48-Port Fibre Channel Switch

    • Cisco MDS 9396T 32-Gbps 96-Port Fibre Channel Switch

    • Cisco MDS 9700 48-Port 32-Gbps Fibre Channel Switching Module

    • Cisco MDS 9700 48-Port 16-Gbps Fibre Channel Switching Module

  • If there is a configuration change or a table state change in the environment while a Consistency Checker is running, it is possible to trigger false positives. In cases where false positives may be a concern, it is recommended to run multiple iterations of that Consistency Checker.

  • When you execute the show consistency-checker acl-table-status command, ensure that there are no background activities that can result in addition, deletion, or modification of existing ACL TCAM entries. The ACL Consistency Checker may take some time to complete.

  • Before you run the show consistency-checker acl-table-status command, ensure that SAN Analytics port sampling is not enabled to prevent false positive results. The SAN Analytics feature itself does not cause false positive results.

  • When you execute the show consistency-checker fib-table-status command, ensure that no routes are added, deleted, or updated while the Consistency Checker is still running. The FIB Consistency Checker may take some time to complete.

  • In Cisco MDS NX-OS Release 8.4(1), the PSS Consistency Checker is supported only on an active supervisor.

Manageability

This section describes the manageability features in the Cisco NX-OS software.

Simple Network Management Protocol

The Cisco NX-OS software is compliant with Simple Network Management Protocol (SNMP) version 1, version 2, and version 3. A large number of MIBs is supported. For more information about SNMP, see the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide.

Role-Based Access Control

With role-based access control (RBAC), you can limit access to device operations by assigning roles to users. You can customize access and restrict it to the users who require it. For more information about RBAC, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide.

Cisco NX-OS Software Configuration

This section describes the tools you can use to configure Cisco NX-OS software, and provides an overview of the software configuration process with links to the appropriate chapters.

Tools for Software Configuration

You can use one of two configuration management tools to configure your SANs:

  • The command-line interface (CLI) can manage Cisco MDS 9000 Family switches using Telnet, SSH, or a serial connection.

  • The Cisco MDS 9000 Fabric Manager, a Java-based graphical user interface, can manage Cisco MDS 9000 Family switches using SNMP.

Figure 1. Tools for Configuring Cisco NX-OS Software. This figure shows the tools for configuring the Cisco NX-OS software.


CLI

With the CLI, you can type commands at the switch prompt, and the commands are executed when you press the Enter key. The CLI parser provides command help, command completion, and keyboard sequences that allow you to access previously executed commands from the buffer history.

Continue reading this document for more information on configuring the Cisco MDS switch using the CLI.

NTP

In a large enterprise network, having one time standard for all network devices is critical for management reporting and event logging functions when trying to correlate interacting events logged across multiple devices. Many enterprise customers with extremely mission-critical networks maintain their own stratum-1 NTP source.

Time synchronization occurs when several frames are exchanged between clients and servers. The switches in client mode know the address of one or more NTP servers. The servers act as the time source and receive client synchronization requests.

By configuring an IP address as a peer, the Cisco NX-OS device will obtain and provide time as required. The peer is capable of providing time on its own and is capable of having a server configured. If both of these instances point to different time servers, your NTP service is more reliable. Even if the active server link is lost, you can still maintain the correct time due to the presence of the peer.

If an active server fails, a configured peer helps in providing the NTP time. To ensure backup support if the active server fails, provide a direct NTP server association and configure a peer.

If you only configure a peer, the most accurate peer takes on the role of the NTP server and the other peer acts as a peer. Both devices end at the correct time if they have the correct time source or if they point to the correct NTP source.

Figure 2. NTP Peer and Server Association. Not even a server down time will affect well-configured switches in the network. This figure displays a network with two NTP stratum 2 servers and two switches.

In this configuration, the switches were configured as follows:

  • Stratum-2 Server-1

    • IPv4 address-10.10.10.10

  • Stratum-2 Server-2

    • IPv4 address-10.10.10.9

  • Switch-1 IPv4 address-10.10.10.1

  • Switch-1 NTP configuration

    • NTP server 10.10.10.10

    • NTP peer 10.10.10.2

  • Switch-2 IPv4 address-10.10.10.2

  • Switch-2 NTP configuration

    • NTP server 10.10.10.9

    • NTP peer 10.10.10.1

Licensing

The Cisco NX-OS software licensing feature allows you to access premium features on the device after you install the appropriate license for that feature. Any feature not included in a license package is bundled with the Cisco NX-OS software and is provided to you at no extra charge.

You must purchase and install a license for each device.


Note

can enable a feature without installing its license. The Cisco NX-OS software gives you a grace period that allows you to try a feature before purchasing its license. You must install the Advanced Services license package to enable the Cisco TrustSec feature.

For detailed information about Cisco NX-OS software licensing, see the Cisco NX-OS Licensing Guide.

Quality of Service

The Cisco NX-OS software supports quality of service (QoS) functions for classification, marking, queuing, policing, and scheduling. Modular QoS CLI (MQC) supports all QoS features. You can use MQC to provide uniform configurations across various Cisco platforms. For more information, see the Cisco Nexus 7000 Series NX-OS Quality of Service Configuration Guide.