Nexus 1000v Uplink port Blocked by admin

Ben93160_4 · ‎04-29-2013

Hello,

I recently install and configure a Nexus 1000v!

I migrate a server on a vlan dedicated with an adapted port-profile (access vlan).

I can ping this server but someting trouble me : when I go to the configuration tab of my switch I can see that my server's port is green (up and not blocked) and showing the right vlan ID but the uplink port is grey and blocked by admin :

I think ping works because it uses the system VLAN but other flow will not pass.

Can someone explain me why the port is in grey and how could I unblock this port.

Thanks a lot for your help ans sorry for mistakes, I'm a french student.

Benoit

lwatta · ‎04-29-2013

It's hard to tell based just off your description.

Can you post your running config? We should be able to tell whats going on after looking at the configuration.

louis

Ben93160_4 · ‎04-29-2013

swi-nexus1000v-scl01# show running-config

!Command: show running-config

!Time: Mon Apr 29 12:09:16 2013

version 4.2(1)SV1(5.2b)

no feature telnet

username admin password 5 $1$k1qdCY94$cPRwMWLH2NBShx0IvGIH8. role network-admin

banner motd #Nexus 1000v Switch#

ip domain-lookup

ip host swi-nexus1000v-scl01 10.34.13.65

switchname swi-nexus1000v-scl01

errdisable recovery cause failed-port-state

vem 3

host vmware id bd56b0aa-93cf-ed46-86b3-65ad9fa72a81

snmp-server user admin network-admin auth md5 0x90495ef2cf28f8151ece16eb23affcf7 priv 0x90495ef2cf28f8151ece16eb23affcf7 localizedkey

snmp-server community public group network-operator

ntp server 10.25.22.30

vrf context management

ip route 0.0.0.0/0 10.34.13.1

vlan 1,1000,1004,1063

vlan 1

vlan 1000

name VLAN-PROD-1000

vlan 1004

name VLAN-NETWAF-1004

vlan 1063

name VLAN-ADMIN-1063

port-channel load-balance ethernet source-mac

port-profile default max-ports 32

port-profile type ethernet Unused_Or_Quarantine_Uplink

vmware port-group

shutdown

description Port-group created for Nexus1000V internal usage. Do not use.

state enabled

port-profile type vethernet Unused_Or_Quarantine_Veth

vmware port-group

shutdown

description Port-group created for Nexus1000V internal usage. Do not use.

state enabled

port-profile type vethernet ADMIN-VMWARE-1063

vmware port-group

switchport mode access

switchport access vlan 1063

no shutdown

state enabled

port-profile type ethernet NEX-UPLINK-1

vmware port-group

switchport mode trunk

switchport trunk allowed vlan 1000,1004,1063

no shutdown

system vlan 1063

state enabled

port-profile type vethernet NET-WAF-1004

vmware port-group

switchport mode access

switchport access vlan 1004

no shutdown

state enabled

port-profile type vethernet VLAN-PROD-1000

vmware port-group

switchport mode access

switchport access vlan 1000

no shutdown

state enabled

port-profile type vethernet PP-DATA

vmware port-group

switchport mode access

switchport access vlan 1004

no shutdown

state enabled

port-profile type vethernet PP-HA

vmware port-group

switchport mode access

switchport access vlan 1004

no shutdown

state enabled

vdc swi-nexus1000v-scl01 id 1

limit-resource vlan minimum 16 maximum 2049

limit-resource monitor-session minimum 0 maximum 2

limit-resource vrf minimum 16 maximum 8192

limit-resource port-channel minimum 0 maximum 768

limit-resource u4route-mem minimum 1 maximum 1

limit-resource u6route-mem minimum 1 maximum 1

limit-resource m4route-mem minimum 58 maximum 58

limit-resource m6route-mem minimum 8 maximum 8

interface mgmt0

ip address 10.34.13.65/25

interface Vethernet1

inherit port-profile VLAN-PROD-1000

description tdmtrp11s, Network Adapter 1

vmware dvport 100 dvswitch uuid "89 a0 0f 50 a6 8c a5 d2-cc 6d 90 5e dd 64 21 26"

vmware vm mac 0050.568F.6144

interface Vethernet2

inherit port-profile ADMIN-VMWARE-1063

description nexus1000v-vnmc-scl01, Network Adapter 1

vmware dvport 32 dvswitch uuid "89 a0 0f 50 a6 8c a5 d2-cc 6d 90 5e dd 64 21 26"

vmware vm mac 0050.568F.2521

interface Vethernet3

inherit port-profile PP-HA

description nexus1000v-vsg-scl01, Network Adapter 3

vmware dvport 192 dvswitch uuid "89 a0 0f 50 a6 8c a5 d2-cc 6d 90 5e dd 64 21 26"

vmware vm mac 0050.568F.2529

interface Vethernet4

inherit port-profile PP-DATA

description nexus1000v-vsg-scl01, Network Adapter 1

vmware dvport 224 dvswitch uuid "89 a0 0f 50 a6 8c a5 d2-cc 6d 90 5e dd 64 21 26"

vmware vm mac 0050.568F.2527

interface Ethernet3/4

inherit port-profile NEX-UPLINK-1

interface control0

line console

boot kickstart bootflash:/nexus-1000v-kickstart.4.2.1.SV1.5.2b.bin sup-1

boot system bootflash:/nexus-1000v.4.2.1.SV1.5.2b.bin sup-1

boot kickstart bootflash:/nexus-1000v-kickstart.4.2.1.SV1.5.2b.bin sup-2

boot system bootflash:/nexus-1000v.4.2.1.SV1.5.2b.bin sup-2

svs-domain

domain id 1

control vlan 1063

packet vlan 1063

svs mode L2

svs connection vcenter

protocol vmware-vim

remote ip address 10.34.13.13 port 80

vmware dvs uuid "89 a0 0f 50 a6 8c a5 d2-cc 6d 90 5e dd 64 21 26" datacenter-name Test

max-ports 8192

connect

vservice global type vsg

tcp state-checks

vnm-policy-agent

registration-ip 10.34.13.66

shared-secret **********

policy-agent-image bootflash:/vnmc-vsmpa.2.0.1b.bin

log-level

lwatta · ‎07-18-2013

Sorry, it looks like your post got stuck and just showed up.

I don't see anything wrong with your configuration. When you say that pings work but other flows do not can you explain a little more?

It looks like you are migrating your Vmware mgmt interface to the Nexus 1000V. Is that correct? if so as long as you can ping the interface and the host still shows up under vcenter it should be working.

There are a few bugs filed against the nexus 1000v for not displaying the correct vlan information in vCenter.

louis