09-02-2011 11:45 AM
I am trying to determine why hosts off our Nexus 7010s are being picked up in UT. Since LMS 4.0.1, UT should be supported on these devices.
I did read in the documentation:
When adding the Nexus devices to DCR, provide the netadmin SNMP RO credential.
When other SNMP RO credential is provided, user tracking will not collect end host
data.
I think I have this setup correctly as the device center test passes when cehcking snmp ro credentials.
Our 7010s are running NX-OS 5.0(3) - earlier than the recommended version - might that cause issues? We are not using VRFs other than the default and management.
Here is my snmp section:
sh run | sec snmp
ip access-list copp-system-acl-snmp
10 permit udp any any eq snmp
10 permit udp any any eq snmp
20 permit udp any any eq snmptrap
match access-group name copp-system-acl-snmp
snmp-server contact <ourcontactinfo>
snmp-server location <ourlocation>
snmp-server user admin network-admin auth md5 0x6fbb56b2146c48702383681c53358eab priv 0x6fbb56b2146c48702383681
c53358eab localizedkey
snmp-server community <mypasspharase> group network-operator
snmp-server mib community-map <mypassphrase> context v·e
no snmp trap link-status
09-03-2011 08:00 PM
You need to be running NX-OS 5.1(1) for the proper MIB support for UT. Versions prior to that did not support the VTP-MIB.
09-03-2011 09:51 PM
Thanks, Joe. I was suspecting something along those lines.
It'll take a little while to get a change window for these core devices. I'll report back once we've rolled out an upgrade.
09-04-2011 03:19 AM
Joe,
Does it make any difference if the N7K is only used as an intervlan router, rather than as a switch?.
I would expect it to read other mibs (ARP cache) in that case.
Cheers,
Michel
09-04-2011 08:07 AM
UT maps MAC addresses to ports. If you're not using any layer 2 capabilities of the N7K, then you will not see users connected to it. However, if the N7K is forwarding layer 3 info, then UT can use it as a router for ARP entries.
09-04-2011 09:54 AM
I expect that in my situation - 5010 access and distribution switches with layer 2 services only and a 7010 core router providing gateway services and thus the ARP cache information - I will need the whole chain to have 5.1(1) or later to get an accurate picture of all the end hosts in that data center.
09-04-2011 12:29 PM
UT is not supported on the N5K series, only the N7K.
09-04-2011 01:22 PM
Ugh, that seems kind of silly. What's the rationale behind that lack of support?
I'd imagine most data center implementations have servers plugged into 5000 series (and their FEXes), not directly into the 7000 series cores.
Is this partial support also the reason why I am unable to create a new VLAN and deploy it to Nexus 5k's? I was really hoping to leverage our CiscoWorks for this, not dive into the DCNM tool.
09-04-2011 01:27 PM
The primary reason is lack of MIB support on the N5K. While the two platforms run NX-OS, the features between the two are not the same.
09-04-2011 01:40 PM
Which MIB in particular is lacking in the N5K?
I'll follow up separately with our account SE regarding roadmap plans for this feature set.
09-04-2011 02:07 PM
I believe its a combination of tables in MIBs like CISCO-VTP-MIB and CISCO-VLAN-MEMBERSHIP-MIB.
03-19-2012 03:59 AM
Does anyone know when (or in which LMS version) UT will be supported on the Nexus 5k series ?
03-19-2012 05:17 AM
As you can see in the thread if you read it, the NEXUS 5K does not support the mibs required for UT.
So I guess your current version might even support it as soon as the mibs start to work on the device and a device package update is done.
Cheers,
Michel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide