Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4618
Views
0
Helpful
4
Replies

N5K 5548 - how to set all traffic to be source from vrf management context

kstamandk
Level 1
Level 1

‎02-09-2011 05:15 AM

Question on how to setup a Nexus 5548 so that

all traffic (logging, radius, telnet, ssh, ...) is sourced from the

Managmeent interface (MGMT0).

Current configuration has

vrf context management

  0.0.0.0/0 1.1.1.1

int mgmt0

  ip address 1.1.1.2/24

Two questions;

1) With this setup, I am unable to telnet or ssh into the mgmt0 interface from anyplace on the network, although I can ping the device - telnet and ssh servers are enabled. Any thoughts / help?

2) From a NOC monitoring perspective, I would like to ensure all traffic originating from the Nexus is sourced from the mgmt0 interface - not quite sure if there is a global command to do that or if it comes down to specific interfaces (if it is the latter, on the 5548, I'm not finding how to do that tho i have seen references elsewhere where command like logging server x.x.x.x use-vrf management which is not available on the 5548). Is there a Global command or...?

Labels:
0 Helpful
4 Replies 4

vdsudame
Cisco Employee
Cisco Employee

‎02-17-2011 06:47 PM

1)

do you mean current configuration is

vrf context management

ip route 0.0.0.0/0 1.1.1.1

is 1.1.1.1 the appropriate ip address of your default gw?

on 5548 setting up for mgmt0 connectivity is no different than a regular 5010 or 5020.

2) There is no global command to have connectivity to syslog, tacacs, etc via mgmt interface. You will need enable it explicitly for each feature

I just checked my lab config and I see the following use-vrf command being present for logging server as an eg.

switch(config)# logging server 1.1.1.1 7 ?
       
  facility  Facility to use when forwarding to server
  use-vrf   Enter VRF name, default is default VRF

switch(config)# logging server 1.1.1.1 7 use-vrf ?
  WORD  VRF name,default management

Thanks, Vinayak

0 Helpful

vdsudame
Cisco Employee
Cisco Employee
In response to vdsudame

‎02-22-2011 10:42 AM

any further questions on this issue ?

0 Helpful

kstamandk
Level 1
Level 1
In response to vdsudame

‎02-27-2011 05:37 AM

Been out of band for awhile, just getting back into things again.

No further questions and here is what I have found;

To source traffic from vrf-management, you have to configure "vrf management" under various config sections (Radius, NTP, Ping, ...) while other sections default to vrf management (syslog, ..).

Coming from an IOS background we assuming there would be comparable commands for setting where traffic would be sourced from, ex;

ip telnet source-interface
ip tftp source-interface
ip ssh source-interface
logging source-interface
snmp-server trap-source
ntp source

If there is documentation describing this in NX-OS, we haven't come across it yet. If we are missing it, if someone could direct it to us it would be appreciated.

Thanks.

0 Helpful

vdsudame
Cisco Employee
Cisco Employee
In response to kstamandk

‎03-01-2011 06:34 AM

we are adding support for it in the next release.CSCtl79488 documents the behavior and changes.

Bug toolkit:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtl79488

Hope this helps,

Thanks,

Vinayak

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card