Nexus 1000v management interface

kcrozier · ‎03-29-2012

Hi,

not sure if this is the place to ask or not, if not if you can direct me to the correct place that would be great.

I have a Nexus 1000v on a esxi server. The server has two NICs that go to two different switches that are completely isolated from each other. I have a vSwitch set up that can access the vCenter, and a port from the 1000v is attached to that vSwitch - that uses NIC1.

NIC2 is attached to the 1000v in the UPLINK port-profile, and I can reach a bunch of hosts and the Vmk0 that I added to the Control Port-profile (maybe not the right place to add it - but it works)

here is the config of the 1000v

version 4.2(1)SV1(5.1)

no feature telnet

username admin password 5 $1$Aet3Mefy$sm3z3sbncQg27LkcYnVBH. role network-admin

banner motd #SE-Demo - Nexus 1000v Switch - access prohibited#

ssh key rsa 2048

ip domain-lookup

switchname SE-DEMO

system default switchport

logging event link-status default

vem 3

host vmware id 34393433-3239-5553-4531-33374e334134

snmp-server user admin network-admin auth md5 0x1e15a8540fff0563a2f843f1deb3009d priv 0x1e15a8540fff0563a2f843f1deb30

09d localizedkey

snmp-server community infoblox group network-operator

vrf context management

ip route 0.0.0.0/0 10.120.18.1

vlan 1-15,100-104

port-channel load-balance ethernet source-mac

port-profile default max-ports 100

port-profile type ethernet Unused_Or_Quarantine_Uplink

vmware port-group

shutdown

max-ports 32

description Port-group created for Nexus1000V internal usage. Do not use.

state enabled

port-profile type vethernet Unused_Or_Quarantine_Veth

vmware port-group

shutdown

max-ports 32

description Port-group created for Nexus1000V internal usage. Do not use.

state enabled

port-profile type vethernet management

vmware port-group

switchport mode access

switchport access vlan 101

no shutdown

system vlan 101

state enabled

port-profile type ethernet system-uplink

vmware port-group uplinkportprofile1

switchport mode trunk

switchport trunk allowed vlan 1-15,100-104

channel-group auto mode on

no shutdown

system vlan 1-15,100-104

state enabled

port-profile type vethernet Data-Centre1

vmware port-group

switchport mode access

switchport access vlan 3

no shutdown

state enabled

port-profile type vethernet packet

vmware port-group

switchport mode access

switchport access vlan 102

no shutdown

system vlan 102

state enabled

port-profile type vethernet ServiceConsole

vmware port-group

switchport mode access

switchport access vlan 100

no shutdown

system vlan 100

state enabled

port-profile type vethernet control

vmware port-group

switchport mode access

switchport access vlan 1

no shutdown

system vlan 1

state enabled

vdc SE-DEMO id 1

limit-resource vlan minimum 16 maximum 2049

limit-resource monitor-session minimum 0 maximum 2

limit-resource vrf minimum 16 maximum 8192

limit-resource port-channel minimum 0 maximum 768

limit-resource u4route-mem minimum 1 maximum 1

limit-resource u6route-mem minimum 1 maximum 1

limit-resource m4route-mem minimum 58 maximum 58

limit-resource m6route-mem minimum 8 maximum 8

interface mgmt0

ip address 10.120.18.47/24

interface loopback0

interface Vethernet6

inherit port-profile Data-Centre1

description linux1, Network Adapter 1

vmware dvport 540 dvswitch uuid "34 51 1c 50 66 b4 e6 28-c2 f0 e4 75 ca 92 5b 40"

vmware vm mac 0050.569C.CE39

interface Vethernet7

inherit port-profile Data-Centre1

description ntp1, Network Adapter 1

vmware dvport 117 dvswitch uuid "34 51 1c 50 66 b4 e6 28-c2 f0 e4 75 ca 92 5b 40"

vmware vm mac 0050.569C.CDE3

interface Vethernet8

inherit port-profile control

description Nexus1000V-4.2.1.SV1.4a, Network Adapter 3

vmware dvport 1640 dvswitch uuid "34 51 1c 50 66 b4 e6 28-c2 f0 e4 75 ca 92 5b 40"

vmware vm mac 0050.569C.CD99

interface control0

line console

boot kickstart bootflash:/nexus-1000v-kickstart-mz.4.2.1.SV1.5.1.bin sup-1

boot system bootflash:/nexus-1000v-mz.4.2.1.SV1.5.1.bin sup-1

boot kickstart bootflash:/nexus-1000v-kickstart-mz.4.2.1.SV1.5.1.bin sup-2

boot system bootflash:/nexus-1000v-mz.4.2.1.SV1.5.1.bin sup-2

svs-domain

domain id 2

control vlan 1

packet vlan 102

svs mode L2

svs connection vc

protocol vmware-vim

remote ip address 10.66.100.22 port 80

vmware dvs uuid "34 51 1c 50 66 b4 e6 28-c2 f0 e4 75 ca 92 5b 40" datacenter-name Colo-Demo

max-ports 8192

connect

vsn type vsg global

tcp state-checks

vnm-policy-agent

registration-ip 0.0.0.0

shared-secret **********

log-level

Now comes my problem, I have a NMS attached to a c3750 on NIC2 that would really like to manage the 1000v itself however I can't figure out how to get the two to talk.

I've put the same network on basically all the Vethernet port-profile vlans, but can't get to the mgmt0 interface, and can't put ip address on anyother interface. It seems like it only wants to talk on interface two in the vmware host definition ... What am i missing

Any help would be great

tia

ken

sprasath · ‎04-09-2012

Hello Ken,

The mgmt0 IP address (NIC 2 on the VM as you say) must be accessible from the NMS. From your description, it looks like the connection is:

Switch 1 Switch 2 -- NMS

| |

NIC 1 NIC 2

-----------------------------------------

vSwitch Nexus 1000v

|

VSM VM NIC 2

If this is correct, then you need to either connect switch 1 and switch 2 or move the VSM VM's NIC 2 nehind the Nexus 1000v.

Thanks,

Shankar