Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2061
Views
5
Helpful
2
Replies

nexus 4000 - chassis-management

Go to solution
simmo
Level 1
Level 1

‎11-23-2011 03:14 PM - last edited on ‎03-25-2019 04:17 PM by Community Manager

Hi,

I'm trying to get my head around the 'management' vrf and the 'chassis-management' vrf, on my nexus 4000 blade centre switch.

If I have my chassis management vrf interface configured, which is mgmt1 interface, is there a good reason to configure up the 'mgmt0' interface on the management vrf?

I want to do ssh access, tacacs and snmp to manage the switch, and I was considering doing it all through the chassis-management interface, and leaving the mgmt0 interface blank. THe configs that are on this customers existing switches have the mgmt0 and mgmt1 interfaces set as the same IP Address, which I cant see being a good thing.

any advice welcome.

thanks, Simmo.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Lawrence Searcy
Cisco Employee
Cisco Employee

‎11-27-2011 11:43 PM

It gets complicated. The way this works is that IBM designs and controls the chassis and Cisco designs the Nexus 4000 switches for their chassis. But IBM still wants to retain control over the chassis via an advanced management module or AMM.i.e. IBM feels they should be able to control the Nexus 4000 module via the Advanced Management Module.

There are 2 management ports on the nexus 4000: one external  10/100/1000BASE-T port (mgmt0) and one internal port (full-duplex 100 Mbps) [mgmt1] connected to the AMM.

There are 3 different VRFs (show vrf all)

• Default – Typically used for “in-band” management (not via mgmt0 or mgmt1 but a layer 3 vlan interface)
• Management – Used for “out-of-band” management by interface mgmt0. This is the typical mgmt port and VRF you would find on the nexus 7000.
• Chassis-management – Used for “out-of-band” management by interface mgmt1 (via AMM web GUI or pass through)

Because network engineers are used to managing switches via the CLI, I typically see mgmt1 in "shutdown force" and a static ip address on mgmt0 for out of band management via the front external mgmt 0 port. But if you want to manage the module via the IBM AMM GUI, then you should use the mgmt1 and allow the AMM to give it an ip address via the IO module static ip address and shut down mgmt0. If you want both, then they need 2 different ip addresses.

I believe that the AMM will allow "pass through" mode to the Nexus 4000 CLI so you can reach the CLI via it.

Further information:

http://www.redbooks.ibm.com/abstracts/tips0754.html

http://www.cisco.com/en/US/docs/switches/datacenter/nexus4000/nexus4000_i/sw/configuration/guide/rel_4_1_2_E1_1/sol.html#wp1072280

On previous blade switches without VRFs, it was possible to loop packets through the AMM and back into the network when it was mis-configured since this internal interface is never blocking. The AMM guide might give you more information since it treats the switch as an IO module.

View solution in original post

2 Replies 2

Go to solution
Lawrence Searcy
Cisco Employee
Cisco Employee

‎11-27-2011 11:43 PM

It gets complicated. The way this works is that IBM designs and controls the chassis and Cisco designs the Nexus 4000 switches for their chassis. But IBM still wants to retain control over the chassis via an advanced management module or AMM.i.e. IBM feels they should be able to control the Nexus 4000 module via the Advanced Management Module.

There are 2 management ports on the nexus 4000: one external  10/100/1000BASE-T port (mgmt0) and one internal port (full-duplex 100 Mbps) [mgmt1] connected to the AMM.

There are 3 different VRFs (show vrf all)

• Default – Typically used for “in-band” management (not via mgmt0 or mgmt1 but a layer 3 vlan interface)
• Management – Used for “out-of-band” management by interface mgmt0. This is the typical mgmt port and VRF you would find on the nexus 7000.
• Chassis-management – Used for “out-of-band” management by interface mgmt1 (via AMM web GUI or pass through)

Because network engineers are used to managing switches via the CLI, I typically see mgmt1 in "shutdown force" and a static ip address on mgmt0 for out of band management via the front external mgmt 0 port. But if you want to manage the module via the IBM AMM GUI, then you should use the mgmt1 and allow the AMM to give it an ip address via the IO module static ip address and shut down mgmt0. If you want both, then they need 2 different ip addresses.

I believe that the AMM will allow "pass through" mode to the Nexus 4000 CLI so you can reach the CLI via it.

Further information:

http://www.redbooks.ibm.com/abstracts/tips0754.html

http://www.cisco.com/en/US/docs/switches/datacenter/nexus4000/nexus4000_i/sw/configuration/guide/rel_4_1_2_E1_1/sol.html#wp1072280

On previous blade switches without VRFs, it was possible to loop packets through the AMM and back into the network when it was mis-configured since this internal interface is never blocking. The AMM guide might give you more information since it treats the switch as an IO module.

Go to solution
simmo
Level 1
Level 1

‎12-05-2011 09:10 PM

thanks lawrence for your comprehensive answer. Cheers, Simmo.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card