Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
16913
Views
0
Helpful
3
Replies

Nexus 5k - Adding and removing vlans in port-channel (vpc)

Go to solution
ahmed.jama
Level 1
Level 1

‎12-05-2012 02:50 AM - edited ‎03-07-2019 10:24 AM

version 5.2(1)N1(1)

Hello,

I am a bit confused by the output of 'show run' and 'show run switch-profile' that pertains to a port-channel interface configured in a switch-profile. My main gaol is to find out how can I add/remove the allowed vlans the port-channel (configured as trunk) carries. 

The setup is like this. I have 2 N5k in vPC domain and Etherner1/11 on both switches is configured as trunk vPC that connects to a core switch. When I issue ‘show run’ for the port-channel and physical interface I get the following output

N5k1# sh run int po10

interface port-channel10

  description TEST

  switchport mode trunk

  switchport trunk allowed vlan 30,40

  speed 1000

  vpc 10

N5k1# sh run int Ethernet 1/11

interface Ethernet1/11

  description TEST

  switchport mode trunk

  switchport trunk allowed vlan 30,40

  speed 1000

  channel-group 10 mode active

When I issue 'show run switch-profile', I get the following output

N5k1# sh run switch-profile | be int

  interface port-channel10

    description TEST

    switchport mode trunk

    speed 1000

    vpc 10

  interface Ethernet1/11

    switchport mode trunk

    switchport trunk allowed vlan 30, 40

    speed 1000

    channel-group 10 mode active

From above it seems the switch-profile configuration is missing the 'switchport trunk allowed vlan' in the port-channel interface. If want I to remove vlan 30 from the allowed vlan, should I go under the switch-profile mode and remove vlan 30 from the allowed list even though the switch-profile configuration seems to be missing this.

For example:

conf sync

!

switch-profile TEST

!

interface port-channel10

switchport trunk allowed vlan remove 30

exit

!

verify

!

commit

!

end

Could someone kindly point me into the right direction.

Regards,

Ahmed

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎12-05-2012 05:03 PM

Hi,

If you are using config sync, then you need to use the switch-profile and remove it there, so it applies to both switches.  If you are not using config sync, then you can make the change on the portchannel and remove the vlan there.

From the config guide:

Switch Profiles

Beginning with Cisco NX-OS Release 5.0(2)N1(1), config-sync mode allows  you to create a switch profile. A switch profile contains a predefined  configuration that you can use to configure a peer switch so that both  peers have the same configuration. In config-sync mode, you define the  peer and the configuration in the switch profile. Peers are identified  by their IP address and they are local to each switch profile. Commands  entered in config-sync mode are buffered until they are committed.   Configuration changes made in configuration terminal mode apply only to  the local switch.

You must create an identical switch profile on each peer switch in  config-sync mode. This configuration is not automatically synchronized  and you must configure it on each peer switch.

To create the switch profiles, enter the following commands:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/operations/n5k_config_sync_ops.html

HTH

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎12-05-2012 05:03 PM

Hi,

If you are using config sync, then you need to use the switch-profile and remove it there, so it applies to both switches.  If you are not using config sync, then you can make the change on the portchannel and remove the vlan there.

From the config guide:

Switch Profiles

Beginning with Cisco NX-OS Release 5.0(2)N1(1), config-sync mode allows  you to create a switch profile. A switch profile contains a predefined  configuration that you can use to configure a peer switch so that both  peers have the same configuration. In config-sync mode, you define the  peer and the configuration in the switch profile. Peers are identified  by their IP address and they are local to each switch profile. Commands  entered in config-sync mode are buffered until they are committed.   Configuration changes made in configuration terminal mode apply only to  the local switch.

You must create an identical switch profile on each peer switch in  config-sync mode. This configuration is not automatically synchronized  and you must configure it on each peer switch.

To create the switch profiles, enter the following commands:

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/operations/n5k_config_sync_ops.html

HTH

0 Helpful

Go to solution
ahmed.jama
Level 1
Level 1
In response to Reza Sharifi

‎12-07-2012 05:52 AM

Hi Reza,

Thanks for the information. Do you happen to know why the output of 'show run switch-profile' omits some port-channel related configuration such as 'switchport trunk allowed vlan 30, 40', and this is displayed when 'show run int' output?

Regards,

Ahmed

0 Helpful

Go to solution
Kevin Dorrell
Level 10
Level 10
In response to ahmed.jama

‎09-12-2013 01:52 AM

That happens if the commands are not in the switch-profile, but are in the "conf t" part of the configuration.

I find it quite useful to upload the config to a TFTP server, and then to examine the file using an editor.  You will find there are two parts to the file: the top part contains the commands entered in "conf t" mode, and the bottom part (under the switch-profile conmmand) contains the commands entered in "conf sync" mode.

Even more revealing is to upload the config of both switches to a TFTP server, and then use some comparision tool like WinMerge to highlight the differences.

Regards

Kevin DORRELL

Luxembourg

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card