Release 15.1SY Supervisor Engine 2T Software Configuration Guide

Instant Access (IA)

---

• Prerequisites for Instant Access
• Restrictions for Instant Access
• Information About Instant Access
• Default Settings for Instant Access
• How to Configure Instant Access

Note ● For complete syntax and usage information for the commands used in this chapter, see these publications:

http://www.cisco.com/en/US/products/ps11846/prod_command_reference_list.html

• Cisco IOS Release 15.1SY supports only Ethernet interfaces. Cisco IOS Release 15.1SY does not support any WAN features or commands.

Prerequisites for Instant Access

• An IA parent—A VSS-mode Catalyst 6800 switch or a VSS-mode Catalyst 6500 switch equipped with a Supervisor Engine 2T and one or more WS-X6904-40G-2T switching modules, configured to support 10GE links.
• IA clients— Catalyst 6800ia access switches

See this publication for more information:

http://www.cisco.com/en/US/prod/collateral/switches/ps10902/ps715/ps13198/data_sheet_c78-728230.html

• See this publication for more information about Instant Access:

http://www.cisco.com/en/US/prod/collateral/switches/ps10902/ps715/ps13198/white_paper_c11-728265.html

• For image download during ISSU upgrade, remove ip tftp source-interface config on IA Parent, and add a static route to copy image through mgmt intf.

Restrictions for Instant Access

• When using the Instant Access (IA) feature, ensure that the internal VLAN and the associated internal virtual routing and forwarding (VRF) that is reserved for IA control is not used anywhere on the network. All inter-chassis system control communication between the IA parent and IA client is carried over the reserved internal VLAN from the global range.
• The IA parent must operate in VSS mode.

Note • You can enable VSS mode on a single chassis to support IA clients.
• The VSS Quad-Sup SSO (VS4O) feature is supported with IA clients from Release 15.1(2)SY2.

• The IA parent-client connection is supported on links between WS-X6904-40G-2T switching module 10GE ports and Catalyst 6800ia access switch 10GE ports.

– You can use up to 6 IA client 10GE ports in the IA parent-client link. See this document for information about WS-X6904-40G-2T switching module port configuration:

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-696669.html

– IA client 10-Gigabit Ethernet ports require no configuration.

– UDLD, LLDP, and CDP are not supported on the A parent-client link.

– Instant Access does not use STP on the IA parent-client connection.

– Use only XL based modules for scale FEX QoS configuration to prevent issues with TCAM (ternary content-addressable memory) utilization. When QoS policy is configured on 1500 FEX host ports, the first 511 interfaces share the TCAM utilization. But, remaining ports will start using new TCAM entries for each interface and will exhaust non-XL TCAM utilization.

• IA client maximum values:
• IA client ports do not support these features:

Value Description:	Maximum Value
Maximum IA client ports	1008 ports across 21 Catalyst 6800ia access switches
Maximum IA client stacks	12 (defined by IA client FEX number 1–12 range.)
Maximum Catalyst 6800ia access switches per IA client stack	3 An IA client stack acts as single switch unit. Instant access only supports connection with stacking cables to form a stack. With an IA client that has multiple Catalyst 6800ia access switches, the switches in the stack assign incrementing switch numbers to themselves (automatic stacking capability). If you add Catalyst 6800ia access switches to a configured IA client, the additional switches assign incrementing switch numbers to themselves. The IA client configuration does not persist if the access switch number changes.
Maximum number of VLANs per IA client stack	You can set upto 1,000 VLANs, we recommend to set not more than 20 VLANs per FEX.
Maximum Number of Port Channels	512

– Configuring EtherChannels with combination of FEX Ports from different FEX-IDs or combination of FEX ports with IA parent switch linecard ports is not supported. However, FEX host port channel from the same FEX is supported.

– FEX host port EtherChannel load balancing is not supported.

– Port debounce timer

– UDLR tunnel ARP and IGMP proxy

– Uni-Directional Link Routing (UDLR)

– IEEE 802.1Q tunneling

– VLAN Mapping

– VLAN Translation

– IEEE 802.1Q custom ethertypes

– L2PT - Layer 2 protocol tunneling

– L2PT - Layer 2 protocol tunneling on trunk ports

– 802.1ad tunnelling

– Port security on 802.1Q tunnel ports

– Private VLANs (PVLAN)

– VACL capture

– Per-VLAN load balancing for Advanced QinQ service mapping

– Cisco TrustSec NDAC (Network Device Admission Control)

– Cisco TrustSec security association protocol (SAP) for MACSec encryption

– Cisco TrustSec confidentiality and integrity with MACsec (IEEE 802.1AE)

– Cisco TrustSec identity port mapping

– Network edge authentication topology (NEAT)

– AutoQoS

– MQC queuing policy support

– Priority queueing (PQ)

– QoS aggregated DSCP values for WRED

– QoS aggregated precedence values for WRED

– Class based weighted fair queuing (CBWFQ)

– Class-based shaping

– DiffServ-compliant dWRED

– Diffserv-compliant WRED

– Selective packet discard (SPD)

– Strict priority low latency queueing (LLQ)

– Weighted fair queueing (WFQ)

– Weighted RED (WRED)

– QoS policer rate increase to 256G

– Ethernet over MPLS (EoMPLS) - IEEE 802.1q Tag Stacking

– H-VPLS N-PE redundancy for QinQ access

– Connectivity fault management (CFM)

– Ethernet connectivity fault management (E-CFM)

– Ethernet local management interface (LMI) at provider edge (PE)

– Ethernet operations, administration, and Maintenance (OAM)

– Ethernet-OAM 3.0: CFM over BD, Untagged

– IEEE 802.1ag - D8.1 standard Compliant CFM, Y.1731 multicast LBM / AIS / RDI / LCK, IP SLA for Ethernet

– IEEE 802.1ag Compliant CFM (D8.1)

• To use an IA client port as a SPAN destination, add the IA client port VLAN to the SPAN allowed VLAN list with the switchport trunk allowed vlan command.
• When FEX IA parent-client link portchannel is configured as SPAN source in Tx direction or both directions, the SPAN destination should not be on the same FEX. This is applicable for both stacked and standalone FEX.
• To enable formation of ISIS adjacencies on IA client ports, configure an explicit connectionless network service (CLNS) MTU size on the IA client and peer ports. The maximum MTU value that can be configured for CLNS is 9216. The CLNS MTU size should be the same on both sides of the ISIS link.

This example shows how to configure the default MTU size on an IA client port:

• IA client port QoS:

– Configure ingress QoS on the IA parent port-channel interface.

– The egress QoS configuration on IA client ports is not configurable.

– Port architecture (Rx/Tx): 1p3q3t

Information About Instant Access

The Instant Access (IA) feature supports multiple Catalyst 6800ia access switches that function as clients of the IA parent switch. The IA parent and client switches form a single extended switch with a single management domain, managed by the IA parent.

The IA parent uses the Satellite Discovery Protocol (SDP) and the Satellite Registration Protocol (SRP) to automatically discover IA clients when they connect and monitor the IA client-parent link. The IA parent upgrades the IA client software image if it is not the same as the parent.

The IA parent features are applied to IA client traffic. The IA clients do not perform any local packet forwarding. All traffic originating from IA client ports are sent to the IA parent, which makes all the switching and forwarding decisions.

These online diagnostic tests support Instant Access clients:

• TestFexModeLoopback
• TestFexFabricLinkStatus

Default Settings for Instant Access

By default, these configurations are present on each interface:

How to Configure Instant Access

• Configure Instant Access Staggered Initialization Mode
• Enable IA Client Preprovisioning
• Configure Instant Access Port-Channel Interfaces
• Configure Instant Access Channel Groups
• Identify Connected IA Client Stack Modules
• Renumbering FEX Switch-ID
• Configure IA Clients
• Display or Clear SDP and SRP Traffic
• Configure Optional Parameters for an IA Client

Configure Instant Access Port-Channel Interfaces

To create a port channel interface to support IA clients, perform this task:

 

	Command	Purpose
Step 1	Router(config)# interface port-channel group_number	Creates the port channel interface. There can be up to a maximum of 512 port-channel interfaces (12 port-channel interfaces can be used to support IA clients). Note If desired, you can configure the group_number to match the IA client FEX number.
Step 2	Router(config-if)# switchport	Configures the port channel interface for Layer 2 switching.
Step 3	Router(config-if)# switchport mode fex-fabric	Configures the port channel interface to support IA clients.
Step 4	Router(config-if)# fex associate fex_number	Configures the IA client FEX number. The valid value range is 101–199. Maximum of 12 IA client FEX numbers.

This example shows how to create port channel interface 1 and configure it to support IA FEX number 118:

Router# configure terminal

Router(config)# interface port-channel 118

Router(config-if)# switchport

Router(config-if)# switchport mode fex-fabric

Router(config-if)# fex associate 118

Configure Instant Access Channel Groups

To configure channel groups to support IA clients, perform this task for the 10 Gigabit Ethernet LAN ports that connect to IA clients:

 

	Command	Purpose
Step 1	Router(config)# interface range first_10ge_port, last_10ge_port	Selects the ports to configure.
Step 2	Router(config-if)# switchport	Configures the port channel interface for Layer 2 switching.
Step 3	Router(config-if)# switchport mode fex-fabric	Configures the port channel interface to support IA clients.
Step 4	Router(config-if)# channel-group group_number mode on	Configures the LAN port in an IA Client port channel and configures the mode as on.

---

Note More links can be added to the channel group at any time.

---

This example shows how to configure 10 Gigabit Ethernet ports 1/2/5 and 2/2/5 into port channel 118 with mode on :

Router# configure terminal

Router(config)# interface range tengigabitethernet 1/2/5, 2/2/5

Router(config-if)# switchport

Router(config-if)# switchport mode fex-fabric

Router(config-if)# channel-group 118 mode on

Router(config-if)# end

 

This example shows how to verify the IA configuration when the IA client is connected:

Router# show fex 118 detail

FEX: 118 Description: FEX0118 state: online

FEX version: version_string

Extender Model: C6800IA-48TD, Extender Serial: serial_number

FCP ready: yes

Image Version Check: enforced

Fabric Portchannel Ports: 2

Fabric port for control traffic: Te1/2/5

Fabric interface state:

Po20 - Interface Up.

Te1/2/5 - Interface Up. state: bound

Te2/2/5 - Interface Up. state: bound

Renumbering FEX Switch-ID

The renumbering of IA clients can be managed using switch-id allocation from controller, after stack boot up. Also, a priority can be assigned to the FEX members to take over as the master switch.

The following conditions must exist for successful execution of FEX switch-id allocation:

– For renumbering, the source slot should be online and the target slot should be offline.

– If the source slot FEX type is different than target slot FEX type, the interface configurations will be lost if you proceed with renumbering.

– Same target slot cannot be used for renumbering multiple source slots.

– Same source slot cannot be renumbered to multiple target slot.

– You can enter multiple renumbering entries along with different swapping scenarios.

– When priority is modified for a member IA, the whole stack will reload.

– During In Service Software Upgrade (ISSU) process, switch-id renumbering or priority changes are not allowed.

To renumber FEX switch-id and assign priority, perform this task:

 

	Command	Purpose
Step 1	Switch# module provision update fex fex_id	Enters into switch renumber sub-mode.
Step 2	Switch(exec-fex-update)# renumber source_slot to target_slot	Renumbers source_slot to target_slot
Step 3	Switch(exec-fex-update)# priority source_slot value number	Assigns the mentioned priority number to the source_slot.
Step 4	Switch(exec-fex-update)# commit	Commits all entries entered under exec-fex-update sub-mode.

---

Note After the commit operation, you will be prompted whether you want to release the old source-vslot or not. This confirmation will not be asked only in a switch-id swap scenario (for example, renumber 1 to 2 and renumber 2 to 1) because both renumbering are done in a single commit operation.

---

To renumber FEX switch-id when scale is set to maximum FEX slots, perform this task:

 

	Command	Purpose
Step 1	Switch# module provision update fex fex_id temp-vslot-allow enable	When maximum vslots are already allocated, temp-vslot-allow will enable the temporary vslot module to come online.
Step 2	Switch# module provision update fex fex_id	Enters into switch renumber sub-mode.
Step 3	Switch(exec-fex-update)# renumber source_slot to target_slot	Renumbers source_slot to target_slot
Step 4	Switch(exec-fex-update)# priority source_slot value number	Assigns the mentioned priority number to the source_slot.
Step 5	Switch(exec-fex-update)# commit	Commits all entries entered under exec-fex-update sub-mode.
Step 6	Switch# module provision update fex fex_id temp-vslot-allow disable	Disables the temporary vslot module to go offline.

---

Note After the commit operation, you will be prompted whether you want to release the old source-vslot or not. This confirmation will not be asked only in a switch-id swap scenario (for example, renumber 1 to 2 and renumber 2 to 1) because both renumbering are done in a single commit operation.

---

Example: Renumbering FEX switch-id and setting priority

Switch# module provision update fex 101

Switch(exec-fex-update) renumber 3 to 4

Switch(exec-fex-update) priority 2 value 1

%FEX 101 will reload upon commit.

Are you sure you want to proceed? [no]: yes

Switch(exec-fex-update)#commit

%Do you want to release FEX 101 module 3 source interface configs(vslot) after module offline? [no]: yes

%FEX 101 All modules will reload.

Are you sure you want to proceed? [no]: yes

Example: Identifying if temporary vslot is online

This example shows how to identify when a particular temporary FEX vslot is online:

Switch# show fex system platform usage

FEX id usage details

Fex-ids inuse: 150

Fex-ids online: 150

Total Used Free

----- ---- ----

42 1 41

FEX slot usage details

FEX-id Switch-id Vslot Pslot Status

------ --------- ----- ----- ------

150 3 51 2 In-use

150 3 52 3 In-use

150 3 53 5 Reserved

150 3 55 4 In-use

150 3 92 1 Temp-In-use

Total Used Reserved Temp-Use/Free Free

----- ---- -------- ------------- ----

47 3 1 1/4 42

Current Temp vslot allowed FEXs: 150

Current Temp VSLOT usage:

------------------------

FEX 150 module 1

FEX ports usage details

FEX-id Switch-id Ports

------ --------- -----

150 3 192

Total Used Free

----- ---- ----

2016 192 1824

Stack members usage details

FEX-id Switch-id Used Free

 

Example: Identifying FEX IDs where temp-vslot-allow command is enabled

This example verifies the active entries under sub-mode and also the FEX IDs on which "temp-vslot-allow" is enabled.

Switch(exec-fex-update)#show

Current module renumber mappings for FEX 101

--------------------------------------------

renumber 1 to 2

Current module Priority mappings for FEX 101

--------------------------------------------

priority 1 value 15

Temp vslots allowed:YES

Current Temp vslot allowed FEXs:101

Switch(exec-fex-update)#

 

Configure IA Clients

The configuration for IA clients can be entered on the IA parent before or after the IA clients are connected. IA client 10-Gigabit Ethernet ports require no configuration. IA client Gigabit Ethernet ports use this format:

gigabitethernet / fex_number / access_switch_number /0/ port_number

– fex_number —The IA client FEX number:

—Maximum of 12 IA FEX number s.

—The valid value range is 101–199.

– access_switch_number —The access switch number:

—The valid values are 1, 2, or 3.

—Multiple-switch stacks assign incrementing switch numbers to themselves.

—See the “Identify Connected IA Client Stack Modules” section.

– The third interface parameter is always zero.

– The port_number valid value range is 1–48.

---

Note ● IA client configuration does not persist if the access switch number changes.

• The interface-range configuration mode supports IA clients ports (see “How to Configure a Range of Interfaces” section)

---

 

Display or Clear SDP and SRP Traffic

To display the counters that record the SDP packet traffic on IA client 118, enter the following command:

Router# show fex 118 protocol | incl SDP
130 SDP pkts sent

129 SDP pkts received

130 SDP pkts sent

129 SDP pkts received

 

---

Note The command displays a sent and received value for each link in the IA channel group.

---

To clear the protocol counters, enter the clear fex fex_number { sdp | srp } command.

Configure the Custom Location Type Feature

You can configure the custom location type feature for the IA client in IA client configuration mode. See these publications for information about the location command:

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.html

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-e1.html

---

Note The location commands support the optional fex-location keyword for IA clients.

---