Licensing Requirements
For a complete explanation of Cisco NX-OS licensing recommendations and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide.
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
For a complete explanation of Cisco NX-OS licensing recommendations and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide.
The Cisco NX-OS software consists of the NXOS software image (nxos.9.2.2t.bin). This image runs on all Cisco Nexus 3400-S Series switches.
The Cisco NX-OS software interoperates with Cisco products that run any variant of the Cisco IOS software. The Cisco NX-OS software also interoperates with any networking operating system that conforms to the IEEE and RFC compliance standards.
The Cisco Nexus 3400-S Series switches support a two-tier spine/leaf topology.
The following figure shows an example of a spine/leaf topology with four leaf switches connecting into two spine switches and two Ethernet uplinks from each leaf to each spine.
The Cisco NX-OS software supports distributed multithreaded processing on symmetric multiprocessors (SMPs) and multi-core CPUs. The modular processes are created on demand, each in a separate protected memory space. Processes are started and system resources are allocated only when you enable a feature. A real-time preemptive scheduler helps to ensure the timely processing of critical functions.
The Cisco NX-OS software has serviceability functions that allow the device to respond to network trends and events. These features help you with network planning and improving response times.
Ethanalyzer is a Cisco NX-OS protocol analyzer tool based on the Wireshark (formerly Ethereal) open source code. Ethanalyzer is a command-line version of Wireshark for capturing and decoding packets. You can use Ethanalyzer to troubleshoot your network and analyze the control-plane traffic. .
The Call Home feature continuously monitors hardware and software components to provide e-mail-based notification of critical system events. A versatile range of message formats is available for optimal compatibility with pager services, standard e-mail, and XML-based automated parsing applications. It offers alert grouping capabilities and customizable destination profiles. You can use this feature, for example, to directly page a network support engineer, send an e-mail message to a network operations center (NOC), and employ Cisco AutoNotify services to directly generate a case with the Cisco Technical Assistance Center (TAC). For more information about Smart Call Home, see the Cisco Nexus 3400-S Series NX-OS System Management Configuration Guide.
Cisco generic online diagnostics (GOLD) verify that hardware and internal data paths are operating as designed. Boot-time diagnostics, continuous monitoring, and on-demand and scheduled tests are part of the Cisco GOLD feature set. GOLD allows rapid fault isolation and continuous system monitoring. For information about configuring GOLD, see the Cisco Nexus 3400-S Series NX-OS System Management Configuration Guide.
Cisco Embedded Event Manager (EEM) is a device and system management feature that helps you to customize behavior based on network events as they happen. For information about configuring EEM, see the Cisco Nexus 3400-S Series NX-OS System Management Configuration Guide.
This section describes the manageability features for the Cisco Nexus 3400-S Series switches.
The Cisco NX-OS software is compliant with Simple Network Management Protocol (SNMP) version 1, version 2, and version 3. A large number of MIBs is supported. For more information about SNMP, see the Cisco Nexus 3400-S Series NX-OS System Management Configuration Guide.
The Cisco NX-OS software allows you to verify the consistency of a configuration and the availability of necessary hardware resources prior to committing the configuration. You can preconfigure a device and apply the verified configuration at a later time. Configurations also include checkpoints that allow you to roll back to a known good configuration as needed. For more information about rollbacks, see the Cisco Nexus 3400-S Series NX-OS System Management Configuration Guide.
With role-based access control (RBAC), you can limit access to device operations by assigning roles to users. You can customize access and restrict it to the users who require it. For more information about RBAC, see the Cisco Nexus 3400-S Series NX-OS Security Configuration Guide.
You can use these methods to configure Cisco NX-OS devices:
This section describes the programmability features for the Cisco Nexus 3400-S Series switches.
Python is an easy-to-learn, powerful programming language. It has efficient high-level data structures and a simple but effective approach to object-oriented programming. Python's elegant syntax and dynamic typing, together with its interpreted nature, make it an ideal language for scripting and rapid application development in many areas on most platforms. The Python interpreter and the extensive standard library are freely available in source or binary form for all major platforms from the Python website: http://www.python.org/. The Python scripting capability gives programmatic access to the CLI to perform various tasks and Power-On Auto Provisioning (POAP) or Embedded Event Manager (EEM) actions. For more information about the Python API and Python scripting, see the Cisco Nexus 3400-S Series NX-OS Programmability Guide.
Tool Command Language (Tcl) is a scripting language. With Tcl, you gain more flexibility in your use of the CLI commands on the device. You can use Tcl to extract certain values in the output of a show command, perform switch configurations, run Cisco NX-OS commands in a loop, or define EEM policies in a script.
The Cisco NX-API provides web-based programmatic access to the Cisco Nexus 3400-S Series switches. This support is delivered through the NX-API open-source web server. The Cisco NX-API exposes the complete configuration and management capabilities of the command-line interface (CLI) through web-based APIs. You can configure the switch to publish the output of the API calls in either XML or JSON format. For more information about the Cisco NX-API, see the Cisco Nexus 3400-S Series NX-OS Programmability Guide.
Note |
NX-API performs authentication through a programmable authentication module (PAM) on the switch. Use cookies to reduce the number of PAM authentications and thus reduce the load on PAM. |
The Cisco Nexus 3400-S Series switches support direct Linux shell access. With Linux shell support, you can access the Linux system on the switch in order to use Linux commands and manage the underlying system. For more information about Bash shell support, see the Cisco Nexus 3400-S Series NX-OS Programmability Guide.
The Cisco Nexus 3400-S platform switches consist of the following:
Cisco Nexus 3408-S, which is a 4-RU switch with 8 module slots. The module slots can accept a mix of line-card expansion modules (LEMs) for extra high-speed connectivity.
Cisco Nexus 3432D-S, which is a 1-RU chassis switch with a fixed port configuration. This switch has no module slots or LEMs.
Cisco Nexus 3400-S platform switches use Innovium Teralynx ASICs, which exist on the switch motherboard. A specific shell enables access directly to the ASICs, or passing ASIC commands to the shell from Cisco NX-OS. This shell is the Innovium shell (innoshell).
This section describes the traffic routing, forwarding, and management features supported by the Cisco NX-OS software.
The Cisco NX-OS software supports high-density, high-performance Ethernet systems and provides the following Ethernet switching features:
IEEE 802.1D-2004 Rapid and Multiple Spanning Tree Protocols (802.1w and 802.1s)
IEEE 802.1Q VLANs and trunks
IEEE 802.3ad link aggregation
Unidirectional Link Detection (UDLD) in aggressive and standard modes
For more information, see the Cisco Nexus 3400-S Series NX-OS Interfaces Configuration Guide and the Cisco Nexus 3400-S Series NX-OS Layer 2 Switching Configuration Guide.
The Cisco NX-OS software supports IP version 4 (IPv4) and IP version 6 (IPv6) and the following routing protocols:
Open Shortest Path First (OSPF) Protocol Versions 2 (IPv4) and 3 (IPv6)
Intermediate System-to-Intermediate System (IS-IS) Protocol (IPv4 and IPv6)
Border Gateway Protocol (BGP) (IPv4 and IPv6)
Enhanced Interior Gateway Routing Protocol (EIGRP) (IPv4 only)
Routing Information Protocol Version 2 (RIPv2) (IPv4 only)
The Cisco NX-OS software implementations of these protocols are fully compliant with the latest standards and include 4-byte autonomous system numbers (ASNs) and incremental shortest path first (SPF). All unicast protocols support Non-Stop Forwarding Graceful Restart (NSF-GR). All protocols support all interface types, including Ethernet interfaces, VLAN interfaces, subinterfaces, port channels, and loopback interfaces.
For more information, see the Cisco Nexus 3400-S Series NX-OS Unicast Routing Configuration Guide.
The following IP services are available in the Cisco NX-OS software:
Virtual routing and forwarding (VRF)
Dynamic Host Configuration Protocol (DHCP) helper
Hot Standby Router Protocol (HSRP)
Enhanced object tracking
Unicast graceful restart for all protocols in IPv4 unicast graceful restart for OPSFv3 in IPv6
For more information, see the Cisco Nexus 3400-S Series NX-OS Unicast Routing Configuration Guide.
The Cisco NX-OS software supports quality of service (QoS) functions for classification, marking, queuing, policing, and scheduling. Modular QoS CLI (MQC) supports all QoS features. You can use MQC to provide uniform configurations across various Cisco platforms. For more information, see the Cisco Nexus 3400-S Series NX-OS Quality of Service Configuration Guide.
The Cisco NX-OS software includes the following security features:
Control Plane Policing (CoPP)
Message-digest algorithm 5 (MD5) routing protocol authentication
Authentication, authorization, and accounting (AAA)
RADIUS and TACACS+
SSH Protocol Version 2
SNMPv3
Policies based on MAC and IPv4 addresses supported by named ACLs (port-based ACLs [PACLs], VLAN-based ACLs [VACLs], and router-based ACLs [RACLs])
Traffic storm control (unicast, multicast, and broadcast)
For more information, see the Cisco Nexus 3400-S Series NX-OS Security Configuration Guide.
This table lists the IEEE compliance standards.
Standard |
Description |
---|---|
802.1D |
MAC Bridges |
802.1p |
Class of Service Tagging for Ethernet frames |
802.1Q |
VLAN Tagging |
802.1s |
Multiple Spanning Tree Protocol |
802.1w |
Rapid Spanning Tree Protocol |
802.3ab |
1000Base-T (10/100/1000 Ethernet over copper) |
802.3ad |
Link aggregation with LACP |
802.3ae |
10-Gigabit Ethernet |
This table lists the RFC compliance standards. For information on each RFC, see www.ietf.org.
Standard |
Description |
||
---|---|---|---|
BGP |
|||
BGP Communities Attribute |
|||
Protection of BGP Sessions via the TCP MD5 Signature Option |
|||
BGP Route flap damping |
|||
A Framework for Inter-Domain Route Aggregation |
|||
Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing |
|||
Multiprotocol Extensions for BGP-4 |
|||
Route Refresh Capability for BGP-4 |
|||
Autonomous System Confederations for BGP |
|||
Capabilities Advertisement with BGP-4 |
|||
BGP version 4 |
|||
BGP4 MIB - Definitions of Managed Objects for BGP-4 |
|||
BGP Route Reflection: An Alternative to Full Mesh Internal BGP (IBGP) |
|||
Subcodes for BGP cease notification message |
|||
Graceful Restart Mechanism for BGP |
|||
BGP Support for Four-octet AS Number Space |
|||
Avoid BGP Best Path Transitions from One External to Another |
|||
Textual Representation of Autonomous System (AS) Numbers
|
|||
Advertising IPv4 Network Layer Reachability Information with an IPv6 Next Hop |
|||
4-Octet AS Specific BGP Extended Community |
|||
ietf-draft |
Bestpath transition avoidance (draft-ietf-idr-avoid-transition-05.txt) |
||
ietf-draft |
Peer table objects (draft-ietf-idr-bgp4-mib-15.txt) |
||
ietf-draft |
Dynamic Capability (draft-ietf-idr-dynamic-cap-03.txt) |
||
IP Services |
|||
UDP |
|||
TFTP |
|||
IP |
|||
ICMP |
|||
TCP |
|||
ARP |
|||
Telnet |
|||
FTP |
|||
Proxy ARP |
|||
NTP v3 |
|||
CIDR |
|||
BootP relay |
|||
DNS client |
|||
IPv4 routers |
|||
DHCP Helper |
|||
VRRP |
|||
IS-IS |
|||
RFC 1142 (OSI 10589) |
OSI 10589 Intermediate system to intermediate system intra-domain routing exchange protocol |
||
Use of OSI IS-IS for routing in TCP/IP and dual environment |
|||
Dynamic Hostname Exchange Mechanism for IS-IS |
|||
Domain-wide Prefix Distribution with Two-Level IS-IS |
|||
IS-IS Mesh Groups |
|||
IS-IS Transient Blackhole Avoidance |
|||
Three-Way Handshake for IS-IS Point-to-Point Adjacencies |
|||
IS-IS Cryptographic Authentication |
|||
Restart Signaling for IS-IS |
|||
ietf-draft |
Internet Draft Point-to-point operation over LAN in link-state routing protocols (draft-ietf-isis-igp-p2p-over-lan-06.txt) |
||
OSPF |
|||
OSPF Version 2 |
|||
OSPF Opaque LSA Option |
|||
OSPF for IPv6 (OSPF version 3) |
|||
OSPF Not-So-Stubby-Area (NSSA) Option |
|||
OSPF Stub Router Advertisement |
|||
Alternative Implementations of OSPF Area Border Routers |
|||
Graceful OSPF Restart |
|||
OSPF Version 2 MIB |
|||
RIP |
|||
RIPv2 MIB extension |
|||
RIPv2 MD5 Authentication |
|||
RIP Version 2 |
|||
SNMP |
|||
Textual Conventions for SMIv2 |
|||
Remote Network Monitoring Management Information Base |
|||
The Interfaces Group MIB |
|||
The BSD syslog Protocol |
|||
InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks |
|||
An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks |
|||
Simple Network Management Protocol (SNMP) Applications |
|||
Transport Mappings for the Simple Network Management Protocol (SNMP) |