- Finding Feature Information
- Licensing for Cisco RISE
- Prerequisites for Configuring RISE
- Guidelines and Limitations
- Default Settings for RISE
- Accessing the Switch and Appliance Interfaces
Configuring
RISE
This chapter describes how to configure the Remote Integrated Service Engine (RISE) feature on the Cisco Nexus 5600 Series switches and the Cisco NetScaler Application Delivery Controller (ADC) appliance. The Cisco NX-OS software supports the Cisco Nexus 5600 Series switches, which includes the Cisco Nexus 5600 Series switches. You can find detailed information about supported hardware in the Cisco Nexus 5600 Series Hardware Installation and Reference Guide.
This chapter includes the following sections:
- Finding Feature Information
- Licensing for Cisco RISE
- Prerequisites for Configuring RISE
- Guidelines and Limitations
- Default Settings for RISE
- Accessing the Switch and Appliance Interfaces
- Configuring Cisco RISE in a Direct Mode Deployment
- Configuring RISE in an Indirect Mode Deployment
- Configuring RISE in vPC Mode (Recommended Deployment Mode)
- Verifying the RISE Configuration
- Monitoring Cisco RISE
- Configuration Examples for RISE
- Related Documents
- Feature History for RISE
Finding Feature Information
Your software release might not support all the features documented in this module. For the latest caveats and feature information, see the Bug Search Tool at https://tools.cisco.com/bugsearch/ and the release notes for your software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the “New and Changed Information” chapter or the Feature History table below.
Licensing for Cisco RISE
Product | License Requirements |
---|---|
Cisco NX-OS |
The Cisco Remote Integrated Services Engine (RISE) requires the Network Services Package on the Cisco Nexus 5600 Series switch. The NETWORK_SERVICES_PKG license is available starting with Cisco NX-OS Release 7.2(0)N1(1). If you need to use RISE and ITD features with the Cisco NX-OS Release 7.1(1)N1(1), please use the ENHANCED_LAYER2_PKG license. For a complete explanation of the Cisco NX-OS licensing scheme and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide. |
Citrix Citrix Netscaler Application Delivery Controller (ADC) operation system |
The Cisco Remote Integrated Services Engine (RISE) does not require a license on the Citrix NetScaler Application Delivery Controller (ADC) appliance for auto-attach. Advanced features, such as auto policy-based routing (APBR), require the NetScaler Platinum or Enterprise license on the Citrix NetScaler Application Delivery Controller (ADC) appliance. To display the license status, use the show license command in the NetScaler command line interface |
Prerequisites for Configuring RISE
The RISE feature has the following prerequisites:
-
Cable and power up the NetScaler Application Delivery Controller (ADC) appliance. See the “Preparing for RISE Integration” chapter for information on connecting the Cisco NetScaler Application Delivery Controller (ADC) appliance.
-
For direct connect mode, create an interface or port channel on the Cisco Nexus 5600 Series switch and add all relevant management and data VLANs for the NetScaler Application Delivery Controller (ADC) appliance. See the Cisco Nexus 5600 Series NX-OS Interfaces Configuration Guideor information.
- For indirect connect mode, the RISE-enabled appliance must be configured with IP connectivity to the Cisco Nexus switch with Layer 2 adjacency.
Guidelines and Limitations
This section includes the following topics:
Guidelines and Limitations for Configuring RISE
RISE has the following guidelines and limitations:
-
Cisco NX-OS Release 7.1(1)N1(1) supports the Cisco Remote Integrated Services Engine (RISE) on the following Fabric Extenders: -
Auto-discovery, bootstrap, and auto port configuration are supported only in the direct connect and vPC direct connect modes. In indirect connect mode, manual configuration is required at each end on the Cisco Nexus 5600 Series switches and the Citrix NetScaler Application Delivery Controller (ADC) appliance in order to establish control channel connectivity and for the discovery and bootstrap process to occur.
- When the Citrix NetScaler Application Delivery Controller (ADC) appliance is indirectly connected to the Cisco Nexus 5600 Series switch, the service or management VLAN on the Citrix NetScaler Application Delivery Controller (ADC) appliance must establish the TCP RISE control channel with the Cisco Nexus 5600 Series switches.
-
You can create up to 32 RISE services. However, the number of active RISE services that are supported is limited by the Cisco NX-OS software. In Cisco NX-OS Release 7.1(1)N1(1), only 16 active RISE services are supported. Before Cisco NX-OS Release 7.1(1)N1(1), only 8 active RISE services are supported.
-
Multiple instances of RISE services are supported per VDC.
-
VLANs cannot be shared across virtual device contexts (VDCs) in a RISE deployment.
-
After the RISE service is enabled on the Cisco Nexus 5600 Series switch, a service vlan-group must be created and associated to the RISE service to specify the data VLANs to be used on the Citrix NetScaler Application Delivery Controller (ADC) appliance.
-
Control Plane Policing (CoPP) limits the number of packets that can be handled by a Cisco Nexus 5600 Series switch at one time. CoPP policies for RISE ports 8000 and 8001 are enabled by default as part of the (default) CoPP profiles.
Default Settings for RISE
Parameter | Default |
---|---|
RISE mode |
Disabled |
CoPP |
CoPP policies for RISE ports 8000 and 8001 are enabled by default. |
Accessing the Switch and Appliance Interfaces
This section provides information on how to access the command-line interface (CLI) for the Cisco Nexus Series 5600 Series switch and the CLI and GUI for the Citrix NetScaler Application Delivery Controller (ADC) appliance. The switch and appliance interfaces enable you to perform many administrative tasks, including configuring the RISE feature.
Before logging into the interfaces, ensure that you have completed the installation process outlined in the “Preparing for RISE Integration” chapter.
This section includes the following topics:
- Accessing the Cisco Nexus 5600 Series Switch
- Accessing the Citrix Netscaler Application Delivery Controller (ADC) Appliance
Accessing the Cisco Nexus 5600 Series Switch
After the Cisco Nexus 5600 Series switch boots up, you can access the command-line interface (CLI). See the Cisco Nexus 5600 Series NX-OS Fundamentals Configuration Guide for more information on using the CLI.
To log onto the CLI through the console port, follow these steps:
Accessing the Citrix Netscaler Application Delivery Controller (ADC) Appliance
A Citrix NetScaler appliance has both a command line interface (CLI) and a graphical user interface (GUI). The GUI includes a configuration utility for configuring the appliance and a Dashboard for monitoring Netscaler performance. For initial access, all appliances ship with the default NetScaler IP address (NSIP) of 192.168.100.1 and default subnet mask of 255.255.0.0. You can assign a new NSIP and an associated subnet mask during initial configuration.
Note | If you are using the direct connect mode to connect the appliance to the Cisco Nexus switch, you are not required to access the Citrix Netscaler Application Delivery Controller (ADC) appliance to configure RISE. For direct connect mode, the IP address and VLAN for management are pushed from the Cisco Nexus switch as part of RISE simplified provisioning. |
Access Method | Port | Default IP Address Required? |
---|---|---|
CLI | Console | No |
CLI and GUI | Ethernet | Yes |
- Using the Netscaler CLI
- Using the Netscaler GUI
- Using the NetScaler Configuration Utility
- Using the Statistical Utility
Using the Netscaler CLI
You can access the CLI either locally by connecting a workstation to the console port or remotely by connecting through Secure Shell (SSH) from any workstation on the same network.
Note | To access Citrix eDocs, see the Citrix eDocs listing page for NetScaler 10.1 at http://support.citrix.com/proddocs/topic/netscaler/ns-gen-netscaler10-1-wrapper-con.html. |
This section includes the following topics:
Logging onto the CLI Using the Console Port
The appliance has a console port for connecting to a computer workstation. To log on to the appliance, you need a serial crossover cable and a workstation with a terminal emulation program.
To log onto the CLI through the console port, follow these steps:
Logging into the Appliance CLI Using SSH
The SSH protocol is the recommended remote access method for accessing the command-line interface (CLI) of an appliance remotely from any workstation on the same network. You can use either SSH version 1 (SSH1) or SSH version 2 (SSH2). To verify that the SSH client is installed properly, use it to connect to any device on your network that accepts SSH connections.
To log onto the CLI using SSH, follow these steps:
Step 1 | On your workstation, start the SSH client. |
Step 2 | For initial configuration, use the default NetScaler IP (NSIP) address, which is 192.168.100.1. For subsequent access, use the NSIP that was assigned during initial configuration. Select either SSH1 or SSH2 as the protocol. For information on initial configurations, see the Citrix eDoc, Configuring a NetScaler for the First Time. To access Citrix eDocs, see the Citrix eDocs listing page for NetScaler 10.1 at http://support.citrix.com/proddocs/topic/netscaler/ns-gen-netscaler10-1-wrapper-con.html. |
Step 3 | Log on by using
the administrator credentials. For initial configuration, use
nsroot as both
the username and password. For example:
login as: nsroot Using keyboard-interactive authentication. Password: Last login: Tue Jun 16 10:37:28 2009 from 10.102.29.9 Done > |
Using the Netscaler GUI
The graphical user interface (GUI) includes a configuration utility and a statistical utility, called the Dashboard, either of which you access through a workstation connected to an Ethernet port on the appliance. If your computer does not have a supported Java plug-in installed, the utility prompts you to download and install the plug-in the first time you log on. If automatic installation fails, you can install the plug-in separately before you attempt to log on to the configuration utility or Dashboard.
Note | Your workstation must have a supported web browser and version 1.6 or above of the Java applet plug-in installed to access the configuration utility and Dashboard. |
Using the NetScaler Configuration Utility
After you log on to the configuration utility, you can configure the appliance through a graphical interface that includes context-sensitive help.
If your computer does not have a supported Java plug-in installed, the first time you log on to the appliance, the configuration utility prompts you to download and install the plug-in.
Note | Before installing the Java 2 Runtime Environment, make sure that you have installed the full set of required operating system patches needed for the current Java release. |
To log onto the configuration utility, follow these steps:
Using the Statistical Utility
The Dashboard is a browser-based application that displays charts and tables on which you can monitor NetScaler performance.
To log onto Dashboard, follow these steps:
Step 1 | Open your web browser and enter the NetScaler appliance's NSIP address as an HTTP address (http://<NSIP>). The Citrix Logon page appears. |
Step 2 | In the User Name text box, enter nsroot. |
Step 3 | In the Password text box, enter the administrative password that you assigned to the nsroot account during the initial configuration. |
Step 4 | In the Start in list, choose Dashboard and then choose Login. For more information, see the Citrix eDoc, Accessing a Citrix NetScaler. To access Citrix eDocs, see the Citrix eDocs listing page for NetScaler 10.1 at http://support.citrix.com/proddocs/topic/netscaler/ns-gen-netscaler10-1-wrapper-con.html. |
Configuring Cisco RISE in a Direct Mode Deployment
In a direct mode deployment, the service appliance, such as Citrix Netscaler Application Delivery Controller (ADC) appliance, is attached to a single Nexus 5600 Series switch. The switch can be standalone device or a VPC peer (recommended deployment). The following figure shows the topology for a direct mode deployment for a standalone Cisco Nexus switch.
Note | This task describes how to configure a standalone Cisco Nexus switch in a direct mode deployment. After configuring the Cisco Remote Integrated Services Engine (RISE) on the Cisco Nexus 5600 Series switch, the appliance that is directly connected to the standalone switch is automatically configured for RISE mode and all of its ports are in operation mode. No configuration is required on the appliance in a direct mode deployment. |
To configure a switch that is a vPC peer in a direct mode deployment, see the “Configuring RISE in a vPC Mode Deployment” section.
-
To enable auto-discovery of the appliance by the switches, use the no shutdown command to ensure that the physical ports are up by default.
-
Interconnect the ports on the appliance with the standalone or port channel of the switch.
-
Ensure that all of the switch ports to which the appliance is connected are dedicated to the appliance.
-
Make sure that you are in the correct VDC on the Cisco Nexus switch. To switch VDCs, use the switchto vdc command.
Command or Action | Purpose | |||||
---|---|---|---|---|---|---|
Step 1 | switch# configure terminal |
Enters global configuration mode. | ||||
Step 2 | switch(config)# feature rise |
Enables the RISE feature on the Cisco Nexus 5600 Series switch. | ||||
Step 3 | switch(config)# service vlan-group group-number vlan-range |
Creates a VLAN group for the NetScaler appliance data VLANs on the Cisco Nexus 5600 Series switch. The range for the VLAN group is from 1 to 32, and the range for the configured VLANs is from 1 to 3967. You can enter the vlan-range using a comma (,), a dash (-), and the numbers. | ||||
Step 4 | switch(config)# service type rise name service-name mode direct |
Creates a RISE service instance, enters the RISE configuration mode on the Cisco Nexus 5600 Series switch, and specifies that the appliance is directly connected to the switch in order to establish RISE connectivity. You can enter up to 31 alphanumeric characters for the name of the RISE service instance. | ||||
Step 5 | switch(config-rise)# vlan vlan-id |
| ||||
Step 6 | switch(config-rise)# ip ip-address netmask |
Specifies the IP address of the Citrix Netscaler Application Delivery Controller (ADC) appliance that is directly connected to the Cisco Nexus 5600 Series switch. This IP address controls message communication with the supervisor over the RISE port channel. The same IP address can be used for the management IP address of NetScaler appliance. | ||||
Step 7 | switch(config-rise)# vlan group vlan-group |
Specifies the RISE VLAN group to be used by Citrix Netscaler Application Delivery Controller (ADC) appliance. The range is from 1 to 32.
| ||||
Step 8 | Use one of the following: |
| ||||
Step 9 | switch(config-rise)# no shutdown |
| ||||
Step 10 | switch(config-rise)# show module service | (Optional) Displays the status of the RISE service module on the Cisco Nexus 5600 Series switch. If the RISE service module is operational, the status that is displayed is “active.” | ||||
Step 11 | switch(config-rise)# attach rise {slot slot-number | name name} | (Optional) Connects the Cisco Nexus 5600 Series switch to the RISE service module and generates a RISE session from the switch, which allows Telnet access.
| ||||
Step 12 | switch(config-rise)# show rise |
Displays the RISE configuration status on the Cisco Nexus 5600 Series switch. If RISE is configured on the switch, the state that is displayed is “active.” |
Note | After configuring RISE on the Cisco Nexus 5600 Series switch, the Citrix Netscaler Application Delivery Controller (ADC) appliance that is directly connected to the switch is automatically configured for RISE mode and all of its ports are in operation mode. No further configuration is required to deploy RISE on the Citrix Netscaler Application Delivery Controller (ADC) appliance. |
Configuring RISE in an Indirect Mode Deployment
In an indirect mode deployment, a virtual service appliance, such as Citrix NetScaler Application Delivery Controller (ADC) appliance, is connected to a Cisco Nexus 5600 Series switch through a switched Layer 2 network. The topology in the following figure is for an indirect mode deployment.
This section includes the following topics:
- Configuring RISE on the Cisco Nexus Switch
- Configuring NSIP on the Appliance
- Configuring a NSVLAN on Citrix NetScaler Application Delivery Controller (ADC) Appliance
Configuring RISE on the Cisco Nexus Switch
-
Enable and configure the Cisco Nexus switches as vPC peers. See the Cisco Nexus 5600 Series NX-OS Interfaces Configuration Guide for information. The following parameters must be the same on both Cisco Nexus switches:
-
Make sure that you are in the correct VDC on the Cisco Nexus switch. To switch VDCs, use the switchto vdc command.
Command or Action | Purpose | |||||
---|---|---|---|---|---|---|
Step 1 | switch# configure terminal |
Enters global configuration mode. | ||||
Step 2 | switch(config)# feature rise |
Enables the RISE feature on the Cisco Nexus 5600 Series switch. | ||||
Step 3 | switch(config)# service vlan-group group-number vlan-range |
Creates a VLAN group for the Citrix NetScaler Application Delivery Controller (ADC) appliance data VLANs on the Cisco Nexus 5600 Series switch. The range for the VLAN group is from 1 to 32, and the range for the configured VLANs is from 1 to 3967. You can enter the vlan-range using a comma (,), a dash (-), and the numbers. | ||||
Step 4 | switch(config)# service type rise name service-name mode indirect |
Creates a RISE service instance, enters the RISE configuration mode on the Cisco Nexus 5600 Series switch, and specifies that the appliance is indirectly connected to the switch in order to establish RISE connectivity. You can enter up to 31 alphanumeric characters for the name of the RISE service instance. | ||||
Step 5 | switch(config-rise)# vlan vlan-id |
| ||||
Step 6 | switch(config-rise)# ip ip-address netmask |
Specifies the IP address of the Citrix NetScaler Application Delivery Controller (ADC) appliance that is directly connected to the Cisco Nexus 5600 Series switch. This IP address controls message communication with the supervisor over the RISE port channel. The same IP address can be used for the management IP address of NetScaler appliance. | ||||
Step 7 | switch(config-rise)# vlan group vlan-group |
Specifies the RISE VLAN group to be used by Citrix NetScaler Application Delivery Controller (ADC) appliance. The range is from 1 to 32.
| ||||
Step 8 | switch(config-rise)# no shutdown |
| ||||
Step 9 | switch(config-rise)# show module service | (Optional) Displays the status of the RISE service module on the Cisco Nexus 5600 Series switch. If the RISE service module is operational, the status that is displayed is “active.” | ||||
Step 10 | switch(config-rise)# attach rise {slot slot-number | name name} | (Optional) Connects the Cisco Nexus 5600 Series switch to the RISE service module and generates a RISE session from the switch, which allows Telnet access.
| ||||
Step 11 | switch(config-rise)# show rise |
Displays the RISE configuration status on the Cisco Nexus 5600 Series switch. If RISE is configured on the switch, the state that is displayed is “active.” |
Configuring NSIP on the Appliance
The NetScaler management IP address (NSIP) is the IP address for management and general system access to the Citrix NetScaler Application Delivery Controller (ADC) appliance and for high availability (HA) communication.
Configuring NSIP Using the CLI
You can configure the NSIP on your appliance by using either the configuration prompts or the command-line interface (CLI).
Note | To prevent an attacker from impeding your ability to send packets to the appliance, choose a nonroutable IP address on your organization's LAN as your appliance IP address. |
Ensure that a port channel is configured on the appliance and that the appliance's physical ports are mapped to this port channel.
Example: The following example shows how to configure the NSIP using the CLI: set ns config -ipaddress 10.102.29.60 -netmask 255.255.255.0 add ns ip 10.102.29.61 255.255.255.0 -type snip add route 0.0.0.0 0.0.0.0 10.102.29.1 save ns |
Configuring NSIP Using the Configuration Utility
Step 1 | Navigate to System > Settings. |
Step 2 | In the details pane, under Settings, click Change NSIP Settings. |
Step 3 | In the Configure NSIP Settings dialog box, set the parameters. For a description of a parameter, hover the mouse cursor over the corresponding field. |
Step 4 | Under Interfaces, choose the interfaces from the Available Interfaces list and click Add to move them to the Configured Interfaces list. |
Step 5 | Click OK. In the Warning dialog box, click OK. The configuration takes effect after the Citrix NetScaler Application Delivery Controller (ADC) appliance is restarted. |
Configuring a NSVLAN on Citrix NetScaler Application Delivery Controller (ADC) Appliance
The NSVLAN is a VLAN to which the NetScaler management IP (NSIP) address's subnet is bound. The NSIP subnet is available only on interfaces that are associated with NSVLAN. By default, NSVLAN is VLAN1, but you can designate a different VLAN as NSVLAN. If you designate a different VLAN as an NSVLAN, you must reboot the Citrix NetScaler Application Delivery Controller (ADC) appliance for the change to take effect. After the reboot, NSIP subnet traffic is restricted to the new NSVLAN.
Perform only one of the following tasks:
Configuring NSVLAN Using the CLI
Enter the following commands prompt to configure NSVLAN using the CLI:
Step 1 | set ns config - nsvlan
positive_integer - ifnum interface_name ... [-tagged (YES |
NO)]
| ||
Step 2 | (Optional)
show ns config
set ns config -nsvlan 300 -ifnum 1/1 1/2 1/3 -tagged NO save config | ||
Step 3 | (Optional)unset ns config -nsvlan
Restores the default configuration. |
Configuring NSVLAN Using the Configuration Utility
Step 1 | Navigate to System > Settings. |
Step 2 | In the details pane, under Settings, click Change NSVLAN Settings. |
Step 3 | In the Configure NSVLAN Settings dialog box, set the parameters. For a description of a parameter, hover the mouse cursor over the corresponding field. |
Step 4 | Under Interfaces, choose the interfaces from the Available Interfaces list and click Add to move them to the Configured Interfaces list. |
Step 5 | Click OK. In the Warning dialog box, click OK. The configuration takes effect after the Citrix NetScaler Application Delivery Controller (ADC) appliance is restarted. |
Configuring RISE in vPC Mode (Recommended Deployment Mode)
In a virtual port channel (vPC) deployment, two service appliances, such a Citrix NetScaler Application Delivery Controller (ADC) appliance, are each connected to separate Cisco Nexus 5600 Series switches that are in vPC mode through a peer link. This is the recommended topology for deploying the RISE feature on a Cisco Nexus switch and a Citrix NetScaler Application Delivery Controller (ADC) appliance.
This section includes the following topics:
Configuring RISE in a vPC Direct Mode Deployment
Note | This task describes how to configure a vPC peer switch in a direct mode deployment. After configuring RISE on the Cisco Nexus 5600 Series switch, the Citrix NetScaler Application Delivery Controller (ADC) appliance that is directly connected to the switch is automatically configured for RISE mode and all of its ports are in operation mode. No configuration is required on the Citrix NetScaler appliance in a direct mode deployment. |
Repeat these steps to configure each vPC peer switch to which an appliance is connected.
-
Enable and configure the Cisco Nexus switches as vPC peers. See the Cisco Nexus 5600 Series NX-OS Interfaces Configuration Guide for information. The following parameters must be the same on both Cisco Nexus switches:
-
Make sure that you are in the correct VDC on the Cisco Nexus switch. To switch VDCs, use the switchto vdc command.
Command or Action | Purpose | |||||
---|---|---|---|---|---|---|
Step 1 | switch# configure terminal |
Enters global configuration mode. | ||||
Step 2 | switch(config)# feature rise |
Enables the RISE feature on the Cisco Nexus 5600 Series switch. | ||||
Step 3 | switch(config)# service vlan-group group-number vlan-range |
Creates a VLAN group for the NetScaler appliance data VLANs on the Cisco Nexus 5600 Series switch. The range for the VLAN group is from 1 to 32, and the range for the configured VLANs is from 1 to 3967. You can enter the vlan-range using a comma (,), a dash (-), and the numbers. | ||||
Step 4 | switch(config)# service type rise name service-name mode vpc |
Creates a RISE service instance, enters the RISE configuration mode on the Cisco Nexus 5600 Series switch, and specifies that the appliance is directly connected to the switch in order to establish RISE connectivity. You can enter up to 31 alphanumeric characters for the name of the RISE service instance. | ||||
Step 5 | switch(config-rise)# vlan vlan-id |
| ||||
Step 6 | switch(config-rise)# ip ip-address netmask |
Specifies the IP address of the Citrix NetScaler Application Delivery Controller (ADC) appliance that is directly connected to the Cisco Nexus 5600 Series switch. This IP address controls message communication with the supervisor over the RISE port channel. The same IP address can be used for the management IP address of Citrix Netscaler Application Delivery Controller (ADC) appliance. | ||||
Step 7 | switch(config-rise)# vlan group vlan-group |
Specifies the RISE VLAN group to be used by Citrix NetScaler Application Delivery Controller (ADC) appliance. The range is from 1 to 32.
| ||||
Step 8 | Use one of the following: |
| ||||
Step 9 | switch(config-rise)# no shutdown |
| ||||
Step 10 | switch(config-rise)# show module service | (Optional) Displays the status of the RISE service module on the Cisco Nexus 5600 Series switch. If the RISE service module is operational, the status that is displayed is “active.” | ||||
Step 11 | switch(config-rise)# attach rise {slot slot-number | name name} | (Optional) Connects the Cisco Nexus 5600 Series switch to the RISE service module and generates a RISE session from the switch, which allows Telnet access.
| ||||
Step 12 | switch(config-rise)# show rise |
Displays the RISE configuration status on the Cisco Nexus 5600 Series switch. If RISE is configured on the switch, the state that is displayed is “active.” |
Configuring RISE in a vPC Indirect Mode Deployment
This section includes the following topics:
- Configuring RISE on the Cisco Nexus Switch
- Configuring NSIP on the Appliance
- Configuring a NSVLAN on Citrix NetScaler Application Delivery Controller (ADC) Appliance
Configuring RISE on the Cisco Nexus Switch
-
Enable and configure the Cisco Nexus switches as vPC peers. See the Cisco Nexus 5600 Series NX-OS Interfaces Configuration Guide for information. The following parameters must be the same on both Cisco Nexus switches:
-
Make sure that you are in the correct VDC on the Cisco Nexus switch. To switch VDCs, use the switchto vdc command.
Command or Action | Purpose | |||||
---|---|---|---|---|---|---|
Step 1 | switch# configure terminal |
Enters global configuration mode. | ||||
Step 2 | switch(config)# feature rise |
Enables the RISE feature on the Cisco Nexus 5600 Series switch. | ||||
Step 3 | switch(config)# service vlan-group group-number vlan-range |
Creates a VLAN group for the Citrix NetScaler Application Delivery Controller (ADC) appliance data VLANs on the Cisco Nexus 5600 Series switch. The range for the VLAN group is from 1 to 32, and the range for the configured VLANs is from 1 to 3967. You can enter the vlan-range using a comma (,), a dash (-), and the numbers. | ||||
Step 4 | switch(config)# service type rise name service-name mode indirect |
Creates a RISE service instance, enters the RISE configuration mode on the Cisco Nexus 5600 Series switch, and specifies that the appliance is indirectly connected to the switch in order to establish RISE connectivity. You can enter up to 31 alphanumeric characters for the name of the RISE service instance. | ||||
Step 5 | switch(config-rise)# vlan vlan-id |
| ||||
Step 6 | switch(config-rise)# ip ip-address netmask |
Specifies the IP address of the Citrix NetScaler Application Delivery Controller (ADC) appliance that is directly connected to the Cisco Nexus 5600 Series switch. This IP address controls message communication with the supervisor over the RISE port channel. The same IP address can be used for the management IP address of NetScaler appliance. | ||||
Step 7 | switch(config-rise)# vlan group vlan-group |
Specifies the RISE VLAN group to be used by Citrix NetScaler Application Delivery Controller (ADC) appliance. The range is from 1 to 32.
| ||||
Step 8 | switch(config-rise)# no shutdown |
| ||||
Step 9 | switch(config-rise)# show module service | (Optional) Displays the status of the RISE service module on the Cisco Nexus 5600 Series switch. If the RISE service module is operational, the status that is displayed is “active.” | ||||
Step 10 | switch(config-rise)# attach rise {slot slot-number | name name} | (Optional) Connects the Cisco Nexus 5600 Series switch to the RISE service module and generates a RISE session from the switch, which allows Telnet access.
| ||||
Step 11 | switch(config-rise)# show rise |
Displays the RISE configuration status on the Cisco Nexus 5600 Series switch. If RISE is configured on the switch, the state that is displayed is “active.” |
Configuring NSIP on the Appliance
The NetScaler management IP address (NSIP) is the IP address for management and general system access to the Citrix NetScaler Application Delivery Controller (ADC) appliance and for high availability (HA) communication.
Configuring NSIP Using the CLI
You can configure the NSIP on your appliance by using either the configuration prompts or the command-line interface (CLI).
Note | To prevent an attacker from impeding your ability to send packets to the appliance, choose a nonroutable IP address on your organization's LAN as your appliance IP address. |
Ensure that a port channel is configured on the appliance and that the appliance's physical ports are mapped to this port channel.
Example: The following example shows how to configure the NSIP using the CLI: set ns config -ipaddress 10.102.29.60 -netmask 255.255.255.0 add ns ip 10.102.29.61 255.255.255.0 -type snip add route 0.0.0.0 0.0.0.0 10.102.29.1 save ns |
Configuring NSIP Using the Configuration Utility
Step 1 | Navigate to System > Settings. |
Step 2 | In the details pane, under Settings, click Change NSIP Settings. |
Step 3 | In the Configure NSIP Settings dialog box, set the parameters. For a description of a parameter, hover the mouse cursor over the corresponding field. |
Step 4 | Under Interfaces, choose the interfaces from the Available Interfaces list and click Add to move them to the Configured Interfaces list. |
Step 5 | Click OK. In the Warning dialog box, click OK. The configuration takes effect after the Citrix NetScaler Application Delivery Controller (ADC) appliance is restarted. |
Configuring a NSVLAN on Citrix NetScaler Application Delivery Controller (ADC) Appliance
The NSVLAN is a VLAN to which the NetScaler management IP (NSIP) address's subnet is bound. The NSIP subnet is available only on interfaces that are associated with NSVLAN. By default, NSVLAN is VLAN1, but you can designate a different VLAN as NSVLAN. If you designate a different VLAN as an NSVLAN, you must reboot the Citrix NetScaler Application Delivery Controller (ADC) appliance for the change to take effect. After the reboot, NSIP subnet traffic is restricted to the new NSVLAN.
Perform only one of the following tasks:
Configuring NSVLAN Using the CLI
Enter the following commands prompt to configure NSVLAN using the CLI:
Step 1 | set ns config - nsvlan
positive_integer - ifnum interface_name ... [-tagged (YES |
NO)]
| ||
Step 2 | (Optional)
show ns config
set ns config -nsvlan 300 -ifnum 1/1 1/2 1/3 -tagged NO save config | ||
Step 3 | (Optional)unset ns config -nsvlan
Restores the default configuration. |
Configuring NSVLAN Using the Configuration Utility
Step 1 | Navigate to System > Settings. |
Step 2 | In the details pane, under Settings, click Change NSVLAN Settings. |
Step 3 | In the Configure NSVLAN Settings dialog box, set the parameters. For a description of a parameter, hover the mouse cursor over the corresponding field. |
Step 4 | Under Interfaces, choose the interfaces from the Available Interfaces list and click Add to move them to the Configured Interfaces list. |
Step 5 | Click OK. In the Warning dialog box, click OK. The configuration takes effect after the Citrix NetScaler Application Delivery Controller (ADC) appliance is restarted. |
Verifying the RISE Configuration
To display the RISE configuration on the Cisco Nexus 5600 Series switch, perform one of the following tasks.
Note | For detailed information about the fields in the output from these commands, see the “Cisco NX-OS RISE Commands” chapter. |
Command | Purpose |
---|---|
show module service |
Displays the status of the RISE service module on the Cisco Nexus 5600 Series switch. |
show rise [detail] |
Displays the RISE configuration status on the Cisco Nexus 5600 Series switch. |
show rise vlan-group |
Displays VLAN group information for the NetScaler appliance data VLANs on the Cisco Nexus 5600 Series switch. |
show running-config services |
Displays the RISE running configuration on the Cisco Nexus 5600 Series switch. |
show tech-support services [detail] |
Displays troubleshooting information for RISE on the Cisco Nexus 5600 Series switch. |
switch# show rise Name Slot Vdc Rise-Ip State Interface Id Id ------------- ---- --- --------------- ------------ --------- mpx205a 332 2 10.90.14.216 active Po2051
swicth# show rise detail RISE module name: mpx205a State: active Admin state: Enabled Interface: Po2051 RISE Channel connectivity via interface Po2051 Mode: vpc Slot id: 332 Service token: 0x2 Serial number: MH8C02AM50 SUP IP: 10.90.14.138 RISE IP: 10.90.14.216 VDC id: 2 VLAN: 99 VLAN group: 20 VLAN list: 99-101 Data Interface: N/A
Command | Purpose |
---|---|
show rise apbrsvc |
Displays the RISE configuration status on the Citrix Netscaler Application Delivery Controller (ADC) appliance. |
The following example is sample output from the show rise profile command:
mpx24> show rise profile 1) Service Name : mpx4 Status : Active Mode : vPC-Direct Device Id : FOC1824R00P Slot Number : 300 VDC Id : 1 vPC Id : 510 SUP IP : 172.16.0.2 VLAN : 301 VLAN Group : 1 ISSU : None Interface : LA/1 : 10/3 10/4 2) Service Name : mpx4 Status : Active Mode : vPC-Direct Device Id : FOC1751R0QV Slot Number : 300 VDC Id : 1 vPC Id : 510 SUP IP : 172.16.0.3 VLAN : 301 VLAN Group : 1 ISSU : None Interface : LA/1 : 10/7 10/8 Done
Monitoring Cisco RISE
Use the show rise profile command on the Citrix Netscaler Application Delivery Controller (ADC) appliance to display RISE statistics, as shown in the following example:
For vPC mode (direct): mpx24> show rise profile 1) Service Name : mpx24 Status : Active Mode : vPC-Direct Device Id : FOC2865R92P Slot Number : 300 VDC Id : 1 vPC Id : 510 SUP IP : 172.16.0.2 VLAN : 10 VLAN Group : 1 ISSU : None Interface : LA/1 : 10/3 10/4 For Indirect mode (in vPC, only 1 out of 2 entries shown): 1) Service Name : profile_301 Status : Active Mode : Indirect Device Id : N77-C7706:FXS1736Q96T Slot Number : 332 VDC Id : 2 vPC Id : 0 SUP IP : 172.16.0.2 VLAN : 10 VLAN Group : 24 ISSU : None Interface : N/A
Configuration Examples for RISE
Example: RISE Direct Mode Deployment
This example shows how to configure a RISE service on a standalone Cisco Nexus 5600 Series switch that is connected directly to a Citrix Netscaler Application Delivery Controller (ADC) appliance.
Note | When the Citrix Netscaler Application Delivery Controller (ADC) appliance is directly connected to a standalone Cisco Nexus 5600 Series switch and the RISE control channel is configured on the Cisco Nexus 5600 Series switch, the Citrix Netscaler Application Delivery Controller (ADC) appliance is automatically configured for RISE mode and all of its ports are set to operation mode. |
switch# configure terminal switch(config)# port-channel 300 switch(config-if)# switchport trunk allowed vlan 20,30,40 switch(config-if)# no shut switch(config)# ethernet 5/1-2 switch(config-if-range)# channel-group 100 switch(config)# ethernet 6/1-2 switch(config-if-range)# channel-group 100 switch(config)# service vlan-group 1 20,30,40 switch(config)# feature rise switch(config)# service type rise name ns21 mode direct switch(config-rise)# vlan 3 switch(config-rise)# ip 3.3.3.21 255.0.0.0 switch(config-rise)# vlan group 1 switch(config-rise)# port-channel 100 switch(config-rise)# no shutdown switch(config-rise)# attach rise slot 300 Attaching to RISE 300 ... Username:nsroot Warning: Permanently added '3.3.3.21' (RSA) to the list of known hosts. Password: Last login: Fri Sep 27 14:58:44 2013 from 10.99.0.15 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. Done
Example: RISE Indirect Mode Deployment
This example shows how to configure a RISE service on the Cisco Nexus 5600 Series switch that is connected to a Citrix Netscaler Application Delivery Controller (ADC) appliance through a Layer 2 network:
switch# configure terminal switch(config)# port-channel 301 switch(config-if)# switchport switch(config-if)# switchport mode trunk switch(config-if)# switchport allowed vlan 10,20,30,40,50,60 switch(config)# ethernet 5/1-2 switch(config-if-range)# channel-group 100 switch(config-if-range)# no shutdown switch(config)# ethernet 6/1-2 switch(config-if-range)# channel-group 100 switch(config-if-range)# no shutdown switch(config)# service vlan-group 1 20,30,40 switch(config)# feature rise switch(config)# service type rise name ns22 mode indirect switch(config-rise)# vlan 10 switch(config-rise)# ip 3.3.3.22 255.0.0.0 switch(config-rise)# vlan group 22 switch(config-rise)# no shutdown switch(config-rise)# show module service switch(config-rise)# attach rise slot 301 rise_ent->rise_ip = 2010101 ipaddr 10.10.10.5 Attaching to RISE 301 ... To exit type 'exit', to abort type '$.' Telnet rlogin escape character is '$'. Trying 10.10.10.5... Connected to 10.10.10.5. Escape character is '^]'.
The following sample output from show commands enables you to verify the configuration:
switch(config-rise)# show rise detail RISE module name: ns22 State: active Admin state: enabled Interface: N/A Mode: indirect Slot id: 301 Service token: 0x1 Serial number: HE2H81UJ47 SUP IP: 3.101.0.10 RISE IP: 10.10.10.5 VDC id: 1 VLAN: 10 VLAN group: 22 VLAN list: 122,221-224,231-234
Example: RISE vPC Direct Mode Deployment
You configure RISE on the Cisco Nexus switch vPC peer that are indirectly connected to the Citrix Netscaler Application Delivery Controller (ADC) appliance following the same steps that you use to configure an indirect mode deployment.
The following sample outputs show that the RISE device is active and operational and is connected using the vPC deployment mode:
switch# show rise Name Slot Vdc Rise-Ip State Interface Id Id ------------- ---- --- --------------- ------------ --------- mpx205a 332 2 10.90.14.216 active Po2051 switch# show rise detail RISE module name: mpx205a State: active Admin state: Enabled Interface: Po2051 RISE Channel connectivity via interface Po2051 Mode: vpc Slot id: 332 <== unique slot ID for the RISE device Service token: 0x2 Serial number: MH8C02AM50 SUP IP: 10.90.14.138 RISE IP: 10.90.14.216 VDC id: 2 VLAN: 99 VLAN group: 20 VLAN list: 99-101 Data Interface: N/A
Related Documents
Related Topic | Document Title |
---|---|
Commands on the Cisco Nexus 5600 Series switch |
Cisco Nexus 5600 Series NX-OS Fundamentals Configuration Guide |
CoPP |
Cisco Nexus 5600 Series NX-OS Security Configuration Guide |
Interfaces and vPCs |
Cisco Nexus 5600 Series NX-OS Interfaces Configuration Guide |
Policy-based routing |
Cisco Nexus 5600 Series NX-OS Unicast Routing Configuration Guide |
VDCs |
Cisco Nexus 5600 Series NX-OS Virtual Device Context Configuration Guide |
High availability and Cisco Nexus 5600 Series switches |
Cisco Nexus 5600 Series NX-OS High Availability and Redundancy Guide |
Feature History for RISE
The following table lists the feature history for this feature.
Feature Name | Release | Feature Information |
---|---|---|
RISE vPC |
Cisco NX-OS 7.1(1)N1(1) |
Added support for direct and indirect connect mode for a service appliance that is attached to a virtual port channel (vPC) peer through a Layer 2 network. |
RISE |
Cisco NX-OS 7.1(1)N1(1) |
This feature was introduced on the Cisco Nexus 5600 Series switch. |
Citrix Netscaler 10.1.e |
This feature was introduced on the Citrix Netscaler Application Delivery Controller (ADC) appliance |