P Commands
This chapter describes the Cisco NX-OS Ethernet and virtual Ethernet commands that begin with P.
pinning
To configure pinning options for an interface, use the pinning command. To revert to the default settings, use the no form of this command.
pinning { control-vlan | packet-vlan } sub_group_ID
no pinning { control-vlan | packet-vlan }
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to configure packet VLAN pinning for an interface:
Related Commands
|
|
---|---|
pinning id (virtual Ethernet interface)
To pin virtual Ethernet interface traffic to a specific subgroup, use the pinning id command. To remove the configuration, use the no form of this command.
Syntax Description
Command Default
Command Modes
Virtual Ethernet interface configuration mode
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to pin a virtual Ethernet interface to subgroup 3:
Related Commands
port
To configure a unified port on a Cisco Nexus 5548UP switch or Cisco Nexus 5596UP switch, use the port command. To remove the unified port, use the no form of this command.
port port-number type { ethernet | fc }
no port port-number type { ethernet | fc }
Syntax Description
Specifies the type of port to configure on a slot in a chassis. |
|
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Unified ports allow you to configure ports as Ethernet, native Fibre Channel or Fibre Channel over Ethernet (FCoE) ports. By default, the ports are Ethernet ports but you can change the port mode to Fibre Channel on the following unified ports:
- Any port on the Cisco Nexus 5548UP switch or the Cisco Nexus 5596UP switch.
- The ports on the Cisco N55-M16UP expansion module that is installed in a Cisco Nexus 5548P switch.
You must configure Ethernet ports and FC ports in a specified order:
- FC ports must be configured from the last port of the module.
- Ethernet ports must be configured from the first port of the module.
If the order is not followed, the following errors are displayed:
On a Cisco Nexus 5548UP switch, the 32 ports of the main slot (slot1) are unified ports. The Ethernet ports start from port 1/1 to port 1/32. The FC ports start from port 1/32 backwards to port 1/1.
Examples
This example shows how to configure a unified port on a Cisco Nexus 5548UP switch or Cisco Nexus 5596UP switch:
This example shows how to configure a unified port on a Cisco N55-M16UP expansion module:
This example shows how to configure 20 ports as Ethernet ports and 12 as FC ports:
Related Commands
|
|
---|---|
Enables preprovisioning of features or interfaces of a module on a slot in a chassis. |
|
Reloads the switch and all attached Fabric Extender chassis or a specific Fabric Extender. |
port-channel load-balance ethernet
To configure the load-balancing method among the interfaces in the channel-group bundle, use the port-channel load-balance ethernet command. To return the system priority to the default value, use the no form of this command.
port-channel load-balance ethernet method [ hash-polynomial ]
no port-channel load-balance ethernet [ method ]
Syntax Description
Command Default
Loads distribution on the source and destination MAC address.
The default hash polynomial is CRC8a.
Command Modes
Command History
|
|
---|---|
Usage Guidelines
The valid load-balancing method values are as follows:
- destination-ip —Loads distribution on the destination IP address.
- destination-mac —Loads distribution on the destination MAC address.
- destination-port —Loads distribution on the destination port.
- source-destination-ip —Loads distribution on the source and destination IP address.
- source-destination-mac —Loads distribution on the source and destination MAC address.
- source-destination-port —Loads distribution on the source and destination port.
- source-ip —Loads distribution on the source IP address.
- source-mac —Loads distribution on the source MAC address.
- source-port —Loads distribution on the source port.
Use the option that provides the balance criteria with the greatest variety in your configuration. For example, if the traffic on an EtherChannel is going only to a single MAC address and you use the destination MAC address as the basis of EtherChannel load balancing, the EtherChannel always chooses the same link in that EtherChannel; using source addresses or IP addresses might result in better load balancing.
Beginning with Cisco NX-OS Release 5.0(3)N2(1), the Cisco Nexus 5548 switch and Cisco Nexus 5596 switch support 8 hash polynomials that can be used for compression on the hash-parameters (software-configurable selection of source and destination MAC addresses, source and destination IP addresses, and source and destination TCP and UDP ports). Depending on variations in the load-balancing method for egress traffic flows from a port channel, different polynomials could provide different load distribution results.
The valid load-balancing hash-polynomial values are as follows:
- CRC8a —Hash polynomial CRC8a.
- CRC8b —Hash polynomial CRC8b.
- CRC8c —Hash polynomial CRC8c.
- CRC8d —Hash polynomial CRC8d.
- CRC8e —Hash polynomial CRC8e.
- CRC8f —Hash polynomial CRC8f.
- CRC8g —Hash polynomial CRC8g.
- CRC8h —Hash polynomial CRC8h.
Note The hash polynomial that you choose affects both the multicast and unicast traffic egressing from all the local port channels. The hash polynomial does not affect the port channels whose member ports are on a Cisco Nexus 2148T Fabric Extender, Cisco Nexus 2232P Fabric Extender, or Cisco Nexus 2248T Fabric Extender.
Examples
This example shows how to set the load-balancing method to use the source IP:
switch(config)#
port-channel load-balance ethernet source-ip
This example shows how to set the load-balancing method to use the source IP and the CRC8c polynomial to hash a flow to obtain a numerical value that can be used to choose the egress physical interface on a Cisco Nexus 5548 switch:
switch(config)#
port-channel load-balance ethernet source-ip CRC8c
Related Commands
|
|
---|---|
private-vlan
To configure private VLANs, use the private-vlan command. To return the specified VLANs to normal VLAN mode, use the no form of this command.
private-vlan { isolated | community | primary }
no private-vlan { isolated | community | primary }
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
You must enable private VLANs by using the feature private-vlan command before you can configure private VLANs. The commands for configuring private VLANs are not visible until you enable private VLANs.
If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive. When you enter the no private-vlan command, the VLAN returns to the normal VLAN mode. All primary and secondary associations on that VLAN are suspended, but the interfaces remain in private VLAN mode. When you reconvert the specified VLAN to private VLAN mode, the original associations are reinstated.
If you enter the no vlan command for the primary VLAN, all private VLAN associations with that VLAN are lost. If you enter the no vlan command for a secondary VLAN, the private VLAN associations with that VLAN are suspended and are reenabled when you recreate the specified VLAN and configure it as the previous secondary VLAN.
You cannot configure VLAN1 or the internally allocated VLANs as private VLANs.
A private VLAN is a set of private ports that are characterized by using a common set of VLAN number pairs. Each pair is made up of at least two special unidirectional VLANs and is used by isolated ports and/or by a community of ports to communicate with routers.
An isolated VLAN is a VLAN that is used by isolated ports to communicate with promiscuous ports. An isolated VLAN’s traffic is blocked on all other private ports in the same VLAN. Its traffic can only be received by standard trunking ports and promiscuous ports that are assigned to the corresponding primary VLAN.
A promiscuous port is defined as a private port that is assigned to a primary VLAN.
A community VLAN is defined as the VLAN that carries the traffic among community ports and from community ports to the promiscuous ports on the corresponding primary VLAN.
A primary VLAN is defined as the VLAN that is used to convey the traffic from the routers to customer end stations on private ports.
Multiple community and isolated VLANs are allowed. If you enter a range of primary VLANs, the system uses the first number in the range for the association.
Note A private VLAN-isolated port on a Cisco Nexus 5000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
If VLAN Trunking Protocol (VTP) is enabled on a switch, you can configure private VLANs only on a device configured in Transparent mode.
Examples
This example shows how to assign VLAN 5 to a private VLAN as the primary VLAN:
This example shows how to assign VLAN 100 to a private VLAN as a community VLAN:
This example shows how to assign VLAN 109 to a private VLAN as an isolated VLAN:
Related Commands
|
|
---|---|
private-vlan association
To configure the association between a primary VLAN and a secondary VLAN on a private VLAN, use the private-vlan association command. To remove the association, use the no form of this command.
private-vlan association {[ add ] secondary-vlan-list | remove secondary-vlan-list }
Syntax Description
Clears the association between a secondary VLAN and a primary VLAN. |
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
You must enable private VLANs by using the feature private-vlan command before you can configure private VLANs. The commands for configuring private VLANs are not visible until you enable private VLANs.
If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive. When you enter the no private-vlan command, the VLAN returns to the normal VLAN mode. All primary and secondary associations on that VLAN are suspended, but the interfaces remain in private VLAN mode. However, when you reconvert the specified VLAN to private VLAN mode, the original associations are reinstated.
If you enter the no vlan command for the primary VLAN, all private VLAN associations with that VLAN are lost. However, if you enter the no vlan command for a secondary VLAN, the private VLAN associations with that VLAN are suspended and return when you recreate the specified VLAN and configure it as the previous secondary VLAN.
The secondary-vlan-list argument cannot contain spaces. It can contain multiple comma-separated items. Each item can be a single secondary VLAN ID or a hyphenated range of secondary VLAN IDs. The secondary-vlan-list parameter can contain multiple secondary VLAN IDs.
A private VLAN is a set of private ports that are characterized by using a common set of VLAN number pairs. Each pair is made up of at least two special unidirectional VLANs and is used by isolated ports and/or by a community of ports to communicate with routers.
Multiple community and isolated VLANs are allowed. If you enter a range of primary VLANs, the system uses the first number in the range for the association.
Isolated and community VLANs can only be associated with one primary VLAN. You cannot configure a VLAN that is already associated to a primary VLAN as a primary VLAN.
Note A private VLAN-isolated port on a Cisco Nexus 5000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
Examples
This example shows how to create a private VLAN relationship between the primary VLAN 14, the isolated VLAN 19, and the community VLANs 20 and 21:
This example shows how to remove isolated VLAN 18 and community VLAN 20 from the private VLAN association:
Related Commands
|
|
---|---|
private-vlan synchronize
To map the secondary VLANs to the same Multiple Spanning Tree (MST) instance as the primary VLAN, use the private-vlan synchronize command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
If you do not map secondary VLANs to the same MST instance as the associated primary VLAN when you exit the MST configuration mode, the device displays a warning message that lists the secondary VLANs that are not mapped to the same instance as the associated VLAN. The private-vlan synchronize command automatically maps all secondary VLANs to the same instance as the associated primary VLANs.
Examples
This example shows how to initialize private VLAN synchronization:
Related Commands
|
|
---|---|
protocol vmware-vim
To enable the VMware Infrastructure Software Development Kit (VI SDK), use the protocol vmware-vim command. To disable the VI SDK, use the no form of this command.
Syntax Description
Command Default
Command Modes
SVS connection configuration mode
Command History
|
|
---|---|
Usage Guidelines
The VMware VI SDK is published by VMware and it allows clients to talk to a vCenter server.
You must first create an SVS connection before you enable the VMware VI SDK.
Examples
This example shows how to enable the VMware VI SDK:
This example shows how to disable the VMware VI SDK:
Related Commands
|
|
---|---|
provision
To preprovision a module in a chassis slot, use the provision command. To remove a preprovisioned module from a slot, use the no form of this command.
no provision model [ model-name ]
Syntax Description
Command Default
Command Modes
Slot configuration mode
Switch profile configuration mode
Command History
|
|
---|---|
Usage Guidelines
Use this command to define the modules (line card or Cisco Nexus 2000 Series Fabric Extender) to preprovision. If the card type does not match the card in the slot or the module is not compatible with the chassis, you see the following messages:
You can configure features or interfaces (Ethernet, Fibre Channel) on the modules before the modules are inserted in the switch chassis. You can also use this command to manage the configuration of these features or interfaces when the module is offline due to a failure or scheduled downtime. These configurations are applied when the module comes online.
When you preprovision a module by specifying the type of module, platform manager will allow only modules of matching type to come online. If you configure the interfaces for the module without specifying the module type, the configuration is applied when the module comes online, regardless of the module type.
You can preprovision modules and interfaces in a switch profile. The modules and interfaces are preprovisioned when you apply (commit) the switch profile. Once the module is inserted and interfaces are created, the preprovisioning module passes on the configuration to the respective applications before the interfaces come up.
Mutual exclusion is a mechanism where configuration outside the switch profile is not allowed in the switch profile and vice-versa. This requirement is to ensure that configuration in the switch profile is exactly the same on both switches. Preprovisioned configuration is the same as a configuration when the module is online, so mutual exclusion checks would continue to apply normally.
When you downgrade from Cisco NX-OS release 5.0(2)N1(1), which supports preprovisioning, to an earlier release of Cisco NX-OS that does not support module preprovisioning, you will be prompted to remove preprovisioning configuration that you configured on the switch.
Examples
This example shows how to preprovision a module in slot 2 of the chassis:
This example shows how to configure a switch profile to enable a chassis slot for preprovisioning of a module:
This example shows how to remove a preprovisioned module from a chassis slot:
This example shows how to remove all preprovisioned modules or line cards from a chassis slot:
Related Commands
|
|
---|---|
Displays the running configuration excluding the preprovisioned features. |
|