Wednesday, 13 August 2014

Nexus FabricPath on nexus7k and nexus5k with fabricpath authentication

This is a config template for fabricpath configuration with fabricpath isis md5 Authentication


so i have configured the dual links in LACP port channeling and enabled fabricPath on the port-channel with authentication (md5 authentication with key-string as "fabmd5" )

Outputs/verifications after the config are down

Topology

7k-4:

feature lacp
feature-set fabricpath
!
vlan 100,200
  mode fabricpath
fabricpath switch-id 4
!
key chain chain-name
  key 0
    key-string 7 fabmd5
!
interface Ethernet2/23
  switchport mode fabricpath
  channel-group 2324 mode active
  no shutdown
!
interface Ethernet2/24
  switchport mode fabricpath
  channel-group 2324 mode active
  no shutdown
!
interface Ethernet2/25
  switchport mode fabricpath
  channel-group 2526 mode active
  no shutdown
!
interface Ethernet2/26
  switchport mode fabricpath
  channel-group 2526 mode active
  no shutdown
!
interface port-channel2324
  switchport
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!
interface port-channel2526
  switchport
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!

7k-3:

feature lacp
feature-set fabricpath
!
vlan 100,200
  mode fabricpath
fabricpath switch-id 3
!
key chain chain-name
  key 0
    key-string 7 fabmd5
!
interface Ethernet2/9
  switchport mode fabricpath
  channel-group 910 mode active
  no shutdown
!
interface Ethernet2/10
  switchport mode fabricpath
  channel-group 910 mode active
  no shutdown
!
interface Ethernet2/11
  switchport mode fabricpath
  channel-group 1112 mode active
  no shutdown
!
interface Ethernet2/12
  switchport mode fabricpath
  channel-group 1112 mode active
  no shutdown
!
interface port-channel910
  switchport
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!
interface port-channel1112
  switchport
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!

5k-1:

install feature-set fabricpath
feature-set fabricpath
feature lacp
fabricpath switch-id 1
!
vlan 100,200
  mode fabricpath
!
key chain chain-name
  key 0
    key-string 7 fabmd5
!
interface Ethernet1/5
  switchport mode fabricpath
  channel-group 2526 mode active
!
interface Ethernet1/6
  switchport mode fabricpath
  channel-group 2526 mode active
!
interface Ethernet1/10
  switchport mode fabricpath
  channel-group 910 mode active
!
interface Ethernet1/11
  switchport mode fabricpath
  channel-group 910 mode active
!
interface port-channel910
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!
interface port-channel2526
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!

5K-2:

install feature-set fabricpath
feature-set fabricpath
feature lacp
!
fabricpath switch-id 2
!
vlan 100,200
  mode fabricpath
!
key chain chain-name
  key 0
    key-string 7 fabmd5
!
interface Ethernet1/5
  switchport mode fabricpath
  channel-group 1112 mode active

interface Ethernet1/6
  switchport mode fabricpath
  channel-group 1112 mode active

interface Ethernet1/10
  switchport mode fabricpath
  channel-group 2324 mode active

interface Ethernet1/11
  switchport mode fabricpath
  channel-group 2324 mode active
!
interface port-channel1112
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!
interface port-channel2324
  switchport mode fabricpath
  fabricpath isis authentication-type md5
  fabricpath isis authentication key-chain chain-name
!


OUTPUTS/Verifications

5K2# show port-channel summary 
Flags:  D - Down        P - Up in port-channel (members)
        I - Individual  H - Hot-standby (LACP only)
        s - Suspended   r - Module-removed
        S - Switched    R - Routed
        U - Up (port-channel)
        M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port-       Type     Protocol  Member Ports
      Channel
--------------------------------------------------------------------------------
1112  Po1112(SU)  Eth      LACP      Eth1/5(P)    Eth1/6(P)    
2324  Po2324(SU)  Eth      LACP      Eth1/10(P)   Eth1/11(P)   

5K2# show fabricpath isis adjacency 
Fabricpath IS-IS domain: default Fabricpath IS-IS adjacency database:
System ID       SNPA            Level  State  Hold Time  Interface
c067.xxxxxx  N/A             1      UP     00:00:22   port-channel1112
c067.xxx.xxx  N/A             1      UP     00:00:22   port-channel2324

5K2# show fabricpath isis interface port-channel 2324
Fabricpath IS-IS domain: default 
Interface: port-channel2324
  Status: protocol-up/link-up/admin-up
  Index: 0x0002, Local Circuit ID: 0x01, Circuit Type: L1
  Authentication type MD5
  Authentication keychain is chain-name
  Authentication check specified
  Extended Local Circuit ID: 0x16000913, P2P Circuit ID: 0000.0000.0000.00
  Retx interval: 5, Retx throttle interval: 66 ms
  LSP interval: 33 ms, MTU: 1500
  P2P Adjs: 1, AdjsUp: 1, Priority 64
  Hello Interval: 10, Multi: 3, Next IIH: 00:00:03
  Level   Adjs   AdjsUp  Metric   CSNP  Next CSNP  Last LSP ID
  1          1        1      20     60  00:01:03   ffff.ffff.ffff.ff-ff
  Topologies enabled:
    Topology Metric  MetricConfig Forwarding
    0        20      no           UP        


Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)