Right, I completely understand the need for a separate management switch for
the keep alive using dual sups.
One thing that I can't find documentation on though is if cfs can only run
over the keep alive interfaces, and thus is bound by vpc.
Say you had a large environment with many switches and each switch had a
management vlan of 900, each with an svi in the same subnet. Is there a way
to use the cfs applications over this vlan?
Case 1 where there are no vpc peers.
Case 2 where there are vpc peers.
I guess I'm asking if cfs can be used as simply an application distribution
method, or it is only intended for vpc and as you say, we are allowed to ride
on top of that as a convenience?
-----Original Message-----
From: "Brian McGahan" <bmcgahan_at_ine.com>
Sent: b�7/b�28/b�2014 8:31 PM
To: "David Bloom" <dbsg13_at_yahoo.com>
Cc: "CCIE Study" <ccielab_at_groupstudy.com>
Subject: Re: Nexus 7000 CFS and NTP/TACACS+
Just so you're aware though, this isn't a CFS issue, it's a vPC keepalive
issue. CFS sync of applications like NTP is a convenience. CFS sync of vPC is
necessary for the data plane.
There are certain failure situations your setup can't recover from during a
supervisor switchover when the peer keepalive failure occurs.
These failures are also deemed Resume Generating Events (RGEs)
;)
Brian McGahan, 4 x CCIE #8593 (R&S/SP/SC/DC), CCDE #2013::13
bmcgahan_at_INE.com
Internetwork Expert, Inc.
http://www.INE.com
On Jul 28, 2014, at 4:02 PM, "David Bloom" <dbsg13_at_yahoo.com> wrote:
That is exactly what we planned to do when these roll out to production. For
now, they are in the lab and we don't have the separate switches yet. We did
purchase a separate small management switch per pair. We could hook these
together though.
Thanks for the reply Brian.
From: Brian McGahan
Sent: b�7/b�28/b�2014 3:50 PM
To: david bloom; CCIE Study
Subject: RE: Nexus 7000 CFS and NTP/TACACS+
Plug the MGMT0 ports into a separate management switch and then they will all
be CFS adjacent. You don't want to connect the mgmt ports back-to-back for
vPC peer keepalive on 7K anyways. If your primary supervisor goes down the
standby supervisor won't be vPC keepalive adjacent with the other side and the
vPC can fail.
Brian McGahan, 4 x CCIE #8593 (R&S/SP/SC/DC), CCDE #2013::13
bmcgahan_at_INE.com
Internetwork Expert, Inc.
http://www.INE.com
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of david
bloom
Sent: Sunday, July 27, 2014 4:18 PM
To: CCIE Study
Subject: Nexus 7000 CFS and NTP/TACACS+
Hello all,
I've been unable to find documentation on this regarding the specific vrf that
cfs uses and if that can be changed for other services. I know that vPC uses
CFS.
We have 10 Nexus 7K's, mix of 7700 and 7000s, configured in 5 vPC pairs. The
vPC keep-alive is set up via management interfaces.
I'm trying to use CFS to distribute some applications such as NTP and TACACS+,
however the distribution only gets from one peer to the other, it won't cross
over to any other pairs.
When I run a show cfs peers, I
see the management IP's of the local pair devices. Is it possible to run CFS
over the management VLAN interface so they can all peer with one master Nexus?
David
Blogs and organic groups at http://www.ccie.net
Received on Mon Jul 28 2014 - 22:02:50 ART