Cisco Cisco Nexus 5010 Switch Guida Alla Progettazione
Design Guide
© 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 8 of 15
If there is no key in the remote site, the link won’t go up. As you can see in the below CLI capture, the remote
interface won’t go up because the authentication failed.
tc-nexus7k01# show int etha/b
Ethernet7/25 is down (Authorization pending)
Hardware: 10000 Ethernet, address: 001b.54c1.65e8 (bia 001b.54c1.65e8)
MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
If you add the key on a port that is already up, you’ll need to do a “shut-no shut” operation to enable the SAP
configuration:
configuration:
tc-nexus7k02-VDC2# show cts interface ethernet a/b
CTS Information for Interface Ethernet7/25:
CTS is enabled, mode: CTS_MODE_MANUAL
IFC state: CTS_IFC_ST_CTS_OPEN_STATE
Authentication Status: CTS_AUTHC_SKIPPED_CONFIG
Peer Identity:
Peer is: Not CTS Capable
802.1X role: CTS_ROLE_UNKNOWN
Last Re-Authentication:
Authorization Status: CTS_AUTHZ_SKIPPED_CONFIG
PEER SGT: 0
Peer SGT assignment: Not Trusted
SAP Status: CTS_SAP_SUCCESS
Configured pairwise ciphers: GCM_ENCRYPT
Replay protection: Enabled
Replay protection mode: Strict
Selected cipher: GCM_ENCRYPT
Current receive SPI: sci:1b54c1a7940000 an:0
Current transmit SPI: sci:1b54c165e80000 an:0
Spanning Tree Configuration
Most configuration commands are identical between Cisco IOS and Cisco NX-OS Software. The main difference is
how to configure portfast and bridge assurance.
how to configure portfast and bridge assurance.
Portfast is configured as follows:
NXOS: (config-if)#spanning-tree port type edge [trunk]
Bridge assurance is enabled globally by default and locally on the interface when the option network is selected. If
the option selected is normal, bridge assurance doesn’t run on the link. On a per Layer 2 link level, the normal option
is the default:
the option selected is normal, bridge assurance doesn’t run on the link. On a per Layer 2 link level, the normal option
is the default:
Nexus(config)# spanning-tree bridge assurance
NXOS: (config-if)#spanning-tree port type { normal | network }
Link Aggregation Control Protocol Configuration
Port channel configurations are, for the most part, identical in Cisco NX-OS and Cisco Catalyst IOS Software. One
difference is that in Cisco NX-OS, you must enable the Link Aggregation Control Protocol service, as follows:
difference is that in Cisco NX-OS, you must enable the Link Aggregation Control Protocol service, as follows:
NXOS: (config)#feature lacp