Quantcast
Channel: VMware Communities : All Content - All Communities
Viewing all articles
Browse latest Browse all 179681

Removing 'system vlans' from Nexus 1000V port-profile

$
0
0

We have a Dell M1000e blade chassis with a number of M605 blade servers running ESXi 5.0 using the Nexus 1000V for networking.  We are using 10G Ethernet in fabrics B and C for a total of 4 10G NICs per server.  We are not using the 1G NICs on fabric A.  We currently use one NIC from fabrics B and C for VM traffic and the other NIC from each fabric for VM management/vMotion/iSCSI traffic.  We currently use EqualLogic PS6010 iSCSI arrays and have two port-groups setup with iSCSI bindings (one to physical NIC vmnic3 and one to physical NIC vmnic5).

 

We have added an EMC VNX 5300 unified array to our setup and we configured three additional VLANs on our networking setup - two for iSCSI and one for NFS.  We added addition vEthernet port-profiles for the three new VLANs but when we added new vmk# ports on some of the ESXi servers, they couldn't ping anything.   We did a TAC case with Cisco and it was determined that only a single port-group with iSCSI bindings can be tied to one physical uplink at a time.

 

We decided we would temporarily add the new VLANs to the list of allowed VLANs on the physical switch trunk ports currently used only for VM traffic. We need to remove the new VLANs from the current ethernet port-profile but are running into an issue.

 

The current Nexus 1000V port-profile we need to change is:

 

port-profile type ethernet DenverMgmtSanUplinks

  vmware port-group

  switchport mode trunk

  switchport trunk allowed vlan 2306-2308,2311-2315

  channel-group auto mode passive

  no shutdown

  system vlan 2306-2308,2311-2315

  description MGMT SAN UPLINKS

  state enabled

 

We need to remove VLANs 2313-2315 from the 'system vlan' list in order to be able to remove them from the 'switchport trunk allowed vlan' list.

 

However, when we try to do so, we get an error about the port-profile currently being in use:

 

vsm21a# conf t

Enter configuration commands, one per line.  End with CNTL/Z.

vsm21a(config)# port-profile type ethernet DenverMgmtSanUplinks

vsm21a(config-port-prof)# system vlan 2306-2308,2311-2312

ERROR: Cannot remove system vlans, port-profile currently in use by interface Po2

 

We have 6 ESXi servers connected to this Nexus 1000V.  Originally they were VEM 3-8 but apparently when we did a firmware upgrade, they got re-designated as VEMs 9-14 and the old 6 VEMs and associated port-channels, are orphaned.

 

For example, if we look at port-channel 2 in more detail, we see its tied to the orphaned VEM 3 and it has no ports associated with it:

 

vsm21a(config-port-prof)# sho run int port-channel 2

 

!Command: show running-config interface port-channel2

!Time: Fri Apr 26 18:59:06 2013

 

version 4.2(1)SV2(1.1)

 

interface port-channel2

  inherit port-profile DenverMgmtSanUplinks

  vem 3

 

vsm21a(config-port-prof)# sho int port-channel 2

port-channel2 is down (No operational members)

  Hardware: Port-Channel, address: 0000.0000.0000 (bia 0000.0000.0000)

  MTU 1500 bytes, BW 100000 Kbit, DLY 10 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA

  Port mode is trunk

  auto-duplex, 10 Gb/s

  Beacon is turned off

  Input flow-control is off, output flow-control is off

  Switchport monitor is off

  Members in this channel: Eth3/4, Eth3/6

  Last clearing of "show interface" counters never

  102 interface resets

 

We can probably delete port-channel 2 but assume the error about the port-profile being in use will cascade to the other port-chanels.  We can remove the other orphaned port-channels 4,6,8,10 and 12 as they are associated with the orphaned VEMs but we expect we wil then also get errors about port-channels 13,15,17,19,21 and 23 that are associated with the active VEMs.

 

We're looking to see if there is an easy way to fix this on the VSM or if we need to break off one of the physical uplinks on each server, connect them to a vSS or vDS, and migrate all of the vmkernel ports off of the Nexus 1000V so we can clean up the VLAN issue.


Viewing all articles
Browse latest Browse all 179681

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>