VDC Configuration
Table 5-7 summarizes the NX-OS CLI commands related to basic VDC configuration and verification.
Table 5-7 Summary of NX-OS CLI Commands for VDC Configuration and Verification
| Command | Purpose |
| show resource | Displays the VDC resource configuration for the current VDC. |
| show vdc [vdc-name] | Displays the VDC configuration information. |
| show vdc detail | Displays the VDC status information. |
| show running-config {vdc| vdc-all} | Displays the VDC information in the running configuration. |
| show module | Displays module information. |
| configure terminal | Enters global configuration mode. |
| vdc {switch | vdc-name } [ha-policy {dual-sup {bringdown | restart | switchover} [single-sup {bringdown | reload | restart}] [id vdc-number ] [template template-name ] [template template-name ] [type storage] | Creates a VDC and enters the VDC configuration mode. The keywords and arguments are as follows: switch : Specifies the default VDC. VDC number 1 is reserved for the default VDC. vdc-name : Specifies a nondefault VDC. The VDC name can be a maximum of 32 characters. The VDC name cannot begin with a number. Nondefault VDC numbers are from 2 to 9. The next available number is assigned when a nondefault VDC is created. id : Specifies the VDC ID. template : Specifies the VDC resource template. The default resource template is used if you do not specify one. type storage : Specifies a nondefault VDC as a storage VDC. |
| limit-resource module-type module type | Configures the specified line card type. VDCs support the F1, F2, F2e, M1, M1XL, and M2XL Series module types. Note F2e Series modules cannot exist in the same VDC with F1 Series modules. F2 Series modules cannot exist in the same VDC with F1, M1, M1XL, and M2XL Series modules. |
| [ no ] allocate interface ethernet slot/port – last-port | Allocates a range of interfaces on the same module to the VDC. The slot argument specifies the slot, the port argument specifies the first interface in the range, and the last-port argument specifies the last interface in the range you are allocating. |
| limit-resource vrf minimum min-value maximum {max-value| equal-to-min} | Specifies the limits for VRF. The equal-to-min keyword automatically sets the maximum limit equal to the minimum limit. |
| show vdc membership [status] | Displays the status of VDC interface membership. |
| switchto vdc vdc-name | Switches to the nondefault VDC. |
| show user-account | Displays the role configuration. |
Examples 5-7 and 5-8 show the basic VDC configuration and verification on a standalone Nexus 7000 Series switch. In Example 5-7, we create a nondefault VDC named Pod8 from the admin VDC and allocate interfaces to it. In Example 5-8, we set up the newly created nondefault VDC and do the final verification from the newly created nondefault VDC Pod8 itself.
Example 5-7 Creation and Verification of a Nondefault VDC Pod8
! Checking currently configured VDCs. N7K-A with vdc_id 1 is configured as Admin
VDC. Currently 1 Admin and 7 non-default VDCs are configured.
N7K-A#
show vdc
Switchwide mode is m1 f1 m1xl f2 m2xl f2e f3 m3s
vdc_id vdc_name state mac type lc
—— ——– —– ———- ——— ——
1 N7K-A
active e4:c7:22:15:2c:41
Admin
None
2 Pod1 active e4:c7:22:15:2c:42 Ethernet f3
3 Pod2 active e4:c7:22:15:2c:43 Ethernet f3
4 Pod3 active e4:c7:22:15:2c:44 Ethernet f3
5 Pod4 active e4:c7:22:15:2c:45 Ethernet f3
6 Pod5 active e4:c7:22:15:2c:46 Ethernet f3
7 Pod6 active e4:c7:22:15:2c:47 Ethernet f3
8 Pod7 active e4:c7:22:15:2c:48 Ethernet f3
! Checking configured resources for Admin VDC. In Admin VDC, no of vrfs are limited
to 2048.
N7K-A#
show resource
Resource Min Max Used Unused Avail
——– — — —- —— —–
vlan 16 4094 24 0 4070
monitor-session 0 2 0 0 2
monitor-session-erspan-dst 0 23 0 0 23
vrf 2 2048
2 0 2046
port-channel 0 768 0 0 767
u4route-mem 96 96 1 95 95
u6route-mem 24 24 1 23 23
m4route-mem 58 58 0 58 58
m6route-mem 8 8 0 8 8
monitor-session-inband-src 0 1 0 0 1
anycast_bundleid 0 16 0 0 16
monitor-session-mx-excepti 0 1 0 0 1
monitor-session-extended 0 12 0 0 12
monitor-rbs-filter 0 12 0 0 12
monitor-rbs-product 0 12 0 0 12
! Checking running-config of Admin VDC. Note that the Default VDC was converted to
Admin VDC using the command system admin-vdc.
N7K-A# show running-config vdc | begin admin
system admin-vdc
vdc N7K-A id 1
cpu-share 5
limit-resource vlan minimum 16 maximum 4094
limit-resource monitor-session minimum 0 maximum 2
limit-resource monitor-session-erspan-dst minimum 0 maximum 23
limit-resource vrf minimum 2 maximum 2048
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 96 maximum 96
limit-resource u6route-mem minimum 24 maximum 24
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8
limit-resource monitor-session-inband-src minimum 0 maximum 1
limit-resource anycast_bundleid minimum 0 maximum 16
limit-resource monitor-session-mx-exception-src minimum 0 maximum 1
limit-resource monitor-session-extended minimum 0 maximum 12
limit-resource monitor-rbs-filter minimum 0 maximum 12
limit-resource monitor-rbs-product minimum 0 maximum 12
<output omitted>
! Checking modules installed on the Nexus 7000 Switch Chassis. All line cards
installed are F3 modules. Since the switch has Sup2E supervisor module, it supports
Admin + 8 Non-default VDCs, so in total 9 VDCs. Currently only Admin + 7 Non-default
VDCs are configured.
N7K-A#
show module
Mod Ports Module-Type Model Status
— —– ———————————– —————— ———-
1 0 Supervisor Module-2
N7K-SUP2E
active *
3 48 1/10 Gbps Ethernet Module N7K-F348XP-25 ok
4 48 1/10 Gbps Ethernet Module
N7K-F348XP-25
ok
5 12 10/40 Gbps Ethernet Module N7K-F312FQ-25 ok
6 12 10/40 Gbps Ethernet Module N7K-F312FQ-25 ok
7 12 10/40 Gbps Ethernet Module N7K-F312FQ-25 ok
8 12 10/40 Gbps Ethernet Module
N7K-F312FQ-25
ok
Mod Sw Hw
— ————— ——
1 8.4(2) 6.1
3 8.4(2) 1.0
4 8.4(2) 1.0
5 8.4(2) 1.1
6 8.4(2) 1.1
7 8.4(2) 1.1
8 8.4(2) 1.1
<output omitted>
! Configuring a new non-default VDC named Pod8.
N7K-A#
configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
N7K-A(config)#
vdc Pod8
Note: Creating VDC, one moment please …
2022 Jan 21 17:15:03 %$ VDC-9 %$ %SYSLOG-2-SYSTEM_MSG : logflash ONLINE
! Pod8 VDC was automatically assigned vdc_id 9 and supported linecards as m1 m1xl
m2xl and f2e by default.
N7K-A(config-vdc)#
show vdc
Switchwide mode is m1 f1 m1xl f2 m2xl f2e f3 m3
vdc_id vdc_name state mac type lc
—— ——– —– ———- ——— ——
1 N7K-A active e4:c7:22:15:2c:41 Admin None
2 Pod1 active e4:c7:22:15:2c:42 Ethernet f3
3 Pod2 active e4:c7:22:15:2c:43 Ethernet f3
4 Pod3 active e4:c7:22:15:2c:44 Ethernet f3
5 Pod4 active e4:c7:22:15:2c:45 Ethernet f3
6 Pod5 active e4:c7:22:15:2c:46 Ethernet f3
7 Pod6 active e4:c7:22:15:2c:47 Ethernet f3
8 Pod7 active e4:c7:22:15:2c:48 Ethernet f3
9 Pod8
active e4:c7:22:15:2c:49 Ethernet
m1 m1xl m2xl f2e
! Since we are having only F3 line cards in the chassis, we will limit the moduletype
resource to f3 type modules and allocate ports from module 4 and 8 to the
newly created non-default VDC Pod8.
N7K-A(config-vdc)#
limit-resource module-type f3
This will cause all ports of unallowed types to be removed from this vdc. Continue
(y/n)? [yes] y
N7K-A(config-vdc)#
allocate interface Ethernet4/25-32
Moving ports will cause all config associated to them in source vdc to be removed.
Are you sure you want to move the ports (y/n)? [yes]
y
N7K-A(config-vdc)#
allocate interface Ethernet8/7-12
Moving ports will cause all config associated to them in source vdc to be removed.
Are you sure you want to move the ports (y/n)? [yes]
y
! Verifying the module-type resource limitations on the newly created VDC. It is
now correctly reflecting the F3 module-type line card limitation.
N7K-A(config-vdc)#
show vdc
Switchwide mode is m1 f1 m1xl f2 m2xl f2e f3 m3
vdc_id vdc_name state mac type lc
—— ——– —– ———- ——— ——
1 N7K-A active e4:c7:22:15:2c:41 Admin None
2 Pod1 active e4:c7:22:15:2c:42 Ethernet f3
3 Pod2 active e4:c7:22:15:2c:43 Ethernet f3
4 Pod3 active e4:c7:22:15:2c:44 Ethernet f3
5 Pod4 active e4:c7:22:15:2c:45 Ethernet f3
6 Pod5 active e4:c7:22:15:2c:46 Ethernet f3
7 Pod6 active e4:c7:22:15:2c:47 Ethernet f3
8 Pod7 active e4:c7:22:15:2c:48 Ethernet f3
9 Pod8
active e4:c7:22:15:2c:49 Ethernet
f3
! Verifying the running-config of the newly created non-default VDC Pod8. Note that
the maximum number of vrf that can be configured on Pod8 VDC is 4096.
N7K-A(config-vdc)#
show running-config vdc | begin Pod8
vdc Pod8 id 9
limit-resource module-type f3
allow feature-set fabricpath
allow feature-set fabric
cpu-share 5
allocate interface Ethernet4/25-32
allocate interface Ethernet8/7-12
boot-order 1
limit-resource vlan minimum 16 maximum 4094
limit-resource monitor-session minimum 0 maximum 2
limit-resource monitor-session-erspan-dst minimum 0 maximum 23
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 8 maximum 8
limit-resource u6route-mem minimum 4 maximum 4
limit-resource m4route-mem minimum 8 maximum 8
limit-resource m6route-mem minimum 5 maximum 5
limit-resource monitor-session-inband-src minimum 0 maximum 1
limit-resource anycast_bundleid minimum 0 maximum 16
limit-resource monitor-session-mx-exception-src minimum 0 maximum 1
limit-resource monitor-session-extended minimum 0 maximum 12
limit-resource monitor-rbs-filter minimum 0 maximum 12
limit-resource monitor-rbs-product minimum 0 maximum 12
<output omitted>
! Limiting the maximum vrf numbers to 2048 and verifying the same.
N7K-A(config-vdc)#
limit-resource vrf minimum 2 maximum 2048
N7K-A(config-vdc)#
show running-config vdc | begin Pod8 | include Pod8|vrf
vdc Pod8 id 9
limit-resource vrf minimum 2 maximum
2048
! Verifying the unallocated interfaces on the Nexus 7000 Switch Chassis. Note that
unallocated interfaces are assigned to vdc_id 0 and not Admin VDC (vdc_id 1). Pod8
VDC is showing correctly the allocated interfaces in previous steps.
N7K-A(config-vdc)#
show vdc membership
Flags : b – breakout port
———————————
vdc_id: 0
vdc_name:
Unallocated interfaces
:
Ethernet3/33 Ethernet3/34 Ethernet3/35
Ethernet3/36 Ethernet3/37 Ethernet3/38
Ethernet3/39 Ethernet3/40 Ethernet3/41
Ethernet3/42 Ethernet3/43 Ethernet3/44
Ethernet3/45 Ethernet3/46 Ethernet3/47
Ethernet3/48
Ethernet4/33 Ethernet4/34 Ethernet4/35
Ethernet4/36 Ethernet4/37 Ethernet4/38
Ethernet4/39 Ethernet4/40 Ethernet4/41
Ethernet4/42 Ethernet4/43 Ethernet4/44
Ethernet4/45 Ethernet4/46 Ethernet4/47
Ethernet4/48
<output omitted>
vdc_id: 9
vdc_name: Pod8
interfaces
:
Ethernet4/25 Ethernet4/26 Ethernet4/27
Ethernet4/28 Ethernet4/29 Ethernet4/30
Ethernet4/31 Ethernet4/32
Ethernet8/7 Ethernet8/8 Ethernet8/9
Ethernet8/10 Ethernet8/11 Ethernet8/12
N7K-A(config-vdc)#
end
N7K-A#
Example 5-8 Setup and Verification of the Newly Created Nondefault VDC Pod8
! Switching to newly created non-default VDC Pod8 and doing initial set-up of the
Pod8 VDC. The options are self-explanatory.
N7K-A#
switchto vdc Pod8
—- System Admin Account Setup —-
Do you want to enforce secure password standard (yes/no) [y]: y
Enter the password for “admin”:
erQW4321
Confirm the password for “admin”:
erQW4321
WARNING: DES is a weak encryption algorithm and currently the default. This will be
deprecated and AES128 will be made default in an upcoming release.
—- Basic System Configuration Dialog VDC: 9 —-
This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
Please register Cisco Nexus7000 Family devices promptly with your
supplier. Failure to register may affect response times for initial
service calls. Nexus7000 devices must be registered to receive
entitled support services.
Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.
Would you like to enter the basic configuration dialog (yes/no):
yes
Create another login account (yes/no) [n]: n
Configure read-only SNMP community string (yes/no) [n]: n
Configure read-write SNMP community string (yes/no) [n]: n
Enter the switch name : Pod8
Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]: y
Mgmt0 IPv4 address :
192.168.10.185
Mgmt0 IPv4 netmask :
255.255.255.0
Configure the default gateway? (yes/no) [y]: y
IPv4 address of the default gateway :
192.168.10.254
Configure advanced IP options? (yes/no) [n]: n
Enable the telnet service? (yes/no) [n]: n
Enable the ssh service? (yes/no) [y]: y
Type of ssh key you would like to generate (dsa/rsa) [rsa]:
rsa
Number of rsa key bits <1024-4096> [1024]:
<Enter>
Configure default interface layer (L3/L2) [L3]:
<Enter>
Configure default switchport interface state (shut/noshut) [shut]:
<Enter>
The following configuration will be applied:
password strength-check
switchname Pod8
vrf context management
ip route 0.0.0.0/0 192.168.10.254
exit
no feature telnet
ssh key rsa 1024 force
feature ssh
no system default switchport
system default switchport shutdown
interface mgmt0
ip address 192.168.10.185 255.255.255.0
no shutdown
Would you like to edit the configuration? (yes/no) [n]: n
Use this configuration and save it? (yes/no) [y]: y
Configuration update aborted: This vdc has had a global configuration change since
the last saved config. Please save config in default vdc before proceeding
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2020, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
N7K-A-Pod8#
! show vdc command from within a non-default VDC displays only the information
about the non-default VDC you are logged in.
N7K-A-Pod8#
show vdc
Switchwide mode is m1 f1 m1xl f2 m2xl f2e f3 m3
vdc_id vdc_name state mac type lc
—— ——– —– ———- ——— ——
9 Pod8 active e4:c7:22:15:2c:49 Ethernet f3
! Verifying detailed vdc configuration of the non-default VDC Pod8. Note the configured
vdc ha policy of RESTART and dual-sup ha policy of SWITCHOVER. These are the
defaults for single sup and dual sup module configuration.
N7K-A-Pod8#
show vdc detail
Switchwide mode is m1 f1 m1xl f2 m2xl f2e f3 m3
vdc id: 9
vdc name: Pod8
vdc state: active
vdc mac address: e4:c7:22:15:2c:49
vdc ha policy:
RESTART
vdc dual-sup ha policy:
SWITCHOVER
vdc boot Order: 1
CPU Share: 5
CPU Share Percentage: 11%
vdc create time: Fri Jan 21 17:15:31 2022
vdc reload count: 0
vdc uptime: 0 day(s), 0 hour(s), 39 minute(s), 45 second(s)
vdc restart count: 1
vdc restart time: Fri Jan 21 17:15:31 2022
vdc type: Ethernet
vdc supported linecards: f3
! Verifying interfaces allocated to the VDC.
N7K-A-Pod8#
show vdc membership
Flags : b – breakout port
———————————
vdc_id: 9 vdc_name: Pod8 interfaces:
Ethernet4/25 Ethernet4/26 Ethernet4/27
Ethernet4/28 Ethernet4/29 Ethernet4/30
Ethernet4/31 Ethernet4/32
Ethernet8/7 Ethernet8/8 Ethernet8/9
Ethernet8/10 Ethernet8/11 Ethernet8/12
! Verifying role assigned to the user configured.
N7K-A-Pod8#
show user-account
user:admin
this user account has no expiry date
roles:vdc-admin
N7K-A-Pod8#