Using a 40Gb to 10Gb Breakout Cable on NX-OS

QSFP to SFP+ Breakout Cable

This cable turns a 40Gbps port into four 10Gbps ports

As part of a core refresh, I had a pair of shiny new Nexus 93108TC-EX switches. I needed to connect them to the old core switches using a QSFP to SFP+ breakout cable because the old switch didn’t have any 40Gb ports. I patched everything in and the transceivers looked fine, but when I turned up one of the 10Gb ports connected to the 40Gb ports it just started flapping. The port on the 40Gb side just says the bandwidth was 40000000 and it wasn’t breaking out the channels. I was not able to find any commands for it that were obvious in the CLI, so I start the Googling for the documentation. it took a bit longer to find than I thought it should, so thought I’d share it here to save you some time.

So, turned out I was doing it wrong. Yeah, I know we already figured that out.
The Nexus 3000/9000: Consolidated Interface Breakout configuration document has the instructions for various platforms, but it’s pretty simple:

(config)# interface breakout module 1 port 53 map ?
10g-4x Breaks out a 40G high BW front panel port into four 10G ports
25g-4x Breaks out a 100G high BW front panel port into four 25G ports
50g-2x Breaks out a 100G high BW front panel port into two 50G ports

9k(config)# interface breakout module 1 port 53 map 10g-4x
2017 Jan 20 15:10:39 9k %ETHPORT-5-IF_DOWN_INTERFACE_REMOVED: Interface Ethernet1/53 is down (Interface removed)
2017 Jan 20 15:10:39 9k %VDC_MGR-5-VDC_STATE_CHANGE: vdc 1 state changed to updating
2017 Jan 20 15:10:39 9k %VDC_MGR-5-VDC_STATE_CHANGE: vdc 1 state changed to active
2017 Jan 20 15:10:39 9k %VDC_MGR-5-VDC_MEMBERSHIP_ADD: vdc_mgr: Interface Ethernet1/53/1 has been added to this vdc
2017 Jan 20 15:10:39 9k %VDC_MGR-5-VDC_MEMBERSHIP_ADD: vdc_mgr: Interface Ethernet1/53/2 has been added to this vdc
2017 Jan 20 15:10:39 9k %VDC_MGR-5-VDC_MEMBERSHIP_ADD: vdc_mgr: Interface Ethernet1/53/3 has been added to this vdc
2017 Jan 20 15:10:39 9k %VDC_MGR-5-VDC_MEMBERSHIP_ADD: vdc_mgr: Interface Ethernet1/53/4 has been added to this vdc
2017 Jan 20 15:10:40 9k %ETHPORT-5-IF_DOWN_ADMIN_DOWN: Interface Ethernet1/53/1 is down (Administratively down)
2017 Jan 20 15:10:40 9k %ETHPORT-5-IF_DOWN_ADMIN_DOWN: Interface Ethernet1/53/2 is down (Administratively down)
2017 Jan 20 15:10:40 9k %ETHPORT-5-IF_DOWN_ADMIN_DOWN: Interface Ethernet1/53/3 is down (Administratively down)
2017 Jan 20 15:10:40 9k %ETHPORT-5-IF_DOWN_ADMIN_DOWN: Interface Ethernet1/53/4 is down (Administratively down)

So there you go. In this case, Ethernet 1/53 disappears and is replaced with Ethernet1/53/1 – 4. I hadn’t expected that parameter to be in the global config and had been expecting to find it in the interface configuration. You may now enjoy the full benefit of your breakout cables.

FIN

Paessler’s PRTG Even Monitors The Weather


While I was attending Cisco Live this year, I had the opportunity to attend Tech Field Day Extra and learn a bit about PRTG from Paessler AG. I’d heard of PRTG and even evaluated it before, but it had been a while since I looked at it. I have to say, it seems to have come a long way since I last looked!
If you aren’t familiar with PRTG, it’s a network monitoring application that runs on Windows Server 2008 R2, 2012 R2, and 2016, though they recommend 2012 R2. The system is licensed by the number of sensors with 500, 1000, 2500, 5000, and XL1 (unlimited) sizing options available. You can monitor up to 5k sensors in a VM, then they suggest switching to a physical host. Over 10k sensors, you should contact Paessler for scaling advice.
A sensor can consist of many channels, but only the sensor counts for license. You can write custom sensors that return either XML or JSON data. They have Script World, a collection of vetted links to scripts that also includes the Paessler provided scripts, just in case you didn’t know it was already included with PRTG.
They have the usual sets of thresholds and notification features that you would expect from a monitoring product. If you have the PRTG app on your mobile device you can also receive push notifications.
During their demo, one of the more interesting things they shared was adding a weather map for correlating weather events to outages. I thought that was a great idea and certainly have had times I could have used that feature. It certainly seems apropos given the major storms as of late.
They even have a new cloud solution available and you can get a free demo at my-prtg.com. That might be a great way to take a look at PRTG to see if it might fit your needs and may even provide the solution you need for production monitoring.
If this sounds interesting to you, I highly suggest you watch their presentation!

FIN

The Network Engineering Tool

The Network Engineering Tool (which I will now refer to as the netool) is the result if an Indiegogo campaign. I borrowed the unit I tested from the WLPC Lending Library. The netool is a portable, battery powered unit that when connected to an Ethernet port will provide you with information about that port, similar to a NetScout LinkSprinter (~$379), but at a much lower price point ($169). I did not really set out to make this a comparison against the LinkSprinter, but it somewhat turned out that way and I’m okay with that. It’s a natural comparison.

With the netool, you can connect it to an Ethernet port and it will provide you the following information via an app on your mobile device:

  • Connection up/down status
  • Speed of connection
  • DHCP Info
  • Public IP
  • VLAN (for tagged ports)
  • Detects LACP
  • STP Info
  • Can test QoS
  • Detect and authenticate using 802.1X
  • Switch information via CDP/LLDP
  • Verify reachability via ping for default gateway, google.com, and configurable addresses

It’s a pretty nifty tool. Here’s some screenshots of the diagnostic screen.

The netool can also provide an AP allowing direct connection to the device. It also has an interesting Host Discovery mode that can detect information from a host device (as opposed to a switch), however, I was unable to discover the macOS box I was using. This is a new feature in the latest build and I didn’t try very hard to make it work. It’s promising, though.

I was initial unable to get any useful data from the unit because it was on a very old firmware. It’s supposed to be able to update online, but the build was so old that wasn’t working. I had to power the device off and on, connect it to the network, and go to https://netool.io/updatenow/ to force a manual update. After this procedure, it worked well.

There are a few potential downsides to this device. First, it takes about 30s to start up. That’s just when you first turn it on, but you can continue to test multiple network drops without restarting it. If a network connection goes up or down, it takes several seconds to notice. This could be an annoying delay when troubleshooting. Being used to the LinkSprinter, both these delays are a minor, but real annoyance. The delay in detecting up/down changes is far more annoying than the delay in startup. Potentially the biggest downside vs the LinkSprinter, at least for the WLAN pro, is that it does not detect and report on PoE.

The ability to share results is limited to text based tools and there’s no database of results hosted in the cloud. It does have an on-board history, but that’s the only place it’s stored. Having some form of cloud based history is very convenient. Again, I have to draw a comparison here against the Link-Live service for the LinkSprinter. Link-Live allows multiple users and multiple units to be associated, allows photos and notes to be added, and can also send your results via email. It’s a much more enterprise-type solution. This is probably a bigger deal for larger shops than one-man operations, but it’s one of the things you get for the higher price point.

Lastly, the only way to get the information from the netool is through the app on your smartphone. The LinkSprinter has helpful LEDs to give you a quick thumbs up/down on a link, which can save you time. Again, how big a deal this is depends on your use case.

Conclusion

Despite the potential downsides I mentioned, this is still a slick device. It does do things the LinkSprinter cannot, such as provide STP info, detect LACP, and detect VLAN tags. LinkSprinter does a few things it cannot, like detect PoE. The netool has had many features added since it first was released and I presume they will continue to add new features. I think this could be a great addition for many an engineer’s toolkit, especially at it’s price point and given it’s potential for new features. If I can only carry one, I personally will continue to carry my LinkSprinter. It fits my needs better and I already own them. For a route/switch focussed engineer, I could see the netool being a better fit. Pick the tool that best fits your needs or just buy both to make sure your bases are covered. :)

FIN

What I’m Looking Forward to at Cisco Live 2017

I have arrived in Las Vegas for Cisco Live 2017. My schedule is pretty full and I wanted to share some of what I’m looking forward to this year. One thing I’m not looking forward to is 112F temperatures outside! I’m glad I’ll be safely inside the air conditioned spaces.

The Social Scene

I have a lot of friends here at Cisco Live. Many fellow attendees, some exhibitors, and even a few Cisco Live staff. It’s great to see everyone and catch up on what everyone has been up to. We talk about tech, analyze the announcements, and just generally geek out. We often talk about problems we are having and help each other solve them, too. It really adds to the conference when it’s not only highly educational, but also fun! The Tweet Up that happens on Sunday evening is always a great time of catching up and meeting new people, too.

CCDE Techtorial

I’ll be attending the CCDE techtorial, TECCCDE-3005. It should be an informative day all about network design and how to think about network design. I don’t know that I’ll actually actively pursue the CCDE certification, but I’m interesting to see what I can learn from this session. This session will probably generate a lot of tweets!

On a related note, I’ll be taking a certification exam on Monday. Full conference attendees have the opportunity to take a certification exam at no charge, so I figured I may as well try out the CCDE written exam to see where I’m at. I don’t really expect to pass, but I am curious to see how I’ll do.

TFDx

Tech Field Day is running Tech Field Day Extra at Cisco Live on Tuesday and Wednesday. The sessions will be live streamed and recorded for later viewing. I’ll be busy on Tuesday, so I’ll have to watch Cisco’s presentations (starting at 8:30 Pacific) at a later date, but I’m one of the delegates for Wednesday’s presentations with OpenGear at 1PM, Paessler at 2:30, and NetApp at 4PM. I’m really looking to hearing what they all have to say and having the opportunity to talk with them during TFDx.

Meet the Engineer

Myself and a couple other Wi-Fi professionals have an hour to talk Wi-Fi with Jerome Henry. Jerome is a deep Wi-Fi expert, so I expect this that hour discussion is going to go by really quick!

Sessions

There are over 1000 sessions to choose from. Making these choices is hard! Here’s a couple that I’m most interested in:

  • DNA Assurance: bring intelligence to your WLAN issues [BRKEWN-2032]
    Remember Jerome from the MTE session? He’s also an entertaining and informative teacher and this is one of his session. I’m still pretty vague on this DNA architecture, but if Jerome is giving a presentation on how DNA can help solve Wi-Fi problems, I need to see this.
  • APIC-EM: Controller based policy and network automation – changing the future [BRKARC-3004]
    I still haven’t played with APIC-EM, though I’ve seen a few demos in the past. It’s time to see what this thing can do and how I can apply it to managing my own environment.
  • IT Career Choice: Specialization vs Generalization [IITGEN-1002]
    This is a 30 minute panel discussion about the specialist vs generalist career decision with myself and two other Cisco Champions. It’s in the IoT Theater at 1PM on Tuesday. I hope those who attend find it interesting!
  • Cisco SD-Access Wireless Integration [BRKEWN-2020]
    SD-Access is brand new Campus Fabric stuff. It ties into the DNA architecture and I know nothing about it. This session should fix that!
  • Improve Enterprise WLAN Spectrum Quality with Cisco’s advanced RF capacities (RRM, CleanAir, ClientLink, etc) [BRKEWN-3010]
    Oddly, I don’t think I’ve ever been to this session before. It’s time to fix that and Cisco’s Jim Florwick is fantastic. Should learn a thing or two and will certainly have some existing knowledge reinforced.
  • Cisco Live Network and NOC: Panel Discussion [PNLNMS-1035]
    This is always a fascinating discussion. The people who run the network for Cisco Live talk about how they did, the successes and failures, and share some fascinating statistics about the network and the way it was used. I usually hit this session about every other year. It really is amazing that they are able to support 25k+ attendees by building a network in about less than a week that will only be used for a week.

So, those are the things I’m most looking forward to. I’m sure I’ll find the keynotes interesting and there’s always new things to see in the World of Solutions. I’m sure I’ll be surprised by some great unexpected things this week.

FIN

Updated WLC Snippet

Just a quick note to share my updated TextExpander snippet for downloading files to a Cisco WLC. I’ve added a dropdown for my most commonly used datatypes and transfer modes and made the username and password optional. Enjoy!

transfer download datatype %fillpopup:name=datatype:default=code:config:webadmincert:webauthbundle:webauthcert%
transfer download filename %fill%
transfer download path %fill:/%
transfer download serverip %fill%
transfer download mode %fillpopup:name=popup 7:tftp:default=sftp:ftp%
%fillpart%transfer download username %fill%
transfer download password %fill%%fillpartend%
%fillpart%transfer download certpassword %fill%%fillpartend%
transfer download start

Exploring Mesh with an AP-205H

Note: All APs used for this are actually IAP units, which can run with either the Aruba Instant controller or a campus controller. Campus APs prior to the more recent unified SKUs cannot connect to an Aruba Instant controller.

After Wireless Field Day 8, Aruba, a Hewlett Packard Enterprise Company™, generously provided the delegates with a variety of hardware to take a look it. It was quite the spread and a very impressive sampling of products. One of the devices I particularly like is the AP-205H 802.11ac access point. The AP-205H is intended for both hospitality and remote worker deployments. It can be powered through PoE, has 4 Ethernet ports, and can even provide up to 10W of power to another PoE device. It can be wall mounted, ideally at on a wall plate using the Ethernet port on the rear for uplink, or desk mounted with a stand.

I can see this unit being great in dorms, study rooms, and in hotels, however I decided to try something a bit different and turn it into a wireless bridge for my media devices. I have a home theater PC, a Roku, and a PS3 connected to the living room TV. The PC connects using a flaky 802.11ac USB adapter, the Roku has built-in 802.11n, and the PS3 only supports 802.11g. In my neighborhood, 2.4GHz is typically at 70% or more airtime usage, so performance leaves a bit to be desired. This would make moving everything to 5GHz a big win, as well. By moving all the devices to a mesh connected AP, we can reduce channel contention, move everything to 5GHz, and improve the overall network performance for all the devices. Also of important note, there is both an AP-205H and an AP-205. These have different form factors, so don’t forget the ‘H’! That said, you could also use the AP-205 to make a wireless bridge.

205 vs 205H

Given an existing IAP deployment, the first thing to do is add the AP-205H to the wired network so it can join the virtual controller. This did not work for me at first because the version of code on my VC was older than what the 205H required. I upgraded the firmware on both the 205H and the 225 I’m using as an uplink so they were on the same version. I had to upgrade them anyway, since the 802.11ac APs require 6.4.3.1-4.2.0.0 or later to support mesh operation. Worth noting is that Aruba Instant 4.1 and later default to having Extended SSID enabled, which will disable mesh operation. You may need to disable that feature to use mesh. This comes with the minor caveat that with Extended SSID disabled you are limited to creating six networks, but you weren’t going to do that, anyway.

Disabling Extended SSID

After all the settings are in order and the 205H joins the controller and synchronizes the VC configuration, switching to mesh operation is easy. Just disconnect the wired uplink and wait. After a couple minutes you’ll see that the AP has rejoined the controller using Wi-Fi for the uplink. However, there’s still a couple more changes to make before you connect wired devices to the mesh AP. If you connect a device to Ethernet ports 1-3 at this point, that device will obtain a controller provided IP address and may be stuck behind a nonexistent captive portal. If you connect a device to Ethernet 0, you’ll find the mesh is disabled since the AP will just believe the wired uplink has just returned.
To enable the Ethernet 0 port to be used as a downlink port, select the AP in the virtual controller and edit it. Under the Uplink tab, you want to enable “Eth0 bridging.” You may need to reboot the AP for this to take effect.

Enabling Eth0 Bridging

To make sure your wired ports are bridging to the wireless, you also need to configure the rules for wired ports. This is accessed in the VC under the More menu and selecting the Wired option.

Wired Settings

Now you can either create a new wired network profile or do what I did and just update the “default_wired_port_profile.” The correct settings are dependent on your environment and goals, but for this instance simplicity works fine. You also need to assign the wired ports to use the new/updated profile(s). Notice that the devices I have on my wired ports are listed in the Wired Users window.

Wired Profile Settings

Once your ports are set, you can edit your profiles to operate as you see fit. In the Wired Settings tab, make sure the ports are admin up and that the uplink setting is set to disabled.

Wired Settings

In the VLAN tab, make sure Client IP assignment is set to “Network assigned” unless you are using the VC’s internal DHCP server.

Client IP Assignment

Now you can connect wired clients to the AP’s Ethernet ports and they will connect to the network through the Wi-Fi uplink. In mesh mode, the AP will continue to provide service to wireless clients, so you can also extend coverage in this way.

I hope you find this a useful little guide. This was a fun little project to solve a small problem. It helped me learn a bit about mesh operation in an Instant deployment and challenged me to implement something I’d not done before. That’s a great way to learn new things. Just pick something you haven’t done before and do it!

FIN

Unofficial #WLPC Twitter Attendee List, PHX2017 Edition

It’s become a tradition here at Mostly Networks to run the unofficial Twitter attendee list for the US edition of the WLPC conference. I hope you find the list useful! It’s not updated real-time, but it will be updated at least daily as long as people keep adding themselves. A new addition this year is the airport code. This way you can see if anyone worth sharing a meal with is in the town you’ll be in for your next gig. :)

Fill out the form at the bottom of this page to be added (easiest for me), but you can also send a tweet to me at @scottm32768. You can add a note to share anything of interest to the attendees, like your CWNE status, podcast, that you work for a vendor, or that you really like tacos. The airport code is to help people find you if they end up in your neck of the woods. Obviously, the note and airport code are optional.

Note: This is for attendees. Sorry, if you aren’t attending I will not add you to the list.

[Last Update: 2017-02-2106:54:42Z]

Name Twitter IATA Blog Notes
Keith Parsons @KeithRParsons SLC wlanpros.com Runs the WLPC Conferences!
Scott McDermott @scottm32768 SEA mostlynetworks.com Creator of this list and all around swell guy.
Alan @Papageordy
Brian Smith @elonsmitty BWI Human Pin Cushion
Adrian Granados @adriangranados MLB www.adriangranados.com Maker of WiFi Explorer
Luke Jenkins @wifiluke SLC wifiluke.com
Matthew Norwood @matthewnorwood BNA www.insearchoftech.com
Patrick Swackhammer @swackhap STL swacknet.net
Troy Martin @troymart YYC Forced by circumstance to be a WiFi Cowboy
Robert Boardman @Robb_404 SJC robb404.com Creator of HubHolster and all around nerd
Brennan Martin @CdnBeacon YXE blog.mroute.ca Part of the Canuck invasion
Anders Nilsson @herrnilsson2 UME Bringing Hälge the Swedish WiFi Moose
Blake K @blakekrone MSP blakekrone.com That guy that wears a tie
Stewart Goumans @WirelessStew YVR www.WirelessStew.com
Darrell DeRosia @Darrell_DeRosia MEM I did Wi-Fi before it was cool
Jacob Snyder @jsnyder81 BOI Transmitfailure.blogspot.com
Aaron Scott @wifidownunder SYD wifidownunder.com
Steve McKim @alfmckim YWG www.greatwhitewifi.com/blog How’s it goin, eh?
Ryan M. Adzima @radzima LAS Techvangelist.net The beard that doesn’t need a tie to impress.
Patrick Nefkens @Dutch_Fi AMS
Richard Steiner @Rick_WiFi_guy
Mitch Dickey @badger_fi CHO badger-fi.com
Joshua Williams @802dotMe OKC eight02.me I’m as old as Chili’s, but only half as salty.
Nigel Bowden @Wifinigel Wifinigel.com Typical Brit
Ronald van Kleunen @@globeron BKK www.globeron.com CWSP Bootcamp. Wi-Fi profs are on Twitter
Scott Staapleton @scottpstapleton phasedcoexistence.blogspot.com ᚡ <– AP in the corner or a spiders web?
François Vergès @@VergesFrancois YXU semfionetworks.com/blog
Zaib Kaleem @wlanbook IAD wlanbook.com
Ian Beyer @Ianbeyer MCI Blog.ianbeyer.com
Glenn Cate @grcate TPA gcatewifi.wordpress.com CWNE #181
Beef @wirednot SYR wirednot.wordpress.com I’m sorry, Senator- I don’t recall.
Shaun Bender @Welles MCI onwhereyoustop.com Tacos
Chris Reed @TheCMReed MHT TheCMReed.com Too fly for the Wi-Fi
Mark Edwards @marke3117 XNA Wifi for the win
Nick Martinez @networkengin33r DFW networkengin33r.wordpress.com
Matt Frederick @mattbfrederick OKC finesine.com
Brian Long @blong1 SNA blong1wifiblog.blogspot.com/
Stephen Montgomery @Steviewireless MEM
Mike Leibovitz @MikeLeibovitz YYZ
Timo @dot11_de SFO www.wifi-blog.com
John Deegan @Sn1ph3r EWR
Rich Hummel @accelhummel SAT
Jason Rinaldi @jasonmrinaldi1 SAT
Rick Dagon @rickywireless SAN rickywireless.com Currently Aruba So Cal SE (Previously Cisco LAN/WLAN SE for Presidio)
Charlie Clemmer @charlieclemmer DAL www.charlieclemmer.com
Joel Crane @Potato_Fi BOI potatofi.blogspot.com Mostly attending for the In-N-Out run.
Scott Lester @theitrebel MSY Stuck in a Stadium catwalk with AP
Chad Teal @chadteal ATL
Scott Lester @theitrebel MSY Stuck in a Stadium catwalk with AP
Joshua Gochee @Jgochee BNA
Justin Cetko @Justinskyline SMF
Curtis Larsen @curtisklarsen SLC Work at UofU
Veli-Pekka Ketonen @VPonwireless CLE @7signal, the Wi-Fi performance company
Nathan Shirey @Know_Tech MHT
Dan Ryan @danryan06 MHT
Dennis Burrell @TGIWiFiGuy AUS
Martin Ericson @vofi_martin GOT
Miss Mae @Mae149 YQB Missmaeswifi.com That French Canadian chick, eh!
Bryce Floyd @bfloyd08 MSP it’s all ball bearings…..
Doug Mason @wifidoug SFO Wouldn’t miss it!
Robert Eubanks @eubanksrob IAH
Jonathan Finney @wifispy BNA
David Wilson @Daviddbwilson SFO Co-founder & CEO, Cape Networks
Jonathan Davis (JD) @subnetwork GSO subnetwork.me Y’all got any more of that…WiFi?
Jim comment @jimwifi1 DTW
Todd Hall @tmhall2 GTR
craig schnarrs @the_wifi_guy DTW
Jason D. Hintersteiner @EmperorWiFi JFK www.emperorwifi.com SMB Wi-Fi Expert
Brad Weldon @bradweldon PDX tacos are the best
Tom Carpenter @carpentertom CMH cwnp.com Warm weather, here I come!
Tim Rousset @TimRousset WAS
Vladan Jevremovic @v_jevremovic IAH www.ibwave.com
Dilip Advani @advani_dilip SFO CWNE#43; @ Netscout
Eric Garnel @wifistrong ABIA Does the hotel have a gym?
Chris Kelly @WiFiFrood ATL I need an ippy for my appy
Nigel Kemp @NigelKemp1 LHR Still learning
Aren @SrScalability MRY wifirabbithole.wordpress.com We’ll see.
Chris Harkins @capiowifi ATL wififorthedatabaseguy.wordpress.com/ Aerohive Knowldege Services
Mike Jordan @OFDMJ RNO
Brian Blume @AMABrian803 MKE
Tim Smith @timjsmith24 XNA
Kristin Kråkmo @KristinKraakmo
Frank Wikstrøm @frankwik
Ignacio Sánchez @NeseNueve MVD
Rick Murphy @RickMurphyWiTS Den Affiliations: IEEE SA, WiTS, WLAN-AB, WLAN Stress Testers, BICSI Wireless Standards Board
Peter Mackenzie @mackenziewifi pnmackenzie.tumblr.com
Jason Hill @wifirockstar DTW
Alex Burger @aaburger85 DIA
Michael Champanis @capenetworks CPT ‘); DROP TABLE attendees;–

FIN