Cisco Logo


Data Center and Cloud

Early in my career I moved quite a bit, new job, growing family, whatever the reason it seemed like every two or three years we were packing up and going to a new place and meeting our new neighbors.

Each new place had its own protocol for getting to know the neighbors, sometimes they came to us other times we had to walk around the block with the kids in tow to make that connection. The benefits of knowing your neighbors are many, who’ll lend you tools, who will help move furniture, etc.

Knowing the device neighbors in you network is just as important and fortunately there is a protocol for that, Cisco Discovery Protocol Cisco Discovery Protocol.  This article is a guide to getting to know your UCS Fabric Interconnects’ neighbors in a manual and automated way.

Cisco devices use the Cisco Discovery Protocol (CDP) to know to what and how they are connected.  This CDP information is important to know and can usually help trouble shoot an issue or help you map out your network. Now that UCS firmware version 2.0 supports disjoint layer 2 networks CDP is even more import as your Fabric Interconnects can be connected to more than just one pair of upstream switches.

The Cisco UCS Fabric Interconnect supports CDP and “show” commands can be used to see the CDP information.  However, the CDP information is tucked away in the nxos context of the Fabric Interconnect. When you first connect to a UCS Command Line Interface (CLI) you are placed into the UCS Manager.

There are other contexts that can be accessed from the CLI, among them are the local management (local-mgmt) context and the nxos context. The CDP information can be accessed by connecting the nxos context and running the appropriate show commands.

Readers that are familiar with nxos as well as other Cisco CLI commands for CDP information should feel comfortable enough with to gather the CDP information. However if you are new to nxos and/or the UCS Fabric Interconnect, here is how a session to get CDP information might go.

login as: admin
Cisco UCS 6100 Series Fabric Interconnect
Using keyboard-interactive authentication.
Password:

dcn-ucs-6100-A# connect nxos
dcn-ucs-6100-A(nxos)# show cdp neighbors

Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute
Device-ID             Local Intrfce Hldtme Capability  Platform      Port ID

dcn-ucs-6100-B(SSI13360G3N)mgmt3         135    S I s     N10-S6100     mgmt3
DCN-N5K1(SSI13030DFR) Eth1/9        126    S I s     N5K-C5020P-BF Eth1/27
DCN-N5k2(SSI130205W5) Eth1/10       177    S I s     N5K-C5020P-BF Eth1/27
N1KV-VSM-1(1448598099128304034)Eth1/1/1      152    R S I s   Nexus1000V    Eth5/1
N1KV-VSM-1(6188615601316121710)Eth2/1/5      176    S I s     Nexus1000V    Eth3/1
N1KV_VSM(1088889199130439530)Eth2/1/6      172    S I s     Nexus1000V    Eth3/1

I can see what the Fabric Interconnect is connected to and from which port, plus I can see the peer ports to which the Fabric Interconnect is connected.

The output above is from the primary Fabric Interconnect, because when you connect to the UCS Manager virtual IP address (VIP) the connection is made to the primary Fabric Interconnect, however when the connection to the nxos context is made you can choose which Fabric Interconnect nxos context to connect to as shown below;

dcn-ucs-6100-A# connect nxos a
dcn-ucs-6100-A(nxos)#

or

dcn-ucs-6100-A# connect nxos b
dcn-ucs-6100-B(nxos)#

Here is the output from the B Fabric Interconnect

dcn-ucs-6100-B(nxos)# show cdp neighbors
Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute
Device-ID             Local Intrfce Hldtme Capability  Platform      Port ID

dcn-ucs-6100-A(SSI13360FZ4)mgmt3         166    S I s     N10-S6100     mgmt3
DCN-N5K1(SSI13030DFR) Eth1/9        139    S I s     N5K-C5020P-BF Eth1/28
DCN-N5k2(SSI130205W5) Eth1/10       159    S I s     N5K-C5020P-BF Eth1/28
N1KV-VSM-1(1448598099128304034)Eth1/1/1      170    R S I s   Nexus1000V    Eth5/2
N1KV-VSM-1(6188615601316121710)Eth1/1/5      165    S I s     Nexus1000V    control0
N1KV-VSM-1(1448598099128304034)Eth2/1/1      122    R S I s   Nexus1000V    Eth4/2
N1KV-VSM-1(6188615601316121710)Eth2/1/5      179    S I s     Nexus1000V    Eth3/2
N1KV_VSM(1088889199130439530)Eth2/1/6      174    S I s     Nexus1000V    Eth3/2

Either the A or B Fabric Interconnect can be the primary, roles can change based on events, outages, firmware upgrades, forced role change, etc.

From the output shown so far, Fabric Interconnect A is the primary it was the Fabric Interconnect that was connected to when the ssh session was started with the UCS VIP.  The Fabric Interconnect is named at setup to have a “-A” or “-B” suffixed to the UCS name. From command line either the primary or subordinate Fabric Interconnect nxos contexts can be connected to, just supply the Fabric Interconnect letter at the end of the connect command.

So far this may not be new to most, but what if automation is needed to find the CDP neighbor information from all your UCS systems, possibly hundreds of Fabric Interconnects. A simple expect, http://www.nist.gov/el/msid/expect.cfm, script can do the job. The script shown below will connect to the CLI of the Fabric Interconnect, connect to the nxos context of each Fabric Interconnect and issue the “show cdp neighbors” command.

Script

 #!/usr/bin/expect --  
 #  
 # show-fi-cdp.sh  
   
 #  
 # Execute a show for cdp neighbors on both Fabric Interconnects  
 #  
 # John McDonough (jomcdono)  
 #  
   
 set timeout -1  
 set ucsUser [lindex $argv 0]  
 set ucsPass [lindex $argv 1]  
 set ucsHost [lindex $argv 2]  
   
 #check if all were provided  
   
 if { $ucsUser == "" || $ucsPass == "" || $ucsHost == "" }  {  
  puts "\n   Usage: $argv0   \n"  
  puts "   Where:\n"  
  puts "         User - UCS user name"  
  puts "         Pass - UCS user password"  
  puts "         Host - UCS host\n"  
  puts "\n"  
  puts "         Displays UCS CDP information:\n"  
   
 exit 1  
 }  
   
 # Open and ssh connection to UCS  
   
 log_user 0  
 spawn ssh $ucsUser@$ucsHost  
   
 expect {  
  "Are you sure you want to continue connecting*" {  
  send "yes\r"  
   
  expect "*assword:"  
  send "$ucsPass\r"  
  }  
   
  "*assword:" {  
   send "$ucsPass\r"  
  }  
 }  
   
 expect "# "  
   
 set command "show cdp neighbors | no-more"  
   
 # connect nxos  
   
 send "connect nxos a\r"  
 expect "A(nxos)#"  
 send "$command\r"  
 expect "A(nxos)#"  
   
 puts [string trimleft $expect_out(buffer) $command]  
 send "exit\r"  
   
 expect "# "  
 send "connect nxos b\r"  
 expect "B(nxos)#"  
 send "$command\r"  
 expect "B(nxos)#"  
   
 puts [string trimleft $expect_out(buffer) $command]  
   
 # Finished  
   
 exit 0 

Output


./show-fi-cdp.sh admin password 10.10.10.10

Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute
Device-ID             Local Intrfce Hldtme Capability  Platform      Port ID

dcn-ucs-6100-B(SSI13360G3N)mgmt3         126    S I s     N10-S6100     mgmt3
DCN-N5K1(SSI13030DFR) Eth1/9        120    S I s     N5K-C5020P-BF Eth1/27
DCN-N5k2(SSI130205W5) Eth1/10       170    S I s     N5K-C5020P-BF Eth1/27
N1KV-VSM-1(1448598099128304034)Eth1/1/1      174    R S I s   Nexus1000V    Eth5/1
N1KV-VSM-1(1448598099128304034)Eth2/1/1      126    R S I s   Nexus1000V    Eth4/1
N1KV-VSM-1(6188615601316121710)Eth2/1/5      139    S I s     Nexus1000V    Eth3/1
dcn-ucs-6100-A(nxos)#0439530)Eth2/1/6      134    S I s     Nexus1000V    Eth3/1

Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute

Device-ID             Local Intrfce Hldtme Capability  Platform      Port ID
dcn-ucs-6100-A(SSI13360FZ4)mgmt3         170    S I s     N10-S6100     mgmt3
DCN-N5K1(SSI13030DFR) Eth1/9        144    S I s     N5K-C5020P-BF Eth1/28
DCN-N5k2(SSI130205W5) Eth1/10       164    S I s     N5K-C5020P-BF Eth1/28
N1KV-VSM-1(1448598099128304034)Eth1/1/1      169    R S I s   Nexus1000V    Eth5/2
N1KV-VSM-1(6188615601316121710)Eth1/1/5      164    S I s     Nexus1000V    control0
N1KV-VSM-1(1448598099128304034)Eth2/1/1      121    R S I s   Nexus1000V    Eth4/2
N1KV-VSM-1(6188615601316121710)Eth2/1/5      178    S I s     Nexus1000V    Eth3/2
dcn-ucs-6100-B(nxos)#0439530)Eth2/1/6      173    S I s     Nexus1000V    Eth3/2

Whether you take this script and modify it or just use the commands manually, knowing your Fabric Interconnect neighbors is going to come in handy at some point.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 90 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments.


  1. John,
    Great write-up. Simple yet provides enough detail to appreciate the power of scripting and for UCS/nxos CLI. Tables are little hard to read but that is with the page width of blog page.

    Thanks,
    Mitch

       1 like

  1. Return to Countries/Regions
  2. Return to Home
  1. All Data Center and Cloud
  2. All Security
  3. Return to Home