08-05-2019 04:52 AM
Looking for some guidance on setting up a pair of EN4093R switches in a similar fasion as a B22 FEX module which are no longer being sold. The desire here is to configure these switches with a base configuration that we won't have to touch again. The thought is that these are connected back up to Cisco 5K's and the network team will make the changes at those trunks in regards to adding/removing VLANS that will be passed. We will just 'tag' the traffic at the blades (mixture of vmware/windows/linux hosts) These EN4093R switches are not switches that our network team wants to manage and the chassis owner (server infrstructure team) also does not want to make changes to these switcehs once configured initially.
Solved! Go to Solution.
08-05-2019 05:47 AM
Are you looking for a configuration where ALL vlans are trunked up to the 5ks? We will still need to know what vlans will be applied to the host ports. If you could provide a little mroe information I can see what recommendations I can provide.
08-05-2019 06:56 AM
I am trying to avoid what we do today where the network team updates the vPC config on the 5K's for all of the VLANS to be passed, and then we have to udpate the EN4093R configs to reflect those same changes for the EXT and INTA interfaces. Is there a better way to just allow anything through that is defined at the 5K to the x240 nodes in the chassis? (as mentioned we will still tag that traffic at the OS level)
08-06-2019 12:38 PM
Have not forgotten about this thread. I am currently reaching out to some internal resources to see what options we have to provide. I will reply as soon as I have more information.
08-09-2019 11:48 AM
You are correct in that "Easy Connect "is what you are looking for. The issue is that Easy Connect is a marketing term for producing a VLAN agnostic solution, but there are 4 different features that could be used to implement such a design, varying on what other features you are using. With that said, if you are not using switch dependent virtual NICs (i.e. UFP or Virtual Fabric VNIC), the best solution is using the tagpvid-ingress configuration option. Applied properly it produces a tunnel between the Flex servers and the upstream network, such that only the Flex servers and the upstream network have to be configured for the desired VLANs, the Flex switches just pass all packets, tagged or not.
Assuming you are not running vLAG (Lenovo version of vPC), the following would produce a simple solution (using uplinks EXT1-4 as LACP aggregation, and using VLAN 4090 as the outer tunnel VLAN that all other VLANs will be carried on to pass through the switch)(config assumes starting from factory default)
! Configure internal ports
int port inta1-inta14
switchport access vlan 4090
! Configure external ports
int port ext1-ext4
switchport access vlan 4090
lacp key 1000
lacp mode active
! Configure failover feature to inform servers if upstream goes down
failover trigger 1 amon admin-key 1000
failover trigger 1 enable
Please let us know if you are running UFP or vNIC mode, or if you wish to use a more advanced design using vLAG to provide a full mesh upstream connection, and we can provide config examples to account for these features.
08-09-2019 12:00 PM
In that case, the example I sent in the previous response should work for your needs. For reference I have attached a PDF that shows various Flex designs, in case you would like to consider something different.