Data Center (VDX)

 View Only
  • 1.  VDX-6720 packet capture problems

    Posted 03-30-2018 22:35
    I know this is an old switch, but some things are just agitating.

    I have a port channel consisting of one port on each of two VDX-6720 switches in a VCS fabric.

    sw0# show port-channel 10
    LACP Aggregator: Po 10 (vLAG)
    Aggregator type: Standard
    Ignore-split is enabled
    Member rbridges:
    rbridge-id: 12 (1)
    rbridge-id: 54 (1)
    Admin Key: 0010 - Oper Key 0010
    Partner System ID - 0x007f,64-64-9b-5e-55-00
    Partner Oper Key 0004
    Member ports on rbridge-id 12:
    Link: Te 12/0/3 (0xC18018002) sync: 1 *
    Member ports on rbridge-id 54:
    Link: Te 54/0/3 (0x3618018002) sync: 1[/code]

    Data is dying somewhere between me and the other party.I created a MAC ACL:
    sw0# show run mac
    mac access-list standard test_01
    seq 10 permit any count
    ! [/code]

    I go to apply it to an interface:
    sw0(config-Port-channel-10)# mac access-group test_01 ?
    Possible completions:
    in Ingress direction
    out Egress direction
    sw0(config-Port-channel-10)# mac access-group test_01 out %%Error:Applying ACL in egress direction not supported. [/code]I know the manual says:
    The Brocade VDX 6710, VDX 6720, and VDX 6730 do not support the following: • Egress ACLs[/code]Then why let it tab-complete on a platform that doesn't support it?

    Okay, so let's do an ingress-only capture.

    sw0# capture packet interface
    Possible completions:
    fortygigabitethernet FortyGigabit Ethernet interface
    gigabitethernet Gigabit Ethernet interface
    hundredgigabitethernet HundredGigabit Ethernet interface
    tengigabitethernet TenGigabit Ethernet interface[/code]Okay, so I can't capture on the port-channel, which the manual does state can only be done on physical interfaces.

    sw0(conf-if-te-12/0/3)# mac access-group test_01 in
    %%Error: This interface is not configured to layer2 mode[/code]So I can't packet capture on a port-channel, but I can't put ACLs on the individual ports in a port-channel. Let's do a packet capture on both interfaces in the port-channel.

    sw0# capture packet interface tengigabitethernet 12/0/3
    sw0# capture packet interface tengigabitethernet 54/0/3
    % Error: Interface is not a memeber of this Rbridge[/code]

    What do I do?

  • 2.  RE: VDX-6720 packet capture problems

    Posted 04-02-2018 05:21

    You will need to configure the same ACL on Rbridge 54 then apply this to tengigabitethernet 54/0/3 on that switch