vdx-6740 NOS - logical chassis & fabric-virtual-gateway
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎03-26-2019 03:35 PM
hi eveyone,
I' have a two-switch VCS and a fabric-virtual-gateway on it.
When I ssh to that fabric-virtual-gateway's IP I sometimes(I think) get this:
while trying to configure something.
My question - how can I ensure that when I ssh as above I get to land on the primary/master node?
many thanks, P.
I' have a two-switch VCS and a fabric-virtual-gateway on it.
When I ssh to that fabric-virtual-gateway's IP I sometimes(I think) get this:
code:
%Error: This operation is not supported from a secondary node
while trying to configure something.
My question - how can I ensure that when I ssh as above I get to land on the primary/master node?
many thanks, P.
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎03-28-2019 11:44 AM
Hi Pawel,
You should be able to do the following
Many thanks,
Sargis
You should be able to do the following
code:
sw0(config)# do sh run rb int ve 10
rbridge-id 3
interface Ve 10
ip proxy-arp
ip address 10.10.10.3/24
no shutdown
!
!
sw0(config)# do sh run vcs
vcs virtual ip address 10.10.10.10/24 inband interface ve 10
Many thanks,
Sargis
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎03-28-2019 10:59 AM
In case of vdx-6740 - are mgmt ifaces exclusively rj-45 ports and it's not possible to have it on sfp ports?
And if it's not then is it possible via sfp ports (vlans + routing) to get to the mgmt interface (though then this would defeat the purpose of mgmg inface I guess)?
I understand that "vcs virtual-ip" cannot be part of a vlan.
many thanks, P.
And if it's not then is it possible via sfp ports (vlans + routing) to get to the mgmt interface (though then this would defeat the purpose of mgmg inface I guess)?
I understand that "vcs virtual-ip" cannot be part of a vlan.
many thanks, P.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎03-26-2019 04:11 PM
The error you got is because the ssh session lands on a non-principal switch due to some principal switchover event, such as previous principal node had failed and switch to the other node. So your ssh to the management IP of the principal (previous principal) and it is no longer the principal switch for entering configuration. You can double check with sh vcs before enter in configuration mode to avoid the error msg.
As mentioned by Sargis, you take advantage of the "vcs virtual-ip" feature.
The virtual IP address should be configured on the same subnet as the management interface IP
address. It should not be a duplicate to any management IP addresses of the switches in the VCS cluster.
When the virtual IP address is configured, at principal switch, for the first time, the address is assigned to the
principal switch in global mode. You can then access the principal switch through the management port IP address or the virtual IP address. The virtual IP configuration is global in nature. All the nodes in the fabric will be configured with the same virtual IP address, but the address is always bound to the current Principal
switch.
Thus, if you ssh to this vcs virtual-ip, it guarantees that you land on the principal node to do your management of the VCS cluster.
As mentioned by Sargis, you take advantage of the "vcs virtual-ip" feature.
The virtual IP address should be configured on the same subnet as the management interface IP
address. It should not be a duplicate to any management IP addresses of the switches in the VCS cluster.
When the virtual IP address is configured, at principal switch, for the first time, the address is assigned to the
principal switch in global mode. You can then access the principal switch through the management port IP address or the virtual IP address. The virtual IP configuration is global in nature. All the nodes in the fabric will be configured with the same virtual IP address, but the address is always bound to the current Principal
switch.
Thus, if you ssh to this vcs virtual-ip, it guarantees that you land on the principal node to do your management of the VCS cluster.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎03-26-2019 03:47 PM
Hi Pawel,
FVG is more for data traffic, to act as the gateway for hosts on the subnets and I don't think you can use it reliably for any TCP/UDP communication, where is has to be source or destination. Instead you could use "vcs virtual ip address" to have a management IP address, which will follow the principal switch in VCS.
Many thanks,
Sargis
FVG is more for data traffic, to act as the gateway for hosts on the subnets and I don't think you can use it reliably for any TCP/UDP communication, where is has to be source or destination. Instead you could use "vcs virtual ip address" to have a management IP address, which will follow the principal switch in VCS.
Many thanks,
Sargis
