Management interfaces are used in order to provide access to switch management user interfaces (e.g. CLI, WebUI). NVIDIA switches support out-of-band (OOB) dedicated interfaces (e.g. mgmt0, mgmt1) and in-band dedicated interfaces. In addition, most NVIDIA switches feature a serial port that provides access to the CLI only.
On switch systems with two OOB management ports, both of them may be configured on the same VLAN if needed. In this case, ARP replies to the IP of those management interfaces is answered from either of them.
Configuring Management Interfaces with Static IP Addresses
If your switch system was set during initialization to obtain dynamic IP addresses through DHCP and you wish to switch to static assignments, perform the following steps:
Enter Config configuration mode. Run:
switch > enable switch # configure terminal
Disable setting IP addresses using the DHCP using the following command:
switch (config) # no interface <ifname> dhcp
Define your interfaces statically using the following command:
switch (config) # interface <ifname> ip address <IP address> <netmask>
Configuring IPv6 Address on the Management Interface
Enable IPv6 on this interface. Run:
switch (config) # interface mgmt0 ipv6 enable
Set the IPv6 address to be configured automatically. Run:
switch (config) # interface mgmt0 ipv6 address autoconfig
Verify the IPv6 address is configured correctly. Run:
switch (config) # show interfaces mgmt0 brief
Dynamic Host Configuration Protocol (DHCP)
DHCP is used for automatic retrieval of management IP addresses.
For all other systems (and software versions) DHCP is disabled by default.
If a user connects through SSH, runs the wizard and turns off DHCP, the connection is immediately terminated as the management interface loses its IP address.
<localhost># ssh admin@<ip-address> NVIDIA Onyx Switch Management Password: NVIDIA switch NVIDIA configuration wizard Do you want to use the wizard for initial configuration? yes Step 1: Hostname? [my-switch] Step 2: Use DHCP on mgmt0 interface? [yes] no <localhost>#
In this case the serial connection should be used.
Default Gateway
To configure manually the default gateway, use the “ip route” command, with “0.0.0.0” as prefix and mask. The next-hop address must be within the range of one of the IP interfaces on the system.
switch (config)# ip route 0.0.0.0 0.0.0.0 10.10.0.2 switch (config)# show ip route Destination Mask Gateway Interface Source Distance/Metric default 0.0.0.0 10.10.0.2 mgmt0 static 0/0 10.10.0.0 255.255.254.0 0.0.0.0 mgmt0 direct 0/0
In-Band Management
In-band management is a management path passing through the data ports. In-band management can be created over one of the VLANs in the systems.
The in-band management feature does not require any license. However, it works only for the system profile Ethernet. It can be enabled with IP Routing.
To set an in-band management channel:
Create a VLAN. Run:
switch (config)# vlan 10 switch (config vlan 10)#
Create a VLAN interface. Run:
switch (config)# interface vlan 10 switch (config interface vlan 10)#
Configure L3 attributes on the newly created VLAN interface. Run:
switch (config interface vlan 10)# ip address 10.10.10.10 /24
(Optional) Verify in-band management configuration. Run:
switch (config)# show interfaces vlan 10 Admin state: Enabled Operational state: Up Mac Address: f4:52:14:67:07:e8 Internet Address: 10.10.10.10/24 Broadcast address: 10.10.10.255 MTU: 1500 bytes Arp timeout: 1500 seconds Icmp redirect: Disabled Description: N/A VRF: default Counters: Enabled RX 0 Unicast packets 0 Multicast packets 0 Unicast bytes 0 Multicast bytes 0 Bad packets 0 Bad bytes TX 0 Unicast packets 0 Multicast packets 0 Unicast bytes 0 Multicast bytes
Configuring Hostname via DHCP (DHCP Client Option 12)
This feature, also known as the DHCP Client Option 12, is enabled by default and assigns the switch system a hostname via DHCP as long as network manager configures hostname to the management interfaces’ (i.e. mgmt0, mgmt1) MAC address. If a network manager configures the hostname manually through any of the user interfaces, the hostname is not retrieved from the DHCP server.
To enable fetching hostname from DHCP server, run:
switch (config interface mgmt0) # dhcp hostname
To disable fetching hostname from DHCP server, run:
switch (config interface mgmt0) # no dhcp hostname
Getting the hostname through DHCP is enable by default and will change the switch hostname if the hostname is not set by the user. Therefore, if a switch is part of an HA cluster the user would need to make sure the HA master has the same HA node names as the DHCP server.
Management VRF
Management VRF is a virtual routing function that is responsible for providing IP services for switch management. It is the only VRF where outband management interface mgmt0 belongs.
Initially, a system has only one VRF—the default VRF. This VRF supports both management and data forwarding functions. A management VRF can them be created—mgmt and user VRFs (mgmt VRF is not created with image upgrade automatically). The mgmt VRF is also created on reset factory flows.
When mgmt VRF is created, all mgmt interfaces are automatically moved to it. New management functions can be shutdown in a default VRF and created in the management VRF. Also, management services can be started in 'user' VRFs, with the only difference that the 'user' VRF does not have mgmt interfaces.
Following services are considered management services:
| Service | Run by VRF Once mgmt VRF is Created |
|---|---|
| ssh | Single instance in all VRFs |
| snmp-agent | Single instance in any VRF |
| snmptrap | Can be configured in multiple VRFs at the same time |
| syslogd | Can be configured in multiple VRFs at the same time |
web server | Single instance in any VRF |
ntp | Single instance in any VRF |
dns | Single instance in any VRF |
tacacs | Single instance in any VRF |
Puppet | Single instance in any VRF |
OpenFlow API | Mgmt/default if mgmt is not created |
| sFlow | Single instance in any VRF |
| ftp-server | Mgmt/default if mgmt is not created |
| telnet-server | Mgmt/default if mgmt is not created |
| docker | Single instance in any VRF |
| ip filters | Single instance in all VRFs |
| ZTP | Mgmt only |
| IPL | Default VRF only |
User VRF will have routing functions and its primary purpose is to perform routing of user traffic.
Default VRF is used to run some non-management system functions and can also be used to serve as a global routing instance for multi-VRF traffic.
When a service is moved from VRF to VRF, its configuration is removed.
