• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6221
  • Last Modified:

Command “vrf context management” in Nexus 5000

Expert

I have the question. What is the function of command  “vrf context management” in Nexus 5000 ? The command can be used for interface management ip address, and it can be used like this”

N5k-1(config)#int mgmt 0
N5k-1(config-if)#ip address 172.116.1.10/24
N5k-1(config-if)#vrf context management
N5k-1(config-vrf)#ip route 0.0.0.0 0.0.0.0 172.116.1.1

I cannot understand why it is added under interface management. What is difference between the vrf in Nexus and vrf in MPLS ?

Thank you
0
EESky
Asked:
EESky
  • 4
  • 4
1 Solution
 
Don JohnstonInstructorCommented:
What is the function of command  “vrf context management” in Nexus 5000 ?
In your example, it allows you to creates a default-route for the "management" context. Had you not issued the "vrf context management" command first, the default route would exist in the default context.
0
 
EESkyAuthor Commented:
Thank you for your reply!

The command "vrf context management" is creating a vrf. In here, what does "context" mean ? it is a vrf or something else ? it should not be a VDC ? One VDC can have several vrf, right ?
0
 
Don JohnstonInstructorCommented:
Not exactly. In this situation, you are changing to the configuration mode for the management vrf.  You don't create the management vrf since it was pre-existing. In fact, you can't delete the management vrf.

The "context" is simply a required keyword.

And yes, you have... 16,000 (IIRC) vrf's in a VDC.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
EESkyAuthor Commented:
N5k-1(config)#int mgmt 0
N5k-1(config-if)#ip address 172.116.1.10/24
N5k-1(config-if)#vrf context management
N5k-1(config-vrf)#ip route 0.0.0.0 0.0.0.0 172.116.1.1


Can i say that all of the commands are for using management interface ? If so, i would be able to login to the Nexus through the management interface and make any configuration in the whole Nexus, right ?
0
 
Don JohnstonInstructorCommented:
Yes and yes.
0
 
EESkyAuthor Commented:
Thank you !

Had you not issued the "vrf context management" command first, the default route would exist in the default context.

With "the default route would exist in the default context."  does it mean the default context would exist in the default context and could not go out ?


Usually Cisco devices need to be configured with management interface, which are two commands: #int management and #ip address x.x.x.x. What made the difference of management interface configuration between Nexus and others? If we configure management interface in Nexus like general Cisco router and switch, can it work well ? Thank you.
0
 
Don JohnstonInstructorCommented:
does it mean the default context would exist in the default context and could not go out ?
Huh???

Usually Cisco devices need to be configured with management interface, which are two commands: #int management and #ip address x.x.x.x. What made the difference of management interface configuration between Nexus and others?
Okay, in the past, Cisco switches were managed either through the console port or through an SVI (VLAN interface).  Most people prefer using telnet (or SSH) to the SVI because it's WAY faster than the console port. The problem with the SVI management approach is that management traffic and data traffic are intermixed (and we like to keep that traffic separate).

In an effort to fully segregate management and data traffic, Cisco implemented the "MGMT" Interface.  The way I explain this in class is that it's like a console port except that instead of slow, tired old RS-232, it's gig ethernet.  So you get the best of both worlds: totally segregated and fast.

Now, since the MGMT interface uses IP and we want to insure that the data and management traffic is completely segregated, a second VRF (the management VRF) was created that is only used by the MGMT interface.  Since traffic from one VRF can't use ports or processes from another VRF (without some additional work, that is), the management traffic is kept separate from the data traffic.

How's that?
0
 
EESkyAuthor Commented:
Excellent! You are really an expert. Thank you !
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now