Cisco Nexus 9300 Limitations

From OISecWiki

The Cisco Nexus 9300 series have a few limitations, which differs a bit by model.

Limitations

The following limitations did we encounter.

Reserved VLANs

The Nexus 9300 series reserves the vlans 3968 till 4095 by default. In normal cases this would not cause a lot of issues, because we can plan what vlans to use. However it does also impose a problem on vlan mapping. Neither the original or translated vlan can be in the 3968-4095 range.

We normally would do something like this 

NEXUS9300(config-if)# switchport vlan mapping 1480 1906

But if we fill in a vlan higher then 3967 as original vlan we it will not let us enter a translated vlan 

NEXUS9300(config-if)# switchport vlan mapping 3970 1908
                                                   ^
% Invalid command at '^' marker.

Cisco 93180YC-FX and SFP-10G-T-X

The Cisco 93180YC-FX series supports the SFP-10G-T-X copper SFP+ since NX-OS release 9.3(5). However there are some limitations.

The SFP-10G-T-X module cannot operate with other ports next to it active. What the exact reason for this is, is unknown to us, but we suspect it has to do with heat development as these modules get very hot, even when unused.

The switch will put this in the log if you use a unsupported port: 

%ETHPORT-3-IF_XCVR_ERROR: Interface Ethernet1/21, doesn't support SFP-10G-T-X
%ETHPORT-5-IF_DOWN_ERROR_DISABLED: Interface Ethernet1/21 is down (Error disabled. Reason:Unsupported media-type or configuration)

The documentation on cisco.com states:

When you connect a SFP-10G-T-X device into a port, all the neighboring ports of this device must be either empty, or be connected to passive copper links only.

The following table should indicate which ports can be used, but remember the neighbouring ports can only contain passive copper links. NO optics!

Device Name Port Map
Cisco Nexus N9K-C93180YC-EX, N9K-C93180YC-FX, N9K-C93180YC-FX3 and N9K-C93180YC-FX3S PI/PE: 1, 4-5, 8-9, 12-13, 16, 37, 40-41, 44-45, 48

Deployment Scheme for SFP-10G-T-X Transceivers[1]

The figure shows the maximum configuration density of SFP-10G-T-X-SFP+ transceivers for this switch
Active Port deploying the SFP+ 10GBASE-T transceiver, with max power consumption up to 2.5W.

Once configured with “media-type 10g-tx” in NX-OS or “Link Level Policy -> Physical Media Type -> SFP 10G TX” in ACI, these ports can deploy SFP-10G-T-X. Without such configuration, they behave like normal ports.

Port Shutdown or Active with Passive Copper Cables only (Max. power consumption up to 0.1W).

Once 10g-tx is configured on yellow ports, ports to the left, right, top and bottom of the yellow port are referenced as blue ports. These adjacent ports will then support only low power Passive Copper DAC cable, or these can be left empty to conserve power. If 10g-tx configuration is removed from adjacent yellow ports, the blue ports will revert to behaving like normal ports.

Active Ports 17 - 36 deploying any Cisco 1/10/25G optics (SFP, SFP+, SFP28) EXCLUDING SFP+ 10GBASE-T, with max power consumption up to 1.5W and Active Ports 49 - 54 deploying any Cisco QSFP, QSFP+, QSFP28 with max power consumption up to 3.5W. These ports are not part of any scheme and can deploy all regular Cisco optics and behave like normal ports.


When inserting the module in one of the supported slots the switch will warn you about it: 

%ETHPORT-3-IF_XCVR_ERROR: Interface Ethernet1/44, must configure [media-type 10g-tx] to support SFP-10G-T-X

So the media-type also has to be changed on the port (this is NOT documented).

References

  1. https://www.cisco.com/c/en/us/td/docs/dcn/hw/nx-os/nexus9000/93180yc-fx3/cisco-nexus-93180yc-fx3-nx-os-mode-switch-hardware-installation-guide/m_overview1.html
Retrieved from "https://wiki.oisec.net/mediawiki/index.php?title=Cisco_Nexus_9300_Limitations&oldid=291"