Skip to main content

First look of Open NX-OS

Cisco NX-OS is the network operating system that is used in Cisco Nexus switches. These Nexus switches from Cisco are built for DATA-CENTERS. In this post I will give you a brief idea regarding the NX-OS operating system.  NX-OS has been evolved from SAN-OS which was originally developed for MDS switches by Cisco only. These MDS switches are used for storage network.

Cisco NX-OS is purely based on Micro-kernel Linux where as traditional Cisco IOS is also based on Linux but with Monolithic kernel. I will tell you the difference between these two types of kernel below in this post because it is the key difference between NX-OS and IOS.

 Monolithic Kernel :


Monolithic kernel is a single large process running entirely in a single address space or memory space. It is a single static binary file. All kernel services exists and executes in the kernel address space. If one process having some problem then it will effect all other processes and may interrupt the complete kernel flow. As an example, let's  suppose in IOS if OSPF process having some problem then it will effect all other processes and it may lead your router to hang or restart. You may have experienced it already that sometimes in such cases after restarting the router everything runs fine.

In Monolithic kernel you can not start or restart single service as you have to restart the complete device. Have you ever restart BGP or STP process in Cisco IOS ? Is there any command for it ? NO...

Micro-kernel Linux :


In Micro-kernel , kernel is divided into smaller services. These services run in their separate/individual memory spaces. As they are running in separate memory space one service does not impact other service. This is like different VMs(virtual machines) in Vmware. One VM does not impact other VM. You can also restart or shutdown single service in case of some error. In NX-OS, you can shutdown OSPF service and start BGP service by "Feature-set" command. In NX-OS , Cisco call "service" as a "Module"

Using above description, NX-OS provide these following plus features than IOS :

Molecularity :


Modules or services are loaded into kernel only when needed. These modules can be loaded and unloaded on demand.

Fault Isolation :


This module provides complete process isolation for NX-OS features and services.

Resiliency:


This module is helpful in graceful restart or initialization of processes.

I know most of the Juniper freaks out here say that this is same as JUNOS giggle. Yes it is same as JUNOS. After so many years, Cisco realizes this and developed NX-OS. I don't know why Cisco takes so long to realize this.

For so many years they are shipping this NX-OS in their data-center switch which they call Nexus series switches. Cisco Nexus 2000 , 5000 and 7000 are the example of switches which are running on NX-OS. These switches are high performance switches which are intentionally developed for data-center. They can switch or route massive traffic of data-center with latency of less than 1 ms.

As SDN (Software define network) is evolving day by day and to cop up with this paradigm shift, Cisco is working towards OPEN NX-OS.

OPEN NX-OS :


Open NX-OS is based on Wind River Linux 5. Now it is possible to run any standard Linux-based application on Cisco Nexus switch. It is open to integrate common third-party configuration management like puppet , Chef etc. and network monitoring software like splunk , nagios etc. directly on Nexus switch itself. In previous versions of NX-OS, every thing is closed.  It means you were not able to access underlying Linux of NX-OS. You can only run commands etc. but in Open NX-OS, Cisco has exposed an access to the linux kernel networking stack, where the switch physical and logical interfaces have representation as a net device and an IP address in the kernel layer. Confuse ? Don't worry , In simple language they have provided access to BASH shell of Linux kernel.

In Open NX-OS, you can access to Bourne - Again Shell (BASH). While using bash commands, one can access and manage the underlying linux system on the device. This provides only glimpse of OPEN NX-OS but I am sure you get the essence. So lets jump into the command prompt of Open NX-OS for now:

Some Glimpse of Open NX-OS :


To access Bash shell in Open NX-OS you need to enable "feature bash-shell" command.
n9k_nx_os(config)# feature
bash-shell              lacp                    pbr                     ssh
bfd                     ldap                    pim                     tacacs+
bgp                     lldp                    private-vlan            telnet
dhcp                    msdp                    privilege               tunnel
eigrp                   nat                     ptp                     udld
evmed                   ntp                     rip                     vmtracker
fabric                  nv                      scheduler               vn-segment-vlan-based
hsrp                    nxapi                   scp-server              vpc
interface-vlan          ospf                    sflow                   vrrp
isis                    ospfv3                  sftp-server             vrrpv3
itd                     password                sla                     vtp
n9k_nx_os(config)# feature bash-shell
n9k_nx_os(config)#



To get into Bash shell from normal NX-OS command prompt :
n9k_nx_os(config)#
n9k_nx_os(config)#
n9k_nx_os(config)# run
run          run-script
n9k_nx_os(config)# run
bash         guestshell
n9k_nx_os(config)# run bash ?
*** No matching command found in current mode, matching in (exec) mode ***
  <CR>
  LINE   The command to execute

n9k_nx_os(config)# run bash
bash-4.2$
bash-4.2$
bash-4.2$



There are few commands which I have tried successfully in BASH Shell of Open NX-OS :

bash-4.2$ ls
bin        etc           isan_lib.img  lib64     modflash    root      usbslot2  vdc_12  vdc_4
boot       home          isan_lib_ro   linuxrc   nfsroot     rpms      usr       vdc_13  vdc_5
bootflash  init          isan_lib_rw   log       nginx       sbin      usr.img   vdc_14  vdc_6
cgroup     isan          lc            logflash  nginx_1_fe  slot0     usr_ro    vdc_15  vdc_7
data       isan_bin.img  lcimages      media     nxos        smack     usr_rw    vdc_16  vdc_8
debug      isan_bin_ro   lc_ro         mgmt      opt         sys       var       vdc_17  vdc_9
debugfs    isan_bin_rw   lc_rw         mnt       proc        tmp       vdc_10    vdc_2   vmachine
dev        isanboot      lib           mod-1     rd          usbslot1  vdc_11    vdc_3   volatile
bash-4.2$


bash-4.2$ free
             total       used       free     shared    buffers     cached
Mem:      12282348    4530196    7752152          0      46500    1766136
-/+ buffers/cache:    2717560    9564788
Swap:            0          0          0
bash-4.2$


bash-4.2$ uname -a
Linux n9k_nx_os 3.4.43-WR5.0.1.13_standard #1 SMP Thu Aug 27 14:35:24 PDT 2015 x86_64 GNU/Linux
bash-4.2$
bash-4.2$
bash-4.2$


bash-4.2$ yum
yum yum-install-recommends.py yum-updatesd yumdownloader
bash-4.2$ yum
RPM-GPG-KEY-puppetlabs RPM-GPG-KEY-reductive.1
RPM-GPG-KEY-puppetlabs.1 puppetlabs-release-pc1-cisco-wrlinux-5.noarch.rpm
RPM-GPG-KEY-reductive puppetlabs-release-pc1-cisco-wrlinux-5.noarch.rpm.1
bash-4.2$ yum

You are thinking now that how can I get this Open NX-OS access ? Right ? Don't worry soon I will publish new post regarding this.

Output of "Show version" of OPEN NX-OS :


n9k_nx_os# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html
Copyright (c) 2002-2015, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.



Software
  BIOS: version
  NXOS: version 7.0(3)I2(1)
  BIOS compile time:
  NXOS image file is: bootflash:///nxos.7.0.3.I2.1.bin
  NXOS compile time:  9/3/2015 16:00:00 [09/04/2015 00:18:15]


Hardware
  cisco NX-OSv Chassis
  Intel(R) Xeon(R) CPU E5-4667 v3 @ 2.00GHz with 12282348 kB of memory.

  Device name: n9k_nx_os
  bootflash:    3509454 kB
Kernel uptime is 0 day(s), 0 hour(s), 39 minute(s), 3 second(s)

Last reset
  Reason: Unknown
  System version:
  Service:

plugin
  Core Plugin, Ethernet Plugin

Active Package(s):
n9k_nx_os#


Output of "Show version" of traditional NX-OS :


NX-OS_Sw1# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html
Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.

Software
  BIOS:      version 2.1.0
  loader:    version N/A
  kickstart: version 7.0(1)N1(1)
  system:    version 7.0(1)N1(1)
  Power Sequencer Firmware:
             Module 1: version v4.0
             Module 2: version v4.0
  Fabric Power Sequencer Firmware: Module 1: version v3.0
  Microcontroller Firmware:        version v0.0.0.15
  QSFP Microcontroller Firmware:
             Module 2: v2.0.0.0
  SFP Microcontroller Firmware:
             Module 1: v1.3.0.0
  BIOS compile time:       02/24/2014
  kickstart image file is: bootflash:///n6000-uk9-kickstart.7.0.1.N1.1.bin
  kickstart compile time:  3/19/2014 14:00:00 [03/20/2014 08:25:34]
  system image file is:    bootflash:///n6000-uk9.7.0.1.N1.1.bin
  system compile time:     3/19/2014 14:00:00 [03/20/2014 08:27:35]


Hardware
  cisco Nexus 5672UP Chassis ("Nexus 5672UP Supervisor")
  Intel(R) Xeon(R) CPU  @ 1.80 with 8243416 kB of memory.
  Processor Board ID 

  Device name: NX-OS_Sw1
  bootflash:    8028160 kB

Kernel uptime is 163 day(s), 1 hour(s), 55 minute(s), 43 second(s)

Last reset
  Reason: Unknown
  System version: 7.0(1)N1(1)
  Service:

plugin
  Core Plugin, Ethernet Plugin
NX-OS_Sw1#



This is all I have to introduce about OPEN NX-OS to you guys. Hope you enjoyed my post. Will post more details about the OPEN NX-OS in my future posts. Till then Keep Networking !!!

Comments

  1. Nice post!, Everthing was so clear.
    My question is, Will it be possible to Upgrade NX-7ks from actual NX-OS system to the new OPEN-NX-OS?

    ReplyDelete
  2. Thanks for the comment. currently Open NX-OS is in development mode. Soon in future we can upgrade our existing NX-OS to OPEN NX-OS.

    ReplyDelete
  3. very nice post

    ReplyDelete

Post a Comment

Popular posts from this blog

SuperPuTTY for EVE-NG

To use SuperPuTTY as default client for telnet in Eve-NG for multi tab console

When we click on Router or Switch in EVE-NG by default console open in CMD. Here I posting a method to use SuperPutty with EVE-NG so that you can use TAB function of SuperPutty.
You need to edit registry 
Enable handling of telnet://hostname:port/ URLs on the command line. With this feature, you can now set SuperPuTTY as the default handler for Telnet URLs 
If you run the Registry Editor (Start->Run->regedit.exe) and set the value in:
HKEY_CLASSES_ROOT\telnet\shell\open\command to be: "\path\to\SuperPutty.exe"
(with the full pathname of your SuperPuTTY executable)

In my case it like this :

C:\Program Files (x86)\SuperPuTTY\SuperPutty.exe %1




Second most important thing :

Select "Only allow single instance of SuperPutty to run" in SuperPutty options (Tools > Options)




And in GUI options , select Tab Text : "Dynamic"




And Finally you will get the multi tab console in Superp…

Install Linux in Eve-NG

Install Linux in Eve-NG :
You can choose any of Linux image from the pack below and simply upload into EVE. Download your preferred image from this link:Download Linux Images Here  (This Link is Provided by EVE - NG)     2. Download your desirable image     3. Using WinSCP or FileZilla SSH (TCP 22) to your EVE and upload downloaded image to the location: /opt/unetlab/addons/qemu/     4. Using Putty or other telnet client, CLI SSH (TCP 22) to your EVE and go to location: cd /opt/unetlab/addons/qemu/    5. Unzip your uploaded image file, make sure you are using right name of uploaded image. Example for ubuntu desktop image below. tar xzvf linux-ubuntu-desktop-16.04.4.tar.gz    6. Remove raw zipped image file from EVE rm -f linux-ubuntu-desktop-16.04.4.tar.gz   7. Fix permissions /opt/unetlab/wrappers/unl_wrapper -a fixpermissions   6. Repeat this procedure for each downloaded image, expecting right image name in commands
Ready to go images recommeneded settings: IMPORTANT NOTE: Before you start Li…

NAT Cloud in EVE-NG

NAT Cloud in EVE-NG


I want to share with you how to create a NAT cloud in the EVE-NG community edition. Essentially, this is a virtual network with a DHCP server, which will allow NAT connections over the management interface of the EVE-NG VM for Internet access.


Interface, DHCP Server and NAT First of all, we need to create a network which can be used in the topology. I’ll be using the predefined pnet9 interface (Cloud 9 network) for this, but any other interface will do. 1 2 3 ip address add192.168.255.1/24dev pnet9 echo1

copy IOS from FTP server for cisco switch upgrade

These are the commands to copy IOS from FTP to Flash:
Filezilla SERVER :

copy ftp://username:password@ftp-server-ip/IOS-name.bin flash:

Example :

copy ftp://cisco:cisco@192.168.1.1/c2960x-universalk9-mz.152-4.E6.bin flash:



SolarWinds SFTP & SCP Server (When we need to copy IOS to Flash using Secured channel like SCP or SFTP:

copy scp://<User>:<Password>@<Server-IP>/<File-name> flash0://<File-Name>

Radius and Tacacs server for Authentication

Radius and Tacacs server for Authentication
When we study for certification regarding Cisco, we encounter topic like Radius or Tacacs Server many times. You all know what are these and when to use them. But will it be beneficial to setup Radius or Tacacs authentication in real production network ?

Suppose you have 20 - 30 devices and there are three network administrator handling those devices in your company. One day you get a news that one of the network engineer is leaving an organization. To comply with company's security policy, you need to delete his/her Login credentials from all 20 - 30 devices. It hardly takes 20 - 30 Min to do that. No problem ! All is well till now.

Now imagine a different scenario in which you are working in even bigger organization which has around 2000 devices and has large network team around 15 - 20 Network admins. Each one of them has different access permissions on the network devices and some of them only have access permissions to limited numb…

Eat that Frog Chapter - 1

Eat That Frog!: 21 Great Ways to Stop Procrastinating and Get More Done in Less Time by Brian Tracy
Chapter - 1 - Set the Table
Recently, I have started reading the book "EAT THAT FROG" by Brian Tracy. So here I am giving you the summary of the first chapter which I have recently completed. The title of the first chapter is "Set your Table" which means  Clarity of the goal that you set. Clarity is described by the author as the most important part for personal productivity. Why some people are ultra productive and other are very less productive. The reason behind is thst the ultra productive people are well focused on their goals and tasks.
A major reason for procrastination to do the work is the cloud and haziness of the goal in front of your eyes. We don't have clarity about the goal. We are not certain about what we have to do and in which order . To over come this habit of procrastination, Brain Tracy has described seven step method as mentioned below :

St…

Network Engineer should Learn Python

Network Engineer should Learn Python
Suppose you are a Network Administrator or Engineer in a company which has 20 - 30 Network devices like Cisco , Juniper or some other vendors devices. How would you manage these Devices ? Yes you do Telnet or SSH to these devices and do your configuration etc. This is a happy happy situation.
Now lets consider second scenario. Suppose you are handling multi-site company with different offices which are  distributed geographically across country and world too. You have to manage around 1000 different network devices spread around different locations. One day your boss come to you and ask you to change or add new NTP server to these network devices. Aaahhh... Yes he actually means to these 1000 devices!!! Now what will be your first reaction ? How it is possible to Login to each network device and enter the NTP command ? Yes it is possible to just grab your chair and SSH to each and every device manually and put NTP command. What an idiotic and boring…