Cisco Dynamic Fabric Automation Migration Guide
Migration Steps
Download this chapter
Migration StepsMigration Steps
Download the complete book
Cisco Dynamic Fabric Automation Migration Guide Cisco Dynamic Fabric Automation Migration Guide (PDF - 5 MB)
 Feedback

Migration Steps

This chapter contains the following sections:

Step 1: Upgrade the Spine Switch software

The first step of the migration is to upgrade all spine switch software.

Before You Begin The following pre-requisites must be met for upgrading Nexus 6000 spine switch software
  • Nexus 6000 series switch must be running on Cisco NX-OS version 6.2.(2) software release
  • Border leaf nodes must be DFA hardware-capable Nexus 6000 nodes running Cisco NX-OS version 6.0.2.N2

Note

If you have anything other than a Nexus 6000 series switch, you must physically replace the switch with the version 7.0.(0)N1(1) image; the configuration remains the same as the previous image.

    Step 1   On the Nexus 6000 series spine switches, perform a non-disruptive in-service software upgrade (ISSU) upgrade to Cisco NX-OS version 7.0(0)N1(1).

    See Refer to the Cisco Nexus 6000 Series NX-OS Software Upgrade and Downgrade, Release 6.0 for instructions on performing the ISSU upgrade.

    No impact to traffic should occur as a result of the ISSU upgrade.

    Step 2   Add Cisco Dynamic Fabric Automation-specific configuration on the spine.

    For specific configuration, commands, and samples for the spine, see Migration Configuration.

    The VNI and border gateway protocol (BGP) will be configured.

    What to Do Next

    Proceed to Step 2: Upgrading the first pair of border leaves in the topology.

    Step 2: Upgrade the Border Leaf Software

    In this procedure, you will perform a disruptive in-service software upgrade (ISSU) for the first border leaf pair.

      Step 1   Upgrade the first border leaf node from Cisco NX-OS Release 6.0.(2)N2 to Cisco NX-OS Release 7.0.(0)N1(1) using an ISSU disruptive upgrade procedure.Refer to the Cisco Nexus 6000 Series NX-OS Software Upgrade and Downgrade, Release 6.0 for information on performing an ISSU upgrade.
      Step 2   Make sure that the first border leaf comes up fully and becomes operational again, without any unforeseen issues impacting ISSU procedure.
      Step 3   Make sure traffic streams are already running intra-vlan, inter-vlan, across PoDs, and that north-bound traffic all remains unaffected.
      Step 4   Repeat steps 1-3 for the second border leaf node in the pair.

      Although the disruptive upgrade has some effect on traffic, there is no change in the traffic flow.

      What to Do Next

      Configure the border leaf pair with Cisco Dynamic Fabric Automation-specific configuration.

      Step 3: Add Cisco DFA-related Configuration to the First Border Leaf Pair

      In this procedure, you will manually configure the first pair of border leafs in the network.


      Note

      For specific configuration commands and examples, see Migration Configuration.

      Before You Begin

      Make sure you have upgraded the border leaf software, as described in Step 2.

        Step 1   On the first border leaf switch:
        1. Configure an additional hot standby router protocol (HSRP) per virtual local area network (VLAN) with the anycast gateway MAC address with an unused IP adddress.
        2. Configure the iBGP router reflector
        3. Configure anycast gateway MAC
        4. Add a vrf-tenant-profile and configure the virtual network identifier (VNI) under the virtual router
        5. Enable traditional forwarding on the switch virtual interfaces (SVIs)
        6. Advertise host routes to the BGP route reflector
        Step 2   Repeat step 1 a-f for the second border leaf switch in the pair.

        There should be no change to the traffic flow after you have configured the border leaf pair.

        What to Do Next

        Upgrade the software for the second pair of border leaves.

        Step 4: Upgrade the Second Border Leaf Pair

        In this procedure, you will perform a disruptive in-service software upgrade (ISSU) for the second border leaf pair.

          Step 1   Upgrade the second border leaf node in the pair from Cisco NX-OS Release 6.0.(2)N2 to Cisco NX-OS Release 7.0.(0)N1(1) using an ISSU disruptive upgrade procedure.Refer to the Cisco Nexus 6000 Series NX-OS Software Upgrade and Downgrade, Release 6.0 for information on the ISSU upgrade.
          Step 2   Make sure that the border leaf comes up fully and becomes operational again, without any unforeseen issues impacting the ISSU procedure.
          Step 3   Make sure traffic streams are already running intra-vlan, inter-vlan, across PoDs, and that north-bound traffic all remains unaffected.
          Step 4   Repeat steps 1-3 for the second border leaf node in the pair.

          Although the disruptive upgrade has some effect on traffic, there is no change in the traffic flow.

          What to Do Next

          Configure the border leaf pair with Cisco Dynamic Fabric Automation-specific configuration

          Step 5: Add Cisco DFA-related Configuration to the Second Border Leaf Pair

          In this procedure, you will manually configure the second pair of border leafs in the network.


          Note

          For specific configuration commands and examples, see Migration Configuration.

          Before You Begin

          Make sure you have upgraded the border leaf software, as described in Step 4.

            Step 1   On the first border leaf switch in the pair:
            1. Configure an additional hot standby router protocol (HSRP) per virtual local area network (VLAN) with the anycast gateway MAC address with an unused IP address.
            2. Configure the iBGP router reflector
            3. Configure the anycast-gateway MAC address
            4. Add a vrf-tenant-profile and configure the virtual network identifier (VNI) under the virtual router
            5. Create switch virtual interfaces (SVIs), if they are not present.
            6. Enable anycast-gateway on the SVIs.
            7. Enable traditional forwarding on the switch virtual interfaces (SVIs)
            8. Advertise host routes to the BGP route reflector
            Step 2   Repeat step 1 a-h for the second border leaf switch in the pair.

            After you configure the second border leaf pair, the following changes occur:
            • All border leafs start to respond to address resolution protocol (ARP) with anycast-gateway MAC addresses.
            • Direct forwarding occurs between the border leaf pairs, without going through the Nexus 7000.

            The unicast traffic flow and North-South traffic remains unchanged.

            What to Do Next

            Upgrade the software for FabricPath leaf pair.

            Step 6: Upgrade the FabricPath Leaf Pair

            In this procedure, you will perform an in-service software upgrade (ISSU) for the FabricPath leaf pair.

              Step 1   Upgrade the leaf node from Cisco NX-OS Release 6.0.(2)N2 to Cisco NX-OS Release 7.0.(0)N1(1) using an ISSU upgrade procedure.Refer to the Cisco Nexus 6000 Series NX-OS Software Upgrade and Downgrade, Release 6.0 for information on performing an ISSU upgrade.
              Step 2   Make sure that the first leaf comes up fully and becomes operational again, without any unforeseen issues impacting ISSU procedure.
              Step 3   Make sure traffic streams are already running intra-vlan, inter-vlan, across PoDs, and that north-bound traffic all remains unaffected.
              Step 4   Repeat steps 1-3 for the second border leaf node in the pair.

              There is no change in the traffic flow.

              What to Do Next

              Configure the border leaf pair with Cisco Dynamic Fabric Automation-specific configuration.

              Step 7: Add Cisco DFA Configuration to Layer 2 Leaves

              In this procedure, you will configure the FabricPath leafs in the network.


              Note

              For specific configuration commands and examples, see Migration Configuration.

              Before You Begin

              Prior to configuring the Fabric Path leaf, you should have upgraded the software.

                Step 1   On the first switch in the pair:
                1. Install a L3 license.
                2. Enable Cisco DFA.
                3. Add the iBGP router reflector client.
                4. Add the segment ID and VRF.
                5. Add a vrf-tenant-profile and configure the virtual network identifier (VNI) under the virtual router.
                6. Create switch virtual interfaces (SVIs) for all VLANs.
                7. Enable anycast-gateway for all VLANs.
                8. Advertise host routes to the BGP route reflector.
                9. Start handling gateway functionality for local hosts.
                Step 2   Repeat step 1 a-i for the second border leaf switch in the pair.

                If you are migrating a fabric that includes both Nexus 5000 and Nexus 6000 switches:
                • Migration is completed if you have upgraded all Nexus 6000 software and enabled Cisco DFA forwarding.
                • HSRP/VRRP will remain as long as there are Nexus 5000 leaves in the network.
                • In Nexus 5000-involved VLANs and SVIs: VLANs are global, non-segment-id-enabled, and the forwarding mode can be either proxy or anycast gateway.
                • In upgraded and configured Nexus 6000-involved VLANs and SVIs: Can be segment-id enabled, and the forwarding mode can be either proxy or anycast gateway.
                • Multicast will continue run in the legacy multicast mode. Cisco DFA multicast should not be enabled.

                What to Do Next

                If you are migrating a fabric that includes both Nexus 5000 and Nexus 6000 switches, the migration is completed if you have upgraded all Nexus 6000 software and enabled Cisco DFA forwarding.

                Step 8: Upgrade and Configure All Remaining Leaf Switches

                You should perform this procedure on all of the remaining leaf switches in the network. Refer to Steps 6 and 7 for additional information.


                Note

                For specific configuration commands and examples, see Migration Configuration.

                  Step 1   Upgrade the software on all of the remaining leaf switches.
                  Step 2   Add Cisco DFA-related configuration on all of the remaining leaf switches.
                  Step 3   Enable anycast-gateway on leaf switches for all VLANs.
                  What to Do Next

                  Remove HSRP Configurations on border leaf pairs.

                  Step 9: Remove HSRP Configurations on Border Leaf Pairs

                  During the migration, some hosts learn the anycast gateway MAC address as its MAC address for the default gateway. Some hosts will learn the HSRP VMAC as the MAC for the default gateway. We recommend that you wait a couple of hours to make sure that the HSRP VMAC is aged out on all hosts.

                  Note

                  For specific configuration commands and examples, see Migration Configuration.

                  Before You Begin

                  You should have completed migration on all leaf switches.

                    Step 1   Remove HSRP configuration on each border leaf switch.

                    Step 2   Change the SVI IP address to the VIP.

                    After you have removed HSRP configurations, migration is complete.

                    • You can move to Cisco DFA multicast, if preferred. There is no VPC on border leaf connector to external multicast routers.
                    • SVIs can be switched to proxy forwarding mode, if preferred.
                    • New VLANs can be segment-id enabled.
                    • In the all-Nexus 6000 topology, you can move to Cisco DFA multicast, if preferred.

                      Note
                      Multicast traffic disruption will occur during the move to Cisco DFA multicast. Also, the border leaf that connects to external multicast routers cannot run VPC.