Ethernet Fabric (VDX, CNA)

Reply
New Contributor
Posts: 2
Registered: ‎03-12-2015

mass change on ethernet ports VDX VCS cluster 4.1.3a (NOS)

Hello Community,

 

After migrating from cisco switches to brocade VDX 6740 i got trouble when i am using private vlan on multiple switchports.

 

In our landscape we are using dv switches from vmware to do the tagging for normal and private vlan. On a cisco the configuration for such kind of port is called trunk with a single configuration line.

On brocade NOS it looks like the following.

 

interface TenGigabitEthernet 10/0/1
 description Te 10/0/1 ESX Host
 no fabric isl enable
 no fabric trunk enable
 fabric neighbor-discovery disable
 switchport
 switchport mode private-vlan trunk
 switchport private-vlan association trunk 32 33
 switchport private-vlan association trunk 32 34
 switchport private-vlan association trunk 32 40
 switchport private-vlan association trunk 32 47
 switchport private-vlan association trunk 32 48
 switchport private-vlan association trunk 32 56
 switchport private-vlan association trunk 32 58
 switchport private-vlan association trunk 32 66
 switchport private-vlan association trunk 32 70
 switchport private-vlan association trunk 32 71
 switchport private-vlan association trunk 32 73
 switchport private-vlan association trunk 32 79
 switchport private-vlan association trunk 32 180
 switchport private-vlan association trunk 32 209
 switchport private-vlan association trunk 32 267
 switchport private-vlan association trunk 32 519
 switchport private-vlan trunk allowed vlan all
 spanning-tree edgeport bpdu-guard
 no spanning-tree shutdown
 no shutdown

 

 

Each further secondary vlan blows up the configuration and each switchport for the ESX servers (I am talking about hundrets) have to configured manually. I'm sorry abou that, but - That sucks!

The functions AMPP (vlan profile) is not a solution for us because private vlan is not supported.

 

At first i analysed the landscape pointing the usage of private vlan. It's the best solution for us at the moment, because we are using one layer 3 segment with limited public addresses and have to protect hosts against other hosts.

 

Now i am searching for a solution to solve this configuration overhead with a scripting solution. I found the YANG / Netconf documents which are supported for the current running NOS version, but i don't find a introduction how to start with that term.

 

The following questions i got.

Is it possible to parse the current switch configuration with YANG / Netconf find out all "private-vlan trunk" ports?

After that is it possible to manipulate these ports adding a new secondary vlan p.ex. "switchport private-vlan association trunk 32 999"?

Do i have to use the Vyatta Controller for automation tasks with YANG / Netconf?

Is it possible to use pyang and python to get my tasks automated?

 

 

I hope someone takes the time to understand my problem.

Thank you.

 

 

Best Regards

 

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook