Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
andy_currigan
Contributor

Intel X710 10gbps NIC with Cisco Nexus LINK problem

We need to replace our cluster gws.

we install gaia 3.10 R80.30 take 196 on 2x Dell R640 with X710 10gb NIC.

the nic have been correctly recognized by gaia but the 10g link to our nexus switch is down.

below the configurations

Nexus

interface Ethernet1/36
description TEMP FW
switchport
switchport access vlan 10
spanning-tree port type edge
flowcontrol receive on

speed 10000
no shutdown

transceiver is present
type is SFP-H10GB-AOC10M
name is CISCO-AVAGO

 

GAIA

set interface eth0 link-speed 10G/full
set interface eth0 state on
set interface eth0 auto-negotiation off
set interface eth0 mtu 1500
set interface eth0 ipv4-address 1.1.1.1 mask-length 24

 

Do we need particular dac cables?

any suggestions?

thank you

0 Kudos
1 Reply
Timothy_Hall
Champion
Champion

It could be due to LLDP or the transceiver you are using, see this excerpt from the third edition of my book:

Click to Expand

Cisco Nexus Interoperability Tips

As someone who has done a lot of work with a variety of Cisco devices over the years,
and held many Cisco-related certifications including a CCNP at one time, it pains me to
write this section of the book. Unfortunately Cisco’s Nexus products in particular are
becoming increasingly picky about which third-party (i.e. not Cisco) NICs they will
operate with by default. This has led to odd stability & performance problems between
Check Point firewall appliances that employ advanced NICs such as those manufactured
by Mellanox. These are typically 25Gbps or faster cards installed into the expansion
slots of the newest Check Point appliances.

If you have attached one of these Mellanox cards to a Cisco Nexus device and are
seeing carrier flaps on the interface, or better yet it refuses to link up at all (my personal
favorite), you may need to run these commands on the Cisco Nexus side to get things
working and stable:

service unsupported-transceiver
no lldp transmit
no lldp receive

See these SKs for the latest updates: sk117676: Is Link Layer Discovery Protocol
( LLDP ) supported on Gaia? and sk163267: LLDP issue with Intel X710 10G NIC
connected to Cisco 5K Switches.

In addition I’ve seen some rather odd auto-negotiation issues when attached to a
Cisco switchport, where the Check Point interface must be manually set to the desired
maximum speed instead of the default setting of “Auto”. Duplex negotiation is
mandatory in the Gigabit Ethernet specification, so doing this should not result in a

dreaded duplex mismatch condition (covered later in this chapter), but hard-coding the
interface speed should only be done as a last resort if you can’t get link established.

Finally, some devices such as the Cisco Nexus 7000 will drop multicast traffic that
uses a multicast MAC address, if it does not also use a “traditional” Class D multicast IP
address (224.0.0.0-239.255.255.255), which happens to be the default behavior for
ClusterXL. This situation will cause interface flaps in ClusterXL and lead to cluster
instability. See the following SK to change this behavior: sk115142: Switch drops
Check Point CCP packets when CCP is working in multicast mode.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events