I was recently troubleshooting an HSRP issue with two Nexus 5500 switches that both were in the active state. The root cause appeared to be a missing LAN_Base license.
Although the information on copying and adding licenses to a Nexus 5500 is available at www.cisco.com, I found I had to go to a couple of different pages to get it. Here are the steps I used to add a new license to my Cisco Nexus 5500 switches.
Step 1. Verify that no license is already installed with the show license command, or exists in bootflash ready to be installed with the dir command. You should look for a *.LIC file in bootflash:
If you find a .LIC file in bootflash:, you probably just need to install it and can skip to Step 5.
HQ-ST-5K1# show license
HQ-ST-5K1#
Note: No response from NX-OS means no license is installed.
HQ-ST-5K1# dir bootflash:
0 Jan 01 14:18:03 2009 20090101_191803_poap_4557_init.log
0 Jan 01 14:34:16 2009 20090101_193416_poap_4464_init.log
0 Jan 15 09:37:37 2009 20090115_143737_poap_4464_init.log
169740 Jun 16 13:49:40 2015 20150616_154841_poap_4461_init.log
8989 Apr 29 09:21:37 2015 b4config.txt
9861 Jun 16 11:31:01 2015 b4config2.txt
4096 Apr 08 15:11:22 2015 lost+found/
34672128 Jul 07 15:12:50 2014 n5000-uk9-kickstart.6.0.2.N1.2.bin
238082390 Jul 07 15:13:39 2014 n5000-uk9.6.0.2.N1.2.binexit
4096 Jan 01 14:16:55 2009 vdc_2/
4096 Jan 01 14:16:55 2009 vdc_3/
4096 Jan 01 14:16:55 2009 vdc_4/
4096 Jan 01 14:16:55 2009 virt_strg_pool_bf/
Usage for bootflash://
390721536 bytes used
1260183552 bytes free
1650905088 bytes total
HQ-ST-5K1#
Note: Since there is no file with a .lic extension, the license file is missing. I needed at least a LAN Base license to run HSRP. The 5500 switches also need a L3 forwarding module, which mine had.
Step 2. As needed, obtain the license files.
I got mine though chatting with Cisco staff and providing them with the results from the show license host-id command. After some discussion, they emailed me two base license files that were keyed to the license host-id of the 5Ks.
Note: Depending on your situation, you may need to contact your reseller or open a TAC case.
The license files I obtained from Software licensing were readable in a text editor, and looked like this:
SERVER this_host ANY
VENDOR cisco
INCREMENT LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>N55-BAS1K9</SKU> \
HOSTID=VDH=SSI123456AB \
NOTICE="<LicFileID>20160804111111111</LicFileID><LicLineID>1</LicLineID> \
<PAK></PAK>" SIGN=###E##C#A###
Note: I also found some non-installed license files in the directory of a different N5K. This pre-installed license included a PAK value that appears to be associated with the host ID and the license file name in the following format:
HQ-END-5K1# dir bootflash:
. . .
272 Jan 01 01:34:17 2009 license_SSI234567E5_15.lic
4096 Jan 23 18:22:41 2015 lost+found/
6661 Apr 13 07:03:34 2015 mts.log
31646720 Oct 17 02:27:26 2012 n5000-uk9-kickstart.5.2.1.N1.1.bin
34407424 Oct 28 15:50:19 2014 n5000-uk9-kickstart.5.2.1.N1.7.bin
173087826 Oct 17 02:28:14 2012 n5000-uk9.5.2.1.N1.1.bin
175642440 Oct 28 15:49:52 2014 n5000-uk9.5.2.1.N1.7.bin
1152 Oct 28 16:33:41 2014 span.log
4096 Jan 01 01:31:07 2009 vdc_2/
4096 Jan 01 01:31:07 2009 vdc_3/
4096 Jan 01 01:31:07 2009 vdc_4/
Usage for bootflash://
532897792 bytes used
1118007296 bytes free
1650905088 bytes total
HQ-END-5K1#
HQ-END-5K1# sh file license_SSI234567E5_15.lic
SERVER this_host ANY
VENDOR cisco
INCREMENT LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=MDS HOSTID=VDH=SSI234567E5 \
NOTICE=<LicFileID>20121016111111111</LicFileID><LicLineID>1</LicLineID><PAK>N5K-C5548UP-FASSI234567E5</PAK> \
SIGN=F1111DB1D111
HQ-END-5K1#
HQ-END-5K1# sh license host-id
License hostid: VDH=SSI234567E5
HQ-END-5K1#
Note: Place holder IDs and license numbers are shown in the example.
Step 3. You need to load each license file on the appropriate Nexus switch. You can use the copy scp: command to place the file in the bootdir: of the appropriate switch.
The license file will need to be accessible via an SCP.
HQ-ST-5K1# copy scp://cwr@172.20.21.22/Volumes/Projects/01-GPO/MDS20160804113133333/MDS201608040222222222.lic bootflash:license.lic
Enter vrf (If no input, current vrf 'default' is considered): management
The authenticity of host '172.20.21.22 (172.20.21.22)' can't be established.
RSA key fingerprint is d5:10:11:13:10:19:14:1d:1b:b1:18:19:18:19:19:18.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.20.21.22' (RSA) to the list of known hosts.
Password:
MDS201608040222222222.lic
100% 304 0.3KB/s 00:00
Copy complete, now saving to disk (please wait)...
HQ-ST-5K1#
During the copy, I renamed the license file to the name license.lic for ease of typing.
Note: I was able to turn on file sharing and remote access under System Preferences>Sharing on my Mac so the copy SCP from the switch would work. PC users may need to start an SCP server.
Step 4. Verify file has been copied to bootflash:
HQ-ST-5K1# dir
0 Jan 01 14:18:03 2009 20090101_191803_poap_4557_init.log
0 Jan 01 14:34:16 2009 20090101_193416_poap_4464_init.log
0 Jan 15 09:37:37 2009 20090115_143737_poap_4464_init.log
169740 Jun 16 13:49:40 2015 20150616_154841_poap_4461_init.log
8989 Apr 29 09:21:37 2015 b4config.txt
9861 Jun 16 11:31:01 2015 b4config2.txt
304 Aug 04 12:21:31 2016 license.lic
4096 Apr 08 15:11:22 2015 lost+found/
34672128 Jul 07 15:12:50 2014 n5000-uk9-kickstart.6.0.2.N1.2.bin
238082390 Jul 07 15:13:39 2014 n5000-uk9.6.0.2.N1.2.bin
4096 Jan 01 14:16:55 2009 vdc_2/
4096 Jan 01 14:16:55 2009 vdc_3/
4096 Jan 01 14:16:55 2009 vdc_4/
4096 Jan 01 14:16:55 2009 virt_strg_pool_bf/
Usage for bootflash://
390725632 bytes used
1260179456 bytes free
1650905088 bytes total
HQ-ST-5K1#
Note: I later turned off file sharing and remote access under System Preferences>Sharing on my Mac.
Step 5. Verify contents of file HOST-ID in the license file match the N5K using the show file command and the show license host-id command. (This is very important if you are working with more than one license file, and want the license to work.)
HQ-ST-5K1# show file license.lic
SERVER this_host ANY
VENDOR cisco
INCREMENT LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>N55-BAS1K9</SKU> \
HOSTID=VDH=SSI123456AB \
NOTICE="<LicFileID>20160804111111111</LicFileID><LicLineID>1</LicLineID> \
<PAK></PAK>" SIGN=###E##C#A###
HQ-ST-5K1#
HQ-ST-5K1# sh license host-id
License hostid: VDH=SSI123456ABS
HQ-ST-5K1#
Step 6. Install the license with the install license command.
HQ-ST-5K1# install license bootflash:license.lic
Installing license .......Enable Layer 3.
Please reload the switch if the switch has previously gone through a non-disruptive NX-OS upgrade.
done
HQ-ST-5K1#
Note: I assumed that I did not need to reload since I had not done a NX-OS upgrade
Step 7. Verify the license has been installed with the show license command.
HQ-ST-5K1# sh license
license.lic:
SERVER this_host ANY
VENDOR cisco
INCREMENT LAN_BASE_SERVICES_PKG cisco 1.0 permanent uncounted \
VENDOR_STRING=<LIC_SOURCE>MDS_SWIFT</LIC_SOURCE><SKU>N55-BAS1K9</SKU> \
HOSTID=VDH=SSI123456AB \
NOTICE="<LicFileID>20160804111111111</LicFileID><LicLineID>1</LicLineID> \
<PAK></PAK>" SIGN=###E##C#A###
HQ-ST-5K1#
I hope this may help others who need to install or work with licenses on a Nexus 5500.