You have upgraded your Cisco Nexus 7009 Switches and converted the default VDC to an
admin VDC. You notice that all of the ACLs are still present on the admin VDC after the
conversion. What should you do?
A.
enable configuration synchronization between the admin VDC and the production VDCs
B.
delete the ACLs
C.
delete all ACLs except those related to CoPP
D.
delete all ACLs except those bound to resource templates
E.
use the system admin-vdc acl command to properly migrate ACLs
http://www.cisco.com/en/US/docs/switches/datacenter/sw/nx-os/virtual_device_context/configuration/guide/vdc_admin.html
The guidelines and limitations for migrating to an admin VDC with system admin-vdc and system admin-VDC migrate commands are as follows:
•During the admin VDC migration, some feature configurations, such as access control lists (ACLs), are copied into the new VDC but they are not removed from the admin VDC. You have to explicitly remove any unwanted configurations in the admin VDC. While it is recommended to remove this configuration, keeping it does not cause any side effect.
Creating an Admin VDC
You can create an admin VDC in one of the following ways:
After a fresh switch bootup, a prompt is displayed to select the admin VDC. Choose Yes at the prompt to create an admin VDC. This option is recommended for brand new deployments. It is not recommended to use this option when migrating from Supervisor 1 to Supervisor 2/2e. For more information on the Supervisor 1 to Supervisor 2/2e migration procedure, see the following document: http://www.cisco.com/en/US/docs/switches/datacenter/hw/nexus7000/installation/guide/n7k_replacing.html#wp1051017
Enter the system admin-vdc command after bootup. The default VDC becomes the admin VDC. All the nonglobal configuration in the default VDC is lost after you enter this command. This option is recommended for existing deployments where the default VDC is used only for administration and does not pass any traffic.
You can change the default VDC to the admin VDC with the system admin-vdc migrate new vdc name command. After entering this command, the nonglobal configuration on a default VDC is migrated to the new migrated VDC. This option is recommended for existing deployments where the default VDC is used for production traffic whose downtime must be minimized.
Note
If the default VDC has Fabric Extenders that are enabled and configured, the migration of the default VDC configuration can take several minutes