Friday, September 19, 2014

Cisco VLAN -Practical


VLAN Fundations
- logicaly group users
- segments broadcast domains
- subnet correlations
- access control
- quality of service



Create VLANs
Test_Lab01#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Test_Lab01(config)#vlan 185
Test_Lab01(config-vlan)#name Web_Backend
Test_Lab01(config-vlan)#vlan 3
Test_Lab01(config-vlan)#name Distribution
Test_Lab01(config-vlan)#vlan 208
Test_Lab01(config-vlan)#name Ad_Test
Test_Lab01(config-vlan)#^Z
Test_Lab01#


Add Interfaces to VLAN

Test_Lab01(config)#int gi1/0/1
Test_Lab01(config-if)#switchport mode access
Test_Lab01(config-if)#switchport access vlan 13
Test_Lab01(config-if)#no shut

Test_Lab01(config)#int gi1/0/2
Test_Lab01(config-if)#switchport mode access
Test_Lab01(config-if)#switchport access Vlan 13
Test_Lab01(config-if)#no shut


Test_Lab01(config)#int gi1/0/3
Test_Lab01(config-if)#switp
Test_Lab01(config-if)#switchport mode access
Test_Lab01(config-if)#switchport access vlan 13
Test_Lab01(config-if)#no shut


Test_Lab01(config-if)#int gi1/0/4
Test_Lab01(config-if)#switchpo
Test_Lab01(config-if)#switchport mode access
Test_Lab01(config-if)#switchport access vlan 185
Test_Lab01(config-if)#no shut


Test_Lab01(config-if)#int gi1/0/5
Test_Lab01(config-if)#switchport mode access
Test_Lab01(config-if)#switchport access vlan 185
Test_Lab01(config-if)#no shut

Test_Lab01(config-if)#int gi1/0/6
Test_Lab01(config-if)#switchport mode access
Test_Lab01(config-if)#switchport access vlan 185
Test_Lab01(config-if)#no shut


Multiple interface in VLAN

Test_Lab01#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Test_Lab01(config)#int range gi1/0/7 -9
Test_Lab01(config-if-range)#switchport mode access
Test_Lab01(config-if-range)#switchport access vlan 3
Test_Lab01(config-if-range)#no shut
Test_Lab01(config-if-range)#exit
Test_Lab01(config)#exit
Test_Lab01#w


Test_Lab01(config)#int range gi1/0/10 -12
Test_Lab01(config-if-range)#switchport mode access
Test_Lab01(config-if-range)#switchport access vlan 3
Test_Lab01(config-if-range)#no shut
Test_Lab01(config-if-range)#exit
Test_Lab01(config)#exit
Test_Lab01#
00:32:43: %SYS-5-CONFIG_I: Configured from console by console
Test_Lab01#wr
Building configuration...
[OK]
Test_Lab01#


VALIDATE Config

Test_Lab01#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active
3    Distribution                     active    Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                Gi1/0/10, Gi1/0/11, Gi1/0/12
13   Server_Farm                      active    Gi1/0/1, Gi1/0/2, Gi1/0/3
185  Web_Backend                      active    Gi1/0/4, Gi1/0/5, Gi1/0/6
208  Ad_Test                          active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
3    enet  100003     1500  -      -      -        -    -        0      0
13   enet  100013     1500  -      -      -        -    -        0      0
185  enet  100185     1500  -      -      -        -    -        0      0
208  enet  100208     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 trcrf 101003     4472  1005   3276   -        -    srb      0      0

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trbrf 101005     4472  -      -      15       ibm  -        0      0


VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7       7       off

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------



Test_Lab01#
Posted by at No comments:

Cisco - Router - Configure Clock Time


Router(config)# clock timezone CST -6


rtl3arl01#config t

Enter configuration commands, one per line.  End with CNTL/Z.

rtl3arl01#clock set 03:44:00 21 January 2009


rtl3arl01#sh clock
03:45:08.091 EST Wed Jan 21 2009


Posted by at No comments:

Cisco - Router - Configure DNS

rtl3arl01#config t
Enter configuration commands, one per line.  End with CNTL/Z.
rtl3arl01(config)#in name
rtl3arl01(config)#ip name
rtl3arl01(config)#ip name-server 68.87.71.226
rtl3arl01(config)#ip name-server 68.87.73.242
rtl3arl01(config)#ip name-server 68.87.64.146
rtl3arl01(config)#^Z
rtl3arl01#ping www.cisco.com

Router# ping www.cisco.com
Translating "www.cisco.com"...domain server (192.168.1.100) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 198.133.219.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 224/228/236 ms


Router# show running-config
Building configuration...
Current configuration : 470 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log uptime
no service password-encryption
!
hostname Router
!
!
ip subnet-zero
ip name-server 192.168.1.100

!--- Configures the IP address of the name server.
!--- Domain lookup is enabled by default.

!
!
interface Ethernet0
 ip address 192.168.1.1 255.255.255.0
!
!

!--- Output Suppressed.

 end
Posted by at No comments:

Nexus 7K 5K 2K

Nexus 7K    5K   2K

    • 7K  - Routing - VDC, VRF, SVI
    • 5K  - Switching - has the config for 2K 
    • 2K  - Module - No config  

Nexus 7K

Boot Files
boot kickstart bootflash:/n7000-s2-kickstart.6.2.8a.bin sup-1
boot system bootflash:/n7000-s2-dk9.6.2.8a.bin sup-1
boot kickstart bootflash:/n7000-s2-kickstart.6.2.8a.bin sup-2
boot system bootflash:/n7000-s2-dk9.6.2.8a.bin sup-2

Features
feature tacacs+
cfs eth distribute
feature ospf
feature bgp
feature pim
feature pbr
feature udld
feature interface-vlan
feature netflow
feature hsrp
feature lacp
feature vpc

Configure NTP
ntp distribute
ntp server 1.1.1.16 use-vrf management
ntp server 2.2.2.16 use-vrf management
ntp server 3.3.3. prefer use-vrf management
ntp commit

Create VLANs
vlan 1,10-13,28,35,896-899
vlan 10
  name internet_fw_net
vlan 11
  name off_shore_fw_net
vlan 12
  name partner_fw_net
vlan 13
  name vpn_fw_net
vlan 28
  name Mobile_VPN_Access
vlan 35
  name VPN_FW_Network
vlan 896
  name keep_alive
vlan 897
  name routed_network
vlan 898
  name vpc_native_vlan
vlan 899
  name non_vpc_native_vlan

interface Vlan10
  description Internet_FW_Network
  no shutdown
  no ip redirects
  ip address x.x.x.x/28
  ip router ospf 1 area 0.0.0.25
  hsrp version 2
  hsrp 10
    authentication md5 key-chain hsrp_key
    preempt
    priority 255
    ip 10.10.10.1

OSPF
router ospf 1
  router-id 10.15.1.1
  redistribute static route-map static_to_ospf
  passive-interface default

BGP
router bgp 65000
  router-id 10.150.10.10
  neighbor 10.150.10.20 remote-as 65200
    update-source loopback0
    address-family ipv4 unicast
      next-hop-self
no system auto-upgrade epld



We’ve abandoned the prior decision to upgrade to 6.2(12) since that would require an upgrade to the EPLD (a time consuming process that may exceed the allotted change window). The plan now is to upgrade the code to 6.2(8a) to match Markley:

1. Un-manage the 7ks in SW

2. remove old code from the active supervisor:
delete bootflash:n7000-s2-kickstart.6.1.2.bin
delete bootflash:n7000-s2-dk9.6.1.2.bin

3. remove old code from the backup supervisor:
delete bootflash://sup-standby/n7000-s2-kickstart.6.1.2.bin
delete bootflash://sup-standby/n7000-s2-dk9.6.1.2.bin

4. Save config using SW NCM

5. Upgrade: install all kickstart n7000-s2-kickstart.6.2.8a.bin system n7000-s2-dk9.6.2.8a.bin

6. view upgrade status: show install all status

7. verify upgrade: show version

8. Re-manage 7ks in SW

NOTE: Current contents of bootflash on both cores:
dir bootflash:
          0    Aug 16 06:03:09 2013  20130816_100309_poap_6064_init.log
        735    Aug 16 10:10:01 2013  20130816_140921_poap_6588_init.log
          0    Sep 13 18:28:56 2013  20130913_222856_poap_6483_init.log
          0    Sep 19 15:03:34 2013  20130919_190334_poap_6494_init.log
       1700    Aug 16 04:56:28 2013  JAF1724ACPB_14119185.lic
       4096    Sep 19 15:54:33 2013  epld_dir/
  218199431    Aug 16 04:56:03 2013  n7000-s2-dk9.6.1.2.bin
  376298463    Sep 19 15:15:28 2013  n7000-s2-dk9.6.2.2.bin
  420778741    Apr 28 15:25:06 2015  n7000-s2-dk9.6.2.8a.bin
   66970691    Sep 19 15:50:27 2013  n7000-s2-epld.6.2.2.img
   36344320    Aug 16 04:53:59 2013  n7000-s2-kickstart.6.1.2.bin
   37069824    Sep 19 15:14:42 2013  n7000-s2-kickstart.6.2.2.bin
   36619776    Apr 28 15:25:45 2015  n7000-s2-kickstart.6.2.8a.bin
       4096    Aug 16 06:02:36 2013  scripts/
       4096    Aug 16 06:01:56 2013  vdc_2/
       4096    Aug 16 06:01:56 2013  vdc_3/
       4096    Aug 16 06:01:56 2013  vdc_4/
       4096    Aug 16 06:01:56 2013  vdc_5/

Posted by at No comments:
Subscribe to: Posts (Atom)