Cisco

• Diversen
• Diverse handige Cisco commando's
• Reset van de switch
• Reset Cisco 3650 m.b.v. ROMMON mode
• Software upgrade
• Upgrade Cisco 3650
• Vlans
• Configure VLANs, Access Ports & Trunk Ports on Cisco Switches

Diversen

Diverse handige Cisco commando's

Access Poort

interface range FastEthernet1/0/1-12
 description Internet
 switchport access vlan 100
 switchport mode access
 load-interval 30
 no mdix auto
 no cdp enable
 spanning-tree portfast
!

Trunk Poort

interface GigabitEthernet1/0/1
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport trunk allowed vlan 99,100
 switchport mode trunk
 switchport nonegotiate
 ip arp inspection trust
 logging event trunk-status
 load-interval 30
 ip dhcp snooping trust
!

Timezone

clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00

NTP Servers

ntp server 145.68.237.7
ntp server 145.68.238.144

Status van de interfaces

sh int status

Laat zien wanneer de interfaces voor het laatst actief zijn geweest

sh int | inc line protocol is|Last input

Laat informatie zien zoals temperatuur, fans, power

sh env all

Uptime van de switch

sh hard | i uptime

IP-adressen achterhalen die zijn toegekend aan de poorten

show ip dhcp snooping binding

PoE op poort uit- en inschakelen

int fa1/0/1
power inline never
no power inline never

Uitlezen PoE status

show powerinline

Interface op default zetten

default int fa1/0/1

err-disabled poorten uitlezen en weer actief zetten

show interfaces status err-disabled

conf term
interface FastEthernet1/0/1
shutdown
no shutdown
exit

Laat de "neighbours" zien

sh cdp nei

Laat details zien van een tranceiver (SFP)

sh int g2/1/1 transceiver detail

 

Reset van de switch

Reset Cisco 3650 m.b.v. ROMMON mode

Houd de "Mode" toets ingedrukt als je daarna de spanning op de switch aansluit.
Wacht ca 30 seconden en laat de mode toets los. Er verschijnt nu de "switch:" prompt.
Voer daarna het volgende uit:

flash_init
load_helper (werkt niet altijd)
set BYPASS_STARTUP_CONFIG 1
unset STACK_1_1 (wanneer de 3650 onderdeel van een stack was)
boot

Hierna kom je weer in de initial config dialog
Verwijder de vlan.dat, voer een write erase uit en daarna een reload:

del flash:vlan.dat
write erase
reload

Als laatste nog een keer naar de ROMMON mode met behulp van de "Mode" toets en zet de variabele BYPASS_STARTUP_CONFIG terug:

flash_init
set BYPASS_STARTUP_CONFIG 0

Software upgrade

Upgrade Cisco 3650

Log in op de switch en voer de volgende commando's uit:

write erase
delete flash:vlan.dat
show interface status (kijk of switch in stack 1 zit).

Zo niet dan:

switch 4 renumber 1

Op het moment van schrijven gebruik ik de software versie cat3k_caa-universalk9.16.12.08.SPA.bin
Zet de software op een USB-stick en koppel deze aan de Cisco 3650.
Voer het volgende uit:

request platform software package clean switch all file flash:

copy usbflash0:cat3k_caa-universalk9.16.12.08.SPA.bin flash:

request platform software package install switch all file flash:cat3k_caa-universalk9.16.12.08.SPA.bin new auto-copy

reload

De switch start opnieuw op. Voer daarna nog het laatste commando uit:

enable

request platform software package clean switch all file flash:

 

Vlans

Configure VLANs, Access Ports & Trunk Ports on Cisco Switches

In this lesson, we will learn how to configure VLANs on Cisco switches and their assignments to interfaces. We will also learn about Access Ports & Trunk ports and how to configure them. Before diving into the configuration part, lets review a bit of theory related to it.

Virtual LANs (VLANS) provide logical segmentation by creating multiple broadcast domains on the same network switch. VLANs provide higher utilization of switch ports because a port can be associated to the necessary broadcast domain, and multiple broadcast domains can reside on the same switch.

VLANs are identified by IEEE 802.1Q statndard, which adds 32 bits in IP packet header with following details:

Tag Protocol ID (TPID)

Priority Code Point (PCP)

Drop Eligibal Indicator (DEI)

VLAN ID

By default all interfaces are active & assigned to VLAN 1, which is default VLAN. Any information received on a trunk port without 802.1Q VLAN tag is associated to Native VLAN. Native VLAN must match on both trunk ports not doing so can cause traffic to change VLANs unintentionally.

Note that VLAN information is not stored in configuration (running-config / startup-config) but in a separate file named as vlan.dat on router/switch flash memory.

Creating VLANs

VLANs are created in global configuration mode and are named in sub-global configuration mode.

switch#configure terminal
switch(config)#vlan 10
switch(config-vlan)#name IT-Department
switch(config-vlan)#vlan 20
switch(config-vlan)#name Finance

VLANs & their ports assignments can be verified with show vlan | show vlan brief & show vlan summary commands.

Access Ports

Now that we know how to configure VLANs now we will learn about Access port on Cisco switches. An access port carries traffic from specified VLAN to the device connected to it or from the device to other devices connected on same VLAN. An Access port can only be assigned to one VLAN & you can configure a switchport as an access port as follows:

switch(config)#interface fa0/1
switch(config-if)#switchport mode access
switch(config-if)#switchport access vlan 10
switch(config-if)#interface fa0/2
switch(config-if)#switchport mode access
switch(config-if)#switchport access vlan 20

Trunk Ports

A switchport configured as trunk port can carry multiple VLANs information and it typically used when multiple VLANs need connectivity between switch and other devices like router or firewall. To configure a switchport as trunk port.

switch#configure terminal
switch(config)#interface fa0/10
switch(config-if)#switchport mode trunk
switch(config-if)#interface fa0/11
switch(config-if)#switchport mode trunk

Trunk ports information can be seen by issuing show interfaces trunk command. This command output can be categorized into three parts.

• First part of the output contains information regarding trunk ports, their status, their association to an Etherchannel & Native VLAN
• Second part of the output displays list of allowed VLANs on trunk port
• Third section displays VLANs that are in spanning tree forwarding state on that switch however ports that are in spanning tree blocking state are not displayed.

Access and Trunk ports

If you intend to use VLANs in your network, you will need to configure some ports on a switch as access ports and other as trunk ports. Here is a description each port type:

• access port – a port that can be assigned to a single VLAN. This type of interface is configured on switch ports that are connected to end devices such as workstations, printers, or access points.
• trunk port – a port that is connected to another switch. This type of interface can carry traffic of multiple VLANs, thus enabling you to extend VLANs across your entire network. Frames are tagged by assigning a VLAN ID to each frame as they traverse between switches.

Allowed VLANs

By default all VLANs are allowed on a trunk, however we can categorically allow specific VLANs over the trunk port. Traffic can be minimized on trunk ports to restrict broadcast traffic too. Sample configuration is appended.

switch#configure terminal
switch(config)#interface fa0/10
switch(config-if)#switchport trunk allowed vlan 1, 10, 20
switch(config-if)#switchport mode trunk

Addition and Removal of VLANs

If you want to add VLANs in running trunk port it must be added using “add” or “remove” command other wise it will replace all existing VLANs with newly added/removed VLAN.

switch(config-if)#switchport trunk allowed vlan add 100
switch(config-if)#switchport trunk allowed vlan remove 20

That’s all for now, hopefully this is been informative for you and by now you know a lot more about configuring VLANs, Access Ports & Trunk Ports.

Bron:
Configure VLANs, Access Ports & Trunk Ports on Cisco Switches