Pleas click on the template title below to expand
ip dhcp excluded-address 10.96.252.1 10.96.252.10
ip dhcp pool DATA
Network 10.96.252.0 255.255.255.0
defaul-router 10.96.252.1
lease 3 0
EIGRP Configuration
Router EIGRP 100
Network 10.10.10.0 0.0.0.255
Network 10.20.20.0. 0.0.0.127
network 192.168.200.0 0.0.0.255
no auto-summary
OSPF Config
Route Ospf 100
Network 10.10.10.0 0.0.0.255 area 10
Network 10.20.20.0. 0.0.0.127 area 10
network 192.168.200.0 0.0.0.255 area 10
Static route Config
ip route 10.10.10.0 255.255.255.0 s3/1( Exit interface )or nexthop 10.10.20.1
Default route config
ip route 0.0.0.0 0.0.0.0 s3/1 or nexthop 10.10.20.1
Access Configuration
int range f1/2 – 10
Switchport access Vlan 20
Sw mo ac
spanning portfast
Trunk Port Configuration
int f1/1
switchport trunk encap dot1q
sw mode trunk
Allowed Vlan Trunk Port Configuration
int f1/1
switchport trunk encap dot1q
switchport trunk allowed vlan 1,20,30,1002-1005
sw mode trunk
Creating Sub Interface on a Router
int f1/0
no shut
int f1/0.100
encap dot1Q 100
ip add 10.10.10.1 255.255.255.0
Without Sub interface
int f1/0
no shut
ip add 10.10.10.1 255.255.255.0
Loopback interface
int loopback 0
ip add 2.2.2.2 255.255.255.255
no shut
Virtual Server Port Configuration
int f1/1
Description Virtual_Host1
switchport trunk allowed vlan 1,20,30,40,1002-1005
switchport mode trunk
spaning-tree portfast trunk
Adding a Server to Management vlan
int f1/2
Description DNS_Server1
switchport access valn 100
sw m acc
spanning-tree Portfast
int e1/7
Description(Server name)
switchport
switchport access vlan 1001
spanning-tree port type edge
no shutdown
interface e3/2
description SW1 connected trunk
switchport
switchport mode trunk
switchport trunk native vlan 499
switchport trunk allowed vlan 1,11-12,32,34-35,51-52,60,72-73
spanning-tree guard root
interface Ethernet3/9
description vPC to NEW_RGWST-SW1 connected trunk
switchport
switchport mode trunk
switchport trunk native vlan 500
switchport trunk allowed vlan 1,5,11-12,32,35,40,45,50-52,60,71-73
switchport trunk allowed vlan add 75,99-101,125-128,150,160,196-198
switchport trunk allowed vlan add 200,207,230,253,301,401-404,425
switchport trunk allowed vlan add 499,502,1000,2510,3501
channel-group 1018 mode active
no shutdown
SW1(config)#switch 1 priority 15
SW1#copy running-config startup-config
SW1#reload
3750-Stk>show switch
Current
Switch# Role Mac Address Priority State
——————————————————–
1 Slave 0016.4748.dc80 1 Ready
*2 Master 0016.9d59.db00 5 Ready
3750-Stk# show switch stack-ports
Switch # Port 1 Port 2
——– —— ——
1 Ok Down
2 Ok Ok
3 Ok Down
3750-Stk# show switch neighbors
Switch # Port 1 Port 2
——– —— ——
1 2 None
2 1 3
3 2 None
3750-Stk#show switch stack-ports
Switch # Port 1 Port 2
——– —— ——
1 Ok Ok
2 Ok Ok
3 Ok Ok
Configuration for SSH
line vty 0 4
privilege level 15
password NPTC
transport input ssh
transport output telnet ssh
line vty 5 15
privilege level 15
transport input ssh
transport output telnet ssh
line vty 16 97
transport input ssh
transport output telnet ssh
crypto key generate rsa general-keys modulus 2048 exportable
Configuration for Telnet
line vty 0 4
exec-timeout 30 0
privilege level 15
password NPTC
logging synchronous
transport input telnet
transport output telnet
Redistribution Configuration for different Different EIGRP AS Number
router eigrp 100
redistribute eigrp 200
router eigrp 200
redistribute eigrp 100
Redistribution Configuration for different Different OSPF AS Number
router ospf 1
redistribute ospf 2 subnet
router ospf 2
redistribute ospf 1 subnet
Redistribution Configuration with mixed OSPF & EIGRP Environment
router ospf 1
redistribute eigrp 1 subnets
router eigrp 1
redistribute ospf 1 metric 5000 10 255 255 65535
Redistribution configuration with default route and EIGRP
ip route 0.0.0.0 0.0.0.0 s3/1
router eigrp 1
redistribute static
Redistribution configuration with default route and OSPF
ip route 0.0.0.0 0.0.0.0 s3/1
router ospf 1
default-information originate
Show command on routers
Show run- to check running configuration
Show run | be line con 0- to check the line configuration
show run int f1/0- To check port configuration
show ip int br- To check port status, ip address
show ip route
show ip eigrp ne
show ip ospf ne
show run | be route
show run | be eigrp
show run | be ospf
show run | be dhcp
show ip dhcp binding
Show ip dhcp conflict
sh arp | in 9cc0.7700.2f86
sh arp | in 10.96.41.5
sh processes cpu sorted
sh processes cpu history
sh ip int br | exc una
show int trunk- to check the status of the trunk
Show int status- To check the status of the port, Vlan and trunk
show ip int br – to check virtual port , Ip address
show run
Show vlan br
show int status
show int trunk
show run int f1/0
Show ip int br
Show vtp status
show vtp password
show interfaces f/14 | include line protocol
Show in f1/2 | include errors
sh int status | include Vlan | connected
show mac address-table | include GigabitEthernet2/28
show mac address-table int gi1/0/34
sh processes cpu sorted
sh processes cpu history
sh ip int br | exc una
Configuration Procedure
In order to bind two Switches using VSS we will have to do the following:
- Configure a virtual switch domain on both switches and configure one switch as “switch 1” and the other one as “switch 2”.
- Configure the virtual switch links.
- Execute the conversion command which will reboot the switches.
Before you configure anything verify if the modules are running the same IOS
Step1: Configure a virtual switch domain on both switches with the same ID
Switch 1 Configurtaion Switch2 Configuration
conf t Conf t
switch virtual domain 10 switch virtual domain 10 switch 1 switch 2 exit exit
Step2: Virtual Switch Link (VSL) to facilitate communication between two switches.
int range ten1/1 – 2 int range ten1/1 – 2
description VSL1 description VSL2
switchport mode trunk switchport mode trunk
channel-group 5 mode on channel-group 5 mode on
Switch 1 Configuration Switch 2 Configuration
int port-channel 5 int port-channel 5
description VSL for VSS description VSL for VSS
switchport switchport switch virtual link 1 switch virtual link 1
no shut no shut
exit exit
Step2: Configure the conversion command on both switches <– tells the switch to reload and merge with the other VSS member
Switch1 Configuration Switch 2 Configuration
Switch convert mode virtual Switch convert mode virtual
Show Command
Show switch virtual
Show switch virtual link
Show switch virtual role
STEP 1: Create vpc VRF on Both switches (NB: Apply same configuration on the second device)
N5k-Primary(config)# vrf context keepalive
STEP 2: ENABLE THE VPC FEATURE (NB: Apply same configuration on the second device)
N5k-Primary(config)# feature vpc
Step3: Create VPC DOMAIN ON BOTH SWITCHES (NB: Apply same configuration on the second device)
N5k-Primary(config)# vpc domain 1
N5k-Primary (config-vpc-domain)# peer-keepalive destination 192.168.1.2 source 192.168.1.1 vrf keepalive
N5k-Primary(config-vpc-domain)# show vpc role
Step 4: create PEER KEEPALIVE LINK
N5k-Primary(config)# vlan 23
N5k-Primary(config-vlan)# name keepalive
interface Vlan23
description vPC _Keepalive
vrf member VPC_keepalive
ip address 192.168.1.1/24
N5k-Primary# show vpc peer-keepalive
NB: Apply same configuration on the second device with an IP address of 192.168.1.2/24
STEP 5: CONFIGURE THE VPC PEER-LINK
N5k-Primary (config)# feature lacp
N5k-Primary(config)# interface ethernet 1/2-3
N5k-Primary(config-if-range)# description *** VPC PEER LINK
N5k-Primary(config-if-range)# channel-group 23 mode active
N5k-Primary(config)# interface port-channel 23
N5k-Primary(config-if)# description *** VPC PEER LINKS ***
N5k-Primary(config-if)# switchport mode trunk
N5k-Primary(config-if)# switchport trunk allowed vlan 10
N5k-Primary(config-if)# vpc peer-link
N5k-Primary# show vpc
STEP 6: CONFIGURE INDIVIDUAL VPCS TO DOWNSTREAM DEVICES FOR Access Port
interface Ethernet1/1
description *** ServerNIC1***
switchport access vlan 10
speed 1000
channel-group 10
interface port-channel10
switchport access vlan 10
vpc 10
N5k-Primary# show vpc | begin “vPC status
STEP 7: CONFIGURE Orphan port of DOWNSTREAM DEVICES FOR Access and Trunk
interface Ethernet1/1
description *** ServerNIC1***
switchport access vlan 10
spanning-tree port type edge
no shutdown
interface e3/2
description SW1 connected trunk
switchport
switchport mode trunk
switchport trunk native vlan 499
switchport trunk allowed vlan 1,11-12,32,34-35
spanning-tree guard root
Router
R1#write erase
R1#reload
System configuration has been modified. Save? [yes/no]: no
Switches
switch1#write erase
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
switch1#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
switch1#reload
VTP Configuration
vtp domain NPTC
vtp password secret
vtp mode sever
Show command
Show vtp status
ip dhcp excluded-address 10.96.252.1 10.96.252.10
ip dhcp pool DATA
Network 10.96.252.0 255.255.255.0
defaul-router 10.96.252.1
lease 3 0
EIGRP Configuration
Router EIGRP 100
Network 10.10.10.0 0.0.0.255
Network 10.20.20.0. 0.0.0.127
network 192.168.200.0 0.0.0.255
no auto-summary
OSPF Config
Route Ospf 100
Network 10.10.10.0 0.0.0.255 area 10
Network 10.20.20.0. 0.0.0.127 area 10
network 192.168.200.0 0.0.0.255 area 10
Static route Config
ip route 10.10.10.0 255.255.255.0 s3/1( Exit interface )or nexthop 10.10.20.1
Default route config
ip route 0.0.0.0 0.0.0.0 s3/1 or nexthop 10.10.20.1
Access Configuration
int range f1/2 – 10
Switchport access Vlan 20
Sw mo ac
spanning portfast
Trunk Port Configuration
int f1/1
switchport trunk encap dot1q
sw mode trunk
Allowed Vlan Trunk Port Configuration
int f1/1
switchport trunk encap dot1q
switchport trunk allowed vlan 1,20,30,1002-1005
sw mode trunk
Creating Sub Interface on a Router
int f1/0
no shut
int f1/0.100
encap dot1Q 100
ip add 10.10.10.1 255.255.255.0
Without Sub interface
int f1/0
no shut
ip add 10.10.10.1 255.255.255.0
Loopback interface
int loopback 0
ip add 2.2.2.2 255.255.255.255
no shut
Virtual Server Port Configuration
int f1/1
Description Virtual_Host1
switchport trunk allowed vlan 1,20,30,40,1002-1005
switchport mode trunk
spaning-tree portfast trunk
Adding a Server to Management vlan
int f1/2
Description DNS_Server1
switchport access valn 100
sw m acc
spanning-tree Portfast
int e1/7
Description(Server name)
switchport
switchport access vlan 1001
spanning-tree port type edge
no shutdown
interface e3/2
description SW1 connected trunk
switchport
switchport mode trunk
switchport trunk native vlan 499
switchport trunk allowed vlan 1,11-12,32,34-35,51-52,60,72-73
spanning-tree guard root
interface Ethernet3/9
description vPC to NEW_RGWST-SW1 connected trunk
switchport
switchport mode trunk
switchport trunk native vlan 500
switchport trunk allowed vlan 1,5,11-12,32,35,40,45,50-52,60,71-73
switchport trunk allowed vlan add 75,99-101,125-128,150,160,196-198
switchport trunk allowed vlan add 200,207,230,253,301,401-404,425
switchport trunk allowed vlan add 499,502,1000,2510,3501
channel-group 1018 mode active
no shutdown
SW1(config)#switch 1 priority 15
SW1#copy running-config startup-config
SW1#reload
3750-Stk>show switch
Current
Switch# Role Mac Address Priority State
——————————————————–
1 Slave 0016.4748.dc80 1 Ready
*2 Master 0016.9d59.db00 5 Ready
3750-Stk# show switch stack-ports
Switch # Port 1 Port 2
——– —— ——
1 Ok Down
2 Ok Ok
3 Ok Down
3750-Stk# show switch neighbors
Switch # Port 1 Port 2
——– —— ——
1 2 None
2 1 3
3 2 None
3750-Stk#show switch stack-ports
Switch # Port 1 Port 2
——– —— ——
1 Ok Ok
2 Ok Ok
3 Ok Ok
Configuration for SSH
line vty 0 4
privilege level 15
password NPTC
transport input ssh
transport output telnet ssh
line vty 5 15
privilege level 15
transport input ssh
transport output telnet ssh
line vty 16 97
transport input ssh
transport output telnet ssh
crypto key generate rsa general-keys modulus 2048 exportable
Configuration for Telnet
line vty 0 4
exec-timeout 30 0
privilege level 15
password NPTC
logging synchronous
transport input telnet
transport output telnet
Redistribution Configuration for different Different EIGRP AS Number
router eigrp 100
redistribute eigrp 200
router eigrp 200
redistribute eigrp 100
Redistribution Configuration for different Different OSPF AS Number
router ospf 1
redistribute ospf 2 subnet
router ospf 2
redistribute ospf 1 subnet
Redistribution Configuration with mixed OSPF & EIGRP Environment
router ospf 1
redistribute eigrp 1 subnets
router eigrp 1
redistribute ospf 1 metric 5000 10 255 255 65535
Redistribution configuration with default route and EIGRP
ip route 0.0.0.0 0.0.0.0 s3/1
router eigrp 1
redistribute static
Redistribution configuration with default route and OSPF
ip route 0.0.0.0 0.0.0.0 s3/1
router ospf 1
default-information originate
Show command on routers
Show run- to check running configuration
Show run | be line con 0- to check the line configuration
show run int f1/0- To check port configuration
show ip int br- To check port status, ip address
show ip route
show ip eigrp ne
show ip ospf ne
show run | be route
show run | be eigrp
show run | be ospf
show run | be dhcp
show ip dhcp binding
Show ip dhcp conflict
sh arp | in 9cc0.7700.2f86
sh arp | in 10.96.41.5
sh processes cpu sorted
sh processes cpu history
sh ip int br | exc una
show int trunk- to check the status of the trunk
Show int status- To check the status of the port, Vlan and trunk
show ip int br – to check virtual port , Ip address
show run
Show vlan br
show int status
show int trunk
show run int f1/0
Show ip int br
Show vtp status
show vtp password
show interfaces f/14 | include line protocol
Show in f1/2 | include errors
sh int status | include Vlan | connected
show mac address-table | include GigabitEthernet2/28
show mac address-table int gi1/0/34
sh processes cpu sorted
sh processes cpu history
sh ip int br | exc una
Configuration Procedure
In order to bind two Switches using VSS we will have to do the following:
- Configure a virtual switch domain on both switches and configure one switch as “switch 1” and the other one as “switch 2”.
- Configure the virtual switch links.
- Execute the conversion command which will reboot the switches.
Before you configure anything verify if the modules are running the same IOS
Step1: Configure a virtual switch domain on both switches with the same ID
Switch 1 Switch2
conf t Conf t
switch virtual domain 10 switch virtual domain 10 switch 1 switch 2 exit exit
Step2: Virtual Switch Link (VSL) to facilitate communication between two switches.
int range ten1/1 – 2 int range ten1/1 – 2
description VSL1 description VSL2
switchport mode trunk switchport mode trunk
channel-group 5 mode on channel-group 5 mode on
Switch 1 Switch 2
int port-channel 5 int port-channel 5
description VSL for VSS description VSL for VSS
switchport switchport switch virtual link 1 switch virtual link 1
no shut no shut
exit exit
Step2: Configure the conversion command on both switches <– tells the switch to reload and merge with the other VSS member
Switch 1 Switch 2
Switch convert mode virtual Switch convert mode virtual
Show Command
Show switch virtual
Show switch virtual link
Show switch virtual role
Router
R1#write erase
R1#reload
System configuration has been modified. Save? [yes/no]: no
Switches
switch1#write erase
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
switch1#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
switch1#reload
VTP Configuration
vtp domain NPTC
vtp password secret
vtp mode sever
Show command
Show vtp status
Creating a Network with HSRP
1.show vlan br
2. create vlan and you name it
3. Show ip int br to choose scope ping .1,.129,.193 and traceroute
4. do show run int vlan ( existing Number) to mimic the environment
5. Do show standby brief to choose the correct group number
Core_1 configuration
vlan 200
Name NPTC
interface Vlan 200
description NPTC
ip address 10.100.5.2 255.255.255.0
ip helper-address 10.100.200.2
ip helper-address 10.100.200.3
no ip redirects
no ip mroute-cache
standby 64 ip 10.100.5.1
Core_2 configuration
vlan 200
Name NPTC
interface Vlan 200
ip address 10.100.5.3 255.255.255.0
ip helper-address 10.100.200.2
ip helper-address 10.100.200.3
no ip redirects
no ip mroute-cache
standby 64 ip 10.100.5.1
standby 64 priority 110
standby 64 preempt
Vlan 200
name NPTC
10.24.17.0/24
!
interface vlan 200 ( DHCP Network)
description NPTC
ip address 10.24.17.1 255.255.255.0
ip helper-address 10.24.14.19
ip helper-address 10.24.14.20
no ip redirects
no ip unreachables
no ip proxy-arp
end
Giving DHCP scope to the Server team when necessary
Network 10.24.17.0
SM 255.255.255.0
GW 10.24.17.1
Vlan 200
Reserved 10.24.17.1 to 10
interface Vlan200 ( Static Network)- For Multcast network
description NPTC
ip address 10.24.17.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip pim sparse-dense-mode
This is just example of a real environment using HSRP- Always Micmic your environment
Core_1
interface Vlan200 ( Static network)
no ip redirects
ip address 10.100.0.2/28
ip router eigrp MMC
ip authentication mode eigrp MMC md5
ip authentication key-chain eigrp MMC EIGRP
ip passive-interface eigrp 200
ip passive-interface eigrp MMC
hsrp version 2
hsrp 200
authentication md5 key-chain HSRP
preempt
priority 105 forwarding-threshold lower 1 upper 105
ip 10.100.0.1
no shutdown
interface Vlan 300
ip access-group zero-clients in
no ip redirects
ip address 10.3.4.2/24
ip router eigrp MMC
ip authentication mode eigrp MMC md5
ip authentication key-chain eigrp MMC EIGRP
ip passive-interface eigrp 100
ip passive-interface eigrp MMC
hsrp version 2
hsrp 300
authentication md5 key-chain HSRP
preempt
priority 105 forwarding-threshold lower 1 upper 105
ip 10.3.4.1
ip dhcp relay address 10.40.0.41
ip dhcp relay address 10.40.0.42
description NPTC
Core _2
Vlan 200
Name NPTC
vlan 200
interface Vlan200 ( Static Network for Nexus)
no ip redirects
ip address 10.100.1.3/24
ip router eigrp MMC
ip authentication mode eigrp MMC md5
ip authentication key-chain eigrp MMC EIGRP
ip passive-interface eigrp 300
ip passive-interface eigrp MMC
hsrp version 2
hsrp 200
authentication md5 key-chain HSRP
preempt
priority 100 forwarding-threshold lower 1 upper 100
ip 10.100.1.1
description NPTC
No shutdown
interface Vlan300
no ip redirects
ip address 10.3.4.3/24
ip router eigrp MMC
ip authentication mode eigrp MMC md5
ip authentication key-chain eigrp MMC EIGRP
ip passive-interface eigrp 100
ip passive-interface eigrp MMC
hsrp version 2
hsrp 300
authentication md5 key-chain HSRP
preempt
priority 100 forwarding-threshold lower 1 upper 100
ip 10.100.4.1
ip dhcp relay address 10.40.0.41
ip dhcp relay address 10.40.10.42
description NPTC
no shutdown
Core 1
vlan 500
name MulticastVlan
interface Vlan 500
description Multicast VLAN
ip address 10.50.50.2 255.255.255.0
glbp 1 ip 10.50.50.1
glbp 1 preempt
glbp 1 load-balancing round-robin
glbp 1 priority 150
ip helper-address 10.20.50.40
ip helper-address 10.20.50.41
ip pim sparse-mode
Core 2
vlan 500
name MulticastVlan
interface Vlan 500
description Multicast VLAN
ip address 10.50.50.3 255.255.255.0
glbp 1 ip 10.50.50.1
glbp 1 load-balancing round-robin
ip helper-address 10.20.50.40
ip helper-address 10.20.50.41
ip pim sparse-mode
Set vlan 300 2/40
set port speed 2/5 auto
set port duplex 2/5 half
set port duplex 2/5 full
set port speed 2/5 100
set port speed 2/5 10
Set Port 3/1-24 enable
Set Port 5/1-12 disable
setvlan 2 name Marketing
clear vlan 5
Clear config all
Show Comand in Cast Os and IOS
CATOS IOS
show cam show mac-address-table
show port show interface status
show logging buffer show log
WAP (Wireless Access Point) Setup
1.Connect the AP to the switch and assign the AP management Vlan
2. Look for the new AP with show cdp ne to configure the rest on the wireless controller
3. Access Wireless Controller
eg ( https://10.100.14.20/)
4. Configure AP (AP Name…etc).
Click on “Wireless” tab.
Click “Change Filter”
For “Search AP” select the AP ” option box and enter AP name you got on the switch
Once found click the AP Name .
Enter the new AP Name, location in the “General” tab.
Modify “Location” to where the AP will be located.
Click “Apply”
5. WLANS – Add AP to AP Group
Click the WLANs tab.
Click “Advanced”
Click “AP Groups”
Click the AP Group Name that AP will be associated with.
Click “AP’s” tab.
Search for AP in the right hand column.
Click box next to AP and click “Add AP’s”
6. Add AP to AP Policy. ( these will vary from company to company)
Click the “Security” tab
Under “AAA” click the “AP Policies” sub-category.
Click “Add” in the top right corner.
Enter the MAC Address of AP
Click “Apply”
AP#lwapp ap ip address <IP address> <subnet mask>
AP#lwapp ap ip default-gateway <IP-address>
AP#lwapp ap controller ip address 10.96.24.
AP#lwapp ap hostname <name>
AP#capwap ap ip address <IP address> <subnet mask>
AP#capwap ap ip default-gateway <IP-address>
AP#capwap ap controller ip address 10.96.250.10
AP#capwap ap hostname GRV101
AP#capwap ap ip address 10.96.190.14 255.255.255.224
AP#lwapp ap ip default-gateway 10.96.190.1
AP#capwap ap controller ip address 10.27.90.99
AP#lwapp ap hostname FUH002AP02
Autonomous image – k9w7 (this image is standalone)
full lightweight IOS -k9w8 (this works with controller)
to see the image do show ver
Troubleshooting tips
Devices not communicating to the network (Not pingable)
• Know the scope of the issue ( single device or multiple device)
• Determine the source and destination
• Check Cable connection
• Check if right vlan assign to the port
• Check if right vlan is available on the trunk port
• Check for Input errors , Output errors and CRC errors
• Check for Err-disable port
• Check for the IP settings on the device
• Ensure you are dealing with the right port for troubleshooting ( by doing show logging when the user disconnect his device)
• Assign the same IP address on a laptop to isolate the device
Slow Performance of a device or Network
• Know the scope of the issue ( users going to the internet, just users of internal resources, whole LAN or users that cross the WAN) and get details of what they mean by Slow network
• Check the port errors, speed and duplex mismatch problems on a PC Port, Server port or internet gateway port( this usually cause extreme slowness)
• Bad cable
• Do a ping test with reply to see if there is a drop ( with the source and destination IP )
• Do a ping test to check for the RTT
• Do a trace route to check for weird hops or really slow responses
• Look into the router or switch involve for high CPU or any errors in the log
• Check with the link Provider if they see any errors on the link.
• Use monitoring tool to check top talkers on the network to enforce network usage policy
• Educate the user with realities of life.
Slow internet
• Know the scope of the issue
• Does slowness apply to a specific application or everything going to the internet
• Do a trace route with 8.8.8.8 or 4.2.2.2 to determine whether the traffic is going through the primary internet router or the backup because your backup will not be as fast the primary
• Do ping test with reply to see if the packet is dropping
• Use your monitoring tool to determine the bandwidth utilization
• Check the service provider port errors, speed and duplex mismatch
• Ping the internet router from the core switch to see if there is a drop
• Check the logs of the device
No internet Access
• Know the scope of the issue ( and check if devices have right IP address or APIPA address)
• Check for power on network devices
• Ping the internet router or remote router
• Check with ISP for any possible outage
• Reboot of the router
• Check if BGP neighbor is down
• Check with FW for any VPN issues
• Check if the link to provider is not disabled
• Ping the DNS server
• Do nslookup on command prompt
Department not having internet access
• Ping the switch at that location
• check the uplink cable and reboot the switch if is not pingable
• Check if the device has the right IP addresses
• Check the DHCP Server if the scope has run out of IP addresses
URL issue
• Always find out if is a new project for the firewall to open port 80 and 443
• show ip arp | in 10.90.224
• Ping the IP address of the URL with the source (ping 192.168.100.1 source 10.90.224.2 re 1000)
• Check with the server team if the application have no issues on the server
Routing Issue
• Do a trace route to see where the packet was dropping and add the route to the routing table.
• If the route is available check the ACL
• Check when the issue started.
• Check if is a new project to add the new route
• Check for any recent changes on the network
• Do ping and trace route to see where the packet was dropping
• Check the ACL rules
IP conflict
• Check on your router/core switch for any conflict(Show ip dhcp conflict)
• Off one device if you can still ping the same IP address
• Trace the device and find out if DHCP scope IP address has been assigned as static
Always disable your windows FW
Copy backup
3550# copy flash tftp:
Always your remote IP is your laptop IP addresses
3550# copy tftp flash:
3560# show flash:
3550# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
3550(config)# boot system flash:c3560-ipbasek9-mz.122-55.SE10.bin ( New Flash)
3550(config)# no boot system flash:c3560-ipbase-mz.122-35.SE5.bin ( OLD Flash)
3550# write memory
3550# reload
3550# delete flash: c33560-ipbasek9-mz.122-55.SE10.bin
[old flash if needed]
How to Upgrade 4400 router via USB slot
Copy your image file (.bin) unto USB flash disk. (verify image file compatibility with router)
Power on router and let it boot
Insert usb drive(take note of slot number – in this case, 0) into router and proceed with these commands:
Router#dir usb0:
this will display usb flash disk directory. Copy the full image name
Router#copy usb0:(paste image name) bootflash:
Router(config)#No Sys Boot
Router(config)#boot system bootflash:(paste image name)
Router(config)#exit
Router#wr
Router#reload
Arista EOS – Extensible Operating System
Access port configuration in Arista
Example:
lf501…00:33:16(config)#int et5
lf501…00:33:23(config-if-Et5)#switchport mode access
lf501…00:33:33(config-if-Et5)#switchport access vlan 100
lf501…00:33:43(config-if-Et5)#show active
interface Ethernet5
switchport access vlan 100
Trunk port configuration in Arista
lf501…00:36:08(config-if-Et5)#switchport mode trunk
lf501…00:36:42(config-if-Et5)#show active
interface Ethernet5
switchport mode trunk
lf501…01:01:20(config-if-Et5)#switchport trunk allowed vlan 100, 101, 102
lf501…01:01:41(config-if-Et5)#show active
interface Ethernet5
switchport trunk allowed vlan 100-102
switchport mode trunk
With arista #show active in the interface mode will show you the configurations running on the interface. E.g show run int et5 will display same information that ” show active ” will display.
The show commands work in all modes. Unlike cisco there is no need to add “Do”
Speed settings in Arista —-In this example, we are configuring 10 Gbps/full duplex on ethernet5
lf501…00:52:45(config-if-Et5)#speed ?
100full Disable autoneg and force 100 Mbps/full duplex operation
100g Disable autoneg and force 100 Gbps/full duplex operation over 4 or 10 lanes
100g-2 Disable autoneg and force 100 Gbps/full duplex operation over 2 lanes
100g-4 Disable autoneg and force 100 Gbps/full duplex operation over 4 lanes
10full Disable autoneg and force 10 Mbps/full duplex operation
10g Disable autoneg and force 10 Gbps/full duplex operation over 1 lane
1g Disable autoneg and force 1 Gbps/full duplex operation over 1 lane
200g Disable autoneg and force 200 Gbps/full duplex operation over 4 lanes
200g-4 Disable autoneg and force 200 Gbps/full duplex operation over 4 lanes
200g-8 Disable autoneg and force 200 Gbps/full duplex operation over 8 lanes
25g Disable autoneg and force 25 Gbps/full duplex operation over 1 lane
400g Disable autoneg and force 400 Gbps/full duplex operation over 8 lanes
400g-8 Disable autoneg and force 400 Gbps/full duplex operation over 8 lanes
40g Disable autoneg and force 40 Gbps/full duplex operation over 4 lanes
50g Disable autoneg and force 50 Gbps/full duplex operation over 2 lanes
50g-1 Disable autoneg and force 50 Gbps/full duplex operation over 1 lane
50g-2 Disable autoneg and force 50 Gbps/full duplex operation over 2 lanes
auto Enable autoneg for speed, duplex, and flowcontrol
forced Disable autoneg and force speed/duplex/flowcontrol
sfp-1000baset Configure autoneg and speed/duplex on 1000BASE-T SFP
lf501…00:52:45(config-if-Et5)#speed forced ?
10000full Disable autoneg and force 10 Gbps/full duplex operation
1000full Disable autoneg and force 1 Gbps/full duplex operation
1000half Disable autoneg and force 1 Gbps/half duplex operation
100full Disable autoneg and force 100 Mbps/full duplex operation
100gfull Disable autoneg and force 100 Gbps/full duplex operation
100half Disable autoneg and force 100 Mbps/half duplex operation
10full Disable autoneg and force 10 Mbps/full duplex operation
10half Disable autoneg and force 10 Mbps/half duplex operation
25gfull Disable autoneg and force 25 Gbps/full duplex operation
40gfull Disable autoneg and force 40 Gbps/full duplex operation
50gfull Disable autoneg and force 50 Gbps/full duplex operation
lf501…00:52:45(config-if-Et5)#speed forced 10000full
lf501…00:53:02(config-if-Et5)#show active
interface Ethernet5
speed forced 10000full
switchport mode trunk
lf501…00:53:08(config-if-Et5)#
ios
eg Speed 100
Duplex full
Creating network Arista
Same as cisco….Note:Few differences
Creating a Subinterface
To create a subinterface on an Ethernet or port channel interface:
Step 1 Bring up the parent interface and ensure that it is configured as a routed port (this is because Arista only has L3 switches)
switch(config)#interface Ethernet1/1
switch(config-if-Et1/1)#no switchport
switch(config-if-Et1/1)#no shutdown
Step 2 Configure a VLAN on the subinterface. The encapsulation dot1q vlan command is also used for VLAN translation, but in this context it associates a VLAN with the subinterface.
switch(config-if-Et1/1)#interface Ethernet1/1.1
switch(config-if-Et1/1.1)#encapsulation dot1q vlan 100 —————-Cisco omits the vlan command ie.enc dot1q 100
Step 3 Configure an IP address on the subinterface (optional) and ensure that it is up.
switch(config-if-Et1/1)#ip address 10.0.0.1/24…………………You can choose to use /24 for IP address configurations
switch(config-if-Et1/1)#no shutdown
How to erase configuration
lf501…01:14:15#write ?
erase Erase startup Configuration
Show command in Arista
IOS Arista EOS
Show run Show run
show int status Show int status
show ip int br Show ip int br
show run int f1/0 Show run int et1 or
#int et1
#(config-if-Et1)# show active
show ip route show ip route
lf501…01:15:36(config)#router ospf 100
lf501…01:15:48(config-router-ospf)#network 1.1.1.1/24 area 0
lf501…01:16:13(config-router-ospf)#show active —————- Show active command can be used to see running configs
router ospf 100
network 1.1.1.0/24 area 0.0.0.0
max-lsa 12000
No need for wild card masks but wild card masks can still be used. Also CIDR can be used when assigning IPs