6000 vswitch configuration and maintenance manual

Contents
1. Connect device 3
1.1. Connect from CONSOLE 3
1.2. remote TELNET connection 6
2. Basic information configuration 6
2.1. Configure the machine name, TELNET, and password 6
2.2. Configure SNMP Network Management string 6
3. Redundancy and system High Availability Configuration 7
3.1. Synchronize the supervisor engine configuration 7
3.2. View supervisor engine redundancy 9
3.3. Copy IOS files to redundant supervisor engine 11
4. Port Settings 11
4.1. Basic settings 11
4.2. configure Layer-3 Port 12
5. configure Layer 2 Port 13
5.1. Configure TRUNK: 13
6. Configure HSRP 15
6.1 configure Layer-2 common exchange interface 15
6.2. Clear Layer 2 interface configuration 16
7. Configure VLAN 16
8. Dynamic Routing Protocol-OSPF configuration 18
8.1. Enable OSPF Dynamic Routing Protocol 18
8.2. Define subnet 18 involved in OSPF
8.3. OSPF route information Summary 19
8.4. Configure password verification 19
8.5. Set to generate the default route 19
9. Switch maintenance 20
9.1. Switch IOS save and upgrade 20
9.2. vswitch password recovery 21
1. Connect the device
1.1. Connect from the console
The first time you configure the 6000 switch, you must enter from the console.
First, mount the machine, connect the power supply as required, and then connect the Console port of the switch to the serial port of the PC using the console line and the adapter, as shown below:
　
The comport settings are as follows:
· 9600 baud
· 8 data bits
· No parity
· 2 stop bits
After checking that the power supply is correct, power on may show similar to the following display, answer in bold and black:
System Bootstrap, Version 6.1 (2)
Copyright (c) 1994-2000 by cisco Systems, Inc.
C6k_sup2 processor with 131072 Kbytes of main memory
Rommon 1 & gt; boot slot0: c6sup22-jsv-mz.121-5c.EX.bin
Self decompressing the image: ######################################## #########
######################################## #######################################
######################################## #######################################
######################################## #######################################
######################################## #######################################
[OK]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
Subject to restrictions as set forth in subparagraph
(C) of the specified cial Computer Software-Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(C) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) MSFC2 Software (C6MSFC2-BOOT-M), Version 12.1 (3a) E4, EARLY DEPLOYMENT R
Elasticsearch SOFTWARE (fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Sat 14--0-00 05:33 by emo-mas
Image text-base: 0x30008980, data-base: 0x303B6000
Cisco Cat6k-MSFC2 (R7000) processor with 114688 K/16384 K bytes of memory.
Processor board ID SAD04430J9K
R7000 CPU at 300 Mhz, Implementation 39, Rev 2.1, 256KB L2, 1024KB L3 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
509 K bytes of non-volatile configuration memory.
16384 K bytes of Flash internal SIMM (Sector size 512 K ).
Press RETURN to get started!
--- System Configuration Dialog ---
Wocould you like to enter the initial dialog? [Yes]: no
A: NO. Go to manual configuration. Under router>, enter enable
Press enter to enter global Mode
1.2. remote telnet connection
After configuring the vswitch and configuring the management address for the switch, you can directly use remote telnet to log on to the switch. However, you must first configure the line vty password and enable password to allow remote login.
2. Basic information configuration
2.1. Configure the machine name, telnet, and password
1. In Global mode, use conf t to enter the configuration mode and perform the following Configuration:
Management Configuration:
Service timestamps debug datetime localtime
Service timestamps log datetime localtime
Service password-encryption
Hostname xxxx
Enable secret 0 xxxxx
Line vty 0 4
Exec-timeout 30 0
Password 0 xxxx
Login
2.2. Configure the snmp Network Management string
Conf t
Snmp-server community xxxxxx ro read-only)
Or
Snmp-server community xxxxxx rw read/write)
3. Redundancy and system High Availability Configuration
The 6000 series supports dual-supervisor engines or enhanced high-availability system EHSA) and allows the second supervisor engines to be in standby mode or EHSA status, when there is a problem with the master supervisor engines, the switchover process will be subject to temporary network interruptions ),
When the switch is powered on, EHSA runs slot 1 or 2 on the second supervisor engine by default. One of them becomes active.
Note: The two supervisor engines must have the same IOS and memory.
3.1. Synchronize the Supervisor Engine configuration
During normal operation, the initial configuration of startup-config and config-registers will be synchronized between the two supervisor engines by default. after switching, the new active supervisor engine runs the current configuration.
Follow these steps to manually synchronize two supervisor engines:
Command Purpose
Step 1 Router (config) # redundancy enters the redundant configuration mode
Step 2 Router (config-r) # main-cpu enters main-cpu Configuration Mode
Step 3 Router (config-r-mc) # auto-sync {startup-config | config-register | bootvar | standard} synchronize configuration parameters, including startup-config, config-register, bootvar, standard
Step 4 Router (config-r-mc) # Return end to global Mode
Step 5 Router # copy running-config startup-config save Configuration
Note that the auto-sync standard command does not synchronize boot variables.
The configuration is as follows:
Router (config) # redundancy
Router (config-r) # main-cpu
Router (config-r-mc) # auto-sync standard
Router (config-r-mc) # auto-sync bootvar
Router (config-r-mc) # end
Router # copy running-config startup-config
Note that manual synchronization of a parameter causes the original default feature to be synchronized.
3.2. View Supervisor Engine Redundancy
Command Purpose
Router # show module all Display the redundancy configuration.
As follows:
Router # show module all
Mod Ports Card Type Model Serial No.
---------------------------------------------------------------------------
12 Catalyst 6000 supervisor 2 (Standby) WS-X6K-SUP2-2GESAD04450LEU
22 Catalyst 6000 supervisor 2 (Active) WS-X6K-SUP2-2GESAD04160FSR
3 48 SFM-capable 48-port 10/100 Mbps RJ45 WS-X6548-RJ-45 SAD050105Y0
4 48 SFM-capable 48-port 10/100 Mbps RJ45 WS-X6548-RJ-45 SAD0440799G
5 16 SFM-capable 16 port 10/100/1000 mb RJ45 WS-X6516-GE-TX SAD05030P0W
70 Switching Fabric Module-136 (Active) WS-X6500-SFM2 SAD04440663
80 Switching Fabric Module-136 (Standby) WS-X6500-SFM2 SAD04510at4
9 16 Pure SFM-mode 16 port 1000 mb GBIC WS-X6816-GBIC SAD044904N7
11 16 Pure SFM-mode 16 port 1000 mb GBIC WS-X6816-GBIC SAD04390CCJ.
12 16 Pure SFM-mode 16 port 1000 mb GBIC WS-X6816-GBIC sad01_e24
13 16 Pure SFM-mode 16 port 1000 mb GBIC WS-X6816-GBIC sad01_e1j
Mod MAC addresses HwFw Sw Status
--------------------------------------------------------------------------
1 0001.6461.38a8 to 0001.6461.38a9 1.1 Unknown 6.2 (0.106) OK
2 00401_b14.03e2 to 00401_b14.03e3 0.220 6.1 (2) 6.2 (0.106) OK
3 0001.6441.47f0 to 0001.6441.481f 0.303 6.1 (3) 6.2 (0.106) OK
4 0002. b9ff. e8d0 to 0002. b9ff. e8ff 0.204 6.1 (3) 6.2 (0.106) OK
5 0001.64f8.3330 to 0001.64f8.333f 0.201 6.1 (2) 6.2 (0.106) OK
7 004020.bff.0000 to 004020.bff.0000 0.107 6.1 (3) 6.2 (0.106) OK
8 004020.bff.0000 to 004020.bff.0000 0.203 6.1 (3) 6.2 (0.106) OK
9 0002. fc90.0888 to 0002. fc90.0897 0.302 12.1 (4r) 12.1 (nightly OK
11 0001.64f8.37f0 to 0001.64f8.37ff 0.204 12.1 (5r) 12.1 (nightly OK
12 0001.64f8.3180 to 0001.64f8.318f 0.105 12.1 (5r) 12.1 (nightly OK
13 0001.64f8.3190 to 0001.64f8.319f 0.105 12.1 (5r) 12.1 (nightly OK
Mod Sub-Module Model Serial Hw Status
--------------------------------------------------------------------------
1 Cat6k MSFC 2 daughterboard WS-F6K-MSFC2SAD044509Y3 1.1Ok
2 Policy Feature Card 2 WS-F6K-PFC2 SAD04130A17 0.305 OK
2 Cat6k MSFC 2 daughterboard WS-F6K-MSFC2SAD04160DBN 0.306 OK
4 Distributed Forwarding Card WS-F6K-DFC SAD04460KEJ 0.205 OK
5 Distributed Forwarding Card WS-F6K-DFC SAD04460KEL 0.205 OK
9 Distributed Forwarding Card WS-F6K-DFC SAD04440952 0.215 OK
11 Distributed Forwarding Card WS-F6K-DFC SAD04390CCJ 0.215 OK
12 Distributed Forwarding Card WS-F6K-DFC SAD04340BK2 0.118 OK
13 Distributed Forwarding Card WS-F6K-DFC SAD04340BK0 0.118 OK
Router #
3.3. Copy the IOS file to the redundant Supervisor Engine
This step is not required if the two supervisor engines are the same as the first IOS Engine.
Run the following command to copy the file to slot0 of the redundant supervisor engine:
Router # copy source_device: source_filename slaveslot0: target_filename
Run the following command to copy the file to the bootflash of the redundant supervisor engine:
Router # copy source_device: source_filename slavesup-bootflash: target_filename
Run the following command to copy the file to the bootflash of the redundant MSFC:
Router # copy source_device: source_filename slavebootflash: target_filename
4. Port Settings
4.1. Basic settings
Enter the port configuration mode:
For a single port, enter interface Ethernet, Fast Ethernet, and Gigabit Ethernet x/y in the configuration mode. x indicates the slot number and y indicates the port number.
For a group of ports, you can use the following command to enter, for example:
Router (config) # interface range fastethernet 5/1-5
Or:
Router (config-if) # interface range fastethernet 5/1-5, gigabitethernet 1/1-2
After configuring the port mode, you can shutdown or no shutdown port, and configure the port. The Fast Ethernet port has full-duplex, half-duplex, and automatic negotiation mode, if you know the method used by the device connected to the peer end, it is best to manually set the mode and speed of the port. The default mode is automatic negotiation.
You can set the speed of the Fast Ethernet port to 100 MB, or set it to 10 MB, and automatically negotiate. The default mode is automatic negotiation.
For example:
Router (config-if) # speed [10 | 100 | auto] speed)
Router (config-if) # duplex [auto | full | half] duplex)
Or add comments, such as: Router (config-if) # description Channel-group to "Marketing"
4.2. configure a layer-3 Port
Port 6506 can be configured as a layer-3 port to connect to other devices. After a port is configured as a layer-3 Port, an IP address can be allocated to the port.
Router (config) # interface fastethernet x/y
Router (config) # ip add x. x
5. Configure the L2 Port
5.1. Configure Trunk:
Router (config) # interface fastethernet x/y take fastethernet as an example, like gigabitethernet)
Router (config-if) # shutdown
Router (config-if) # switchport
Router (config-if) # switchport mode dynamic desirable
Router (config-if) # switchport trunk encapsulation dot1q
Router (config-if) # no shutdown
Router (config-if) # end
Router # exit
If you want to configure a Trunk connection between two 6509 sets, First connect the second 6509 with a gigabit optical fiber, and then configure the trunk of the two connected ports separately, you can use only one pair of optical fiber, or use two pairs of Optical Fiber port channels. The configuration is as follows:
When one pair of optical fiber cables are connected, the following configurations are performed on two 65 optical fiber cables:
Interface GigabitEthernet1/1
No ip address
Switchport
Switchport trunk encapsulation dot1q
Switchport trunk native vlan 1
　
2. Configure the port channel for the optical fiber, and configure the following on the two 65 servers ::
Interface port-channe1
No ip address
Switchport
Switchport trunk encapsulation dot1q
Switchport trunk native vlan 1
!
Interface GigabitEthernet1/1
No ip address
Switchport
Switchport trunk encapsulation dot1q
Switchport trunk native vlan 1
Channel-group 1 mode on
!
Interface GigabitEthernet1/2
No ip address
Switchport
Switchport trunk encapsulation dot1q
Switchport trunk native vlan 1
Channel-group 1 mode on
6. Configure HSRP
Configure one of the 65 instances according to the template below
Interface Vlan x
Ip address x. x
No ip redirects
No ip directed-broadcast
Standby 1 priority 100 preempt
Standby 1 ip y. y
!
Configure the following template on the other 65:
Interface Vlan x
Ip address x. x
No ip redirects
No ip directed-broadcast
Standby 1 priority 110 preempt
Standby 1 ip y. y
!
6.1. Configure the layer-2 Common Exchange Interface
Taking fastethernet as an example, like gigabitethernet)
Router (config) # interface fastethernet x/y
Router (config-if) # shutdown
Router (config-if) # switchport
Router (config-if) # switchport mode access
Router (config-if) # switchport access vlan x
Router (config-if) # no shutdown
Router (config-if) # end
6.2. Clear Layer 2 Interface Configuration
Taking fastethernet as an example, like gigabitethernet)
Router (config) # interface fastethernet x/y
Router (config-if) # no switchport
Router (config-if) # end
Use the default interface {ethernet | fastethernet | gigabitethernet} slot/port to bring the port back to the original default configuration.
7. Configure Vlan
By default, all L2 ports belong to vlan1. the vlan configuration method is as follows:
Command Purpose
Step 1 Router # enter the vlan configuration mode for the vlan database.
Step 2 Router (vlan) # Add vlan ID to a VLAN.
Step 3 Router (vlan) # Set vtp domain name
Step 3 Router (vlan) # exit to update the VLAN database, broadcast in the management domain, and return to global Mode
Step 4 Router # show vlan name vlan_name verify VLAN configuration
L Delete the configured vlan
Router # vlan database
Router (vlan) # no vlan x
VLAN ing VLAN 3...
Router (vlan) # exit
L allocate ports to VLANs:
Router (config) # interface fastethernet x/y
Router (config-if) # shutdown
Router (config-if) # switchport
Router (config-if) # switchport mode access
Router (config-if) # switchport access vlan x
Router (config-if) # no shutdown
Router (config-if) # end
Router # exit
L configure the interface vlan
Router (config) # interface vlan x
Router (config) # ip add x. x
Router (config) # udld enable
8. Dynamic Routing Protocol-OSPF Configuration
OSPFOpen Shortest Path First) protocol is the Shortest Path First Protocol. OSPF is an internal gateway protocol, which is opposite to RIP. OSPF is a link status routing protocol and RIP is a distance vector routing protocol. OSPF exchanges information with other routers. The information exchanged is not a route, but a link status.
The steps for configuring OSPF are as follows:
8.1. Enable OSPF Dynamic Routing Protocol
Router ospf process no.
The process number can be set at will. Only one process in the ospf router is identified. The OSPF process numbers on each router can also be different.
8.2. Define the subnets involved in ospf
Network IP subnet No. Anti-mask area No.
The IP subnet number can be expressed by a network number. At this time, the anti-mask is the inverse of the network mask, that is, 1 and 0 are exchanged. In this way, all router interfaces whose IP addresses fall within this CIDR block will be involved in OSPF information exchange;
The IP subnet number can also be expressed by the IP address of an interface on the router. At this time, the anti-mask is 0.0.0.0. In this way, only this interface will participate in OSPF information exchange. If you have multiple interfaces to exchange route information, you must use multiple network commands.
Vro only supports subnet information exchange in the same region, but does not exchange route information between regions. In addition, area 0 is the main dry OSPF area. Route information exchange between different regions must go through Region 0. Generally, if an area needs to be connected to an OSPF route area, at least one vro in this area must be a regional edge router, that is, it participates in both the regional route and the regional route.
8.3. Summary of routes between OSPF regions
If the subnet in the region is continuous, the region edge router (ABR) or the Autonomous Region edge router (ASBR) is used after the routing summary function, all these continuous subnets are summarized as one route and transmitted to other regions. The routers in other regions only have one route in this region. This can save the network bandwidth required for the route, or reduce the size of the route table.
Set to summarize subnets in a specific range:
Use on the ABR:
Area number range summary subnet number subnet range mask
Use on ASBR:
Summary-address: Subnet range mask of subnet No.
8.4. Configure password verification
For security reasons, password verification is often configured on the OSPF interface. Only interfaces at both ends use the same password can correctly exchange route information.
Area area_id authentication message-digest
With the preceding configuration, route information can be exchanged between routers.
8.5. Set to generate the default route
OSPF can generate a default route, which is used throughout the OSPF range.
Configuration command: default-information originate always metric 10 metric-type 1
This command is used on ASBR. When you use this command to generate a default route, there are two situations. The first is that a default route must exist on the current router. In this case, the command may not contain the always parameter; the second case is to force a default route pointing to itself under any circumstances. The always parameter must be included in this case, if there is no route to the destination in the vro, packet loss will occur.
Metric and metric-type respectively set the cost and type of the default route.
Example:
Router ospf 100
Area 0 authentication message-digest
Area 1 authentication message-digest
Network 192.168.3.0 0.0.255 area 1
Network 202.103.224.23 0.0.0.0 area 0
Area 1 range 192.168.0.0 255.255.0.0
Default-information always metric10 metric-type 1
!
Ip route 0.0.0.0 0.0.0.0 202.103.224.24
9. Switch Maintenance
9.1. Switch IOS storage and upgrade
The TFTP protocol is used for IOS storage and upgrade of vswitches. Therefore, you must first download a TFTP software and then follow the steps below:
1. Start TFTP on your machine.
2. log on to the 3500 switch and enter the following command in the enable State to save the ios OS:
Switch # copy flash tftp
Source IP address or hostname [171.68.206.171]?
Source filename []? Cat6000-sup2k8.7-1-1.bin
Destination filename [cat6000-sup2k8.7-1-1.binn]?
Loading cat6000-sup2k8.7-1-1.bin to 171.68.206.171 (via VLAN1 ):!!!!
!!!!!!!!!!!
[OK-1125001 bytes]
3. If you want to upgrade the IOS file, first check whether the flash space is sufficient. If the space is insufficient, delete the original IOS and then upgrade the file.
4. Follow the following command to complete the IOS upgrade:
Switch # copy tftp flash
Source IP address or hostname []? 171.68.206.171
Source filename []? Cat6000-sup2k8.7-1-1.bin
Destination filename [cat6000-sup2k8.7-1-1.bin]? Y
Loading cat6000-sup2k8.7-1-1.bin from 171.68.206.171 (via VLAN1 ):!!!!
!!!!!!!!!!!
[OK-1125001 bytes]
9.2. Switch password recovery
The startup sequence of the strongst6000 series switches running Native IOS is different from that of other switches because their hardware structure is different. After you turn on the switch, the switch Processor SPSwitch Processor is started first, and then about 25 seconds in a short time) the SP will control the port console) the Route Processor is assigned to the Route Processor RP/MSFC (Route Processor), and The Route Processor continues to boot the system file. To recover the password, press Ctrl-brk after the SP handed over the console to the RP. If you interrupt the startup process too early, it will enter the ROMMON status of the SP, which is not the status you want. To determine when the startup process is interrupted, you can press Ctrl-brk to interrupt the startup process when you see the following information:
00: 00: 03: % OIR-6-CONSOLE: Changing console ownership to route processor
1. First enter the vswitch from the console port through the console line.
2. Turn off the power of the switch, and then turn on the power of the switch.
3. After the SP gives control to the RP, enter the Break on the terminal. Note: Do not interrupt the system startup before you see the following information:
00: 00: 03: % OIR-6-CONSOLE: Changing console ownership to route processor
4. Enter confreg 0x2142 at the rommon 1> prompt
5. Enter reset at the rommon 2> prompt
6. enter no in setup or press Ctrl-C to skip the setup process.
7. Enter enable at the Router> prompt.
8. Run copy start running to copy the old configuration file to the memory.
9. Run enable secret Change the password.
10. Run config-register 0x2102 to modify the register value.
11. You can also change the vty password:
Router (config) # line vty 0 4
Router (config-line) # password cisco
Router (config-line) # ^ Z
Router #