Customer have issues with LAN. Customer do not want to spend money on new switches/routeres. Bottleneck – connection between datacenter switches and distribution/access level switches. Problems description: low througput. No redundancy for access switches 1 & 2 for cases, when link from access witch to distribution switch fail. Proposed solution: increase througput between DC switches […]
Author: maxglaz
Upgrade OS on NEXUS switch from v6 to v9
There is no option to direct upgrade from v6 to v9. Following steps allow this happens. Remember memory limits and use smaller image, if you need to. Copy new image to switch. Install image. remove old image Install v7 image. delete old images Copy v9 image do some configuration change Install v9.
Port-channel (PC) / Virtual port-channel (VPC)
Port-Channel – is a bundle of 2+ links between 2 switches (see example below). Links bundled together and connection utilize throughput of both links. In comparison to spanning tree, links utilization become more efficient, as both links are used for data transfer. Sample configuration. Sw1 Sw2 Virtual Port-Channel – same as Port-Channel, with single difference […]
CDP / LLDP
CDP (Cisco Discovery Protocol) / LLDP (Link Layer Discovery Protocol) – protocols, allowing network devices to announce they presence to other devices. CDP – Cisco proprietary protocol, therefore it is working only with Cisco devices. LLDP – open protocol. Usage examples Best practice / configuration examples CDP enabled by default on all cisco devices. Best […]
HSRP / FHRP
HSRP (Hot Standby Routing Protocol) – Cisco proprietary protocol used for first hop redundancy. FHRP (First Hop Redundancy Protocol) – open protocol for same goal: first hop redundancy. 2 switches required for implementation. HSRP using virtual MAC and virtual IP to process packets. (And yes, in our case it is working on VLAN interfaces). Sample […]
What is VRF?
VRF – Virtual Routing and Forwarding. Basically it is virtual router within physical router. With separated configuration and routing tables/databases. To use VRF, interface(or subinterface) should be assigned to VRF. Sample configuration. Basic VRF configuration: Add interface to VRF: Static route for VRF: Configure Dynamic routing for VRF (OSPF as example):
What is SVI?
SVI – Switched Virtual Interface. Virtual interface on Cisco device, that connects and route traffic between devices in a VLAN. It allows switch to communicate with other devices in VLAN, such as computers or servers and allow routing between them and external networks (with some extra configuration of switch). Sample configuration:
Switchport access/trunk mode
Two most useful modes at which ports on switch can work is ‘access’ and ‘trunk’ mode. Access mode – all incoming traffic tagged with VLAN tag by switch and processed further. Outgoing traffic for this port processed only for associated VLAN. Trunk mode – allows VLAN/tagged incoming traffic and sort out incoming traffic basing on […]
How to deploy Oxidized server in Docker container
Oxidized is a network device configuration backup tool. Wery useful, when you have hundreeds of switches/routers and want to keep configuration of mentioned devices and configuration version history. Open ports 80/tcp and 443/tcp: #firewall-cmd –add-port=80/tcp #firewall-cmd –add-port=443/tcp #firewall-cmd –runtime-to-permanent #firewall-cmd –reload Create directory for service: #mkdir /opt/oxidized Create shell script for Oxidized and make it […]
Modify NAT Iptables rules at Linux server
Check current configuration. Maybe rule already present? #iptables -t nat -L -n Save current configuration to file. #iptables-save > /etc/sysconfig/some_file_you_want Edit configuration file. #vi /etc/sysconfig/some_file_you_want For Destination NAT add record to PREROUTING section. Sample: All incoming traffic to IP 10.10.10.10 and port tcp/443 NAT-ed to IP 192.168.0.10 port tcp/10000 -A PREROUTING -d 65.87.230.18/32 -p tcp […]