wiki:site:cisco:switch-command-ref
Table of Contents
(Příkazy označené tečkou fungují v GNS3 na routeru s NM-16ESW modulem)
Switch CAM Table
POZOR! příkazy lze psát dvěma způsoby:
- Po staru: mac-adress-table
- Po novu: mac address-table
Switch(config)# mac address-table aging-time seconds(def.300)
Switch(config)# mac address-table static aaaa.bbbb.cccc interface type mod/num vlan vlan-id
Switch# show mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id]
Switch# show mac address-table count
Switch# clear mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id]
Switch Port Configuration
.Switch(config)# interface type module/number
.Switch(config)# interface range type module/number [, type module/number …]
.Switch(config)# interface range type module/first-number – last-number
.Switch(config)# define interface-range macro-name type module/number [, type module/ number …] [, type module/first-number – last-number] [, …]
.Switch(config)# interface range macro macro-name
(předdefinované makro se uloží do configu)
Příklad:
Switch(config)# define interface-range MyGroup gig 2/0/1 , gig 2/0/3 – 2/0/5 ,
gig 3/0/1 , gig 3/0/10, gig 3/0/32 – 3/0/48
Switch(config)# interface range macro MyGroup
.Switch(config-if)# [no] shutdown
.Switch(config-if)# description description-string
.Switch(config-if)# speed {10 | 100 | 1000 | auto(defult)}
- GBIC porty - napevno 1000
- 1000BASE-T - 10/100/1000
.Switch(config-if)# duplex {auto | full | half}
- auto - nelze nastavit u 10BASE ethernetu
- Ethernet 10 - defaultně half
- FastEthernet 10/100 - defaultně full
- Rychlejší - defaultně auto
Konfigurace detekce chyb (errdisable)
.Switch(config)# [no] errdisable detect cause [all | cause-name]
- Příkaz lze zadat vícekrát pro různé události
- .all - detekuje vše
- arp-inspection
- .bpduguard - Na STP Portfast portu je přijato BPDU
- channel-misconfig - Chyba v konfiguraci Etherchannelu
- dhcp-rate-limit - Týká se DHCP Snoopingu
- .dtp-flap - Flapování trunking enkapsulace (.1Q/ISL)
- gbic-invalid - Vadný GBIC nebo SFP
- ilpower - Chyba v PoE
- l2ptguard - Chyba v tunelování L2 protokolu
- .link-flap - Flapující linka
- loopback - Detekuje smyčku na interfacu
- .pagp-flap - Nekonsistence etherchannelu
- psecure-violation - Událost port security
- .rootguard - STP BPDU od root bridge je přijato na nežádoucím portu
- security-violation - Detekuje chyby týkající se port security
- storm-control - Detekce L2 bouře
- .udld - Detekce jednosměrného provozu
- unicast-flood - Detekuje trigger blokování unicastového floodování
- vmps - Detekuje chyby při přizazování portu do dynamické VLAN za pomoci VMPS serveru
.Switch(config)# errdisable recovery cause [all | cause-name]
.Switch(config)# errdisable recovery interval seconds
- Interval obnovy je def. 300 sekund
- Možnost nastavení 30 - 86400 sekund (24hodin)
Troubleshooting
.Switch# show interface
.Switch# show interfaces status
.Switch# show interface status err-disabled
_Pro zjištění speed/duplex mismatch:_
.Switch# show interface type mod/num
- hledat nenulové hodnoty v “input errors” a “runts”
VLAN Configuration
Switch(config)# [no] vlan vlan-num
Switch(config-vlan)# name vlan-name
- vlan-num - 1-1001 (1,1002-1005 jsou vytvořené defaultně), extended 1-4094
- vlan-name - nepovinné, až 32 zanků bez mezer
Switch(config)# interface type module/number
Switch(config-if)# switchport (přepne port do režimu L2)
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan vlan-num
Switch# show vlan
Switch# show vlan brief
VLAN Name Status Ports ---- ---------------- ------- ------ 1 default active Fa0/1,Fa0/2,Fa0/3,Fa0/10,Fa0/11,Fa0/12 20 VLAN0020 active Fa0/5,Fa0/6,Fa0/7 21 VLAN0021 active Fa0/8,Fa0/9 1002 fddi-default active 1003 trcrf-default active 1004 fddinet-default active 1005 trbrf-default active
Switch# show running-config interface type module/number
Building configuration... Current configuration 64 bytes interface FastEthernet 0/5 switchport access vlan 20 switchport mode access
Switch# show mac address-table interface type module/number
Mac Address Table ————————————————————— Vlan Mac Address Type Ports ---- ----------- ---- ----- 1 0030.b656.7c3d DYNAMIC Fa0/1 Total Mac Addresses for this criterion: 1
Switch# show interfaces type module/number switchport
Name: Fa0/1 Switchport: Enabled Administrative Mode: dynamic desirable Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Protected: false Unknown unicast blocked: false Unknown multicast blocked: false Broadcast Suppression Level: 100 Multicast Suppression Level: 100 Unicast Suppression Level: 100
Alternativně (GNS3):
Router# vlan database
Router(vlan)# [no] vlan vlan-num
Router# show vlan-switch
Router# show vlan-switch brief
VLAN Trunk Configuration
Switch(config)# interface type mod/port
Switch(config-if)# switchport
Switch(config-if)# switchport trunk encapsulation {isl | dot1q | negotiate}
Switch(config-if)# switchport trunk native vlan vlan-id
Switch(config-if)# switchport trunk allowed vlan {vlan-list | all | {add | except | remove} vlan-list}
Switch(config-if)# switchport mode {trunk | dynamic {desirable | auto}}
Ve všech režimech DTP posílá zprávy každých 30s.
Switch(config-if)# switchport nonegotiate
Switch# show interface type mod/port
Switch# show vlan id vlan-id
Switch# show interface type mod/num switchport | trunk
Switch# show dtp [interface type mod/num]
DTP - Dynamic Trunking Protocol
SW# no-isl-entries enable
Switch(config)# interface type mod/port
Switch(config-if)# switchport
Switch(config-if)# switchport mode {dynamic {auto | desirable} | trunk}
Switch(config-if)# switchport trunk encapsulation {isl | dot1q | negotiate}
Switch(config-if)# switchport nonnegotiate
Switch(config-if)# switchport trunk native vlan vlan-id
Switch(config-if)# switchport trunk allowed vlan {vlan-list | all | {add | except | remove} vlan-list}
Ve všech režimech DTP posílá zprávy každých 30s.
Vypnutí DTP:
Switch(config-if)# switchport nonegotiate
Switch# show running-config
Switch# show interface type mod/port
Switch# show vlan id vlan-id
Switch# show interface type mod/num switchport | trunk
Switch# show dtp [interface type mod/num]
Switch# show interfaces fastethernet 0/1 trunk
Port Mode Encapsulation Status Native vlan Fa0/1 desirable n-802.1q trunking 1 Port Vlans allowed on trunk Fa0/1 1-150 <further output omitted>
VTP - Vlan Trunking Protocol
Switch(config)# vtp domain domain-name …(max.32 znaků)
Switch(config)# vtp mode {server | client | transparent}
Switch(config)# vtp version {1 | 2} …(def.1)
Switch(config)# vtp password password
- password - max.32 znaků, case-sensitive, používá se k výpočtu MD5
VTP Pruning
non-silent - sw standartně v módu auto a desirable ani nečeká na žádné pagp zprávy (z důvodu připojení zař.,které pagp neumí), tímto příkazem aktivujeme posílání a očekávání pagp zpráv
LACP
Switch(config)# lacp system-priority priority(1-65535, def.32768)
Switch(config)# interface type mod/num
Switch(config-if)# channel-protocol lacp
Switch(config-if)# channel-group number(1-64) mode {on | passive | active}
Switch(config-if)# lacp port-priority priority(1-65535, def.32768)
Troubleshooting
Switch# show etherchannel summary
Switch# show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+--------------+-----------+------------------------------------------------
1 Po1(SU) PAgP Fa0/41(P) Fa0/42(P) Fa0/43 Fa0/44(P)
Fa0/45(P) Fa0/46(P) Fa0/47(P) Fa0/48(P)
Switch# show etherchannel port
Channel-group listing:
-----------------------
Group: 1
----------
Ports in the group:
--------------------
Port: Fa0/41
------------
Port state = Up Mstr In-Bndl
Channel group = 1 Mode = Desirable-Sl Gcchange = 0
Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = PAgP
Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
A - Device is in Auto mode. P - Device learns on physical port.
d - PAgP is down.
Timers: H - Hello timer is running. Q - Quit timer is running.
S - Switching timer is running. I - Interface timer is running.
Local information:
Hello Partner PAgP Learning Group
Port Flags State Timers Interval Count Priority Method Ifindex
Fa0/41 SC U6/S7 H 30s 1 128 Any 55
Partner’s information:
Partner Partner Partner Partner Group
Port Name Device ID Port Age Flags Cap.
Fa0/41 FarEnd 00d0.5849.4100 3/1 19s SAC 11
Age of the port in the current state: 00d:08h:05m:28s
show running-config interface type mod/ num
show interface type mod/num etherchannel
show etherchannel port-channel
show etherchannel detail
show etherchannel load-balance
show etherchannel port-channel
show {pagp | lacp} neighbor
show lacp sys-id
STP Spanning-tree protocol
Switch(config)# [no] spanning-tree vlan vlan-id
Switch(config-if)# [no] spanning-tree vlan vlan-id
# show spanning interface type mod/port
# debug spanning-tree switch state
STP Root Bridge:
Switch(config)# [no] spanning-tree extended system-id
Switch(config)# spanning-tree vlan vlan-list priority bridge-priority
- Standart bridge-priority: 0-65535, def.32768
- Extended bridge-priority: 0-61440 (násobky 4096), def.32768
Switch(config)# spanning-tree vlan vlan-id root {primary | secondary} [diameter diameter]
- primary je-li aktuální priorita roota větší než 24576 switch si nastaví tuto prioritu, jeli priorita roota menší, switch si nastaví o 4096 nižší bridge prioritu (kromě nuly, tu je třeba nastavit ručně).
- secondary - bridge priority se nastaví na 28672
Switch(config)# spanning-tree vlan 1 root primary vlan 1 bridge priority set to 24576 vlan 1 bridge max aging time unchanged at 20 vlan 1 bridge hello time unchanged at 2 vlan 1 bridge forward delay unchanged at 15
Root Path Cost:
Switch(config-if)# spanning-tree [vlan vlan-id] cost cost(1-65535)
Switch# show spanning-tree interface type mod/num [cost]
Switch# show spanning-tree interface fa0/1 Vlan Role Sts Cost Prio.Nbr Type ----------------- ---- --- ---------- -------- ----------------------------- VLAN0001 Root FWD 4 128.1 P2p VLAN0010 Desg FWD 4 128.1 P2p VLAN0020 Root FWD 4 128.1 P2p
Port Priority:
Switch(config-if)# spanning-tree [vlan vlan-list] port-priority port-priority(0-255,def.128)
Switch# show spanning-tree interface type mod/num
STP Timers:
Nastavovat jen na ROOTOVI!!!
Manuální konfigurace:
Switch(config)# spanning-tree [vlan vlan-id] hello-time seconds(1-10,def.2)
Switch(config)# spanning-tree [vlan vlan-id] forward-time seconds(4-30,def.15)
Switch(config)# spanning-tree [vlan vlan-id] max-age seconds(6-40,def.20)
Automatická konfigurace pomocí makra:
Switch(config)# spanning-tree vlan vlan-list root {primary | secondary} [diameter diameter [hello-time hello-time]]
PortFast
Switch(config)# spanning-tree portfast default
Switch(config-if)# [no] spanning-tree portfast
Switch(config-if)# switchport host
Switch(config-if)# switchport host switchport mode will be set to access spanning-tree portfast will be enabled channel group will be disabled
Switch# show spanning-tree interface type mod/num portfast
UplinkFast
Switch(config)# spanning-tree uplinkfast [max-update-rate pkts-per-second(0-65535,def.150)]
Switch# show spanning-tree uplinkfast
Switch# show spanning-tree uplinkfast UplinkFast is enabled Station update rate set to 150 packets/sec. UplinkFast statistics Number of transitions via uplinkFast (all VLANs) : 2 Number of proxy multicast addresses transmitted (all VLANs) : 52 Name Interface List --------------------- -------------------------------- VLAN0001 Gi0/1(fwd) VLAN0010 Gi0/1(fwd) VLAN0100 Gi0/1(fwd)
BackboneFast
Switch(config)# spanning-tree backbonefast
Switch# show spanning-tree backbonefast
Switch# show spanning-tree backbonefast BackboneFast is enabled
Root Guard
Switch(config-if)# spanning-tree guard root
Switch# show spanning-tree inconsistentports
BPDU Guard
Switch(config)# spanning-tree portfast bpduguard default
Switch(config-if)# [no] spanning-tree bpduguard enable
Switch# show spanning-tree summary
Switch# show spanning-tree summary totals
Loop Guard
Switch(config)# spanning-tree loopguard default
Switch(config-if)# [no] spanning-tree guard loop
Switch# show spanning-tree summary
UDLD
Switch(config)# udld {enable | aggressive | message time seconds(7-90,def.7 or 15)}
Switch(config-if)# udld {enable | aggressive | disable}
Switch# show udld interface type mod/num
Switch# udld reset
BPDU Filter
Switch(config)# spanning-tree bpdufilter default
Switch(config-if)# spanning-tree bpdufilter {enable | disable}
Switch# show spanning-tree summary
Troubleshooting STP
Switch# show spanning-tree [detail]
Switch# show spanning-tree vlan vlan-id
Switch# show spanning-tree [vlan vlan-id] summary [totals]
Switch# show spanning-tree [vlan vlan-id] root
Switch# show spanning-tree [vlan vlan-id] bridge
Switch# show spanning-tree bridge brief
Switch# show spanning-tree interface type mod/num
Switch# show spanning-tree interface type mod/num detail
Switch# show spanning-tree interface type mod/num cost
Switch# show spanning-tree interface type mod/num portfast
Switch# show spanning-tree uplinkfast
Switch# show spanning-tree backbonefast
Switch# show spanning-tree inconsistentports
Switch# show udld interface type mod/num
Rapid PVST+
Konfigurace edge portů:
Switch(config-if)# spanning-tree portfast
Nastavení p2p pro half-duplex linku: (propojení switchů na half-duplexu)
Switch(config-if)# spanning-tree link-type point-to-point
Zapnutí RPVSTP+:
Switch(config)# spanning-tree mode rapid-pvst
Přechod zpět na PVST+:
Switch(config)# spanning-tree mode pvst
Switch# show spanning-tree
Switch# show spanning-tree vlan vlan-id
Switch#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 0
Address 0001.421C.5EA1
Cost 4
Port 25(GigabitEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 1 (priority 0 sys-id-ext 1)
Address 0060.3E78.B994
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/23 Altn BLK 19 128.23 P2p
Fa0/24 Altn BLK 19 128.24 P2p
Gi0/1 Root FWD 4 128.25 P2p
Gi0/2 Desg FWD 4 128.26 Shr
MST - Multiple Spanning Tree
SW(config)# spanning-tree mode mst
SW(config)# spanning-tree mst configuration
SW(config-mst)# name region_name (32 znaků)
SW(config-mst)# revision number (0-35535)
SW(config-mst)# instance number(0-15) vlan vlan_range
SW(config)# spanning-tree mst instance-id root {primary | secondary}[diameter diameter]
SW(config)# spanning-tree mst instance-id priority bridge-priority
SW(config-if)# spanning-tree mst instance-id cost cost
SW(config-if)# spanning-tree mst instance-id port-priority port-priority
SW(config)# spanning-tree mst hello-time seconds
SW(config)# spanning-tree mst forward-time seconds
SW(config)# spanning-tree mst max-age seconds
SW(config-mst)# show pending
SW# show spanning-tree mst
Multilayer switching
InterVLAN Routing
Switch# show interface type mod/num switchport
Switch# show interface gigabitethernet 0/1 switchport Name: Gi0/1 Switchport: Disabled Switch#
Konfigurace L2 portu:
Switch(config)# interface type mod/num
Switch(config-if)# switchport
Switch(config-if)# no shutdown
Konfigurace L3 portu:
Switch(config)# interface type mod/num
Switch(config-if)# no switchport
Switch(config-if)# ip address ip-address mask [secondary]
Switch(config-if)# no shutdown
Konfigurace SVI portu:
Switch(config)# vlan vlan-id
Switch(config-vlan)# name vlan-name
Switch(config-vlan)# exit
Switch(config)# interface vlan vlan-id
Switch(config-if)# ip address ip-address mask [secondary]
Switch(config-if)# no shutdown
Switch# show interface vlan vlan-id
Switch# show vlan
Switch# show ip interface brief
Autostate of a SVI
Zajistí, že tento interfejs nebude mít vliv na stav SVI:
Switch(config-if)# switchport autostate exclude
CEF Cisco Express Forwarding
Na Cat3750 a 4500 lze vypnout:
Switch(config-if)# no ip route-cache cef
Switch(config-if)# no ip cef
FIB table
Switch# show ip cef [type mod/num | vlan vlan-id] [detail]
Switch# show ip cef vlan 101 Prefix Next Hop Interface 10.1.1.0/24 attached Vlan101 10.1.1.2/32 10.1.1.2 Vlan101 10.1.1.3/32 10.1.1.3 Vlan101
Switch# show ip cef [prefix-ip prefix-mask] [longer-prefixes] [detail]
longer-prefixes - vypíše i routy s delší maskou než která byla specifikována v příkazu
Switch# show ip cef 10.1.0.0 255.255.0.0 longer-prefixes Prefix Next Hop Interface 10.1.1.0/24 attached Vlan101 10.1.1.2/32 10.1.1.2 Vlan101 10.1.1.3/32 10.1.1.3 Vlan101 10.1.2.0/24 attached Vlan102 10.1.3.0/26 192.168.1.2 Vlan99 192.168.1.3 Vlan99 10.1.3.64/26 192.168.1.2 Vlan99 192.168.1.3 Vlan99 10.1.3.128/26 192.168.1.4 Vlan99 192.168.1.3 Vlan99 [output omitted]
Switch# show ip cef 10.1.3.0 255.255.255.192 detail
10.1.3.0/26, version 270, epoch 0, per-destination sharing
0 packets, 0 bytes
via 192.168.1.2, Vlan99, 0 dependencies
traffic share 1
next hop 192.168.1.2, Vlan99
valid adjacency
via 192.168.1.3, Vlan99, 0 dependencies
traffic share 1
next hop 192.168.1.3, Vlan99
valid adjacency
0 packets, 0 bytes switched through the prefix
tmstats: external 0 packets, 0 bytes
internal 0 packets, 0 byte
- version = počet updatů CEF záznamu od vytvotření tabulky
- epoch = počet zahození CEF tabulky a vytvoření celé nové
Adjacency table
Switch# show adjacency [type mod/num | vlan vlan-id] [summary | detail]
Switch# show adjacency summary Adjacency Table has 106 adjacencies Table epoch: 0 (106 entries at this epoch) Interface Adjacency Count Vlan99 21 Vlan101 3 Vlan102 1 Vlan103 47 Vlan104 7 Vlan105 27
Switch# show adjacency vlan 99 detail Protocol Interface Address IP Vlan99 192.168.1.2(5) 0 packets, 0 bytes 000A5E45B145000E387D51000800 ARP 01:52:50 Epoch: 0 IP Vlan99 192.168.1.3(5) 1 packets, 104 bytes 000CF1C909A0000E387D51000800 ARP 04:02:11 Epoch: 0
- 000A5E45B145000E387D51000800 - Next-hop MAC adresa
- 000A5E45B145000E387D51000800 - lokální MAC (MAC interface Vlan99)
- 000A5E45B145000E387D51000800 - Protocol type (IP)
- ARP 01:52:50 - stáří ARP záznamu
Adjacency “glean state”:
Switch# show ip cef adjacency glean
Prefix Next Hop Interface
10.1.1.2/32 attached Vlan101
127.0.0.0/8 attached EOBC0/0
[output omitted]
Switch# show ip arp 10.1.1.2
Switch# show ip cef 10.1.1.2 255.255.255.255 detail
10.1.1.2/32, version 688, epoch 0, attached, connected
0 packets, 0 bytes
via Vlan101, 0 dependencies
valid glean adjacency
Switch# show cef drop CEF Drop Statistics Slot Encap_fail Unresolved Unsupported No_route No_adj ChkSum_Err RP 8799327 1 45827 5089667 32 0
Switch# show cef not-cef-switched CEF Packets passed on to next switching layer Slot No_adj No_encap Unsupp’ted Redirect Receive Options Access Frag RP 3579706 0 0 0 41258564 0 0 0
DHCP na MLS
Konfigurace DHCP serveru
Switch(config)# ip dhcp excluded-address start-ip end-ip
Switch(config)# ip dhcp pool pool-name
Switch(config-dhcp)# network ip-address subnet-mask
Switch(config-dhcp)# default-router ip-address [ip-address2] [ip-adress3] …
Switch(config-dhcp)# lease {infinite | {days [hours [minutes]]}}
Switch# show ip dhcp binding
Konfigurace DHCP Relay
- konfiguruje se na L3 interfejsu, který bude klientům ve svém subnetu provádět relay
- ip helper-address - lze zadat víckrát
Switch(config)# interface vlan5
Switch(config-if)# ip address 192.168.1.1 255.255.255.0
Switch(config-if)# ip helper-address 192.168.199.4
HSRP
Switch(config-if)# standby group(1-255 / 1-16) priority priority(0-255, def.100)
Switch(config-if)# standby group timers [msec] hello [msec] holdtime
- hello = 1-254 s nebo 15-999 ms (def. 3 s)
- holdtime = 1-255 s nebo 50-3000 ms (def. 10 s), doporučuje se trojnásobek Hello timeru
Switch(config-if)# standby group preempt [delay [minimum seconds] [reload seconds]]
- delay - pozdržení převzetí aktivní role
- minimum - 0-3600s, měří se od chvíle kdy je router schopen převzít aktivní roli (interface up, nakonfigurování HSRP)
- reload - 0-3600s po restartu routeru, účelem je dát čas routovacím protokolům aby zkonvergovaly
Switch(config-if)# standby group track type mod/num [decrementvalue(def.10)]
Switch(config-if)# standby group ip ip-address [secondary]
Switch(config-if)# show standby [vlan vlan-id | type mod/num] [brief]
Plaint-text Authentikace:
Switch(config-if)# standby group authentication string
MD5 Authentikace - string:
Switch(config-if)# standby group authentication md5 key-string [0 | 7] string
MD5 Authentikace key-chain:
Switch(config)# key chain chain-name
Switch(config-keychain)# key key-number
Switch(config-keychain-key)# key-string [0 | 7] string
Switch(config)# interface type mod/num
Switch(config-if)# standby group authentication md5 key-chain chain-name
VRRP
Switch(config-if)# vrrp group(0-255) priority level(1-254,def.100)
Switch(config-if)# vrrp group(0-255) timers advertise [msec] interval(def.1s)
Switch(config-if)# vrrp group(0-255) timers learn
Switch(config-if)# no vrrp group(0-255) preempt
Switch(config-if)# vrrp group(0-255) preempt [delay seconds(def.0s)]
Switch(config-if)# vrrp group(0-255) authentication string
Switch(config-if)# vrrp group(0-255) ip ip-address [secondary]
Switch# show vrrp [brief]
Switch# show vrrp brief all
Switch# show vrrp interface type mod/num
GLBP
Switch(config-if)# glbp group ip [ip-address [secondary]]
Switch# show glbp [group] [brief]
AVG
Switch(config-if)# glbp group(0-1023) priority level(1-255, def.100)
Switch(config-if)# glbp group preempt [delay minimum seconds]
Switch(config-if)# glbp group timers [msec] hellotime [msec] holdtime
- hellotime - 1-60s nebo 50-60000ms
- holdtime - až 180s nebo 180000ms, musí být větší (ideálně třikrát) než hellotime
AVF
Switch(config-if)# glbp group timers redirect redirect timeout
- “redirect timer” - 0-3600 s, defaultně 600 s
- “timeout timer” - 700-64800 s (18h), def. 14400 s (4h)
Switch(config)# track object-number(1-500) interface type mod/num {line-protocol | ip routing}
- line-protocol - sleduje line protocol up/down
- ip routing - sleduje zapnutý routing, nastavenou IP adresu, a line protocol na interfejsu
Switch(config-if)# glbp group weighting maximum [lower lower] [upper upper]
- lower - 1-254, def. 1
- upper - 1-254, def. = 100 (defaultně = max weight)
Switch(config-if)# glbp group weighting track object-number [decrement value]
Load Balancing
SW_AVG(config-if)# glbp group load-balancing [round-robin | weighted | host-dependent]
- value - 1-254. def. 10
Supervizor and Route Processor Redundancy
* první konfigurace se musí udělat na obou supervizorech
- pak už jen na aktivním (změny apod.)
Router(config)# redundancy
Router(config-red)# mode {rpr | rpr-plus | sso}
- rpr-plus - verze IOS obou supervizorů musejí být stejné, jinak to poběží jen jako rpr
Router# show redundancy states
Router# show redundancy states
my state = 13 -ACTIVE
peer state = 8 -STANDBY HOT
Mode = Duplex
Unit = Secondary
Unit ID = 2
Redundancy Mode (Operational) = Route Processor Redundancy Plus
Redundancy Mode (Configured) = Route Processor Redundancy Plus
Split Mode = Disabled
Manual Swact = Enabled
Communications = Up
client count = 11
client_notification_TMR = 30000 milliseconds
keep_alive TMR = 9000 milliseconds
keep_alive count = 1
keep_alive threshold = 18
RF debug mask = 0x0
Synchronizace supervizorů
Router(config)# redundancy
Router(config-red)# main-cpu
Router(config-r-mc)# auto-sync {startup-config | config-register | bootvar}
Návrat do defaultu:
Router(config-r-mc)# auto-sync standard
Nonstop Forwarding
BGP
Router(config)# router bgp as-number
Router(config-router)# bgp graceful-restart
EIGRP
Router(config)# router eigrp as-number
Router(config-router)# nsf
OSPF
Router(config)# router ospf process-id
Router(config-router)# nsf
IS-IS
Router(config)# router isis process-id
Router(config-router)# nsf [cisco | ietf]
Router(config-router)# nsf interval [minutes]
Router(config-router)# nsf t3 {manual seconds | adjacency}
Router(config-router)# nsf interface wait seconds
wiki/site/cisco/switch-command-ref.txt · Last modified: 2018/01/23 10:16 by root
