dokucama

User Tools

Site Tools

Trace: ws_analysis openstack
network_stuff:cisco:ios

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
network_stuff:cisco:ios [2021/12/10 12:46] – external edit 127.0.0.1network_stuff:cisco:ios [2024/10/02 11:48] (current) jotasandoku
Line 31: Line 31:
  
 ---- ----
-**COPY FILES FROM AND TO NIX BOX**+__**IOS NEW HARDWARE SETUP INITIAL CONFIGURATION**__\\ 
 +  - If this is a used device, remove the configuration and the vlan database 
 +    - write erase ; reload **without saving the configuration** 
 +    - delete flash:vlan.dat  # note that default location is flash: 
 +    - reload again 
 +  - Add IP in the mgmt interface. Normally g0/0 
 +    - Add a static route in mgmt interface. It needs to be in the mgmt vrf 
 +  - enable ssh: 
 +    - crypto key generate rsa modulus 1024 
 +    - ip ssh version 2 ; time-out 60 ; authentication-retries 2 
 +    - do not add any aaa configuration as yet 
 +    - Add the device to TACACS server (eg: to cisco ISE via the GUI) 
 + 
 +---- 
 + 
 +__**COPY FILES FROM AND TO LINUX BOX**__\\ 
 +** scp needs to be enabled in the switch. Also in some cases this aaa needs to be in for authentication ** 
 +\\ 
 +Regarding TFTP, remember that it uses udp-69 just for the initial message but then it uses 64001 through 65000 as ports are specific per each session (both in src and dst). 
 + 
 +  aaa new-model 
 +  aaa authentication login default local 
 +  aaa authorization exec default local if-authenticated 
 +\\
   (IOS)#copy scp://sfuller@192.168.11.100//app/tftpboot/poap.py flash:   (IOS)#copy scp://sfuller@192.168.11.100//app/tftpboot/poap.py flash:
   (IOS)#cd ? ! To show available file systems   (IOS)#cd ? ! To show available file systems
   (IOS)#delete flash:<file> ! To delete a file in flash   (IOS)#delete flash:<file> ! To delete a file in flash
-  CP02-N5K-SW01#  copy  scp://10.50.254.204/var/tmp/n5000-uk9.7.0.3.N1.1.bin bootflash:+  LINUX#  copy  scp://10.50.254.204/var/tmp/n5000-uk9.7.0.3.N1.1.bin bootflash: 
 +   
 \\ \\
   (linux)# scp test1 netrobot@10.8.90.21:flash:/test  ! be sure router is scp server !!   (linux)# scp test1 netrobot@10.8.90.21:flash:/test  ! be sure router is scp server !!
Line 64: Line 89:
 **SOFTWARE UPGRADES:** **SOFTWARE UPGRADES:**
 \\ \\
-ASA: [[http://evilrouters.net/2012/02/15/how-to-upgrade-cisco-asa-software-and-asdm/]]+__ASA UPGRADES__: [[http://evilrouters.net/2012/02/15/how-to-upgrade-cisco-asa-software-and-asdm/]]
 \\ \\
 ASA: Apply lincense: ASA: Apply lincense:
Line 77: Line 102:
   show run brief | s crypto|isakmp|access-list   show run brief | s crypto|isakmp|access-list
 \\ \\
-\\+__IOS (ios-xe) UPGRADE__: [[https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/117552-technote-cat3850-00.html|External Link]]\ 
 + 
 +Old way: upload the image and change the boot command 
 +  boot system switch all flash:c3750-ipbasek9-mz-122-55.SE1.bin 
 +   
 +New way: 
 +  software install file flash:cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin 
 + 
 +---- 
 + 
 AAA RADIUS TACACS+ \\ AAA RADIUS TACACS+ \\
 To verify AAA authentication: To verify AAA authentication:
Line 347: Line 382:
 Netflow status: Netflow status:
   show platform hardware capacity netflow   show platform hardware capacity netflow
 +  show mls sampling
 +  show ip flow export # To see see Netflow packets being exported from router
 +  show mls nde # Netflow Data Export
 +  show mls netflow table-contention summary # To see if there is excessive Netflow CAM Utilization (and potential buffer overflows)
 +
      
 \\ \\
Line 356: Line 396:
   show ip cef <interface>    ! To see routes pointing to a certain interface   show ip cef <interface>    ! To see routes pointing to a certain interface
   show ip cef exact-route <src> <dst>   show ip cef exact-route <src> <dst>
 +  show ip cef 10.1.93.0/24 internal    ! This shows the hash packets when the route has more than one equal cost path
 [[http://packetlife.net/blog/2011/may/27/show-ip-cef/]] \\ [[http://packetlife.net/blog/2011/may/27/show-ip-cef/]] \\
   * receive: for connected IP subnets for the base address of the IP subnet and for the local IP address in the IP subnet.   * receive: for connected IP subnets for the base address of the IP subnet and for the local IP address in the IP subnet.
Line 508: Line 549:
 **CABLE TESTING**:\\ **CABLE TESTING**:\\
   test cable-diagnostics tdr interface  ! it resets the state machine for that interface   test cable-diagnostics tdr interface  ! it resets the state machine for that interface
 +  show cable-diagnostics  tdr interface  gigabitEthernet 1/0/1
  
  
 +----
 +==== CISCO DNAC AND NDO ==== 
 +( CATALYST CENTER AND NEXUS DASHBOARD ORCHESTRATOR )
 +
 +  * You cannot run Catalyst Centre (DNAC) and NDO on the same VM/ Appliance.
 +  * Cisco have DNAC/ NDO appliances which are built on UCS platforms but sold as appliances (bundled h/w s/w).
 +=== DNAC platform support===
 +  * DNAC offers flexible deployment options. It can be deployed on a hardware appliance or as a virtual appliance, on either VMware ESXi or AWS.
 +  * DNAC can be run as 1 node 3 or 5 node clusters – base level is 1 node for **lifecycle and assurance** (recommend 3+nodes for fabric deployments) [[https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-center-data-sheet-cte-en.html|External Link]]
 +=== NDO platform support ===
 +  * NDO Cisco Nexus Dashboard portfolio comprises physical, virtual, and cloud form factors also – base level is 1 to 3 nodes (up to 9 in a cluster)
 +  * [[https://www.cisco.com/c/en/us/products/collateral/data-center-analytics/nexus-dashboard/datasheet-c78-744371.html|External Link]] – details NDO features and platform options (appliance, Vmware, KVM, AWS, Azzure)
 +  * [[https://www.cisco.com/c/dam/en/us/td/docs/dcn/tools/nd-sizing/index.html|External Link]]Cisco Nexus Dashboard Capacity Planning – details appliances required for deployment
 +  * NOTE: Onboarding standalone switches is supported only on 3-node physical clusters.  Virtual Nexus Dashboard clusters, 1-node physical clusters, and 6-node clusters do not support this use case. See Nexus Dashboard [[https://www.cisco.com/c/en/us/td/docs/dcn/ndi/6x/release-notes/dcnm/cisco-ndi-ndfc-release-notes-641.html|External Link]]
network_stuff/cisco/ios.1639140374.txt.gz · Last modified: (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki