mercoledì 27 gennaio 2010

Configure a Management Interface for 3550 and 3750 Series Switches

On Catalyst 3550 and 3750 series switches that run Cisco IOS Software, any routable interface can be used for management. There are three options to configure this interface.

Option 1—Configure a loopback interface for switch management. There are a few advantages to a loopback interface. A loopback is a virtual interface that is always up. Packets that are routed to the loopback interface are rerouted back to the L3 switch or router and processed locally. IP packets that are routed out the loopback interface but are not destined to the loopback interface are dropped. This means that the loopback interface serves as the null 0 interface also. The loopback interface serves as the router ID for OSPF and so on. This example uses loopback 0:

Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#interface loopback 0
Switch(config-if)#ip address 10.1.1.1 255.255.255.255

!--- The loopback interface should have a 32-bit subnet mask, which means that
!--- the 10.1.1.1 address is the only destination address in this subnet.

Switch(config-if)#end
Switch#

You must also configure a routing protocol to distribute the subnet that is assigned to the loopback address or create a static route.

Option 2—Configure the interface as an L3 routed interface with an IP address. All interfaces on a Catalyst 3550 or 3750 switch that runs Cisco IOS Software are L2 by default. In order to make an L2 interface an L3 interface, issue the no switchport command and then configure an IP address. All interfaces are enabled by default, so you do not need to issue the no shutdown command. This example uses Fast Ethernet 2/0/1 on a Catalyst 3750:

Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#interface fastethernet 2/0/1
Switch(config-if)#no switchport
Switch(config-if)#ip address 11.1.1.1 255.0.0.0
Switch(config-if)#end
Switch#

If you issue the show running-config interface fastethernet 2/0/1 command, this output displays:

Switch#show running-config interface fastethernet 2/0/1
Building configuration...
Current configuration : 81 bytes
!
interface FastEthernet2/0/1
no switchport
ip address 11.1.1.1 255.0.0.0
end
Switch#

Option 3—Configure an L2 interface as a part of a specific VLAN. Issue the switchport mode access command and the switchport access vlan vlan-id command, and use a corresponding SVI with an IP address.

Complete these steps:

  1. Issue these commands:

    Switch(config)#interface vlan 1

    !--- Interface VLAN 1 is an SVI.

    Switch(config-if)#ip address 10.1.1.1 255.0.0.0
    Switch(config-if)#no shut

    Note: This example uses VLAN 1 as the management VLAN. VLAN 1 is in the VLAN database by default.

  2. Issue the switchport mode access command under the desired physical interface if you want confirmation that the interface is an access switch port.

    By default, all interfaces are L2 interfaces and are access switch ports in VLAN 1. If you plan to use VLAN 1 as the management VLAN, no configuration is necessary under the interface. But if you want confirmation in the configuration that the interface is indeed an access switch port, you need to use the switchport mode access command.

    This example uses Fast Ethernet 2/0/1:

    Switch(config)#interface fastethernet 2/0/1
    Switch(config-if)#switchport mode access
    Switch(config-if)#end

    If you issue the show run interface fastethernet 2/0/1 command, this output now displays:

    Switch#show run interface fastethernet 2/0/1
    Building configuration...
    Current configuration : 59 bytes
    !
    interface FastEthernet2/0/1
    switchport mode access
    end
    Switch#

  3. If you want to change the management interface from the default VLAN 1 to another VLAN, issue the interface vlan vlan-id command in order to create a new SVI.

    You must then issue the switchport access vlan vlan-id command in order to configure an L2 interface to be a part of the new VLAN. This example demonstrates this process:

    Switch(config)#interface vlan 2
    Switch(config-if)#ip address 20.1.1.1 255.0.0.0
    Switch(config-if)#no shut

    !--- Configure an interface to access the new management VLAN.

    Switch(config)#interface fastethernet 2/0/1
    Switch(config-if)#switchport access vlan 2
    Switch(config-if)#end
    Switch#

    If you issue the show run interface fastethernet 2/0/1 command, this output now displays: 

    Switch#show run interface fastethernet 2/0/1
    Building configuration...
    Current configuration : 85 bytes
    !
    interface FastEthernet2/0/1
    switchport access vlan 2
    switchport mode access
    end
    Switch#

    In order for the switch to access remote networks, you must have either:

    • A default gateway that is set for the next hop router that is directly connected to the switch

    • A dynamic routing protocol configured

    If you are not routing IP, issue the ip default-gateway ip-address command in order to configure a gateway router IP address.

    If you plan to configure dynamic routing, keep in mind that IP routing is disabled by default. You must issue the global ip routing command in order to enable IP routing. Routing Information Protocol (RIP) is the only dynamic routing protocol that is supported when you use the Standard Multilayer Software Image (SMI). The Enhanced Multilayer Software Image (EMI) is required for Interior Gateway Routing Protocol (IGRP), Enhanced IGRP (EIGRP), OSPF, and Border Gateway Protocol (BGP) support. In order to configure dynamic routing, use the router routing_protocol command. Issue the show ip route command in order to view the status of the routing table.

Pubblicato da alle

Nessun commento:

Posta un commento

Iscriviti a: Commenti sul post (Atom)