Non résolu
1 message(s)
0
364
Migration Cisco Catalyst 4500 vers S4128F-ON
PowerSwitch S4128F-ON/S4128T-ON
Bonjour
J'espère que ce message vous trouve bien. Je souhaiterais vous faire part de notre expérience concernant la migration de notre configuration depuis des commutateurs Cisco de la gamme Catalyst 4500 vers notre nouveau commutateur Dell de la gamme S4128F-ON. Nous avons rencontré certaines difficultés lors de cette migration, notamment avec certaines commandes que nous n'avons pas réussi à mettre en place sur le nouveau commutateur. Nous avons besoin de votre aide pour comprendre comment activer ces commandes ou si elles sont déjà activées par défaut sur les nouveaux commutateurs.
Pour faciliter la compréhension de notre situation, je vais vous partager ci-après la configuration Cisco. qui contient les lignes de commandes en rouge indiquent les commandes que nous avons pas réussi à ajouter sur le nouveau commutateur Dell. Nous aimerions que vous examiniez cette configuration et nous fournissiez des conseils sur la meilleure approche pour que ces commandes soient opérationnelles.
Nous sommes très satisfaits de notre nouveau commutateur Dell et nous apprécions grandement votre support dans cette transition. Nous avons confiance en votre expertise pour nous aider à résoudre ce problème spécifique.
Je reste à votre disposition pour toute information supplémentaire que vous pourriez nécessiter. Je vous remercie par avance pour votre aide et votre attention à cette affaire.
==============================================
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
service unsupported-transceiver
!
hostname sw00.wan.noc.rabat
!
boot-start-marker
boot system flash bootflash:cat4500e-universalk9.SPA.03.08.00.E.152-4.E.bin
boot-end-marker
!
!
vrf definition mgmtVrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
username bouhaddou privilege 15 secret 5 $1$aIzM$MGYWYt3B0GNl55poi6DPr1
username sami privilege 15 secret 5 $1$u7NX$g3Vr6LKxHRMaIqLZODFEl0
username merrouch privilege 15 secret 5 $1$gFDO$9H8xn9faXI2DtglmwaUYP/
username noc privilege 5 secret 5 $1$POBc$nRJsL0sYaqI3ezj0rksgn.
no aaa new-model
clock timezone UTC+1 1 0
hw-module uplink select tengigabitethernet
!
!
!
!
!
!
ip vrf Liin-vrf
!
ip domain-name marwan.ma
ip name-server 2001:4310:F1:D::160
ip name-server 2001:4310:F1:D::170
!
!
ipv6 nd raguard policy marwab-noc
device-role router
!
ipv6 unicast-routing
ipv6 multicast-routing
vtp domain null
vtp mode off
!
!
flow record marwan-noc-sw00
description netflow for sw00.wan.noc.rabat.marwan.ma
match ipv4 tos
match ipv4 source address
match ipv4 destination address
match ipv6 traffic-class
match ipv6 source address
match ipv6 destination address
match transport source-port
match transport destination-port
collect interface input
collect interface output
collect counter bytes permanent
collect counter packets permanent
!
!
flow exporter marwan-noc-sw00
destination 196.200.160.222
source Vlan160
transport udp 9996
template data timeout 30
!
!
flow monitor marwan-noc-sw00
exporter marwan-noc-sw00
cache timeout active 300
record marwan-noc-sw00
!
!
!
no errdisable detect cause gbic-invalid
power redundancy-mode redundant
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 7
name LAN-CNRST-7
!
vlan 20
name LAN-CNRST-20
!
vlan 40
name LAN-CNRST-40
!
vlan 114
name DMZ-CNRST
!
vlan 128
name DMZ-MARWAN-NOC
!
vlan 160
name WAN-MARWAN-NOC
!
vlan 161
name GEANT-routes
!
vlan 190
name anycast
!
vlan 191
name p2p with Netnod
!
vlan 200
name LAN-MARWAN-NOC
!
vlan 203
name mgmt
!
interface FastEthernet1
vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
!
interface TenGigabitEthernet1/2
description To IBM blade - top switch
switchport mode trunk
!
interface GigabitEthernet2/3
description To videoconf
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet2/42
description netnod i-root dns maintenance interface
switchport access vlan 160
switchport mode access
!
interface GigabitEthernet2/45
switchport access vlan 114
switchport mode access
!
interface GigabitEthernet2/46
description All LAN-CNRST vlans trunk
switchport trunk allowed vlan 7,20,40
switchport mode trunk
!
interface GigabitEthernet2/47
description To sw00.lan.noc
switchport trunk allowed vlan 200,203
switchport mode trunk
!
interface GigabitEthernet2/48
description To sw00.dmz.noc
switchport access vlan 128
switchport mode access
!
interface GigabitEthernet3/3
description To MaGrid
switchport access vlan 160
switchport mode access
!
interface TenGigabitEthernet5/1
description To WAN interface in firewall (wan.noc.rabat.marwan.ma)
switchport access vlan 160
switchport mode access
!
interface TenGigabitEthernet5/2
switchport access vlan 160
switchport trunk allowed vlan 160,161
switchport trunk native vlan 160
switchport mode trunk
!
interface TenGigabitEthernet5/3
switchport access vlan 160
switchport trunk allowed vlan 160,161
switchport trunk native vlan 160
switchport mode trunk
!
interface TenGigabitEthernet5/7
!
interface TenGigabitEthernet5/8
description To Netnod i.root-servers.net
switchport access vlan 191
switchport mode access
!
interface TenGigabitEthernet5/9
description netnod i-root dns admin interface
switchport access vlan 160
switchport mode access
!
interface TenGigabitEthernet5/10
description To MARWAN CLOUD (sw00.cloud.marwan.ma)
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan160
ip address 196.200.160.4 255.255.255.128
ipv6 address 2001:4310:F1::4/64
ipv6 enable
!
interface Vlan 161
ip address 10.0.0.2/30
ipv6 address 2001:4310:F1:BEEB::2/64
ipv6 enable
!
interface Vlan 190
ip address 196.200.190.4/24
!
interface Vlan 191
ip address 196.200.191.249/30
ipv6 address 2001:4310:80ED:70D::1/126
ipv6 enable
!
interface Vlan 203
ip address 192.168.203.2 255.255.255.0
!
router bgp 30983
bgp router-id 196.200.160.4
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
no bgp default ipv4-unicast
neighbor 10.0.0.1 remote-as 30983
neighbor 10.0.0.1 description FG-GEANT-routes
neighbor 10.0.0.1 update-source Vlan161
neighbor 10.0.0.1 ha-mode graceful-restart
neighbor 2001:4310:F1::40 remote-as 328066
neighbor 2001:4310:F1::40 password 7 08734F1E0F570345175B42173F292A2D27
neighbor 2001:4310:F1::40 update-source Vlan160
neighbor 2001:4310:F1::40 ha-mode graceful-restart
neighbor 2001:4310:F1:D::134 remote-as 30983
neighbor 2001:4310:F1:D::134 description looking-glass
neighbor 2001:4310:F1:D::134 ebgp-multihop 2
neighbor 2001:4310:F1:BEEB::1 remote-as 30983
neighbor 2001:4310:F1:BEEB::1 description FG-GEANT-routes
neighbor 2001:4310:F1:BEEB::1 update-source Vlan161
neighbor 2001:4310:F1:BEEB::1 ha-mode graceful-restart
neighbor 2001:4310:80ED:70D::2 remote-as 8674
neighbor 2001:4310:80ED:70D::2 description Netnod i root DNS
neighbor 196.200.160.50 remote-as 65000
neighbor 196.200.160.50 ha-mode graceful-restart
neighbor 196.200.160.134 remote-as 30983
neighbor 196.200.160.134 description looking-glass
neighbor 196.200.160.134 ebgp-multihop 2
neighbor 196.200.160.134 update-source Vlan160
neighbor 196.200.191.250 remote-as 8674
neighbor 196.200.191.250 description Netnod_i-root_DNS
!
address-family ipv4
network 0.0.0.0
network 196.12.203.0/24
network 196.200.128.0/18
network 196.200.128.0/19
network 196.200.160.0/19
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 next-hop-self
neighbor 10.0.0.1 prefix-list FG-GEANT-vlan161-v4 in
neighbor 10.0.0.1 route-map i-root-to-noc-v4 out
neighbor 196.200.160.50 activate
neighbor 196.200.160.50 prefix-list anycast-in in
neighbor 196.200.160.50 prefix-list deny-any out
neighbor 196.200.160.134 activate
neighbor 196.200.160.134 prefix-list deny-any in
neighbor 196.200.191.250 activate
neighbor 196.200.191.250 prefix-list no-default in
default-information originate
exit-address-family
!
address-family ipv6
default-information originate
network ::/0
network 2001:4310::/32
network 2001:4310::/33
network 2001:4310:8000::/33
neighbor 2001:4310:EC:1::10 activate
neighbor 2001:4310:EC:1::10 prefix-list deny-any-ipv6 in
neighbor 2001:4310:EC:1::10 prefix-list FNA-out-ipv6 out
neighbor 2001:4310:F1::40 activate
neighbor 2001:4310:F1:D::134 activate
neighbor 2001:4310:F1:D::134 prefix-list deny-any-ipv6 in
neighbor 2001:4310:F1:BEEB::1 activate
neighbor 2001:4310:F1:BEEB::1 next-hop-self
neighbor 2001:4310:F1:BEEB::1 prefix-list FG-GEANT-vlan161-v6 in
neighbor 2001:4310:F1:BEEB::1 route-map i-root-to-noc-v4 out
neighbor 2001:4310:80ED:70D::2 activate
neighbor 2001:4310:80ED:70D::2 prefix-list no-defaultv6 in
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip as-path access-list 1 permit ^199354_
ip as-path access-list 2 permit ^8674_
ip route 0.0.0.0/0 196.200.160.1
ip route 192.168.7.0/24 196.200.160.2
ip route 196.12.203.0/24 196.200.160.1 name MARWAN-via-default
ip route 196.200.128.0/18 196.200.160.1 10 name MARWAN-via-default
ip route 196.200.128.0/19 196.200.160.1 10 name MARWAN-via-default
ip route 196.200.129.128/26 196.200.159.254
ip route 196.200.131.0/24 196.200.160.1
ip route 196.200.160.0/19 196.200.160.1 10 name MARWAN-via-default
ip route 196.200.160.128/25 196.200.160.2
ip ssh time-out 50
ip ssh logging events
ip ssh version 2
!
ip access-list standard NMS-NOC
permit 196.200.160.0 0.0.0.255
!
!
!
!
ip prefix-list FG-GEANT-vlan161-v4 seq 5 deny 196.200.128.0/18
ip prefix-list FG-GEANT-vlan161-v4 seq 10 deny 196.200.128.0/19
ip prefix-list FG-GEANT-vlan161-v4 seq 15 deny 196.200.160.0/19
ip prefix-list FG-GEANT-vlan161-v4 seq 20 deny 0.0.0.0/0
ip prefix-list FG-GEANT-vlan161-v4 seq 30 permit 0.0.0.0/0 le 32
!
ip prefix-list FNA-Out seq 5 permit 196.200.128.0/18
ip prefix-list FNA-Out seq 10 permit 196.200.128.0/19
ip prefix-list FNA-Out seq 15 permit 196.200.160.0/19
ip prefix-list FNA-Out seq 20 permit 196.12.203.0/24
!
ip prefix-list NOC-to-MARWAN-out-v4 seq 5 deny 196.200.128.0/18
ip prefix-list NOC-to-MARWAN-out-v4 seq 10 deny 196.200.128.0/19
ip prefix-list NOC-to-MARWAN-out-v4 seq 15 deny 196.200.160.0/19
ip prefix-list NOC-to-MARWAN-out-v4 seq 20 deny 196.12.203.0/24
ip prefix-list NOC-to-MARWAN-out-v4 seq 25 deny 0.0.0.0/0
ip prefix-list NOC-to-MARWAN-out-v4 seq 30 permit 0.0.0.0/0 le 32
!
ip prefix-list anycast-in seq 5 permit 196.200.190.0/24
ip prefix-list anycast-in seq 10 permit 102.216.118.0/24
!
ip prefix-list deny-any seq 5 deny 0.0.0.0/0 le 32
!
ip prefix-list no-default seq 5 deny 0.0.0.0/0
ip prefix-list no-default seq 10 permit 0.0.0.0/0 le 32
!
ip prefix-list only-default-route-v4 seq 10 permit 0.0.0.0/0
!
ip prefix-list to-netnod-admin description Allow Netnod ranges to admin interface
ip prefix-list to-netnod-admin seq 5 permit 192.71.80.0/24
ip prefix-list to-netnod-admin seq 10 permit 192.36.133.0/24
ip prefix-list to-netnod-admin seq 15 permit 192.36.134.0/24
ip sla 10
udp-jitter 185.19.231.226 5000 num-packets 50 interval 10
frequency 30
ip sla schedule 10 start-time now
ip sla responder
logging host 196.200.160.181
ipv6 route 2001:4310:EC:1::/64 2001:4310:EC:2::2
ipv6 route 2001:4310:F1:D::/64 2001:4310:F1::2
ipv6 route 2001:4310:F1:6060::/64 2001:4310:F1::68 name prometheus
ipv6 route 2001:4310:F1::/48 2001:4310:F1::2
ipv6 route 2001:4310::/33 2001:4310:F1::1 10 name MARWAN-via-default
ipv6 route 2001:4310:8000::/33 2001:4310:F1::1 10 name MARWAN-via-default
ipv6 route 2001:4310::/32 2001:4310:F1::1 10 name MARWAN-via-default
ipv6 route ::/0 2001:4310:F1::1
ipv6 route ::/0 Eth 1/1/23 TenGigabitEthernet5/3
ipv6 route ::/0 Eth 1/1/24 TenGigabitEthernet5/2
!
!
!
ipv6 prefix-list FG-GEANT-vlan161-v6 seq 5 deny 2001:4310::/32
ipv6 prefix-list FG-GEANT-vlan161-v6 seq 10 deny 2001:4310::/33
ipv6 prefix-list FG-GEANT-vlan161-v6 seq 15 deny 2001:4310:8000::/33
ipv6 prefix-list FG-GEANT-vlan161-v6 seq 20 deny ::/0
ipv6 prefix-list FG-GEANT-vlan161-v6 seq 30 permit ::/0 le 128
!
ipv6 prefix-list FNA-Out-ipv6 seq 5 permit 2001:4310::/32
ipv6 prefix-list FNA-Out-ipv6 seq 10 permit 2001:4310::/33
ipv6 prefix-list FNA-Out-ipv6 seq 15 permit 2001:4310:8000::/33
!
ipv6 prefix-list NOC-to-MARWAN-out-v6 seq 5 deny 2001:4310::/32
ipv6 prefix-list NOC-to-MARWAN-out-v6 seq 10 deny 2001:4310::/33
ipv6 prefix-list NOC-to-MARWAN-out-v6 seq 15 deny 2001:4310:8000::/33
ipv6 prefix-list NOC-to-MARWAN-out-v6 seq 20 deny ::/0
ipv6 prefix-list NOC-to-MARWAN-out-v6 seq 25 permit ::/0 le 128
!
ipv6 prefix-list deny-any-ipv6 seq 5 deny ::/0 le 128
!
ipv6 prefix-list no-defaultv6 seq 5 deny ::/0
ipv6 prefix-list no-defaultv6 seq 10 permit ::/0 le 128
!
ipv6 prefix-list only-default-route-v6 seq 10 permit ::/0
route-map to-casa-rabat-v4 permit 10
match as-path 1
!
route-map to-gw-noc-v4 permit 10
match as-path 1
!
route-map to-gw-noc-v4 deny 20
!
route-map i-root-to-noc-v4 permit 10
match as-path 2
!
snmp-server community public RO
snmp-server community NOCMW4 RO acl NMS-NOC
snmp-server enable traps bgp state-changes
!
tftp-server nvram:startup-config
!
!
line con 0
stopbits 1
line vty 0 4
session-timeout 35791
exec-timeout 0 0
password 7 00071A150754
login local
transport input ssh
escape-character 3
line vty 5 14
session-timeout 35791
exec-timeout 0 0
password 7 00071A150754
login local
transport input ssh
escape-character 3
line vty 15
session-timeout 35791
password 7 00071A150754
login local
transport input ssh
escape-character 3
line vty 16
password 7 00071A15075459
login local
transport input ssh
!
ntp update-calendar
ntp server 2001:4310:F6::160
ntp server 2001:4310:F1::123
!
end
==========================================================
Cordialement,
Aziz EL ASSRI
DELL-Marco B
Moderator
Moderator
•
3.4K messages
0
18 mai 2023 07:00
Bonjour,
malheuresement je peux pas vous aider, il s'agit de une configuration et optimization avancé, n'est pas prise en compte par le support.
Vous pouvez eventuellment contacter pour un ticket de configuration votre commerciale,.
Cordialement