Difference between revisions of "8021Q"

From RackTables Wiki
Jump to navigation Jump to search
Line 36: Line 36:
 
</pre>
 
</pre>
  
== vendor-specific setup ==
+
== vendor-specific switch setup ==
 
===IOS===
 
===IOS===
 
* Every port, which is intended to perform switching, must have "switchport mode" explicitly set in its "interface" section.
 
* Every port, which is intended to perform switching, must have "switchport mode" explicitly set in its "interface" section.

Revision as of 22:52, 12 June 2010

802.1Q VLAN management in RackTables

known limitations

  • port naming is fixed and cannot be changed
  • importing configuration for a port, which has VLANs 1~4094 allowed, is very slow
  • for uplink-downlink reverb feature to work, both ports must have correct markup, have respective records on the Ports tab, and these records must be linked
  • there is no support for configuration templates like those in LiveVLANs
  • VLAN1 cannot be used on uplink or downlink ports
  • VLAN domains require a special setup procedure to work properly
  • unbinding of 802.1Q order hides existing 802.1Q ports config, blocking object deletion
  • not all hardware supports trunk ports w/o allowed VLANs, and this is not handled by RackTables
  • ExtemeOS requires a special VLAN naming scheme
  • there is no user interface for the "disabled" deploy queue
  • "max VLANs per switch" option of VLAN switch template is stored, but always ignored
  • VRP's "hybrid untagged VLANs" (which are not to be confused with "native" VLAN) break normal management until they are "undone"

RackTables server setup

RackTables has a special component named "deviceconfig" to deliver configuration from and to managed switches. This component is a set of executable scripts located in gateways/deviceconfig directory (which is probably located in the main RackTables directory). Description below is accurate for RackTables 0.18.x, but may change in future versions.

In deviceconfig directory one can see a sample file named switch.secrets.php-sample. The real file, which will be used by the system, is switch.secrets.php, and the simplest way to have it created properly is to copy it from the sample file. The file has the following format:

Any text (this is by default a piece of PHP code,
which hides contents of the whole file, when the file is
accessed with HTTP).

Marker below enables password scanning and must be left intact.
# S-T-A-R-T
<hostname regexp> telnet - - <user_name|-> <user_password|-> <super_password|->
<hostname regexp> telnet - - <user_name|-> <user_password|-> <super_password|->
<hostname regexp> telnet - - <user_name|-> <user_password|-> <super_password|->
<hostname regexp> telnet - - <user_name|-> <user_password|-> <super_password|->
# S-T-O-P
Marker above disables password scanning and must be left intact.

Any text (again, a piece of PHP code).

vendor-specific switch setup

IOS

  • Every port, which is intended to perform switching, must have "switchport mode" explicitly set in its "interface" section.
  • VTP mode must be set to "transparent".

XOS

  • Every VLAN besides "Default" and "Mgmt" (that is, any VLAN created by the user) must be named "VLANx", where x is VLAN tag ID. For example, "VLAN2", "VLAN123", "VLAN4000".