cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Lenovo Employee JVOSS2
Lenovo Employee
Posts: 387
Registered: ‎07-17-2018
Location: US
Views: 145
Message 11 of 19

Re: [OPINION] NE1032T + CE0152TB config

Great! Glad everything is working. The config consistency check is there to make sure everything matches for all VLAG configured ports. This prevents any problems that could be caused from a mismatch. If you make a change to one and see a consistency check fail that is ok, just head to the other switch and make the same configuration change and it will resolve itself.

 

Please let us know if you have any further questions. If everything seems fine and there are no further questions please consider resolving this thread so it can someone in the future.

Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 139
Message 12 of 19

Re: [OPINION] NE1032T + CE0152TB config

One more issue...i can't get the traffic goes from the CE's Stack to the NE's. Since CE's management CLI is a bit limited, i can't found the issue.

 

I put two PC's in the same VLAN (150), one in the NE1032 and one in the CE0152 and i can't make it ping between them...port channel is up, lag 1 interface is in trunk mode and allowing all vlans. i am lost.

 

CE config

 

serviceport protocol none
serviceport ip 10.65.60.12 255.255.255.0 10.65.60.1
no serviceport ipv6 enable
network parms 10.65.10.12 255.255.255.0 10.65.10.1
no network ipv6 enable
boot auto-copy-sw
vlan database
vlan 5,10,48,60,70,80,90-91,150,159-161,169,220-225,255
exit

configure
stack
member 1 3
member 2 3
exit              
slot 1/0 3        
set slot power 1/0
no set slot disable 1/0
slot 2/0 3
set slot power 2/0
no set slot disable 2/0


line console
exit

line telnet
exit

line ssh
exit

port-channel name 0/3/1 "Uplink NE1032"
interface 1/0/49
addport 0/3/1
exit
interface 2/0/49
addport 0/3/1
exit              
interface 1/0/50  
addport 0/3/1     
exit              
interface 2/0/50  
addport 0/3/1     
exit              
snmp-server sysname "Gigabit SW#1"
snmp-server location "Datacenter"
snmp-server contact "Pablo Salaberri"
!                 
                  
interface 1/0/1   
switchport mode access
switchport access vlan 150
vlan pvid 150     
exit              
                  
                  
                  
interface 1/0/49  
mtu 9198          
exit              
                  
                  
                  
interface 1/0/50  
mtu 9198          
exit              
                  
                  
                  
interface 2/0/49
mtu 9198
exit



interface 2/0/50
mtu 9198
exit



interface lag 1
no port-channel static
switchport mode trunk
exit


router rip
exit
router ospf
exit
ipv6 router ospf  
exit              
exit             

 

 

and the NE

 

interface Ethernet1/29
 description CE0152TB Uplinks
 switchport mode trunk
 mtu 9198
 channel-group 1 mode active
 auto-policy enable
!
interface Ethernet1/30
 description CE0152TB Uplinks
 switchport mode trunk
 mtu 9198
 channel-group 1 mode active
 auto-policy enable

 

interface port-channel1
 switchport mode trunk
 mtu 9198

 

what am i missing?

 

Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 130
Message 13 of 19

Re: [OPINION] NE1032T + CE0152TB config

Nevermind...now it's working like a charm...seems that since i forgot to declare VLAN5 in the CE0152 and for the NE's the default outside route is VLAN 5...well, thinks it didn't like it Smiley Happy

 

Thanks!....

Lenovo Employee JVOSS2
Lenovo Employee
Posts: 387
Registered: ‎07-17-2018
Location: US
Views: 127
Message 14 of 19

Re: [OPINION] NE1032T + CE0152TB config

Glad you found it. I was just logging into a CE switch to see what could be missing. Everything else working as expected?

Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 119
Message 15 of 19

Re: [OPINION] NE1032T + CE0152TB config

I will deploy the switches today (was in the lab for testing before going into prod) but looks good

Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 109
Message 16 of 19

Re: [OPINION] NE1032T + CE0152TB config

**bleep** it...still fighting

 

I put the switches into the rack, deploy the fiber links and some cabling (for example, 2 ports between the CE0152TB and the firewall in LACP that works fine in the NE1032)

 

Now i can't access some vlans even being in the same switch.

 

I decide to move the firewall ports into the CE0152TB since the FW is Gigabit so i want to avoid wasting 2 10Gbps ports.

 

CE config

 

show running-config

!Current Configuration:
!
!System Description "Lenovo CE0152TB Switch, Campus NOS 8.4.3.2, Linux 4.4.145, U-Boot 2012.10-0"
!System Software Version "8.4.3.2"
!System Up Time          "0 days 1 hrs 49 mins 28 secs"
!Additional Packages     QOS,Multicast,IPv6,IPv6 Management,Stacking,Routing
!Current SNTP Synchronized Time: SNTP Client Mode Is Disabled
!
serviceport protocol none
serviceport ip 10.65.60.12 255.255.255.0 10.65.60.1
no serviceport ipv6 enable
network parms 10.65.10.12 255.255.255.0 10.65.10.1
no network ipv6 enable
boot auto-copy-sw
vlan database
vlan 5,10,48,60,70,80,90-91,150,159-161,169,220-225,255
exit

configure
stack
member 1 3
member 2 3
exit
slot 1/0 3
set slot power 1/0
no set slot disable 1/0
slot 2/0 3
set slot power 2/0
no set slot disable 2/0


line console
exit

line telnet
exit

line ssh
exit

port-channel name 0/3/1 "Uplink NE1032"
interface 1/0/49
addport 0/3/1
exit
interface 2/0/49
addport 0/3/1
exit
interface 1/0/50
addport 0/3/1
exit
interface 2/0/50
addport 0/3/1
exit
port-channel name 0/3/2 "Uplink Firewall"
interface 1/0/1
addport 0/3/2
exit
interface 2/0/1
addport 0/3/2
exit
snmp-server sysname "Gigabit SW#1"
snmp-server location "Datacenter"
snmp-server contact "Pablo Salaberri"
!

interface 1/0/1
switchport mode access
switchport access vlan 5
vlan pvid 5
exit



interface 1/0/2
switchport mode access
switchport access vlan 150
vlan pvid 150
exit



interface 1/0/3
switchport mode access
switchport access vlan 60
vlan pvid 60
exit



interface 1/0/49
mtu 9198
exit



interface 1/0/50
mtu 9198
exit



interface 2/0/1
switchport mode access
switchport access vlan 5
vlan pvid 5
exit



interface 2/0/48
switchport mode access
switchport access vlan 60
exit



interface 2/0/49
mtu 9198
exit



interface 2/0/50
mtu 9198
exit



interface lag 1
no port-channel static
switchport mode trunk
exit



interface lag 2
no port-channel static
switchport access vlan 5
exit


router rip
exit
router ospf
exit
ipv6 router ospf
exit
exit

 

why is not routing the traffic to the NE's?

 

Also, the interVLAN in the CE0152 seems not to be working fine...example, i have a mgmt interface in the vlan 60 for the VMWARE server and a PC in the VLAN 150 as client...i even can't ping it in access mode.

 

Or (thinking out loud) should i put all ports in trunk mode and let the NE's takes care of the entire routing? and in each trunk port only assign the vlans needed?

 

Thanks

Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 92
Message 17 of 19

Re: [OPINION] NE1032T + CE0152TB config

Ok...i though that i found the issue...but not.

 

I cant make the traffic go consistently between the CE's and the NE's...i enable the routing in the CE's to play safe but nothing happens

 

Fun stuff is that i have a port connected in 2/0/48 in vlan 60, it gives ping from the NE switch without issues, but from a PC in another VLAN it gives two or 3 successful ping and later start to drop packages. Also i moved the firewall links into the NE's in a VLAG config with success.

 

 

My actual config for CE's

Current Configuration:
!
!System Description "Lenovo CE0152TB Switch, Campus NOS 8.4.3.7, Linux 4.4.145, U-Boot 2012.10-0"
!System Software Version "8.4.3.7"
!Additional Packages     QOS,Multicast,IPv6,IPv6 Management,Stacking,Routing
!Current SNTP Synchronized Time: SNTP Client Mode Is Disabled
!
serviceport protocol none
serviceport ip 10.65.60.12 255.255.255.0 10.65.60.1
no serviceport ipv6 enable
network parms 10.65.10.12 255.255.255.0 10.65.10.1
no network ipv6 enable
boot auto-copy-sw
vlan database
vlan 5,10,48,60,70,80,90-91,150,159-161,169,220-225,255
vlan routing 1 1
vlan routing 5 2
vlan routing 10 3
vlan routing 48 4
vlan routing 60 5
vlan routing 70 6
vlan routing 80 7
vlan routing 90 8
vlan routing 91 9
vlan routing 150 10
vlan routing 159 11
vlan routing 160 12
vlan routing 161 13
vlan routing 169 14
vlan routing 220 15
vlan routing 221 16
vlan routing 222 17
vlan routing 223 18
vlan routing 224 19
vlan routing 225 20
vlan routing 255 21
exit

sshcon timeout 15
configure
stack
member 1 3
member 2 3
exit
slot 1/0 3
set slot power 1/0
no set slot disable 1/0
slot 2/0 3
set slot power 2/0
no set slot disable 2/0
ip routing


line console
serial timeout 15
exit

line telnet
exit

line ssh
exit

port-channel name 0/3/1 "Uplink NE1032"
interface 1/0/49
addport 0/3/1
exit
interface 2/0/49
addport 0/3/1
exit
interface 1/0/50
addport 0/3/1
exit
interface 2/0/50
addport 0/3/1
exit
snmp-server sysname "Gigabit SW#1"
snmp-server location "Datacenter"
snmp-server contact "Pablo Salaberri"
!
ip vrrp

interface 1/0/1
switchport mode access
switchport access vlan 5
exit



interface 1/0/2
switchport mode access
switchport access vlan 150
vlan pvid 150
exit



interface 1/0/3
switchport mode access
switchport access vlan 60
vlan pvid 60
exit



interface 1/0/49
mtu 9198
exit



interface 1/0/50
mtu 9198
exit



interface 2/0/1
switchport mode access
switchport access vlan 5
exit



interface 2/0/48
switchport mode access
switchport access vlan 60
exit



interface 2/0/49
mtu 9198
exit



interface 2/0/50
mtu 9198
exit



interface lag 1
no port-channel static
switchport mode trunk
switchport trunk allowed vlan 1,5,10,48,60,70,80,90-91,150,159-161,169,220-225,255
exit



interface vlan 1
routing
exit



interface vlan 5
routing
exit



interface vlan 10
routing
exit



interface vlan 48
routing
exit



interface vlan 60
routing
exit



interface vlan 70
routing
exit



interface vlan 80
routing
exit



interface vlan 90
routing
exit



interface vlan 91
routing
exit



interface vlan 150
routing
exit



interface vlan 159
routing
exit



interface vlan 160
routing
exit



interface vlan 161
routing
exit



interface vlan 169
routing
exit



interface vlan 220
routing
exit



interface vlan 221
routing
exit



interface vlan 222
routing
exit



interface vlan 223
routing
exit



interface vlan 224
routing
exit



interface vlan 225
routing
exit



interface vlan 255
routing
exit


router rip
exit
router ospf
exit
ipv6 router ospf
exit
exit




I am lost...don't know how to solve the issue

Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 88
Message 18 of 19

Re: [OPINION] NE1032T + CE0152TB config

NE1032 #1 config

sh running-config 
!
version "10.10.3.0"
!
hostname NE1032T-1
!
banner motd "Acceso permitido solamente a personal de VSI CIVISA"
!
vrf context management
 ip route 0.0.0.0/0 10.65.5.2
!
!
username admin role network-admin password encrypted $6$4DCfXr2h$Rs/JXPH0yCJ6lUORtd9hNRuAbbCMzVWrksAns9yR5p.6gHiv8yG.11vt6zhPxlzJgdQ0Y/LZ/Dl6XeU3dl4NJ1
feature restApi 
ovsdb pki ovsdb_mgmt vrf management 
ovsdb pki ovsdb_default vrf default 
!
vlag tier-id 10
vlag isl port-channel 4001
vlag hlthchk peer-ip 10.65.60.11 
vlag enable
vlag instance 1 port-channel 1
vlag instance 1 enable
vlag instance 2 port-channel 5
vlag instance 2 enable
!
vlan 1
!
vlan 5
!
vlan 10
!
vlan 48
!
vlan 60
!
vlan 70
!
vlan 80
!
vlan 90-91
!
vlan 150
!
vlan 159-161
!
vlan 169
!
vlan 220-225
!
vlan 255
!
vlan dot1q tag native
!
interface Ethernet1/1
 switchport access vlan 150
!
interface Ethernet1/2
 switchport access vlan 60
!
interface Ethernet1/3
!
interface Ethernet1/4
!
interface Ethernet1/5
!
interface Ethernet1/6
!
interface Ethernet1/7
!
interface Ethernet1/8
!
interface Ethernet1/9
!
interface Ethernet1/10
!
interface Ethernet1/11
!
interface Ethernet1/12
!
interface Ethernet1/13
!
interface Ethernet1/14
!
interface Ethernet1/15
!
interface Ethernet1/16
!
interface Ethernet1/17
!
interface Ethernet1/18
!
interface Ethernet1/19
!
interface Ethernet1/20
!
interface Ethernet1/21
!
interface Ethernet1/22
!
interface Ethernet1/23
!
interface Ethernet1/24
 switchport access vlan 5
 channel-group 5 mode active
!
interface Ethernet1/25
!
interface Ethernet1/26
!
interface Ethernet1/27
!
interface Ethernet1/28
!
interface Ethernet1/29
 description CE0152TB Uplinks
 switchport mode trunk
 mtu 9198
 channel-group 1 mode active
 auto-policy enable
!
interface Ethernet1/30
 description CE0152TB Uplinks
 switchport mode trunk
 mtu 9198
 channel-group 1 mode active
 auto-policy enable
!
interface Ethernet1/31
 description vLAG-ISL
 switchport mode trunk
 channel-group 4001 mode active
!
interface Ethernet1/32
 description vLAG-ISL
 switchport mode trunk
 channel-group 4001 mode active
!
interface loopback0
 no switchport
!
interface mgmt0
 no switchport
 vrf member management
 no ip address dhcp
 ip address 10.65.60.10/24
 no ip address default
!
interface Vlan1
 no switchport
!
interface Vlan5
 description ACCESS TO FIREWALL
 no switchport
 ip address 10.65.5.1/24
!
interface Vlan10
 no switchport
 ip address 10.65.10.10/24
!
interface Vlan60
 description ILO/MGMT DEVICES
 no switchport
 ip address 10.65.60.1/24
!
interface Vlan70
 description CCTV/SECURITY NETWORK
 no switchport
 ip address 10.65.70.1/24
!
interface Vlan90
 description SERVER NETWORK
 no switchport
 ip address 10.65.90.1/24
!
interface Vlan91
 description TERMINAL SERVERS
 no switchport
 ip address 10.65.91.1/24
!
interface Vlan150
 description OFFICE NETWORK
 no switchport
 ip address 10.65.150.1/24
 ip dhcp relay address 10.65.90.12
!
interface Vlan159
 description OFFICE WIFI
 no switchport
 ip address 10.65.159.1/24
 ip dhcp relay address 10.65.90.12
!
interface Vlan160
 description PRODUCTION STUDIOS
 no switchport
 ip address 10.65.160.1/24
!
interface Vlan161
 description PRODUCTION STORAGE
 no switchport
 ip address 10.65.161.1/24
!
interface Vlan169
 description SHIPPING
 no switchport
 ip address 10.65.169.1/24
!
interface Vlan220
 description NFS FOR VMWARE
 no switchport
!
interface Vlan221
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan222
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan223
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan224
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan225
 description DMZ
 no switchport
!
interface Vlan255
 description GUEST WIFI
 no switchport
!
interface port-channel1
 switchport mode trunk
 mtu 9198
!
interface port-channel5
 switchport access vlan 5
!
interface port-channel4001
 switchport mode trunk
!
ip route 0.0.0.0/0 10.65.5.2
!
line con 0
line vty 0 39
!
!
!
end

NE1032 #2 config

sh running-config 
!
version "10.10.3.0"
!
hostname NE1032T-2
!
banner motd "Acceso permitido solamente a personal de VSI CIVISA"
!
vrf context management
 ip route 0.0.0.0/0 10.65.5.2
!
!
username admin role network-admin password encrypted $6$BIqvGmR8$617foVg06afoSjRUVHcjg3eP7E3/zdHS9LK/qQVTshUqitINNmJvooj0PFFCPWgqPu2Jqbudjw6yUuYmPFZWw1
feature restApi 
ovsdb pki ovsdb_mgmt vrf management 
ovsdb pki ovsdb_default vrf default 
!
vlag tier-id 10
vlag isl port-channel 4001
vlag hlthchk peer-ip 10.65.60.10 
vlag enable
vlag instance 1 port-channel 1
vlag instance 1 enable
vlag instance 2 port-channel 5
vlag instance 2 enable
!
vlan 1
!
vlan 5
!
vlan 10
!
vlan 48
!
vlan 60
!
vlan 70
!
vlan 80
!
vlan 90-91
!
vlan 150
!
vlan 159-161
!
vlan 169
!
vlan 220-225
!
vlan 255
!
vlan dot1q tag native
!
interface Ethernet1/1
 switchport mode trunk
 switchport trunk allowed vlan 10,90
!
interface Ethernet1/2
!
interface Ethernet1/3
!
interface Ethernet1/4
!
interface Ethernet1/5
!
interface Ethernet1/6
!
interface Ethernet1/7
!
interface Ethernet1/8
!
interface Ethernet1/9
!
interface Ethernet1/10
!
interface Ethernet1/11
!
interface Ethernet1/12
!
interface Ethernet1/13
!
interface Ethernet1/14
!
interface Ethernet1/15
!
interface Ethernet1/16
!
interface Ethernet1/17
!
interface Ethernet1/18
!
interface Ethernet1/19
!
interface Ethernet1/20
!
interface Ethernet1/21
!
interface Ethernet1/22
!
interface Ethernet1/23
!
interface Ethernet1/24
 switchport access vlan 5
 channel-group 5 mode active
!
interface Ethernet1/25
!
interface Ethernet1/26
!
interface Ethernet1/27
!
interface Ethernet1/28
!
interface Ethernet1/29
 description CE0152TB UPLINNKS
 switchport mode trunk
 mtu 9198
 channel-group 1 mode active
 auto-policy enable
!
interface Ethernet1/30
 description CE0152TB UPLINNKS
 switchport mode trunk
 mtu 9198
 channel-group 1 mode active
 auto-policy enable
!
interface Ethernet1/31
 description vLAG-ISL
 switchport mode trunk
 channel-group 4001 mode active
!
interface Ethernet1/32
 description vLAG-ISL
 switchport mode trunk
 channel-group 4001 mode active
!
interface loopback0
 no switchport
!
interface mgmt0
 no switchport
 vrf member management
 no ip address dhcp
 ip address 10.65.60.11/24
 no ip address default
!
interface Vlan1
 no switchport
!
interface Vlan5
 description ACCESS TO FIREWALL
 no switchport
 ip address 10.65.5.1/24
!
interface Vlan10
 no switchport
 ip address 10.65.10.11/24
!
interface Vlan60
 description ILO/MGMT DEVICES
 no switchport
 ip address 10.65.60.1/24
!
interface Vlan70
 description CCTV/SECURITY NETWORK
 no switchport
 ip address 10.65.70.1/24
!
interface Vlan90
 description SERVER NETWORK
 no switchport
 ip address 10.65.90.1/24
!
interface Vlan91
 description TERMINAL SERVERS
 no switchport
 ip address 10.65.91.1/24
!
interface Vlan150
 description OFFICE NETWORK
 no switchport
 ip address 10.65.150.1/24
 ip dhcp relay address 10.65.90.12
!
interface Vlan159
 description OFFICE WIFI
 no switchport
 ip address 10.65.159.1/24
 ip dhcp relay address 10.65.90.12
!
interface Vlan160
 description PRODUCTION STUDIOS
 no switchport
 ip address 10.65.160.1/24
!
interface Vlan161
 description PRODUCTION STORAGE
 no switchport
 ip address 10.65.161.1/24
!
interface Vlan169
 description SHIPPING
 no switchport
 ip address 10.65.169.1/24
!
interface Vlan220
 description NFS FOR VMWARE
 no switchport
!
interface Vlan221
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan222
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan223
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan224
 description iSCSI FOR VMWARE
 no switchport
!
interface Vlan225
 description DMZ
 no switchport
!
interface Vlan255
 description GUEST WIFI
 no switchport
!
interface port-channel1
 switchport mode trunk
 mtu 9198
!
interface port-channel5
 switchport access vlan 5
!
interface port-channel4001
 switchport mode trunk
!
ip route 0.0.0.0/0 10.65.5.2
!
line con 0
line vty 0 39
!
!
!
end
Highlighted
Pablo_Salaberri
Fanfold Paper
Posts: 13
Registered: ‎10-28-2019
Location: AR
Views: 54
Message 19 of 19

Re: [OPINION] NE1032T + CE0152TB config

This of self-answering my own issues is getting funny! Smiley Very Happy

 

I found the culprit of my issues....i forgot to enable VRRP in the VLANs of the 4 switches :facepalm:

 

I put a VLAN IP address to every switch (10.65.xx.2/3/4) and later i create a VRRP in every vlan pointing to 10.65.xx.1/24 and voila...traffic starts to flow like a charm without packet drops (at least in the last 4 hours)

 

My final config is attached....

 

SOOOOOO, if everything plays funny as expected...next week this babies will enter in full production.

Check out current deals!


Shop current deals

Top Kudoed Authors