Solution “Port is not compatible with aggregators in channel 1 and cannot attach to them”

Once on Cisco Catalyst 6509-E, when I collected an aggregation of three ports, traffic began to go through only two ports and a message appeared in the logs:

Continue reading “Solution “Port is not compatible with aggregators in channel 1 and cannot attach to them””

Configure IP Unnumbered on Cisco

On the test I will configure IP Unnumbered on Cisco Catalyst 6509E with firmware 12.2(33)SXJ7, on other switches the setup is similar.
IP Unnumbered is useful, for example, when it is necessary to divide a large network into several VLANs and use the same IP addresses and also to issue white IPs in any VLAN using one gateway.

Connect to the terminal device through the console, telnet or SSH.

Continue reading “Configure IP Unnumbered on Cisco”

Back Up Cisco Catalyst 6500 Configuration

For the test, I sketched a Cisco Catalyst 6509-E automatic backup configuration script.

Actually the script itself:

#!/bin/bash
# Backup CISCO config
(
sleep 5
echo "user"
sleep 4
echo "password"
sleep 4
echo "copy running-config tftp:"
sleep 2
echo "192.168.1.4"
sleep 2
echo "cisco.cfg"
sleep 6

echo "exit"
) | telnet 192.168.1.5
mv /srv/tftp/cisco.cfg /backups/devices/cisco/`date +%Y-%m-%d`_cisco.cfg

find /backups/devices/cisco/ -type f -mtime +30 -exec rm {} \;

Add the contents of the script, for example, to the backup_cisco.sh file and add it to cron, adding the following line to the /etc/crontab file:

0 2 * * * root /backups/scripts/backup_cisco.sh > /dev/null 2>&1

The file can be opened for example in the text editor nano (Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/crontab

The script connects via telnet to 192.168.1.5 and copies the configuration to the tftp server 192.168.1.4, then the file is moved to a convenient directory for storage.
The last line in the script deletes files older than 30 days.
How to start the tftp server, see my articles: Installing and Configuring a TFTP Server in Ubuntu or Starting a TFTP server in Windows.
See also: Using and configuring CRON.

Configuring ports in Cisco switches

For the test I will configure ports on Cisco Catalyst 6509-E.

I’ll give an example of setting Access of the port (the traffic goes only over one specified vlan without a tag):

interface GigabitEthernet1/1
description TEXT
switchport
switchport access vlan 226
switchport mode access
no shutdown

Now I’ll give an example of setting Trunk of the port (traffic goes through one or several vlan with a tag only):

interface GigabitEthernet1/2
description TEXT
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 207,228
switchport mode trunk
no shutdown

And the third option, Hybrid port (traffic goes only on one vlan without a tag and on one or several vlan with a tag):

interface GigabitEthernet1/3
description TEXT
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 226
switchport trunk allowed vlan 207,226
switchport mode trunk
no shutdown

To specify parameters for several ports at once:

interface range GigabitEthernet1/1-24

We prohibit automatic switching of the port to access or trunk mode:

interface range GigabitEthernet1/1-24
switchport nonegotiate
exit

See also my article – Configuring link aggregation on the Cisco Catalyst 6500

Blocking third-party DHCP on Cisco via DHCP Snooping

On the test, I configure DHCP Snooping on the Cisco Catalyst 6509-E to block third-party DHCP servers, on the other Cisco switches, the configuration is basically the same.

After connecting to the device immediately go to the configuration mode:

enable
configure

Continue reading “Blocking third-party DHCP on Cisco via DHCP Snooping”