Common errdisable recovery Commands

errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause unicast-flood
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause arp-inspection
errdisable recovery interval 360

Cisco 6500 VSS - convert config commands

Switch -A 

conf t
 switch virtual domain 10
 switch 1


int port-channel 1
 switchport
 switch virtual link 1
 no shut
 exit

int range Te1/1 - 2
 switchport mode trunk
 channel-group 1 mode on


switch convert mode virtual
++++++++++++++++++++++++++++++
Switch -B

conf t
 switch virtual domain 10
 switch 2

int port-channel 2
 switchport
 switch virtual link 2
 no shut
 exit

int range Te1/1 - 2
 switchport mode trunk
 channel-group 2 mode on

switch convert mode virtual

Useful Cisco Network devices Show commands to capture info before migrations .

ter len 0 

show run 
show ip int brief
show int descr
show interface status
show vtp status
show vlan brief
show int trunk
show etherchannel summary
show errdisable recovery
show errdisable detect
show interfaces stats
show interfaces counters
show interfaces switchport
show interfaces transceiver
show spanning-tree summary
show spanning-tree root
show spanning-tree blockedports 
show spanning-tree active detail
show spanning-tree port-priority
show spanning-tree summary totals
show spanning-tree mst configuration
show spanning-tree active
show spanning-tree bridge
show spanning-tree brief
show spanning-tree detail
show spanning-tree interface
show spanning-tree vlan
show ip protocol
show ip eigrp neighbors
show ip eigrp neighbors detail
show ip eigrp interfaces
show ip eigrp topology
show ip eigrp traffic
show ip route summary
show ip route
show ip masks
show standby brief
show monitor session all 
show switch virtual
show switch virtual link
show switch virtual dual-active summary
show switch virtual redundancy
show switch virtual role
show cdp neighbor
show cdp neighbor detail 
show ver
show inventory
show module
show power
show ip arp
show env all

Cisco - Nexus vPC Config commands .

feature vpc

interface Ethernet1/48
  description peer-keepalive
  vrf member peer-keepalive
  ip address 10.19.1.161/30
  no shutdown

interface port-channel1
  switchport
  switchport mode fabricpath
  vpc peer-link


interface Ethernet1/1
  description peer-link to Other Switch
  switchport
  channel-group 1 mode active
  no shutdown 
  
interface Ethernet2/1
  description peer-link to Other Switch 
  switchport
  channel-group 1 mode active
  no shutdown
  

vpc domain 1
  peer-switch
  role priority 2000
  system-priority 100
  peer-keepalive destination 10.19.1.161 source 10.19.1.162 vrf peer-keepalive
  peer-gateway

====================

switch# sh vpc brief 

Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     : 1   
vPC+ switch id                    : 1
Peer status                       : peer adjacency formed ok      
vPC keep-alive status             : peer is alive                 
vPC fabricpath status             : peer is reachable through fabricpath
Configuration consistency status  : success 
Per-vlan consistency status       : success                       
Type-2 consistency status         : success 
vPC role                          : primary                       
Number of vPCs configured         : 64  
Peer Gateway                      : Enabled
Peer gateway excluded VLANs       : -
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              : Enabled (timeout = 240 seconds)
Fabricpath load balancing         : Disabled
Port Channel Limit                : limit to 244

vPC Peer-link status
---------------------------------------------------------------------
id   Port   Status Active vlans    
--   ----   ------ --------------------------------------------------
1    Po1    up     30-32                  

vPC status
-------------------------------------------------------------------------------
id   Port      Status Consistency Reason           Active vlans  vPC+ Attribute
--   ----      ------ ----------- ------           ------------  --------------

101  Po101     up     success     success          30-32        1.11.65535   

Cisco Terminal Server Config template

!
hostname Terminal-server-Router
!
boot-start-marker
boot-end-marker
!

!
no aaa new-model

!
ip domain name << your domain name >>
ip host Device-1 2003 172.21.1.1
ip host Device-2 2004 172.21.1.1
ip host Device-3 2005 172.21.1.1
ip host Device-4 2015 172.21.1.1
ip host Device-5 2007 172.21.1.1
ip host Device-6 2008 172.21.1.1
ip host Device-7 2009 172.21.1.1
ip host Device-8 2010 172.21.1.1
 <<< These Commands continues as per no of serial lines in your device >>>
!
!
!
username <<-->> privilege 15 password 7 <<<-->>>
!
!
!
!
!
!
!
interface Loopback0
 ip address 172.21.1.1 255.0.0.0
!

interface GigabitEthernet0/0
 description *** Uplink to Mgmt Switch ***
 ip address X.X.X.X Y.Y.Y.Y --> IP address to acees the terminal server router
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 Z.Z.Z.Z --> Default gateway of the terminal server router
!
!
line con 0
 login local
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line 0/0/0 0/0/15
 exec-timeout 0 0
 no exec
 transport input telnet
 transport output none
 stopbits 1
 flowcontrol hardware
line vty 0 4
 login local
 transport input telnet
 transport output telnet ssh
line vty 5 15
 login local
 transport input telnet
 transport output telnet ssh

MTU on Cisco Devices

L2 switched frames that exceed the MTU configured on the switch are dropped since fragmentation is a function of L3 routing. Port will not accept the bigger frames and it can not tell the server to do the fragmentation .

MTU command on the SVI affects the MTU size of all packets including IP. IP MTU only affects the MTU of IP packets.

On platforms where the 'system mtu routing' is available, it only applies to L3 interfaces. L3 routed frames that need to be fragmented are software switched and most switches today forward traffic at line rate so it would be bad design if L3 traffic gets fragmented on the switch.

'system mtu' affects the MTU of all the interfaces on the switch.Its a global command and impacts the over all traffic on all the interfaces . Based on the device models , the platform can support jumbo MTU like upto 9000 , which is required for some none standard traffic like FCoE and devices which can generate bigger frames for bulk of data transfer .

spanning tree protocol, Radia Perlman Poem

The inventor of the spanning tree protocol, Radia Perlman, wrote a poem to describe how it works.11 When reading the poem it helps to know that in math terms, a network can be represented as a type of graph called a mesh, and that the goal of the spanning tree protocol is to turn any given network mesh into a tree structure with no loops that spans the entire set of network segments.

I think that I shall never see

A graph more lovely than a tree.

A tree whose crucial property

Is loop-free connectivity.

A tree that must be sure to span

So packets can reach every LAN.

First, the root must be selected.

By ID, it is elected.

Least cost paths from root are traced.

In the tree, these paths are placed.

A mesh is made by folks like me,

Then bridges find a spanning tree.

— Radia Perlman

Spanning Tree Protocol

The purpose of the spanning tree protocol (STP) is to allow switches to automatically create a loop-free set of paths, even in a complex network with multiple paths connecting multiple switches. It provides the ability to dynamically create a tree topology in a network by blocking any packet forwarding on certain ports, and ensures that a set of Ethernet switches can automatically configure themselves to produce loop-free paths.

Operation of the spanning tree algorithm is based on configuration messages sent by each switch in packets called Bridge Protocol Data Units, or BPDUs. Each BPDU packet is sent to a destination multicast address that has been assigned to spanning tree operation.

The process of creating a spanning tree begins by using the information in the BPDU configuration messages to automatically elect a root bridge. The election is based on a bridge ID (BID) which, in turn, is based on the combination of a configurable bridge priority value (32,768 by default) and the unique Ethernet MAC address assigned on each bridge for use by the spanning tree process, called the system MAC. Bridges send BPDUs to one another, and the bridge with the lowest BID is automatically elected to be the root bridge.

Once a root bridge is chosen, each non-root bridge uses that information to determine which of its ports has the least-cost path to the root bridge, then assigns that port to be

the root port (RP). All other bridges determine which of their ports connected to other links has the least-cost path to the root bridge. The bridge with the least-cost path is assigned the role of designated bridge (DB), and the ports on the DB are assigned as designated ports (DP).

The bridge multicast group MAC address is 01-80-C2-00-00-00. Vendor-specific spanning tree enhancements may also use other addresses. For example, Cisco per-VLAN spanning tree (PVST) sends BPDUs to address 01-00-0C-CC-CC-CD.

The path cost is based on the speed at which the ports operate, with higher speeds resulting in lower costs. As BPDU packets travel through the system, they accumulate information about the number of ports they travel through and the speed of each port. Paths with slower speed ports will have higher costs. The total cost of a given path through multiple switches is the sum of the costs of all the ports on that path.

While blocked ports do not forward packets, they continue to receive BPDUs.

The Rapid Spanning Tree Protocol (RSTP) sends BPDU packets every two seconds to monitor the state of the network, and a blocked port may become unblocked when a path change is detected.

Spanning Tree Port States

Disabled

A port in this state has been intentionally shut down by an administrator, or has automatically shut down because the link was disconnected. This also could be a port that has failed, and is no longer operational.

Blocking

A port that is enabled, but is not a root port or designated port could cause a switching loop if it were active. To avoid that, the port is placed in the blocking state. No station data is sent or received over a blocking port.  A blocking port may also transition to the forwarding state if other links fail. BPDU data is still received while a port is in the blocking state.

Listening

In this state, the port discards traffic but continues to process BPDUs received on the port, and acts on any new information that would cause the port to return to the blocked state. Based on information received in BPDUs, the port may transition to the learning state. The listening state allows the spanning tree algorithm to decide whether the attributes of this port, such as port cost, would cause the port to become part of the spanning tree or return to the blocking state.

Learning

In this state, the port does not yet forward frames, but it does learn source addresses from any frames received and adds them to the filtering database. The switch will  populate the MAC address table with packets heard on the port (until the timer expires), before moving to the forwarding state.

Forwarding

This is the operational state in which a port sends and receives station data. Incoming BPDUs are also monitored to allow the bridge to detect if it needs to move the port into the blocking state to prevent a loop.

What an Ethernet Switch Does ?

1. They copy Ethernet frames from one switch port to another, based on the Media Access Control (MAC) addresses in the Ethernet frames.
2. Switches make traffic forwarding decisions based on the 48-bit media access control (MAC) addresses used in LAN standards, including Ethernet.
3. As each frame is received on each port, the switching software looks at the source address of the frame and adds that source address to a table of addresses that the switch maintains. This is how the switch automatically discovers which stations are reachable on which ports.
4. When the switch receives a frame that is destined for a station address that it hasn’t yet seen, the switch will send the frame out all of the ports other than the port on which is arrived. This process is called flooding,
5. The switch will not forward a frame destined for a station that is in the forwarding database onto a port unless that port is connected to the target destination. In other words, traffic destined for a device on a given port will only be sent to that port; no other ports will see the traffic intended for that device.
6. Switches automatically age out entries in their forwarding database after a period of time—typically five minutes—if they do not see any frames from a station. Therefore,if a station doesn’t send traffic for a designated period, then the switch will delete the forwarding entry for that station. This keeps the forwarding database from growing full of stale entries that might not reflect reality.
7. A packet sent to the broadcast address (the address of all 1s) is received by every station on the LAN. Since broadcast packets must be received by all stations on the network, the switch will achieve that goal by flooding broadcast packets out all ports except the port that it was received on, since there’s no need to send the packet back to the originating device. This way, a broadcast packet sent by any station will reach all other stations on the LAN.
8. On a network with switches connected together to form a packet forwarding loop, packets will circulate endlessly around the loop, building up to very high levels of traffic and causing an overload. The looped packets will circulate at the maximum rate of the network links, until the traffic rate gets so high that the network is saturated. Broadcast and multicast frames, as well as unicast frames to unknown destinations, are normally flooded to all ports in a basic switch, and all of this traffic will circulate in such a loop. Once a loop is formed, this failure mode can happen very rapidly, causing the network to be fully occupied with sending broadcast, multicast, and unknown frames, and it becomes very difficult for stations to send actual traffic.