CCIE Pursuit Blog

December 12, 2008

Lab Tip: Review What You’ve Typed Before Blaming IOS

I was trying to apply an IPv6 address to an interface and have it use EUI-64.  For some reason I was not able to get the ‘eui-64’ option to show up.

I immediately assumed that this was a Dynamips error:

Rack1R4(config-if)#ipv add 2001:CC1E:x:404::/64 ?
X:X:X:X::X/<0-128>  IPv6 prefix

Rack1R4(config-if)#ipv add 2001:CC1E:x:404:: ?
X:X:X:X::X/<0-128>  IPv6 prefix

Rack1R4(config-if)#ipv add 2001:CC1E:x:404::/64 ?
X:X:X:X::X/<0-128>  IPv6 prefix

Rack1R4(config-if)#ipv add 2001:CC1E:x:404::/64
% Incomplete command.

DOH!!!!  That ‘x’ was supposed to be a ‘1’ (x is a variable that you’re supposed to fill in with your rack number).  I was a bit too literal in my task interpretation.  🙂  This was a PEBKAC error and not a Dynamips issue.

But ‘x’ is not a hexadecimal character (0 – 9 and A – F) so why didn’t IOS throw an error?

Rack1R4(config-if)#ipv6 address ?
WORD                General prefix name
X:X:X:X::X          IPv6 link-local address
X:X:X:X::X/<0-128>  IPv6 prefix
autoconfig          Obtain address using autoconfiguration

Ah. IOS thought that I had configured the “general prefix name” and was expecting the address to follow.

I typed the address correctly and all was well:

Rack1R4(config-if)#ipv6 address 2001:CC1E:1:404::/64 eui-6

December 11, 2008

Lab Tip: Check For Redistribution On A Device

Filed under: Cisco,Cisco Certification,IOS,Lab Tips — cciepursuit @ 1:05 pm
Tags: , , , , ,

This can be done by many methods, but prefer to use “show run | i router|redist” to see if there is any redistribution currently on the device.  Since all routing processes include the term “router” and all redistributions include…well “redistribution”, this command will show you which – if any – redistributions are currently configured on a device:

Rack1R6(config)#do sh run | i router|redist
router eigrp 10
router ospf 100
router-id 150.1.6.6
redistribute connected subnets route-map CONN->OSPF

In this case we can see that we are redistributing connected routes into OSPF using a route-map.  Good to know before beginning mutual redistribution.

Rack1R5#sh run | i router|redist
router eigrp 100
router ospf 100
router-id 150.1.5.5

In this case we can see that there is no redistribution currently occurring on this device.

I run through this check any time I am about to configure redistribution.  I also note any redistributions on my lab topography, but it’s always good to “measure twice, cut once” 🙂

October 9, 2008

Aftermath

Filed under: Cisco,Cisco Certification,Lab Tips,Personal — cciepursuit @ 8:43 pm
Tags: , , ,

Well, it’s been exactly a week since I took the lab exam.  I’ve gone through a number of emotional states since that time.  During my lowest point (about 5 hours into the lab) I was convinced that I had wasted countless hours of studying for something that I just was not cut out for.  I initially thought that I failed the lab by quite a bit, but looking closer at the score report I can see that I was closer than I though (although it’s very difficult to calculate an exact score).  As I’ve stated, I was well prepared for the lab and it was very much something that I could have passed.  The reason for failure lies completely on my shoulders.  Fortunately I have plenty of experience with failure.  🙂 

I won’t be able to take the lab again until 2009.  I need to build up more vacation time (I accrue PTO (personal time off) at a rate of one day every two weeks) as well as catch up on a pile of work – not to mention end-of-the-year changes. 

I’m in the midst of putting together a training plan.  I had initially decided to take two weeks off but I’m going to start studying again tonight.  Initially I won’t be doing a lot of full-scale labs.  I’m going to do a LOT of reading and plan to work though all of the new IE Volume I labs.  In the past I had concentrated most of my study time on weekends because that was when I could set aside blocks of 8 – 12 hours for labs.  I’ll eventually get back to doing full-scale labs on the weekend, but since a lot more of my time will be spent reading the Cisco documentation, I am going to commit to at least an hour of study each weeknight as well.  I’ll also be reading as much documentation during the lulls at work.  I would like to personally thank the Minnesota Twins, Vikings, and Timberwolves for making sure that I am not tempted to waste any time on sports during this time.

Things I need to work on:

1) Documentation, documentation, documentation.  I need to read as much of the Cisco documentation as is possible so that I can recognize keywords and descriptions that Cisco uses for each technology.  I also need to familiarize myself better with the documentation for technologies that I know well.  I was very aware of where everything is for technologies like multicast, but I never really familiarized myself with the OSFP or QoS (that cost me 3 points!) because I felt very comfortable with those technologies.

2) No weaknesses.  I went into my first attmept very prepared, but there were some technologies that I felt that I was not 100% on and I will use the next 3 months to close the gaps on those.

3) Time management.  I need to cut down on my time creating initial diagrams and reading the lab.  I also need to be able to quickly implement a workaround and move on if I find that I am spending more than 15 minutes on a single task.  I would estimate that the average task value on my lab was around 2.75 points.  I am setting a target of finishing the lab within 6 hours with an initial read-through and diagram creation period of 40 minutes (hopefully less).  (360-40)/(100/2.75) is about 9 minutes per task.  If I have two hours left in the lab I can even make changes to the core (hopefully I don’t need to) if needed and have time to identify and fix any other tasks that may be affected by those changes.

4) Utilize the proctor.  Anytime I hit a task that I am not sure how to configure or that I need more clarification, I am going to stop and create a list of questions to ask the proctor.  I’ll try to formulate questions that can be answered simply (hopefully with a ‘yes’ or ‘no’) that also will not look like fishing expeditions.

5) No last minute review/cramming.  Nuff said.

6) Emulate the testing environment on all practice exams.  I plan to buy a bunch of plastic sleeves and binders.  I’ll print out the labs and put them in the sleeves in the binders.  During the lab I will not allow myself to write on the lab at all (a bad habit that I only tried to break one week before the lab).

Things that I though would be an issue but turned out not to be:

1) Telnet client.  I thought that this would be a bigger issue than it turned out to be.  I downloaded a copy of SecureCRT and did my last few practice labs using it.  As long as highlighting text automatically copies it to the clipboard and right-clicking pastes it, I’m fine.  I didn’t bother changing any of the defaults other than the colors during the lab.

2) Sleep.  I had very little problem sleeping soundly before the lab.  I was in the Navy and learned to sleep anywhere at anytime (my rack used to be 20 feet under the point that fighter jets landed on a carrier so I can sleep through anything).  I made the mistake of waking up to review, but I had plenty of rest before the lab and was very alert.

3) Vacation on either side of the lab.  This was the thing that I figured would lead to divorce.  🙂  I managed to push the lab out of my mind before my date.  I did get a little nervous the day before and asked my wife to get back to the hotel and study the night before.  After my failure I was still in good enough spirits that I enjoyed the rest of the vacation.  I figured that I would be nervous and grumpy before the lab and despondent and grumpy after failing.  I will note that I did put in the better part of 3 straight weeks of hardcore studying before embarking on this adventure so that may have contributed to my state of mind.

4) Noise in the lab.  I forgot to include this in my lab review, but noise was not an issue for me.  I brought in a pair of earplugs but never used them.  In San Jose, the Voice candidates are located away from the other candidates.  I remember hearing phones ringing, but there was not a lot of this and the sound was easy to ignore.  The dull hum of equipment covered any keyboard or other noise from the other candidates.  I was so locked into my own experience that I didn’t even notice anybody else.  I did talk to myself at one point and hopefully I didn’t throw off any other candidates with my insane muttering.  🙂

5) Mean proctors.  The proctor was very cool and approachable.  I sensed that he was helping me as much as he could.  I tried to phrase my inquiries as “yes or no” questions and started out each question by reading the part of the task that confused me followed by my interpretation of the task and THEN the question.  As stated before, I am going to work on this process during my review.

Besides the obvious benifits of passing the exam on your first trip is this one: not being haunted by the questions that you missed.  I’ve been obsessing about the three question run that sank me on the lab.  This is worse than any damned ghost or demon.  I don’t remember the details of most of the test but I can remember those three questions nearly word for word.

Well, enough typing.  Time to get back to studying.  After all of this I am still very confident that I can get my digits on my next attempt.  I would like to once again thank all of you for your words of encouragement and well wishes.  I would also like to thank IE for all of their support.  Josh at IE was extremely helpful and I really appreciate all that they’ve done for me.  Both Brians have reached out to me at different points and offered guidance.  Now if I could just talk one of them into taking the lab for me.  🙂  I would also like to say how much respect and admiration I have for anyone with digits after their names.  Until you actually sit the lab it’s hard to understand how mentally and psychologically difficult the test is.  Hopefully I’ll be joining their ranks in January.

September 6, 2008

Lab Tip: Get List Of All Configured VLANs

Filed under: Cisco,Cisco Certification,IOS,Lab Tips,Switching — cciepursuit @ 4:59 pm
Tags: , , ,

You have your VTP domain set up and all of your VLANs are built and propagated.  Then you run across a task like this:

“Configure sw4 as the spanning-tree root for all configured VLANs.”

Here’s a quick and dirty way to do this if your switch is running in VTP client or server mode (if you’re in transparent mode then you just need to do steps 2 and 3):

1) Set your VTP mode to “transparent”

sw4(config)#vtp mode trans
Setting device to VTP TRANSPARENT mode.

2) Issue “do show run | i vlan”

sw4(config)#do sh run | i vlan
vlan internal allocation policy ascending
vlan 7-8,28,34,46,53,58,100 <-this is what you’re looking for
 switchport access vlan 34

3) Configure your switch as the STP root for that list of VLANs (cut and paste) – ask the proctor if you should include VLAN 1:

sw4(config)#span vlan 1,7-8,28,34,46,53,58,100 root prim

4) Return your switch to the correct VTP mode:

sw4(config)#vtp mode server
Setting device to VTP SERVER mode

Voila!

sw4(config)#do sh run | i priority
spanning-tree vlan 1,7-8,28,34,46,53,58,100 priority 24576

sw4(config)#do sh span | i VLAN|root|Address
VLAN0001
             Address     000a.8a1c.c400
             This bridge is the root
             Address     000a.8a1c.c400
VLAN0007
             Address     000a.8a1c.c400
             This bridge is the root
             Address     000a.8a1c.c400
VLAN0008
             Address     000a.8a1c.c400
             This bridge is the root
             Address     000a.8a1c.c400
VLAN0028
             Address     000a.8a1c.c400
             This bridge is the root
             Address     000a.8a1c.c400

<—output truncated—>

sw4(config)#do sh span root

                                        Root    Hello Max Fwd
Vlan                   Root ID          Cost    Time  Age Dly  Root Port
—————- ——————– ——— —– — —  ————
VLAN0001         24577 000a.8a1c.c400         0    2   20  15
VLAN0007         24583 000a.8a1c.c400         0    2   20  15
VLAN0008         24584 000a.8a1c.c400         0    2   20  15
VLAN0028         24604 000a.8a1c.c400         0    2   20  15
VLAN0034         24610 000a.8a1c.c400         0    2   20  15
VLAN0046         24622 000a.8a1c.c400         0    2   20  15
VLAN0053         24629 000a.8a1c.c400         0    2   20  15
VLAN0058         24634 000a.8a1c.c400         0    2   20  15
VLAN0100         24676 000a.8a1c.c400         0    2   20  15

August 26, 2008

Lab Tip: Clear Your EIGRP Process

I spent a good chunk of my weekend going over EIGRP metric manipulation and how it affects EIGRP unequal-cost load-balancing.  More than a few times I ran into weird output like routes dropping, metric values not changing, and even this doozy:

r1#sh ip ei top 164.1.26.0 255.255.255.0
IP-EIGRP (AS 100): Topology entry for 164.1.26.0/24
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2693120
  Routing Descriptor Blocks:
  164.1.13.3 (Serial0/1), from 164.1.13.3, Send flag is 0x0
      Composite metric is (3026432/2514432), Route is Internal
      Vector metric:
        Minimum bandwidth is 1280 Kbit
        Total delay is 40100 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 2
  164.1.12.2 (Serial0/0), from 164.1.12.2, Send flag is 0x0
      Composite metric is (10514432/28160), Route is Internal
      Vector metric:
        Minimum bandwidth is 256 Kbit
        Total delay is 20100 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 1

The AD of the successor is not equal to the FD????

By clearing the EIGRP process, these discrepancies go away.  You can do this the soft way:

r1#clear ip eigrp 100 neighbors soft
*Mar  2 05:22:13.522: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 164.1.12.2 (Serial0/0) is resync: manually cleared

Or the rough way:

r1#clear ip eigrp 100 neighbors
*Mar  2 05:22:48.708: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 164.1.12.2 (Serial0/0) is down: manually cleared
*Mar  2 05:22:49.782: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 164.1.12.2 (Serial0/0) is up: new adjacency

I like it rough.  🙂

In the case of EIGRP it really doesn’t matter as the protocol reconverges so quickly.

August 20, 2008

Lab Tip: Finding Default WRED Values

Here’s a quick and dirty method to find default WRED values so that if a task asks you to reference the defaults (i.e. “Make the maximum threshold twice the default”) you will be able to quickly find the default values without searching the Cisco documentation.

First turn WRED on for an interface:

r1(config)#int fa0/1
r1(config-if)#random-detect

Now you can issue the “show queueing interface f0/1” command:

r1#show queueing interface f0/1
Interface FastEthernet0/1 queueing strategy: random early detection (WRED)
    Random-detect not active on the dialer
    Exp-weight-constant: 9 (1/512)
    Mean queue depth: 0

  class          Random drop      Tail drop    Minimum Maximum  Mark
                  pkts/bytes       pkts/bytes    thresh  thresh  prob
      0      0/0              0/0           20      40  1/10
      1      0/0              0/0           22      40  1/10
      2      0/0              0/0           24      40  1/10
      3      0/0              0/0           26      40  1/10
      4      0/0              0/0           28      40  1/10
      5      0/0              0/0           31      40  1/10
      6      0/0              0/0           33      40  1/10
      7      0/0              0/0           35      40  1/10
   rsvp      0/0              0/0           37      40  1/10

This shows the default WRED settings for each IP precedence class.  The default values for IP precedence 3 are:

r1(config-if)#random-detect precedence 3 26 40 10

Where 3 = IP Precedence; 26 = Minimum Threshold; 40 = maximum threshold; and 10 = mark probability denominator

This is good to know because you may be asked to change one of these variables.  To change one of these variables you still need to enter in values for the other variables so you need to know the default values if you are not tasked with changing them.  You could look up the defaults in the DOC, but this is faster.

What if you want the DSCP defaults instead?  One more line will yield those for you:

r1(config)#int fa0/1
r1(config-if)#random-detect dscp-based

r1(config-if)#do sh queueing int f0/1
Interface FastEthernet0/1 queueing strategy: random early detection (WRED)
    Random-detect not active on the dialer
    Exp-weight-constant: 9 (1/512)
    Mean queue depth: 0

   dscp          Random drop      Tail drop    Minimum Maximum  Mark
                  pkts/bytes       pkts/bytes    thresh  thresh  prob
   af11      0/0              0/0           33      40  1/10
   af12      0/0              0/0           28      40  1/10
   af13      0/0              0/0           24      40  1/10
   af21      0/0              0/0           33      40  1/10
   af22      0/0              0/0           28      40  1/10
   af23      0/0              0/0           24      40  1/10
   af31      0/0              0/0           33      40  1/10
   af32      0/0              0/0           28      40  1/10
   af33      0/0              0/0           24      40  1/10
   af41      0/0              0/0           33      40  1/10
   af42      0/0              0/0           28      40  1/10
   af43      0/0              0/0           24      40  1/10
    cs1      0/0              0/0           22      40  1/10
    cs2      0/0              0/0           24      40  1/10
    cs3      0/0              0/0           26      40  1/10
    cs4      0/0              0/0           28      40  1/10
    cs5      0/0              0/0           31      40  1/10
    cs6      0/0              0/0           33      40  1/10
    cs7      0/0              0/0           35      40  1/10
     ef      0/0              0/0           37      40  1/10
   rsvp      0/0              0/0           37      40  1/10
default       0/0              0/0           20      40  1/10

Remember to remove WRED (or DSCP) if you’re not using it on that interface:

r1(config)#int fa0/1
r1(config-if)#no random-detect

r1(config-if)#do sh queueing int f0/1
Interface FastEthernet0/1 queueing strategy: none

If you’re given an IP Precedence name like “flash-override” instead of the IP Precedence value (4 in this case) then use this tip:

Lab Tip: Remembering IP Precedence Values

August 19, 2008

Lab Tip: Entering Large Numbers

Filed under: Cisco,Cisco Certification,IOS,Lab Tips — cciepursuit @ 4:39 pm
Tags: , , , ,

In the lab (and in real life) you may need to enter values in bits per seconds.  This is especially prevalent in QoS tasks.  You want to be careful that you don’t configure everything correctly but lose points because you added or subtracted a zero from the value. 

In this example we are asked to police to 2.5Mbps.

r5(config-pmap-c)#police ?
  <8000-2000000000>  Bits per second
  cir                Committed information rate
  rate               Specify police rate

Converting 2.5Mbps to bps is easy.  If you’re extremely paranoid, you could open up the Windows calculator and multiply 2.5 by 1,000,000.  Either way you come up with 2,500,000 bits per second.

When entering this value into IOS I put spaces or commas to break up the string of digits.  That way it’s harder for me to add or miss a zero:

r5(config-pmap-c)#police 2 500 000

Or:

r5(config-pmap-c)#police 2,500,000

Then remove the spaces or commas.  That way you’re less likely to change your bits per second value by power of ten.

r5(config-pmap-c)#police 2500000

August 17, 2008

Lab Tip: IPv6 EUI-64 Unexpected (For Me) Behavior

I ran across an unexpected behavior with IPv6 EUI-64 addressing today.  I had configured an interface with EUI-64 addressing.  Knowing that I would need to run OSPFv3 over this Frame Relay interface, I followed my normal procedure of creating a simplified link-local address.  To my surprise, this link-local address changed my EUI-64 address:

interface Serial0/0
 ipv6 address 2001:CC1E:1:1515::/64 eui-64
 ipv6 address FE80::1 link-local

r1(config-if)#do sh ipv int br | sec l0/0
Serial0/0                  [up/up]
    FE80::1
    2001:CC1E:1:1515::1

For some reason the EUI-64 part of the IPv6 address was replaced with the host address of the link-local address.

Let’s recreate the scenario by stripping off the IPv6 addressing:

r1(config-if)#int s0/0
r1(config-if)#no ipv6 address 2001:CC1E:1:1515::/64 eui-64
r1(config-if)#no ipv6 address FE80::1 link-local

r1(config-if)#do sh run int s0/0 | i l0/0|ipv
interface Serial0/0

r1(config-if)#do sh ipv int br | sec l0/0
Serial0/0                  [up/up]
    unassigned

Now configure the EUI-64 address:

r1(config-if)#int s0/0
r1(config-if)#ipv6 address 2001:CC1E:1:1515::/64 eui-64

r1(config-if)#do sh ipv int br | sec l0/0
Serial0/0                  [up/up]
    FE80::211:93FF:FEB0:7640
    2001:CC1E:1:1515:211:93FF:FEB0:7640

Now create add a link-local address:

r1(config-if)#int s0/0
r1(config-if)#ipv add FE80::1 link-local

r1(config-if)#do sh ipv int br | sec l0/0
Serial0/0                  [up/up]
    FE80::1
    2001:CC1E:1:1515::1

It’s good to know about this behavior in case you get a task that asks you to use an EUI-64 address.  Depending on the grading method, you could lose points for this.

July 26, 2008

Touch Every Word

Filed under: Cisco,Cisco Certification,Lab Tips — cciepursuit @ 9:49 am
Tags: , , ,

Words to live by:

Most of us do this I think.  A candidate gave me some solid advice (I believe he got it from a class): touch every word.  Physically poke each word with your finger as you read.  It sounds retarded but it forces you to slow down and notice things like they specified the name of the ACL or some other arbitrary crap that would cause you to miss an entire task that you had otherwise done correctly.

I think this technique takes on more importance with tests like the CCIE lab because the people who take it (a little self-fel… ahem, back-patting here) are typically smart enough to skim non-technical things, and in fact get bored if they try to read carefully because most material is too easy.  Works great in meetings when it takes a group 10 minutes to agree that the meeting has started (and you’re already three articles into Slashdot on your crackberry), sucks on a technical lab exam.

June 3, 2008

Configuring VLAN Assignments from the Network Diagram

Filed under: Cisco,Cisco Certification,IOS,Lab Tips,Switching — cciepursuit @ 8:58 am
Tags: , ,

In many of the Internetwork Expert labs you are asked to create VLAN assignments based on the information in the network diagram.  Here is my two step process for accomplishing that task.

1) Issue ‘show ip int br | e ass’ command and look for SVIs and routed ports. 

Rack22SW1#sh ip int br | e ass
Interface              IP-Address      OK? Method Status                Protocol
Vlan7                  155.22.7.7      YES manual down                  down
Vlan67                 155.22.67.7     YES manual down                  down
Vlan79                 155.22.79.7     YES manual down                  down
FastEthernet0/13
        155.22.37.7     YES manual up                    up
Loopback0              150.22.7.7      YES manual up                    up

For SVIs, if they are down then add the appropriate VLANs:

Rack22SW1(config)#vlan 7,67,79
Rack22SW1(config-vlan)#exit

Wait a bit while STP comes up and then verify that the SVIs come up (you should be using this time to start on step 2):

00:37:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan7, changed state to up
00:37:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan67, changed stateto up
00:37:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan79, changed stateto up

Rack22SW1(config-if)#do sh ip int br | e ass
Interface              IP-Address      OK? Method Status                Protocol
Vlan7                  155.22.7.7      YES manual up                    up
Vlan67                 155.22.67.7     YES manual up                    up
Vlan79
                 155.22.79.7     YES manual up                    up
FastEthernet0/13        155.22.37.7     YES manual up                    up
Loopback0              150.22.7.7      YES manual up                    up

For the routed ports, find out what port the other side of the link terminates on (‘show cdp neighbor’ or check physical wiring diagram).  If it is a router or another routed switchport, then just verify the IP address and make sure that the port is up.  IF it is a layer 2 switchport, then you will need to add the VLAN to that switchport.  For instance, if sw1 fa0/13 is a routed switchport in VLAN 123:

Rack22SW1(config)#do sh run int fa0/13
Building configuration…

Current configuration : 88 bytes
!
interface FastEthernet0/13
 no switchport
 ip address 155.22.123.7 255.255.255.0

end

Rack22SW1(config)#do sh cdp neigh fa0/13
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
                  S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
Rack22SW2           Fas 0/13              161            S I      WS-C3560-2Fas0/13

Rack22SW2(config)#int fa0/13
Rack22SW2(config-if)#switch access vlan 123
% Access VLAN does not exist. Creating vlan 123

2) Using the physical wiring diagram and/or CDP, find the ports that connect to the routers:

Rack22SW1(config)#do sh cdp neigh | e SW
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
                  S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
Rack22R1            Fas 0/1               169           R S I     2610XM    Fas0/0
Rack22R3            Fas 0/3               170           R S I     2611XM    Fas0/0
Rack22R5            Fas 0/5               169           R S I     2611XM    Fas0/0

Using the network topology find out which VLAN each router port is in and assign the appropriate VLAN to the interface [NOTE: I like to look at the configuration of each switchport before configuring them just in case there is something funky from the initial configuration].  In this case, r1 fa0/0 is in VLAN 146 and r5 fa0/0 is in VLAN 58. sw1 fa0/3 is a routed IP interface so we can leave it alone.]

Rack22SW1(config)#int fa0/1
Rack22SW1(config-if)#sw ac vla 146
% Access VLAN does not exist. Creating vlan 146

Rack22SW1(config-if)#do sh run int fa0/3
Building configuration…

Current configuration : 86 bytes
!
interface FastEthernet0/3
 no switchport
 ip address 155.22.37.7 255.255.255.0

end

Rack22SW1(config-if)#int fa0/5
Rack22SW1(config-if)#sw ac vla 58
% Access VLAN does not exist. Creating vlan 58

Once you are done you should verify your layer 2 configuration by pinging across each VLAN (assuming that all trunking has been built).  If your pings fail, check your layer 2 transit path as well as the other endpoint’s interface (I’ve wasted much labtime troubleshooting my L2 network only to discover that the router port is shutdown).  You can also verify your access VLAN configuration with the following command (assuming all links are FastEthernet):

Rack22SW1#sh vlan br | i Fa
1    default                          active    Fa0/2, Fa0/4, Fa0/6, Fa0/7
                                                Fa0/8, Fa0/9, Fa0/10, Fa0/11
                                                Fa0/12, Fa0/22, Fa0/23, Fa0/24
58   VLAN0058                         active    Fa0/5
146  VLAN0146                         active    Fa0/1

Anyhoo…I hope that this helps.  I’ll return to “full blogging mode” tonight.

« Previous PageNext Page »

Blog at WordPress.com.