Cisco stacking + link aggregation + using Qos policy-map speed limit + DHCP + policy routing + ACL + VSS + port security + IP SLA

Concise configuration:

Croe stacking
------------------------------------------------ --Stack
master:
switch 1 renumber 1 (This step can be omitted, because this is the first switch, the default is 1)
switch 1 priority 1 (the highest priority, is the master)
copy run startup-config
reload slot 1
stack backup:
switch 1 renumber 2
switch 1priority 15
copy run startup-config
reload slot 2
connect the stacking cable
--------------------------------- --------------------
Port aggregation
interface Port-channel 2
description ***DSA-Trunk***
switchport mode trunk
division interface:
interfaceGigabitEthernet1/0/2
channel- group 2 mode active
interface GigabitEthernet2/0/2
channel-group 2 mode active
----------------------------------------------- ----------
policy-map for speed limiting

mls qos                                #启用qos
ip access-list extended 110            #定义要匹配的acl流量
　　　permit ip host 192.100.49  any 
　　　permit ip any host 192.100.49
class-map match-all test110            #定义类test110  
　　　match access-group 110            #绑定acl流量
policy-map RATE-LIMIT                  #定义策略RATE-LIMIT
          class test110                #绑定类
          police 40000000 5000 conform-action transmit  exceed-action drop 
          #限速4M超出流量直接drop
interface GigabitEthernet0/1 
         service-policy input RATE-LIMIT    #接口关联策略RATE-LIMIT
         service-policy output RATE-LIMIT
sh policy-map interface g0/1                #检查生效


注：
每个接口每个方向只支持一个策略;一个策略可以用于多个接口。
策略实例：
Switch(config)# policy-map test 
Switch(config-pmap)# class user-up-down
Switch(config-pmap-c)# trust dscp
Switch(config-pmap-c)# police 2048000 1024000 exceed-action drop  //流量速率为2M

-------------------------------------------------- ---------
DHCP service
service dhcp
no ip dhcp conflictlogging //Turn off dhcp logging
ip dhcp pool dsa
   network 10.188.36.0 255.255.255.0
   dns-server 192.168.11.150 192.168.11.158
   default-router 10.188.36.1
   lease 3 //Address lease period: 3 days
ip dhcp excluded-address 10.188.36.1 10.188.36.20 //Configure addresses not allocated by dhcp
interface VLAN 36
   ip address 10.188.36.1 255.255.255.0
   arp gratuitous-send interval 1
   ip helper-address 10.188 .36.1
------------------------------------------------ ------------
Policy routing
ip access-list extended 199 //Define traffic
   1 deny ip 10.188.20.0 0.0.3.255 any
   2 deny ip 10.188.16.0 0.0.15.255 192.168.0.0 0.0.255.255
   10 permit ip 10.188.16.0 0.0.15.255 any
   11 permit ip 10.18 8.32.0 0.0.1.255 any
route-map HHD- INTERNET permit 10 //Define route
   match ip address 199
   set ip next-hop recursive 10.134.8.1
interface VLAN 757 //Application interface
   ip address 10.134.8.154 255.255.255.0
   arp gratuitous-send interval 1
   ip policy route-map HHD- INTERNET
-------------------------------------------------- ----------------
ACL access control
alc definition: ip access-list extended 104
binding interface: ip access-group 104 out

------------------------------------------------------------------

VSS configuration

// Configure the vss domain on Cisco 1. Both devices must be in the same domain
Cisco-1(confgi)#switch virtual domain 100 //Configure the Virtual Switch Domain on Cisco-1
Cisco-1(config-vs- domain)#switch 1 //Configure the Virtual Switch number of Cisco-1 to 1

//Configure the VSL Port Channel and Ports
Cisco-1(config)#interface port-channel 10 //Configure the Port Channel on Cisco-1 to 10
Cisco -1(config-if)# switch virtual link 1 //Configure Cisco-1 port Channel 10 as vsl link
Cisco-1 (config-if)#no shutdown //Activate port Channel

//Configure on Cisco-1 The physical port is added to the Port Channel associated with vsl
Cisco-1(config)#interface range tenGigabitEthernet 1/1-2 //Enter the interface range t1/1-2 of Cisco-1
Cisco-1(config-if) #channel-group 10 mode on //Add these interfaces to channel group 10
Cisco-1(config-if)#no shutdown //Activate the above interfaces

// Configuration done on Cisco 2
Cisco-2(confgi)#switch virtual domain 100 //Configure the Virtual Switch Domain on Cisco-2
Cisco-2(config-vs-domain)#switch 2 //Configure the Virtual Switch number of Cisco-2 to 2

//Configure VSL Port Channel and Ports
Cisco-2(config)#interface port-channel 10 //Configure the Port Channel on Cisco-2 to 10
Cisco-2(config-if)# switch virtual link 2 //Change the Cisco-2 port Channel 10Configure as vsl link
Cisco-2(config-if)#no shutdown //Activate port Channel

//Configure the physical port on Cisco-2 to join the port channel associated with vsl
Cisco-2(config)#interface range tenGigabitEthernet 1/2-3 // Enter the interface range t1/2-3 of Cisco 2
Cisco-2(config-if) #channel-group 10 mode on //Add these interfaces to channel group 10
Cisco-2(config-if)#no shutdown //Activate Above interface

// After configuring the above information, confirm that the PFC modes on the two switches match. If they do not match, VSS will enter RPR mode. You can enter show platform hardware pfc mode to display the current PDC mode.

If only one switch is in PFC3CXL mode, you can use the following command platform hardware vsl pfc mode pfc3c

Cisco-1# show platform hardware pfc mode //Confirm that the PFC operating modes on the two switches match and confirm that VSS is in SSO mode
Cisco-2# show platform hardware pfc mode //Confirm that the PFC operating modes on the two switches match, and confirm that VSS is in SSO mode
Cisco-1# platform hardware vsl pfc mode pfc3c //Set the PFC operating mode of switch 1 to PFC3C. This command is optional Cisco
-2# platform hardware vsl pfc mode pfc3c

//Finally, switch the two devices to virtual mode to form a VSS. Remember to save the configuration and restart VSS before it can take effect.
Cisco-1# switch convert mode virtual
Cisco-2# switch convert mode virtual

Note: a. After entering the switch accept mode virtual command on the switch, the updated configurations on the primary and secondary switches will be automatically saved to their startup configuration files.

b. VSS can only be supported on 4500 and 6500 series switches, and does not require additional stackers and cables; ordinary interfaces can support it.

------------------------------------------------------------------

Port security

配置步骤
注：
1、安全端口不能是Trunk端口。
2、安全端口不能是Switch Port Analyzer (SPAN)的目的端口。
3、安全端口不能是属于EtherChannel的端口。
4、安全端口不能是private-VLAN端口。

配置：
1：指定欲配置端口安全的接口。
    Switch(config)# interface interface_id
2：将接口设置为访问模式。
    Switch(config-if)# switchport mode access
3：在接口启用端口安全。
    Switch(config-if)# switchport port-security
3.1：（可选）设置安全MAC地址的数量，以限制端口所连接的计算机数量。范围为1～3072，默认值是1。
    Switch(config-if)# switchport port-security maximum value
3.2：（可选）设置违例发生后的处理模式。restrict模式丢弃数据包。shutdown模式的端口将被error-disable，除非使用no shutdown命令手工激活，否则该端口失效。
    Switch(config-if)# switchport port-security violation {restrict | shutdown}
3.3：设置坏包速率限制。
    Switch(config-if)# switchport port-security limit rate invalid-source-mac
3.4：（可选）指定安全MAC地址。如指定MAC地址数量<安全地址的最大数量，动态学习的MAC地址将被保留。
    Switch(config-if)# switchport port-security mac-address mac_address
4：在端口启动sticky learning。
    Switch(config-if)# switchport port-security mac-address sticky
5：查看校验配置。
    Switch# show port-security address interface interface_id
    Switch# show port-security address

【注意】 no switchport port-security mac-address mac_address 可从地址表中删除MAC地址。

——————————————————————

Using policy-map for rate limiting

To perform QOS on a Cisco IOS system, there are generally five steps:
1. Enable global qos: #mls qos View qos status: show mls qo
2. Set ACL matching traffic: #ip access-list extended acl XXX
3. Set A class-map to match the ACL set in the second step: the format is switch (config)#class-map [match-all|match-any] {map-name} 4. Set a policy-map to match the class-map
. Then define a series of policies here: #policy-map map XXX
5. Apply policy-map to the corresponding interface: #service-policy input map XXX

Speed limiting is mainly some necessary measures taken to ensure the bandwidth requirements of specific services when bandwidth is insufficient. The following mainly uses policy-map to implement speed limiting as an example.

1. Generate an ACL list of flow control IPs (mainly matching data flows that require speed limit management)

access-list 110 permit ip host 192.100.49 any
access-list 110 permit ip any host 192.100.49

2. Define class-map

class-map match-all test110 (name, designed to be easily identifiable) You can also use the match-any option
to match access-group 110

Match-all——当设定多个match条件时，满足所有条件的数据才是匹配的。

Match-any——当设定多个match条件时，满足一个条件即可。

match-criteria——设定特定的匹配条件.

3. Define policy-map

policy-map RATE-LIMIT (can be designed as other business names to facilitate identification such as MAIL OA, etc.)
  class test110 (match class-map)
  police 40000000 5000 conform-action transmit exceed-action drop
    //The rate is limited to 4M, if the traffic exceeds the rate, it will be dropped directly.
   There are many speed limit options in this mode, choose according to your needs

4. Only when the interface calls the policy can the policy be applied, otherwise it will be invalid.

interface GigabitEthernet0/1 //Of course, in some cases,
service-policy input RATE-LIMIT
service-policy output RATE-LIMIT can be associated with Layer 3 SVI.

5. Check whether policy-map is effective

R1#sh policy-map interface g0/1

-------------------------------------------------------------------------------------------------------------------------------

Example:

Stack interconnection functions :

Using special stacking interconnect cables and stacking software, Cisco StackWise technology can connect up to nine separate Cisco Catalyst 3750 switches into a unified logical unit. A stack is equivalent to a single switching unit, managed by a master switch selected from the member switches. The master switch automatically creates and updates all switching information and optional routing tables. A working stack can add new members or remove old members without interrupting service.

Adding and removing switches from a stack online

Users can add or remove switches from a working stack without affecting stack performance. After a new switch is added, the master switch automatically sets up the unit with the Cisco IOS Software image and stacking configuration currently in use. The stack will collect various information, including switching tables, and update the MAC address after obtaining a new address. Network administrators can use the switch directly without any configuration on the switch. Likewise, users can remove switches from a working stack without affecting the remaining switches. When the stack discovers that a series of ports are no longer available, it updates the relevant information without affecting forwarding or routing.

Physical daisy chain connection

The switches are physically daisy-chained together. An outage in any one cable will cause the stack's bandwidth to be reduced to half its total capacity. The sub-second timing mechanism can detect traffic failures and perform failover in a timely manner. This mechanism enables dual-path transmission to be restored when the timing mechanism detects interaction on the cable.

Six 3750 configuration wizard:

According to the needs of your bank, six Cisco 3750 switches need to be stacked and configured. Although the configuration of the switch stack is quite simple, every step from configuration to wiring requires good logic, otherwise it will cause some inconveniences. Necessary trouble, although it will not affect the network, will cause certain troubles for subsequent debugging and management.

Here, we will describe in detail the configuration of your 3750 switch and the connection steps of stacking cables:

We name the six switches from top to bottom according to the example in Figure 1 above:

C3750-1

C3750-2

C3750-3

C3750-4

C3750-5

C3750-6

Stack configuration command:

Step 1: First configure C3750-1:

In global mode (ie config mode):

C3750-1#configure terminal

C3750-1 (config) #switch 1 renumber 1 (This command is to change the member number of the switch! The 1 marked by ××× here represents the stack member number of the current switch, which is the default stack member number of the switch. We will Change the member numbers of the six switches in sequence as needed. The configuration here means changing the member number of C3750-1 to 1, which is the red mark 1 at the back)

C3750-1(config)#switch 1 priority 8 (This command is to change the priority of the switch. In stacking technology, the higher the priority number of the switch, the more likely it is to be elected as the stack master switch. The default priority number of the switch It is 1! The 1 marked by ××× here represents the member number of the switch. The 8 marked in red indicates that the priority number of the switch is 8. Because we only use 6 switches for stacking, the switch C3750-1 at this time The priority is 8, which guarantees that it will become the master stack switch.)

C3750-1（config）#end

C3750-1#reload slot 1 (Since the switch cannot change its default configuration immediately after configuring the corresponding parameters of the switch stacking technology in global mode, you need to use "reload slot stack-member" after exiting the global configuration mode. -number" command to restart the stack port of the switch. This command is to restart the stack port of the switch C3750-1. The red mark 1 represents the stack member number of the switch.)

C3750-1#wr (save configuration)

Step 2: Configure switch C3750-2:

C3750-2#configure terminal

C3750-2(config)#switch 1 renumber 2 (Here, we change the stack member number of switch C3750-2 to the red marked 2)

C3750-2 (config) #switch 2 priority 7 (Here, we change the stacking priority number of switch C3750-2 to the red marked 7. Since we previously set the priority number of switch C3750-1 to 8, so In the subsequent switch configuration, we will successively reduce the priority number of the switches to ensure that switch C3750-1 becomes the master switch of the stack group.)

C3750-2（config）#end

C3750-2#reload slot 2

C3750-2#wr

Step 3: Connect the stacking cables at this time. After configuring the switches C3750-1 and C3750-2, we can connect the stacking cables. We agree here to connect the two stacking ports on the back of the switch to the left. is port 1, and the port on the right is port 2. Then, at this time, we will connect port 1 of C3750-1 and port 2 of C3750-2 with a stacking cable. Since we have configured the members of the two switches before, number and priority number, so at this time, the two switches will automatically elect switch C3750-1 as the master switch.

Step 4: Configure switch C3750-3

C3750-3#configure termina

C3750-3（config）#switch 1 renumber 3

C3750-3（config）#switch 3 priority 6

C3750-3（config）#end

C3750-3#reload slot 3

C3750-3#wr

Step 5: Connect stack port 1 of switch C3750-2 to stack port 2 of switch C3750-3 with a stack cable.

Step 6 : Configure switch C3750-4

C3750-4#configure termina

C3750-4（config）#switch 1 renumber 4

C3750-4（config）#switch 4 priority 5

C3750-4（config）#end

C3750-4#reload slot 4

C3750-4#wr

Step 7: Connect stack port 1 of switch C3750-3 to stack port 2 of switch C3750-4 with a stack cable.

Step 8: Configure switch C3750-5

C3750-5#configure termina

C3750-5（config）#switch 1 renumber 5

C3750-5（config）#switch 5 priority 4

C3750-5（config）#end

C3750-5#reload slot 5

C3750-5#wr

Step 9: Connect stack port 1 of switch C3750-4 to stack port 2 of switch C3750-5 with a stack cable.

Step 10: Configure switch C3750-6.

C3750-6#configure termina

C3750-6（config）#switch 1 renumber 6

C3750-6（config）#switch 6 priority 3

C3750-6（config）#end

C3750-6#reload slot 6

C3750-6#wr

Step 11: Connect stack port 1 of switch C3750-5 to stack port 2 of switch C3750-6 with a stack cable.

Step 12: Connect stack port 1 of switch C3750-6 to stack port 2 of switch C3750-1 with a stack cable.

Precautions:

The above configuration steps are summarized in many work experiments. Although they are a bit cumbersome, they can save a lot of unnecessary trouble for future maintenance and management. At the same time, when additional equipment is needed, it is configured first and then connected with cables. Similarly, when a device needs to be withdrawn, the device member number and existing connection status will not be affected.

When we need to replace the MASTER switch in the existing stack connection, that is, the master switch. In our configuration, switch C3750-1 will become the new master switch according to our existing configuration. This is convenient. In our maintenance and management, what needs to be noted here is that if you need to add C3750-1 back to the stacking group and want C3750-1 to continue to play the role of the master switch, because in Cisco stacking technology, the role of the master switch It is non-preemptive, that is to say, when we reconnect C3750-1 to the stack switch group, although its priority is higher than C3750-2, it will not automatically become the master switch. We need to connect C3750-1 to the stack switch group. After entering the stacking group, wait until the C3750-1 system shows a stable status, then restart the C3750-2 switch. At this time, because the MASTER in the group disappears, the stacking group will re-elect the master switch. At this time, due to the priority number of C3750-1 At the highest level, it will once again assume the role of master switch.

Here's how to set up three 2960 switches to become a stack:

Generally, after the switch stack is completed, each slave switch will be automatically randomly numbered. However, for the convenience of management and to prevent it from being unclear which one is which after stacking, it is best to manually number each slave switch in advance. The default numbers of the slave switches are all the same. is 1. Generally, the switches are renumbered from small to large according to their position. Of course, the numbering can be arbitrary. For the convenience of management and maintenance, it is recommended to number them in sequence. The relevant commands are as follows:
View the switch member number (privileged mode):
Switch#show switch
Renumber member switches (global configuration mode):
Switch(config)#switch <old-member-number> renumber <new-member-number>
Here we use the Console line to connect to the member switches in sequence, and number the three switches 1, 2, and 3 from top to bottom. The configuration is as shown in the figure below (it has been stacked before, so the numbers are originally 1, 2, 3. This is just for demonstration). If you don’t know the original member number of the switch, you can first use the show switch command in privileged mode to check it.
6

Note: The member numbers of different switches cannot be the same, and member numbers that are already occupied cannot be assigned.

Note: The member number will not take effect until the member switch is restarted (relevant configurations must be saved before restarting).

Note: For convenience, you can omit the step of configuring member numbers and let the switches assign themselves when stacking.
7

4. Priority configuration

The higher the priority number of the switch, the more likely it is to be elected as the stack master switch. The default priority number of the switch is 1. In order to ensure that the prepared master switch becomes the Master, you need to manually adjust the stack device member priorities. We can prepare A good master switch is configured with a higher priority, and other member switches are configured with decreasing priorities in sequence. This ensures that the ready master switch becomes the master.

Set stack switch member priority (global configuration mode):

Switch(config)#switch <stack-member-number> priority <value>

Here I configure the member priorities of the switch from top to bottom as 12, 8, and 6. The configuration is as shown in the figure below.
8

Note: Priority configuration will not affect the current stack and will only take effect when the Master needs to be re-elected next time.

Note: For convenience, you can directly set the priority of the main switch to the maximum. If you consider possible changes, you can choose an intermediate priority value. Other switches do not need to reconfigure the priority.
9

5. Save configuration

After preconfiguring all three switches, remember to save the corresponding configurations, otherwise they will be lost after restarting. To save the configuration you can use the following command in privileged mode:

Switch#write或copy running-config startup-config
10

6. Stacking

First, power off the members to be slave switches (the two at the bottom), keep the master switch (the first one at the top) powered on, and then plug in the stacking cables between the switches. After the stacking cables are all plugged in, power on the two slave switches again, as shown in the following figure:
11

In this way, there is no doubt that the first switch on the top that has been powered on in advance is originally the Master (an independent switch itself is a Master). Now after adding two unpowered stack members, it will continue to retain the Master identity (please refer to Stack Master Election) principle), and the two switches that have just been powered on will automatically become slave switches after they are started. As shown in the figure below, the two slave switches are starting up.
12

After startup (the startup is slow and takes about 5 minutes), you can see from the indicator lights that only the Master indicator light of the upper switch is on, as shown in the figure below, then the stacking was successfully completed as we expected. The first switch The switch was successfully elected as the master switch (Master), and the two lower switches have become slave switches (Member).
13

Note: Theoretically, as long as the stack is added after a power outage, it will not become the Master. That is to say, the first switch is always powered on. Therefore, after adding two unpowered switches, there is no doubt that the first switch will continue to maintain its status. Master status, so we didn’t need to configure the priority before? This is not the case. Although configuring the priority is useless now, if a fault occurs in the future and the entire stack is powered off or restarted, and the Master needs to be re-elected, the Master will select the prepared master switch based on the priority. This can Ensure that stack member roles will not change due to unexpected power outages.
14

7. Stack configuration verification

Connect the Console port of any switch in the stacking group through a notebook (the configuration of each switch after stacking is the same as that of the main switch), enter the command line interface, and use show switch detail to see the current stacking situation, as follows As shown in the figure, No. 1 is the Master, No. 2 and No. 3 are both Members. The status of the three switches is ready, which means that they have successfully joined the stack group. You can see below that the status of the stack ports of the three switches is also normal. Basically, the stack It worked.
15

Then use the show run command to check the configuration. From the three pieces of information in the figure below, you can see that the stack configuration information of three switches has been established in the configuration file.
16

Then from the port configuration information in the figure below, you can see that the port numbers of the three switches are named g1/0/1--g1/0/48, g2/0/1--g2/0/48, g3/0/ 1--g3/0/48 , the number in front is the member number of the corresponding switch. When configuring the specified port number of a switch, you must configure it according to the port number selection here. In addition, it can be found that the port configuration of the master switch (1) is retained, and the port information of the other two slave switches has been cleared.

Step 3. Access to the stacking group

1

The access method of stacked switches is the same as that of ordinary switches. The specific access method will not be explained in detail. However, its multiple members can be managed as a logical whole. You only need to configure a management IP to access the entire stack. There are three main access methods:

1). Enter the command line interface for operation and management by connecting to the Console port of any switch in the stack group.

2). Manage through remote login via Telnet.

3) Access via Web page.

Step 4. Stack maintenance

1

1. View summary information of stack switch members

After the stack is completed, you can log in to any switch and use the following command to conveniently view the stack status information of each stack member. As shown in the figure below, one represents the member number (Switch) and member role (Role). Master represents the master switch and Member represents the member switch. ), Mac address, member priority (Priority), stack version (Version), current status of stack members (Ready means added to the stack, Removed means removed, if the member version does not match, it will also be prompted here). The command is as follows:

Switch#show swtich (privileged mode)
2

2. View stack port status information

When checking the stack port status, use the following command to see whether the stack port status on the stack module of each switch is normal. As shown in the figure below, Port1 and Port2 correspond to Stack1 and Stack2 on the stack module respectively. OK means the stack line If the stacking cable is connected normally and the stacking module is working normally, if the stacking cable is removed or the stacking module is abnormal, the port status should be displayed as Not OK (I forgot what is displayed specifically). The command is as follows:

Switch#show swtich stack-ports (privileged mode)
3

3. View stack cable transmission rate information

If you want to check the line transmission rate between stack switches, you can use the following command. You can also see the stack line configuration and the stack line protocol used. As shown in the figure below, the stack line rate is 10G and the line configuration is FULL. That is, the cable connection adopts a redundant method, and the line protocol is the FlexStack protocol, which is a stacking protocol dedicated to the 2960S series switches. The command is as follows: Switch#show switch stack-ring speed (privileged mode)
4

4. View switch member details

You can also use the following command to view more detailed information, including stack status information of each member and stack port status information, as shown in the following figure.

Switch#show switch detail (privileged mode)
5

5. View stack management and debugging information

If you want to view more detailed stacking information and related debugging information, you can use the following command, as shown in the figure below (not all). There is a lot of information in it. If you are interested, you can study it yourself.

Switch#show platform stack manager all
6

6. Restart the stack

If you are not satisfied with the existing stack member role assignments and want to re-elect the Master based on the parameters you set, you can directly use the restart command, so that all stack group members will restart and elect a new Master (refer to Part 1 for the principles of electing a Master) Introduction), after the election, other switches automatically become Members. The restart command is the restart command of an ordinary switch, as follows:

Switch#reload (in privileged mode)

Note: Using the restart command in a stacking group will cause all stacking group members to restart. Please use it with caution unless there are special requirements.
7

7. Restart the member switch

If you configure new stacking parameters such as changing the member number and priority of the slave switch in the stacking group (it will not take effect until it is restarted), or you want to re-elect the master, you can use the following command to specify a specific switch in the stacking group to restart. Member switch or Master, compared to the previous method, this is obviously more reliable.

Switch#reload slot <stack-member-number>

Note: If you use reload slot Part of the introduction to Master election principles).

Note: If the master switch is restarted using reload slot
8

8. Add a new stack member switch

1) Adding an unpowered switch to the stack will not affect other switches in the existing stack (it will not cause business interruption). That is, first plug in the stacking cable, connect the new member to the existing stack switch, and then power on. The new switch will automatically become a member switch of the stack group after it is powered on, and the role of the original stack member will not change (personal test) .

2) Adding a powered switch to the stack will cause the switch to re-elect the Master (for the principle of electing the Master, please refer to the introduction in Part 1). The re-elected master switch will use its original configuration to assume the role of the master switch, and all other switches will It will automatically restart (which will cause service interruption) and become a member switch after restarting. That is, if you power on the new member first and then connect it to the existing stack switch using stacking cables, the role of the original stack member will change (personal test).

Note: Therefore, it is generally recommended that when adding new members, they should be added in the unpowered state, that is, first plug in the stacking cable and then power on to prevent business interruption.
9

9. Remove the member switches in the stack

1) If you want to remove a member switch in an existing stacking group, you can directly unplug the stacking cable or directly cut off the power (both methods have been tested and have basically no effect), but it is generally recommended to cut off the power first and then unplug. Prevent stacking cables from affecting the existing stack (official recommendation) before removing the switch. Removing the slave switch will not affect the normal operation of other members of the stack group, nor will it cause changes in the roles of stack members.

2) If you want to remove the master switch in an existing stacking group, power off first and then remove the stacking line. After the master switch is removed, other switches will automatically elect a new Master and then use its saved configuration file. run. After testing, it was found that in this case, after the master switch is removed, the other slave switches will elect a new master, but the other slave switches will not automatically restart. In theory, they should restart. The specific reason is still under study.
10

10. Delete stack member configuration

After you remove a member switch in the stacking group, you will find that its stacking configuration information is still saved in the stacking group. If necessary, you can use the following command in global configuration mode to delete the stacking configuration information of the corresponding member. If not Deletion will not affect normal work, but the configuration information content will be more.

Switch(config)#no switch <stack-member-number> provision

END

Other things to note

1

1. Summarize the simple stacking process of C2960S switch

1) Prepare the switches, stacking modules, stacking cables and power cords to be stacked.

2) Power on the prepared master switch, perform pre-configuration (basic configuration, priority is high enough, the best member number is 1, others are optional) and save it. The slave switch (member switch) does not need to be powered on. Power on and configure.

3) Connect the stacking cables (cross-connection), keep the master switch powered on, and power on the unpowered switches in sequence. The powered-on switches will continue to maintain the role of master switch (Master).

4). Wait for the remaining switches to be powered on, and they will automatically become member switches (Member). The stacking is basically completed. You can check the master-slave roles through the indicator lights. If the Master light is on, it is the Master. If the Master light is not on, it is the slave switch. .

5). Finally, check the stacking status through configuration.
2

2. Key commands

Renumber member switches (global configuration mode):

Switch(config)#switch <old-member-number> renumber <new-member-number>

Set stack switch member priority (global configuration mode):

Switch(config)#switch <stack-member-number> priority <value>

View brief status information of stack members (privileged mode):

Switch#show swtich

View stack port status information (privileged mode):

Switch#show swtich stack-ports

Check the stack cable transmission rate (privileged mode):

Switch#show swtich stack-ring speed

View detailed status information of stack members (privileged mode):

Switch#show swtich detail

Restart the specified stack member switch (privileged mode):

Switch#reload slot <stack-member-number>

Delete the configuration information of a specified stack member (global configuration mode):

Switch(config)#no switch <stack-member-number> provision

Save configuration (privileged mode):

Switch#write或copy running-config startup-config

Clear configuration (privileged mode):

Switch#erase startup-config

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

General troubleshooting:

1.sh interfaces gigabitEthernet 1/0/1 controller //Interface abnormal frame, check the port status, configuration information, controller status information, etc.

IP SLA implements multiple ping detection methods

need:

By default, the internal network traffic goes through the 10.xx1 router, and the external network traffic goes through the 10.xx2 router;
if the .1 line is Down, the internal network traffic will be switched to the .2 line;
if the .2 line is Down, the external network traffic will be switched to the .1 line. line.

Examples and explanations:

ip sla 80
  icmp-echoA.A.A.A
  frequency Z
track 180 ip sla 180 reachability
  delay down X up Y

Notice:

    Z代表的是每隔多长时间IP SLA探测一次;
    如果到目标A.A.A.A的ICMP某次探测超时(超时时间是由timeout设置,此处为5秒),从此时起,到TRACK 180 Down需要经过"5秒+X秒";
    在这期间,如果某次探测成功,则TRACK 180 不会Down;
    如果IP SLA某次探测超时,且在随后的(5+X)秒内的探测都是超时,则在距离第一次探测超时(5+X)秒后,宣布"%TRACK-6-STATE: 180 ip sla 180 reachability Up ->Down";
    如果TRACK 180 Down之后,IP SLA在某次探测不超时,则再经历Y秒后,宣布"%TRACK-6-STATE: 180 ip sla 180 reachability Down-> Up";
    也就是说如果某条运营商线路确实有问题,路由切换前网络中断的时间范围是: (5+X)~(Z+(5+X))秒,即(5+X)~(5+X+Z)秒.
    //运营商线路故障后瞬间,刚好探测(5+X);刚刚探测完,运营商线路故障了,需要多等Z秒才能触发下一次IP SLA的探测,才能进入这个判断
    //运营商线路恢复后,到A.A.A.A的连通性恢复后,需要经过(Y)~(Z+Y)秒切回原线路
    //细节上对于网络中断的时间可能存在一些小问题,追求极致的同学可以自行补充.

Complete command:

ip sla 180
  icmp-echo A.A.A.A
  frequency 20
ip sla schedule 80life forever start-time now
ip sla 181
  icmp-echo B.B.B.B
  frequency 20
ip sla schedule 81life forever start-time now
!
track 180 ip sla 180 reachability
  delay down 70 up 30
track 181 ip sla 181 reachability
  delay down 70 up 30
!
ip route 10.0.0.0 255.0.0.0 10.x.x.1 100 name lan-out track 180
ip route 0.0.0.0 0.0.0.0 10.x.x.2 100 name wan-out track 181
ip route 0.0.0.0 0.0.0.0 10.x.x.1 200
ip route 10.0.0.0255.0.0.0 10.x.x.2 200
ip route A.A.A.A 255.255.255.255 10.x.x.1
ip route B.B.B.B 255.255.255.255 10.x.x.2