Goline Logo

News

  • Route RPKI validation April 1st, 2022
    RPKI is a security framework by which network owners can validate and secure the critical route updates or Border Gateway Protocol (BGP) announcements between public Internet networks. BGP is essentially the central nervous system of the Internet and one of its fundamental building blocks. The main function of BGP is to facilitate efficient routing between Autonomous Systems (AS), by building and maintaining the Internet routing table. The Internet routing table is effectively the navigation system of the Internet and without it, traffic would be unable to flow between its constituent networks. Unfortunately, routing equipment alone cannot distinguish between legitimate and malicious routing announcements,...
  • RIPE – Atlas Anchor February 17th, 2022
    We have become an even more integral part of the RIPE Atlas project by hosting an anchor, a device that allows for latency analysis of traffic between autonomous systems.https://atlas.ripe.net/probes/7073/RIPE Atlas anchors play an integral role in the RIPE Atlas network by acting both as enhanced RIPE Atlas probes with more measurement capacity, as well as regional measurement targets within the greater RIPE Atlas network. Anchors are able to perform many more measurements than a regular RIPE Atlas probe, and the large amount of data they collect is made available to everyone. In addition, anchors act as powerful targets that can...
  • MANRS June 20th, 2020
    GOLINE firmly believes in initiatives to protect networks, improve security and resilience of the global routing system. Therefore we decided to support the MANRS project and join as participants.Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, supported by the Internet Society, that provides crucial fixes to reduce the most common routing threats. MANRS offers specific actions via four programs for Network Operators, Internet Exchange Points, CDN and Cloud Providers, and Equipment Vendors. Requirements for Participation Please read the full MANRS Actions document before applying. You can become a participant if you meet these requirements: You (or your company) support...

Cisco Nexus 3K configuration guide

Paolo Caparrelli Cisco 22 June 2022

 
show policy-map system
show policy-map interface
 
This example shows how to reset the system qos configuration:
 
configure terminal
system qos
service-policy type qos input default-in-policy
service-policy type network-qos default-nq-policy
service-policy type queuing output default-out-policy
service-policy type queuing input default-in-policy
 
Configure Policy jumbo
#NOTA: sull'interfaccia verrà comunque mostrato MTU 1500 anche se in realtà supporterà i jumbo frame
 
policy-map type network-qos jumbo
  class type network-qos class-default
    mtu 9216
system qos
  service-policy type network-qos jumbo
 
Imposta l'indirizzo IP dell'interfaccia vrf di management
interface mgmt0
  vrf member management
  ip address 172.16.1.6/24
 
Configurazione dell'interfaccia di management
vrf context management
  ip domain-name buonvicini.local
  ip domain-list buonvicini.local
  ip name-server 192.168.222.1 192.168.222.25
  ip route 0.0.0.0/0 172.16.1.254
 
Configurazione snmp via vrf interface
snmp-server location Server-Room
snmp-server context def vrf management
snmp-server community buonsnmp group network-operator
 
Configurazione tftp via vrf interface
ip tftp source-interface mgmt0
 
Configurazione ntp client via vrf interface
ntp server ntp.goline.ch use-vrf management
 
Impostazione timezone
clock timezone CET 1 0
clock summer-time CET 1 Sunday March 02:00 1 Sunday November 02:00 60
 
Banner login
banner motd ^ (invece di exec che non esiste)
 
Sicurezza per il login 
ip access-list quiet-sshAccess
10 permit tcp host 192.168.221.5 any eq 22 log
20 permit tcp host 192.168.221.5 any eq telnet log
login on-failure log
login on-success log
login block-for 10 attempts 3 within 60
login quiet-mode access-class quiet-sshAccess
 
Abilita il Virtual Port Channel
feature vpc
 
Utilizza gli SFP non supportati ufficialmente da Cisco
service unsupported-transceiver
 
Configura le porte da 40G mixando le 10G
hardware profile portmode 48x10G+4x40G
 
Configura un vPC con un altro switch
# definisce il port-channel (da fare su entrambi gli switch del cluster)
interface port-channel2
  description — Port-Channel2 to csco-sw20 –
  switchport mode trunk
  vpc 2
 
# aggiunge un'interfaccia 10G alla membership della vPC 2
interface Ethernet1/45
  description — Port-Channel2 to Te1/15 > csco-sw20 –
  switchport mode trunk  
  channel-group 2
 
Mostra lo stato dei virtual port channel (vPC)
show vpc bri
 
Mostra lo stato di sincronia del clock
#show ntp peer-status
 
Ping usando l'interfaccia di management
#ping 8.8.8.8 vrf management
 
 

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x