Tag Archives: cisco

Connect cisco switch and linux server for kvm virtualization

We need bridge (brX) interface(s) for linux kvm virtualization.


VLAN-s must be defined on Cisco switch

VLAN 10 – IT vlan
VLAN 20 – DMZ vlan
VLAN 30 – guest vlan

Define vlan without ip (L2 switch):

switch# conf t
switch(config)# vlan 10
switch(config-vlan)# name vlan-it
switch(config-vlan)# end
switch# write

Define vlan with ip address (L3 switch):

switch# conf t
switch(config)# interface vlan 10
switch(config-if)# ip adress
switch(config-if)# description vlan-it
switch(config-if)# end
switch# write


Connection to network interface eth0 on linux server for vlan 10 and vlan 30 (trunk connection):

interface GigabitEthernet1/0/30
 description == kvm server IT
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,30
 switchport mode trunk

Connection to network interface eth1 on linux server for vlan 20 (trunk connection):

interface GigabitEthernet1/0/31
 description == kvm server DMZ
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 20
 switchport mode trunk


linux-server:~# cat /etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback

# VLAN 10 (IT vlan)
auto eth0.10
iface eth0.10 inet manual
        up ifconfig eth0.10 up

# KVM bridge , VLAN 10, via eth0 (management interface)
auto br10
iface br10 inet static
        address xx.xy.xz.10
        netmask xx.xy.xz.0
        network xx.xy.xz.0
        broadcast xx.xy.xz.255
        gateway xx.xy.xz.1
        dns-search local.domain.com
        bridge_ports    eth0.10 
        bridge_maxwait  5
        bridge_fd       1
        bridge_stp      on

# VLAN 20 (DMZ vlan)
auto eth1.20
iface   eth1.20 inet manual
        up ifconfig eth1.20 up

# KVM bridge, VLAN 20, via eth1
auto br20
iface br20 inet manual
        bridge_ports    eth1.20
        bridge_maxwait  5
        bridge_fd       1
        bridge_stp      on

# VLAN 30 (guest vlan)
auto eth0.30
iface eth0.30 inet manual
        up ifconfig eth0.30 up

# KVM bridge, VLAN 30, via eth0
auto br30
iface br30 inet manual
        bridge_ports    eth0.30
        bridge_maxwait  5
        bridge_fd       1
        bridge_stp      on

Replace stack member

Two Cisco 3750 series switches in stack.
Master C3750G-48TS
Slave C3750-24TS

Replace slave switch (C3750-24TS) with another slave C3750G-48TS switch witch has the same version of IOS as master switch. In the end we have 2 equal switches in rack. More interfaces and faster speed on second switch.

1. backup all configurations

# copy running-config tftp

2. prepare configuration for interfaces witch where on 24 port switch for 48 port giga switch (in config replace FastEthernet with GigaEthernet)
3. write down cable arrangement (from patch panel to switch)
4. shutdown slave switch (unplug electrical cable)
5. remove stack cable(s) from slave switch
6. remove utp cables from switch
6. remove slave switch from rack
7. add new slave switch to rack
8. reconnect stack cables to new switch
9. power on new switch
10.reconnect utp cables,…
11. repair configuration on stack for newly added interfaces
12. check if everything is working as it should with;

# sh stack ...
# sh int bri
# ping ... 

Cisco vtp updating problems

It could be as simple as forget to setup a password. šŸ™‚

If you setup a vtp password on cisco server switch then you must setup a password on client switch to.

Check if password is configured for vtp:

# show vtp password

Setup vtp password on switch:

sw(config)# vtp password ...

Now vtp updating on cisco client switch is working perfectly well.

vtp – vlan trunk protocol

Cisco PIX …

hardware: Cisco PIX 515E with 6.3.x version of OS

Backup PIX configuration to tftp server

  1. login
  2. enable
  3. write net xxx.yyy.zzz.www:pix-conf-date.conf

xxx.yyy.zzz.www – tftp IP address

pix-conf-date.conf – configuration file name


Upgrade PIX OS from tftp

  1. login
  2. enable
  3. copy tftp flashĀ <— upgrade OS
  4. reloadĀ <— restart PIX


Configure NTP server

  1. login
  2. enable
  3. conf t
  4. ntp authenticate
  5. ntp server xxx.yyy.zzz.w1w source outsideĀ <— external NTP server
  6. ntp server xxx.yyy.zzz.w2w source outside
  7. ntp server xxx.yyy.zzz.w3w source insideĀ <— internal NTP server
  8. write mem <— save changes