Differences

This shows you the differences between two versions of the page.

--- cisco:switch:9500:cisco_catalyst_9500_series_manual [2025/01/15 12:50] – aperez
+++ cisco:switch:9500:cisco_catalyst_9500_series_manual [2025/04/20 12:43] (current) – [SSH] aperez
@@ Line 7: / Line 7: @@
 ----
-Switch#**show interfaces status**
-Switch#**show mac address-table**
+  Switch#show interfaces status
+  Switch#show mac address-table
+  Switch#show ip igmp snooping
+  Switch#show lldp
+  Switch#show lldp neighbors
+  Switch#show lldp neighbors detail
+  Switch#show system mtu
+  Switch#show platform hardware capacity
+  Switch#show interfaces | include MTU
+  Switch#show running-config |  begin TwentyFiveGigE1/0/1
+----
+On the **Cisco switch**, you need to edit the interface, then use the command
+-**fec off**
+On the **Aruba switch**, you need to edit the interface, then use the command
+-**error-control none**
 ----
 **{{ :cisco:switch:9500:1dc4bfad-7c8a-4b86-aa6e-bd3bd2d46fbe.pdf |Cisco Catalyst 9500 Series Switches Hardware Installation Guide}}**
@@ Line 43: / Line 61: @@
 **service password-encryption**
+----
+----
+**Basic cli**
+  Switch# configure terminal
+  Switch(config)#
+  Switch(config)#hostname <switch_name>
+  Switch(config)#hostname Cisco_switch_x
+  Switch(config)#interface vlan1
+  Switch(config)#no shutdown
+  Switch(config-if)#ip address<ipaddress><mask>
+  Switch(config-if)#ip address 172.16.29.10 255.255.0.0
+  Switch(config)#enable secret <password>
+  Switch(config)#enable secret P@$$w0^d
+  Switch(config)# username admin privilege 15 password <PASSWORD>
+  Switch(config)# username admin privilege 15 password P@$$w0^d
+  Switch(config)# ip default-gateway <IP-address>
+  Switch(config)# ip default-gateway 172.16.29.1
+  Switch# show ip route
+  Switch(config)# line con 0
+  Switch(config-line)# password p@$$w0^d
+  Switch(config-line)# login
+  Switch(config)# exit
+  Switch(config)# line vty 0 4
+  Switch(config-line)# password p@$$w0^d
+  Switch(config-line)# login
+  Switch(config)# exit
+  Switch(config)# line aux 0
+  Switch(config-line)# password p@$$w0^d
+  Switch(config-line)# login
+  Switch(config)# exit
+  Switch(config)# ip route <dest_IP_address> <mask>
+  Switch(config)# ip route 172.16.29.59 255.255.0.0
+  Switch# show running-config
+  Switch(config)#interface fastethernet 0/1
+  Switch(config-if)#description Development VLAN
+  Switch(config-if)#duplex full
+  Switch#write memory
+  Building configuration... [OK]
+  Switch#
 ----
@@ Line 60: / Line 120: @@
   ip address 192.168.2.1 255.255.255.0
   no shutdown
+----
+----
+**Enable Multicast Routing**
+  enable
+  configure terminal
+  ip multicast-routing
+  ip pim sparse-mode
+  interface INTERFACE_ID
+  ip pim sparse-mode
+  ip pim rp-address RP_IP_ADDRESS
+  ip pim send-rp-announce INTERFACE scope TTL
+  ip pim send-rp-discovery INTERFACE scope TTL
+  ip igmp snooping
+  vlan VLAN_ID
+  ip igmp snooping
+  exit
+  show ip mroute
+  show ip pim neighbor
+  show ip pim rp
+  show ip igmp groups
+  Example Configuration
+  Scenario:
+  Multicast source: 192.168.1.10
+  RP: 192.168.1.1
+  VLAN 10 and VLAN 20 are participating in multicast.
+  Configuration:
+  ip multicast-routing
+  ip pim rp-address 192.168.1.1
+  interface Vlan10
+  ip address 192.168.1.1 255.255.255.0
+  ip pim sparse-mode
+  interface Vlan20
+  ip address 192.168.2.1 255.255.255.0
+  ip pim sparse-mode
+**Example**
+  enable
+  configure terminal
+  ip igmp snooping
+  vlan 1
+  ip igmp snooping
+  vlan 500
+  ip igmp snooping
+  vlan 501
+  ip igmp snooping
+  vlan 502
+  ip igmp snooping
+  vlan 503
+  ip igmp snooping
+  vlan 504
+  ip igmp snooping
+  vlan 505
+  ip igmp snooping
+  vlan 506
+  ip igmp snooping
+  vlan 507
+  ip igmp snooping
+  vlan 508
+  ip igmp snooping
+  vlan 509
+  ip igmp snooping
+  vlan 510
+  ip igmp snooping
+  vlan 511
+  ip igmp snooping
+  vlan 512
+  ip igmp snooping
+  vlan 513
+  ip igmp snooping
+  vlan 514
+  ip igmp snooping
+  vlan 515
+  ip igmp snooping
+  vlan 516
+  ip igmp snooping
+  vlan 517
+  ip igmp snooping
+  vlan 518
+  ip igmp snooping
+  vlan 519
+  ip igmp snooping
+  vlan 520
+  ip igmp snooping
+  vlan 521
+  ip igmp snooping
+  vlan 522
+  ip igmp snooping
+  vlan 523
+  ip igmp snooping
+  vlan 524
+  ip igmp snooping
+  vlan 525
+  ip igmp snooping
+  vlan 526
+  ip igmp snooping
+  vlan 527
+  ip igmp snooping
+----
+----
+**Enable LLDP Globally**
+  enable
+  configure terminal
+  lldp run
+  interface INTERFACE_ID
+  lldp transmit
+  lldp receive
+  exit
+  show lldp
+  show lldp neighbors
+  show lldp neighbors detail
+  lldp timer 60
+  lldp holdtime 180
+  write memory
+**Example**
+  configure terminal
+  lldp run
+  lldp timer 60
+  lldp holdtime 180
+  interface GigabitEthernet1/0/1
+  lldp transmit
+  lldp receive
+  interface GigabitEthernet1/0/2
+  lldp transmit
+  lldp receive
+  write memory
+**Example**
+  enable
+  configure terminal
+  lldp run
+  interface TwentyFiveGigE1/0/1
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/2
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/3
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/4
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/5
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/6
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/7
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/8
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/9
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/10
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/11
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/12
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/13
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/14
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/15
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/16
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/17
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/18
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/19
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/20
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/21
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/22
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/23
+  lldp transmit
+  lldp receive
+  interface TwentyFiveGigE1/0/24
+  lldp transmit
+  lldp receive
+  interface HundredGigE1/0/25
+  lldp transmit
+  lldp receive
+  interface HundredGigE1/0/26
+  lldp transmit
+  lldp receive
+  interface HundredGigE1/0/27
+  lldp transmit
+  lldp receive
+  interface HundredGigE1/0/28
+  lldp transmit
+  lldp receive
+----
+----
+**Verify MTU Support**
+  show system mtu
+  show platform hardware capacity
+  configure terminal
+  system mtu jumbo 9100
+  exit
+  write memory
+  reload
+  show system mtu
+  show interfaces | include MTU
+  interface INTERFACE_ID
+  mtu 9100
+  exit
+**Example**
+  configure terminal
+  system mtu jumbo 9100
+  system mtu 9100
+  interface GigabitEthernet1/0/1
+  mtu 9100
+  exit
+  write memory
+  reload
 ----
@@ Line 139: / Line 474: @@
   !
-----
+**Port-channel Example 3**
-**Basic cli**
+  interface Port-channel1
+   description Link to Juniper Networks EX2300-24P
-  Switch# configure terminal
+   switchport mode trunk
-  Switch(config)#
+   mtu 9100
-  Switch(config)#hostname <switch_name>
+   logging event bundle-status
-  Switch(config)#hostname Cisco_switch_x
+  !
-  Switch(config)#interface vlan1
+  interface TwentyFiveGigE1/0/1
-  Switch(config)#no shutdown
+   description Link to Juniper Networks EX2300-24P
-  Switch(config-if)#ip address<ipaddress><mask>
+   switchport mode trunk
-  Switch(config-if)#ip address 172.16.29.10 255.255.0.0
+   mtu 9100
-  Switch(config)#enable secret <password>
+   logging event trunk-status
-  Switch(config)#enable secret P@$$w0^d
+   logging event bundle-status
-  Switch(config)# username admin privilege 15 password <PASSWORD>
+   udld port aggressive
-  Switch(config)# username admin privilege 15 password P@$$w0^d
+   channel-protocol lacp
-  Switch(config)# ip default-gateway <IP-address>
+   channel-group 1 mode active
-  Switch(config)# ip default-gateway 172.16.29.1
+  !
-  Switch# show ip route
+  interface TwentyFiveGigE1/0/2
-  Switch(config)# line con 0
+   description Link to Juniper Networks EX2300-24P
-  Switch(config-line)# password p@$$w0^d
+   switchport mode trunk
-  Switch(config-line)# login
+   mtu 9100
-  Switch(config)# exit
+   logging event trunk-status
-  Switch(config)# line vty 0 4
+   logging event bundle-status
-  Switch(config-line)# password p@$$w0^d
+   udld port aggressive
-  Switch(config-line)# login
+   channel-protocol lacp
-  Switch(config)# exit
+   channel-group 1 mode active
-  Switch(config)# line aux 0
+  !
-  Switch(config-line)# password p@$$w0^d
-  Switch(config-line)# login
-  Switch(config)# exit
-  Switch(config)# ip route <dest_IP_address> <mask>
-  Switch(config)# ip route 172.16.29.59 255.255.0.0
-  Switch# show running-config
-  Switch(config)#interface fastethernet 0/1
-  Switch(config-if)#description Development VLAN
-  Switch(config-if)#duplex full
-  Switch#write memory
-  Building configuration... [OK]
-  Switch#
 ----
@@ Line 261: / Line 584: @@
   no spanning-tree vlan 527
+----
+----
+**FEC** on an SFP port refers to **Forward Error Correction (FEC)**, which is a technique used in fiber optic and Ethernet networks to enhance data transmission reliability by detecting and correcting errors without the need for retransmission.
+**FEC (Forward Error Correction)**:
+FEC is a mechanism that adds redundant information to the transmitted data. This redundancy allows the receiving end to detect and correct errors caused by signal degradation or noise during transmission.
+Purpose: FEC is essential for high-speed data links (e.g., 10G, 25G, 40G, 100G Ethernet) to improve link quality and performance.
+Types: Different FEC modes can be used depending on the standard and speed of the connection (e.g., Reed-Solomon FEC).
+  *   **auto**   Enable FEC Auto-Neg
+  *   **cl108**  Enable clause108 with 25G
+  *   **cl74**   Enable clause74 with 25G
+  *   **off**    Turn FEC off, FEC is mandatory for speeds 50G or higher
+----
+----
+**Benefits of FEC on SFP Ports**:
+  * Error Correction: FEC can correct errors due to signal attenuation or interference.
+  * Better Link Performance: Allows for longer cable runs or higher speeds by improving signal integrity.
+  * No Retransmissions: Unlike other error correction methods, FEC works proactively without needing retransmissions, which is important for low-latency environments.
+----
+**C9500 Cisco Catalyst**
+C9500-N#**show ver**
+  Cisco IOS XE Software, **Version 17.12.03**
+  Cisco IOS Software [Dublin], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 17.12.3, RELEASE SOFTWARE (fc7)
+  interface TwentyFiveGigE1/0/3
+   description VLAN 526 PTP A.B.C.D/EF X30
+   switchport access vlan 526
+   switchport mode access
+   mtu 9100
+   logging event trunk-status
+   logging event bundle-status
+   udld port aggressive
+   fec cl74
+  C9500-N(config-if)#interface TwentyFiveGigE1/0/3
+  C9500-N(config-if)#fec ?
+    auto   Enable FEC Auto-Neg
+    cl108  Enable clause108 with 25G
+    cl74   Enable clause74 with 25G
+    off    Turn FEC off, FEC is mandatory for speeds 50G or higher
+----
+----
+====== SSH ======
+**SSH Configuration on Cisco IOS XE 17.12.03**
+  configure terminal
+  hostname MyRouter
+  ip domain-name mynetwork.local
+  crypto key generate rsa modulus 2048
+  username admin privilege 15 secret MyStrongPassword
+  ip ssh version 2
+  line vty 0 4
+  transport input ssh
+  exec-timeout 10 0   ! 10 minutes, 0 seconds
+  login local
+  exit
+  configure terminal
+  ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr
+  end
+  write memory
+  show ip ssh
+  show run | include ssh
+----
 ----