Nice and “simple” new IDF and equipment install.
Featuring the Cisco 3850
It is great when we get a chance to install new equipment in
a new IDF. No old equipment or old configurations to matchup or worry about.
Of course when the equipment is the new (new to me, that is) Cisco
Catalyst 3850 Series Switches, with their Cisco StackWise-480 technology
providing 480 Gbps of stack throughput, Packet Capture capability with the
embedded WireShark, and Stateful Switchover (SSO) resiliency, fun is on
the horizon. The 3850 runs Cisco's IOS-XE Operating System (OS) which does looks and feels a lot like the old familiar IOS, but underneath the CLI, it is a whole
different animal. So when you load a new OS here are some of the different
commands:
·
Upgrading Cisco 3850 Stack IOS-XE :
A.
Copy the *.bin file to active member (you can copy it from a USB drive)
a.
You can use a USB drive,
instead of TFTP if you what to, the USB port is on the front panel (at least on
the 3850-48Ps)
B.
Use the "software install file
flash:cat3k_caa-universalk9.SPA.03.03.xx.SE.150-x.xx.bin new"
(make sure you get the "new" at the end of the line)
a.
**** You can load it from the USB drive if there is enough free space on
the USB drive. “software install file
usbflash0:cat3k_caa-universalk9.SPA.03.03.00.SE.150-1.EZ.bin new”***
C.
After the Switch copies the software, it isn't just one file anymore, it
will ask for a re-boot
D.
********13 minutes while the stack reloads
E.
Use the “software
clean” command to clean un-user file in flash
Once the new OS is loaded and the switch is all good to go,
make sure the switches are stacked if needed. I love the new stacking cables;
they just seem to connect to the switch better the old type.
One of the changes with these new stacks is the way each
stack will have an Active and Standby member to facilitate SSO resiliency which
ensure the management plane is never unreachable. You can assign the Active and
Standby roles to specific switches in your stack by setting the switch’s
priority, the higher the better (max 15). We configure our uplinks in
Ether-Channel groups with one port on the 1st switch in the slack and the other
on the last switch in the stack, so we set the priories on these two switches
in case we lose one the other will still have access to the management plane.
Speaking of Up-links, these new 3850s had uplink modules, right now there are three, a 4x1gb, a 4x1gb/2x10gb, and a 4x10bg. The 4x1gb/2x10gb module allows you to use all 4 port at 1gp, or 2 at 1gb and 2 at 10gp, and I have found (and Not in Cisco documentation) that when working with the 4x1gb/2x10gb module, it is best to disable the g1/1/3 and 4 interfaces, then enable the Te1/1/3 and 4 if you are using the 10Gb ports. Otherwise the TenGb port might err-disable and need to be re-enabled.
The embedded WireShark is a very handy feature, But, and it
is a big But, it is only available with the ipservices license, and that IS Not
in Cisco Documentation yet either. But if you are running the right
Feature set, the syntax is different than what you may have used on the PIX and
ASA’s.
1.
First configure an access-l to mark the interesting traffic
a.
access-list standard My-cap_acl
i.
It doesn’t have
to be standard
b.
permit 198.214.208.24
2.
monitor capture buffer My-cap_buff circular
a.
Creates a Buffer named My-cap_buff
3.
monitor capture buffer My-cap_buff filter access-list My-cap_acl
a.
associates the My-cap_buff to the My-cap_acl
4.
mon cap point ip cef My-cap_point g0/1/0.523 both
a.
Creates a capture point called My-cap_point
5.
mon cap point associate My-cap_point My-cap_buff
a.
Associates the My-cap_point to the My-cap_buff
6.
mon cap point start My-cap_point
a.
This starts the capture
7.
sh mon cap buffer My-cap_point p
a.
This show the capture parameters
8.
mon cap point stop My-cap_point
a.
This stop the capture
9.
And you can copy is off to a tftp server, or read it on the switch.
I am looking forward to use these switches and learning all
their little tricks and nuances, and I just heard the 4500-X switches are here,
And I might get to install them soon, check back for more fun.