Re: Smart Install VLAN creation. - Page 3

Kevin-John Beasley · ‎05-26-2013

Hi All,

I have been having a play with Smart Install, and it's working fairly well and I am looking to implement in our production environment. The only thing that I find annoying is that when I have all the vlan config in my smart install configuration file; ie:

vlan 324

name STD_STAFF

!

vlan 125

name STUDENT

!

etc...

After the switch load the config and reboots all the VLAN configuration is gone, and I have VLAN's with names like Vlan324 if there were access ports configured to that VLAN. I'm guessing because config gets copied into startup config, however only when it is put into running config is vlan.dat updated on the switch and upon reboot startup_config must get ignored or superseeded by the config of vlan.dat. Since my VLAN's aren't in there new ones get created as needed, and of course a bunch of vlan's are left operating on the trunk, but disabled as they are not defined in the switch.

Does anyone know of an easy way to fix this, perhaps a command that will force creation of vlan.dat based on the startup config? The only guess I have so far is to try and have a line in the Smart Install config to copy startup-config running-config during smart install and hope that this will create the VLAN's and the needed vlan.dat file. But I'm yet to test this, possibly on Monday.

Any ideas would be appreciated. Though using VTP isn't currently something I am entertaining.

Thanks,

Kevin-John

Leo Laohoo · ‎05-29-2013

There is a new command, that came with 15.0(2)SE2 that changes the default VLAN 1 to something else.

I think you need to post your entire VStack/SmartInstall config.

Sent from Cisco Technical Support Nintendo App

isaacalves27 · ‎05-30-2013

Hi there

Sh run

SMB_Director_B#sh run

Building configuration...

Current configuration : 3783 bytes

!

! Last configuration change at 00:37:14 UTC Mon Mar 1 1993

!

version 15.0

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SMB_Director_B

!

boot-start-marker

boot-end-marker

!

no aaa new-model

system mtu routing 1500

ip dhcp remember

ip dhcp conflict resolution

ip dhcp excluded-address 172.31.100.1 172.31.100.9

ip dhcp excluded-address 10.87.192.1 10.87.192.2

!

vtp domain TEST

vtp mode transparent

!

!// Crypto PKI certifikat

!

spanning-tree mode pvst

spanning-tree portfast default

spanning-tree extend system-id

spanning-tree vlan 1-300 priority 24576

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

switchport mode access

!

interface GigabitEthernet0/2

switchport mode access

!

interface GigabitEthernet0/3

switchport mode access

!

interface GigabitEthernet0/4

switchport mode access

!

interface GigabitEthernet0/5

switchport mode access

!

interface GigabitEthernet0/6

switchport mode access

!

interface GigabitEthernet0/7

switchport mode access

!

interface GigabitEthernet0/8

switchport mode access

!

interface GigabitEthernet0/9

switchport mode access

!

interface GigabitEthernet0/10

switchport mode access

!

interface Vlan1

ip address 10.87.192.2 255.255.255.0

no ip route-cache

no ip mroute-cache

!

interface Vlan209

no ip address

no ip route-cache

no ip mroute-cache

!

ip http server

ip http secure-server

!

ip sla enable reaction-alerts

!

tftp-server flash:client_cfg.txt

vstack vlan 1

vstack config tftp://10.87.192.51/test.txt

!

vstack group built-in 3560cg 8

image tftp://10.87.192.51/c3560c405ex-universalk9-tar.150-2.SE2.tar

config tftp://10.87.192.51/HXnnnnnn_3560C.txt

!

vstack dhcp-localserver SmartInstall

address-pool 10.87.192.0 255.255.255.0

file-server 10.87.192.51

default-router 10.87.192.1

!

vstack director 10.87.192.2

vstack basic

vstack startup-vlan 1

!

line con 0

logging synchronous

line vty 0 4

login

line vty 5 15

login

!

ntp server 172.31.100.1

end

///////////////////////////////////////////////////////////

sh vstack konfig

SMB_Director_B#sh vstack config

Role: Director (SmartInstall enabled)

Vstack Director IP address: 10.87.192.2

Vstack Mode: Basic

Vstack default management vlan: 1

Vstack start-up management vlan: 1

Vstack management Vlans: 1

Vstack Config file: tftp://10.87.192.51/test.txt

Join Window Details:

Window: Open (default)

Operation Mode: auto (default)

Vstack Backup Details:

Mode: On (default)

Repository: flash:/vstack (default)

/////////////////////////////////////////////////////////////////////////////7

If there is something else I need to post please advise.

Best

Isaac

Leo Laohoo · ‎05-30-2013

Hi Isaac,

Your config is exactly the same as what I've got. Your config file OK. What port is the TFTP server connected to? Can you post the configuration of the interface?

What kind of TFTP server do you have?

May I kindly ask if you can move the config file and the IOS into yoru Director, if you have enough flash space?

If you are, reboot the Director and then the client.

Sorry, I still don't know why you are getting an error message like that. You and I, we run the same IOS on our director. My 3560CG is getting built using the same IOS you are pushing.

NOTE: Are you running 802.1X on your 3560C, if you are do NOT use 15.0 IOS. I've just stumbled on a few 802.1x bugs which can cause 3560 and 3750 to crash when you are running 15.0 IOS verson.

isaacalves27 · ‎05-30-2013

Hello Leo

When I did the last test I moved the Tftp directly to the director so that there was no routing to be done. So the configuration was just sw acc vlan 1 - the standard.

My TFTP is a Linux server: tftpd - I have used this TFTP server to a lot of Network Management Operations and never had any problems.

I dont think the 3560CG has space to accomodate the IOS tar file - sorry.

I will try as the first in the morning to move the config to the Director - my issue is not the image - that has always worked.

Thanks for the note. We are not using dot1x for now but is one of my next brig projects.

Best regards

Isaac

PS:This issue is very strange. Do you now of someone else having the same issue?

Leo Laohoo · ‎05-30-2013

Hi Isaac,

Ok, don't transfer the IOS. Just transfer the config file.

I am also using Linux for our TFTP box.

No. This is the first time I've come across the error message you're displaying.

Leo Laohoo · ‎05-29-2013

Thanks for keep trying to solve this issue

Hi Issac,

You're wrong. I should be the one to say THANKS for the patience. Because so far, I have NO CLUE as to the issues you and Kevin are seeing.

Kevin-John Beasley · ‎06-02-2013

Got it, I think:

15.0(2)SE2

Mar 30 11:29:30.978 AET: %SW_VLAN-4-BAD_STARTUP_VLAN_CONFIG_FILE: Failed to configure VLAN from startup-config. Fallback to use VLAN configuration file from non-volatile memory

15.0(1)SE3

VLAN's work fine.

I am testing this off our corporate network, but at a guess downgrade your vstack software you are distributing to access switches to 15.0(1)SE3 and you won't see that error anymore.

Ok Cisco, pay attention hop to it and go fix your stuff up.

Leo Laohoo · ‎06-02-2013

Nice discovery, Kevin!

PM sent.

isaacalves27 · ‎06-03-2013

Hello Kevin

How is your downgrading proceding?

I have just tested on my lab with the IOS you suggested on a 2960S and is still giving the same error:

%SW_VLAN-4-BAD_STARTUP_VLAN_CONFIG_FILE: Failed to configure VLAN from startup-config. Fallback to use VLAN configuration file from non-volatile memory

What hardware / IOS are you using on your Director?

Thanks

Isaac

isaacalves27 · ‎06-03-2013

I will just use VTP v2 to get the vlans i need on each location and that is working pretty ok.

I would like though to deliver a ZeroTouch as much as possible (not needing to add username or changing ip adresse to static by hard and so on). In order to do that would be great to be able to give to each switch a different startup configuration - with the correct hostname and ip adresse.

Did you ever tried to do something like that on your production env?

Thanks for all your help

Isaac

Leo Laohoo · ‎06-03-2013

Majority of my ZeroTouch is used for staging/pre-deployment. And I do have a lot of staging and pre-deployment every month or so.

isaacalves27 · ‎06-04-2013

Did you ever tried to give to eache switch a different config? As automatic username and static ip adresse?

Leo Laohoo · ‎06-04-2013

Each individual switch being built? Oh no. I didn't. The config file I've posted is our template.

Sent from Cisco Technical Support Nintendo App