01-14-2015 08:13 PM - edited 03-05-2019 12:33 AM
Hi All,
I'm facing with some network issue in production environment. Recently we lost communication with both switches and routers, cannot ping (Physically running). After a while the network back to normal. FYI few days back we upgraded our switches and routers to newer IOS which support SSH protocol. Also we disable telnet for all. Would appreciate for any suggestions. Following are the switches and routers configuration:
ROUTER1:
router1#sh conf
Using 3261 out of 29688 bytes
!
! Last configuration change at 08:19:08 GMT Fri Dec 5 2014 by user1
! NVRAM config last updated at 08:19:17 GMT Fri Dec 5 2014 by user1
!
version 12.4
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname router1
!
boot-start-marker
boot system flash:c2600-advsecurityk9-mz.124-8.bin
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 $1a$R0.L$9smhwgTP####
!
no aaa new-model
!
resource policy
!
clock timezone GMT 8
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
no ip domain lookup
ip domain name domain.com
ip ssh version 2
!
!
!
!
username user1 privilege 15 secret 5 $1a$fi3d$dr#####
username user2 secret 5 $1$JGKG$n######.
!
!
controller E1 0/0
channel-group 0 unframed
!
controller E1 0/1
channel-group 0 unframed
!
!
buffers small permanent 400
buffers small max-free 420
buffers middle permanent 120
buffers middle max-free 150
buffers big permanent 170
buffers big max-free 200
buffers verybig permanent 15
buffers verybig max-free 20
!
!
interface FastEthernet0/0
description *** Link to switch1 ***
ip address 175.4.1.1 255.255.0.0
ip ospf cost 2
speed 100
full-duplex
standby 1 ip 175.4.1.3
standby 1 timers msec 50 msec 200
standby 1 priority 150
standby 1 preempt
standby 2 ip 175.4.1.4
standby 2 timers msec 50 msec 200
standby 2 preempt
!
interface Serial0/0:0
bandwidth 2048
ip address 192.168.4.22 255.255.255.252
!
interface FastEthernet0/1
description *** Link to router2 ***
bandwidth 110000
ip address 192.168.9.25 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 5
duplex auto
speed auto
!
interface Serial0/1:0
bandwidth 2048
ip address 192.168.8.18 255.255.255.252
!
router ospf 1
log-adjacency-changes
timers throttle spf 1000 5000 5000
network 175.4.0.0 0.0.255.255 area 0
network 192.168.4.20 0.0.0.3 area 0
network 192.168.8.16 0.0.0.3 area 0
network 192.168.9.24 0.0.0.3 area 0
!
ip route 192.168.196.32 255.255.255.255 175.3.65.1
ip route 192.168.197.32 255.255.255.255 175.4.65.1
!
ip http server
no ip http secure-server
!
snmp-server community public RO
snmp-server trap-source FastEthernet0/1
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps envmon
snmp-server enable traps config
snmp-server enable traps syslog
!
!
control-plane
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
transport input ssh
!
end
ROUTER2:
router2#sh conf
Using 3416 out of 29688 bytes
!
! Last configuration change at 22:22:22 GMT Tue Dec 10 2013 by user1
! NVRAM config last updated at 22:22:22 GMT Tue Dec 10 2013 by user1
!
version 12.4
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname router2
!
boot-start-marker
boot system flash:c2600-advsecurityk9-mz.124-8.bin
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 $1$Y######
!
no aaa new-model
!
resource policy
!
clock timezone GMT 8
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
no ip domain lookup
ip domain name domain.com
ip ssh version 2
!
!
!
!
username user1 privilege 15 secret 5 $1$#####
username user2 secret 5 $1$#####
!
!
controller E1 0/0
channel-group 0 unframed
!
controller E1 0/1
channel-group 0 unframed
!
!
buffers small permanent 400
buffers small max-free 420
buffers middle permanent 120
buffers middle max-free 150
buffers big permanent 170
buffers big max-free 200
buffers verybig permanent 15
buffers verybig max-free 20
!
!
interface FastEthernet0/0
description *** Link to switch2 ***
ip address 175.4.1.2 255.255.0.0
ip ospf cost 2
speed 100
full-duplex
standby 1 ip 175.4.1.3
standby 1 timers msec 50 msec 200
standby 1 preempt
standby 2 ip 175.4.1.4
standby 2 timers msec 50 msec 200
standby 2 priority 150
standby 2 preempt
!
interface Serial0/0:0
bandwidth 2048
ip address 192.168.5.22 255.255.255.252
!
interface FastEthernet0/1
description *** Link to router1 ***
bandwidth 110000
ip address 192.168.9.26 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 5
duplex auto
speed auto
!
interface Serial0/1:0
bandwidth 2048
ip address 192.168.8.21 255.255.255.252
ip ospf dead-interval minimal hello-multiplier 5
!
router ospf 1
log-adjacency-changes
timers throttle spf 1000 5000 5000
network 175.4.0.0 0.0.255.255 area 0
network 192.168.5.20 0.0.0.3 area 0
network 192.168.8.20 0.0.0.3 area 0
network 192.168.9.24 0.0.0.3 area 0
!
ip route 192.168.196.32 255.255.255.255 175.3.65.1
ip route 192.168.197.32 255.255.255.255 175.4.65.1
!
ip http server
no ip http secure-server
!
snmp-server community public RO
snmp-server trap-source FastEthernet0/1
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps envmon
snmp-server enable traps config
snmp-server enable traps hsrp
snmp-server enable traps syslog
snmp-server host 175.50.42.1 public
snmp-server host 175.50.42.2 public
!
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line aux 0
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
transport input ssh
!
end
SWITCH01:
switch1#sh conf
Using 5513 out of 32768 bytes
!
! Last configuration change at 11:27:50 GMT Thu Nov 27 2014 by user1
! NVRAM config last updated at 11:28:01 GMT Thu Nov 27 2014 by user1
!
version 12.1
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname switch1
!
enable secret 5 $1$G#####
!
username user1 privilege 15 secret 5 $1####
username user2 secret 5 $1####
clock timezone GMT 8
ip subnet-zero
!
no ip domain-lookup
ip domain-name domain.com
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh version 2
vtp domain DOMAIN
vtp mode transparent
!
!
spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
spanning-tree vlan 1 priority 24576
spanning-tree vlan 1 hello-time 1
spanning-tree vlan 1 forward-time 5
spanning-tree vlan 1 max-age 6
!
!
!
!
interface Port-channel1
flowcontrol send off
!
interface FastEthernet0/1
description *** Cross Link to Switch2 ***
channel-group 1 mode on
spanning-tree portfast
!
interface FastEthernet0/2
description *** Cross Link to Switch2 ***
channel-group 1 mode on
spanning-tree portfast
!
interface FastEthernet0/3
description *** Link to router1 ***
switchport mode access
speed 100
duplex full
spanning-tree portfast
!
interface FastEthernet0/21
switchport mode access
speed 100
duplex full
spanning-tree portfast
!
interface FastEthernet0/22
switchport mode access
speed 10
spanning-tree portfast
!
interface FastEthernet0/23
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport mode access
spanning-tree portfast
!
interface Vlan1
ip address 175.4.2.1 255.255.0.0
no ip route-cache
!
ip default-gateway 175.4.1.3
ip http server
snmp-server community public RO
snmp-server enable traps snmp authentication warmstart linkdown linkup coldstart
snmp-server enable traps config
snmp-server enable traps copy-config
snmp-server enable traps syslog
snmp-server enable traps entity
snmp-server enable traps flash insertion removal
snmp-server enable traps bridge
snmp-server enable traps stpx
snmp-server enable traps rtr
snmp-server enable traps c2900
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps port-security
snmp-server enable traps MAC-Notification
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps hsrp
snmp-server enable traps cluster
snmp-server enable traps vlan-membership
snmp-server host 175.50.42.1 public
banner motd ^C
!
line con 0
exec-timeout 0 0
logging synchronous
login local
line vty 0 4
exec-timeout 0 0
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
end
SWITCH02:
switch2#sh conf
Using 5502 out of 32768 bytes
!
! Last configuration change at 22:22:22 GMT Fri Nov 10 2013 by user1
! NVRAM config last updated at 22:22:22 GMT Fri Nov 10 2013 by user1
!
version 12.1
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname switch2
!
enable secret 5 $1$#####
!
username user1 privilege 15 secret 5 $1$####
username user2 secret 5 $1$####
clock timezone GMT 8
ip subnet-zero
!
no ip domain-lookup
ip domain-name domain.com
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh version 2
vtp domain DOMAIN
vtp mode transparent
!
!
spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
spanning-tree vlan 1 priority 28672
spanning-tree vlan 1 hello-time 1
spanning-tree vlan 1 forward-time 5
spanning-tree vlan 1 max-age 6
!
!
!
!
interface Port-channel1
flowcontrol send off
!
interface FastEthernet0/1
description *** Cross Link to Switch1 ***
channel-group 1 mode on
spanning-tree portfast
!
interface FastEthernet0/2
description *** Cross Link to Switch1 ***
channel-group 1 mode on
spanning-tree portfast
!
interface FastEthernet0/3
description *** Link to router2 ***
switchport mode access
speed 100
duplex full
spanning-tree portfast
!
interface FastEthernet0/21
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport mode access
speed 10
spanning-tree portfast
!
interface FastEthernet0/23
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport mode access
spanning-tree portfast
!
interface Vlan1
ip address 175.4.2.2 255.255.0.0
no ip route-cache
!
ip default-gateway 175.4.1.4
ip http server
snmp-server community public RO
snmp-server enable traps snmp authentication warmstart linkdown linkup coldstart
snmp-server enable traps config
snmp-server enable traps copy-config
snmp-server enable traps syslog
snmp-server enable traps entity
snmp-server enable traps flash insertion removal
snmp-server enable traps bridge
snmp-server enable traps stpx
snmp-server enable traps rtr
snmp-server enable traps c2900
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps port-security
snmp-server enable traps MAC-Notification
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps hsrp
snmp-server enable traps cluster
snmp-server enable traps vlan-membership
snmp-server host 175.50.42.1 public
banner motd ^C
!
line con 0
exec-timeout 0 0
password 7 09####
logging synchronous
login local
line vty 0 4
exec-timeout 0 0
password 7 00####
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
end
01-14-2015 10:38 PM
01-16-2015 10:55 PM
I dont know what have u written....can u reply again....thnks
01-20-2015 02:07 AM
Please provide a topology
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide