05-29-2019 01:06 AM - edited 05-29-2019 01:06 AM
Hi, colleagues.
I have a task of changing managment Vlan for all devices in the network.
It's rather simple with L3 devices, but some kind of puzzle with access switches, which are 2960 in my company.
Catch is: i have to maitain the IPs, but move it to another interface remotely (via ssh).
So, I can't just do something like
Interface Vlan1
no ip-address
Interface Vlan2
ip address ***
cause I will loose connectivity on removing address from Vlan1.
Only possibility I see is - making some temprorary interface with temrorary address, than connect to it, move main address, and remove all temp stuff. But it'll take a bunch of time in case of 100+ devices.
It there another way to solve this? Some delayed config load, which will make it possible to load several commands at once, or some "move ip" possibilty?
Solved! Go to Solution.
05-29-2019 02:48 AM
The play would be something like this:
copy running tftp://10.10.10.1/device001.cfg
Now on the server (10.10.10.1) edit the file device001.cfg with the changes you want....remove VLAN1 SVI, create VLAN2 SVI and add IP address (also add the VLAN to the DB and make sure you are trunking it to where it need to go!)
Copy the edited config back to the switch:
copy tftp://10.10.10.1/device001.cfg startup
Now, ensure the system clock is correct and schedule a reload out of hours:
reload at 23:00
cheers,
Seb.
05-29-2019 01:45 AM - edited 05-29-2019 01:46 AM
Hi there,
I'd suggest using an EEM script:
event manager applet re-ip-interface
event none action 0.1 cli command "enable" action 0.2 cli command "conf t" action 0.3 cli command "int vlan1" action 0.4 cli command "no ip address" action 0.5 cli command "int vlan2" action 0.6 cli command "ip address 192.168.0.254 255.255.255.0"
Then from the CLI you run it with: event manager run re-ip-interface
Cheers,
Seb.
05-29-2019 01:56 AM
05-29-2019 02:24 AM
Are you allowed to reload the switches? You could backup the configs, edit them with the VLAN IP change, copy them back to startup-config and then perform a scheduled reload.
05-29-2019 02:41 AM
05-29-2019 02:48 AM
The play would be something like this:
copy running tftp://10.10.10.1/device001.cfg
Now on the server (10.10.10.1) edit the file device001.cfg with the changes you want....remove VLAN1 SVI, create VLAN2 SVI and add IP address (also add the VLAN to the DB and make sure you are trunking it to where it need to go!)
Copy the edited config back to the switch:
copy tftp://10.10.10.1/device001.cfg startup
Now, ensure the system clock is correct and schedule a reload out of hours:
reload at 23:00
cheers,
Seb.
05-29-2019 03:19 AM
05-29-2019 01:47 AM
Hello eyazhuk,
in order to perform a smooth migration you can do the following:
You can join the old Vlan and the new Vlan using two access-ports with spanning-tree bpdu-filter enable
This way you create a single broadcast domain.
In this way you can move one switch at time while keeping connectivity to all switches both in new Vlan and in old vlan.
Hope to help
Giuseppe
05-29-2019 01:58 AM
05-29-2019 01:57 AM - edited 05-29-2019 02:00 AM
Hi
Cannot see any "delayed config load" or "move ip" sort of features.. they do sound nice though :)
I think .. configuring a temp IP and removing the temp IP later might be the only way to go.
I agree .. it would tedious to do on 100+ devices. Perhaps you can script it?
05-29-2019 02:00 AM
05-29-2019 03:40 AM
Looks like learning Python has been postponed .. :)
05-29-2019 02:14 AM
Hello again ..
I wrote a script to disable a feature on 800+ switches. May be you can use it .. ?
Script requires a text file in c:\ with all the IP addresses to connect.
#!/usr/bin/env python # Author: Omer # Date: 2019-05-29 import getpass import netmiko import paramiko from datetime import datetime def main(): ssh_username = raw_input("SSH Username: ") ssh_password = getpass.getpass('SSH Password: ') start = datetime.now() total = 0 with open("c:\ip-addresses.txt", "r") as devices: print for device in devices: try: device = device.rstrip() ssh_session = netmiko.ConnectHandler(device_type='cisco_ios', ip=device, username=ssh_username, password=ssh_password, use_keys=False, allow_agent=False, auth_timeout=30, timeout=10) print("+++++ Connected to {0} +++++".format(device)) output = ssh_session.send_command("conf t", expect_string=r'#') output += ssh_session.send_command("int vlan 2", expect_string=r'#') output += ssh_session.send_command("ip add 1.1.1.1 255.255.255.0", expect_string=r'#') print(output) command = "do wr me" print(ssh_session.find_prompt()) output = ssh_session.send_command_timing(command) if "confirm" in output: output += ssh_session.send_command_timing("y", strip_prompt=False, strip_command=False) print(output) ssh_session.disconnect() total += 1 except paramiko.SSHException as e: print('[ERROR] {}'.format(e)) continue total += 1 end = datetime.now() print print "Execution time: {} for {} devices.".format(end - start, total) if __name__ == "__main__": main()
If you need any help with running it .. give us a shout.
05-29-2019 02:25 AM
Nice script, but in this scenario it will fail once the IP address is removed from VLAN1 as the send_command method will timeout.
cheers,
Seb.
05-29-2019 02:31 AM
Cheers.. the script is only configuring the another IP .. not removing the initial one.
Will need to run it again with "no" commands.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide