cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1894
Views
5
Helpful
1
Replies

Checklist to Add New 4510 RE Switch safely in Production Newtwork.

rupesh00111
Level 1
Level 1

Hi Experts, 

 

I Have Just started actual hands on in Cisco Switching.

Now I have to add new Cisco 4510 RE switch in our production network which is two layer topology  (there is dual core of 6509 and distribution/access switches of 4500 series ). so this New 4510 RE will be connected to 6509 dual core. 

 

I want to create checklist to add this new 4510 switch safely in production network without any impact on existing setup. For example few I am aware of are 

1. make VTP revision number on new switch to zero.

2. Make Sup up-link port as a trunk (not sure if it is required or sup ports are trunk ports by default)

 

Please help with expert advice to add new 4510 RE in the network.

 

Thanks,

1 Accepted Solution

Accepted Solutions

Hello

Adding any switch a production network, (new or old) can cause outage, be it becasue a STP root convergence , vtp database overwrites, loops etc...

 

If this is to be a layer 2 access switch then configure it as you require but; make sure prior to attaching it to a live network:

 

1) Manually prune any unwarranted vlans off the trunk interconnects between the core and the new switch that isn't required

2) Increase the new switches STP Bridge ID for each vlan to high value so it wont even be considered as a root switch when it gets attached.- spanning-tree vlan xx priority xxxx

3) access-ports - apply stp portfast and bpduguard so to negate these ports going through the stp process thus negating unnecessary tcns. and also to prevent any unwarranted attachment of a non access-port devices ( DONT apply this to trunk ports - possible it may incurr loops)

 

4) Change its vtp revision number to zero - ( if in client mode, change to server then transparent mode then back to client ( only applicable to vtp version 1/2) so it wont be able to overwrite the vtp database of the vtp domain it associated with.

 

5) optional - apply stp guard root to the 6500 trunks to the new switch, so to negate any change of the 6500 ports becoming a root port, ( should only be applicable when joining to different stp domains)

Could also apply this to the access-ports as you wont expect them to become a root port for anything either.


I am sure other suggestions will follow but for now I hope this is of assistance?

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

1 Reply 1

Hello

Adding any switch a production network, (new or old) can cause outage, be it becasue a STP root convergence , vtp database overwrites, loops etc...

 

If this is to be a layer 2 access switch then configure it as you require but; make sure prior to attaching it to a live network:

 

1) Manually prune any unwarranted vlans off the trunk interconnects between the core and the new switch that isn't required

2) Increase the new switches STP Bridge ID for each vlan to high value so it wont even be considered as a root switch when it gets attached.- spanning-tree vlan xx priority xxxx

3) access-ports - apply stp portfast and bpduguard so to negate these ports going through the stp process thus negating unnecessary tcns. and also to prevent any unwarranted attachment of a non access-port devices ( DONT apply this to trunk ports - possible it may incurr loops)

 

4) Change its vtp revision number to zero - ( if in client mode, change to server then transparent mode then back to client ( only applicable to vtp version 1/2) so it wont be able to overwrite the vtp database of the vtp domain it associated with.

 

5) optional - apply stp guard root to the 6500 trunks to the new switch, so to negate any change of the 6500 ports becoming a root port, ( should only be applicable when joining to different stp domains)

Could also apply this to the access-ports as you wont expect them to become a root port for anything either.


I am sure other suggestions will follow but for now I hope this is of assistance?

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: