11-18-2017 03:11 AM - edited 03-08-2019 12:47 PM
Hi Experts,
I Have Just started actual hands on in Cisco Switching.
Now I have to add new Cisco 4510 RE switch in our production network which is two layer topology (there is dual core of 6509 and distribution/access switches of 4500 series ). so this New 4510 RE will be connected to 6509 dual core.
I want to create checklist to add this new 4510 switch safely in production network without any impact on existing setup. For example few I am aware of are
1. make VTP revision number on new switch to zero.
2. Make Sup up-link port as a trunk (not sure if it is required or sup ports are trunk ports by default)
Please help with expert advice to add new 4510 RE in the network.
Thanks,
Solved! Go to Solution.
11-18-2017 07:54 AM - edited 03-06-2018 12:43 AM
Hello
Adding any switch a production network, (new or old) can cause outage, be it becasue a STP root convergence , vtp database overwrites, loops etc...
If this is to be a layer 2 access switch then configure it as you require but; make sure prior to attaching it to a live network:
1) Manually prune any unwarranted vlans off the trunk interconnects between the core and the new switch that isn't required
2) Increase the new switches STP Bridge ID for each vlan to high value so it wont even be considered as a root switch when it gets attached.- spanning-tree vlan xx priority xxxx
3) access-ports - apply stp portfast and bpduguard so to negate these ports going through the stp process thus negating unnecessary tcns. and also to prevent any unwarranted attachment of a non access-port devices ( DONT apply this to trunk ports - possible it may incurr loops)
4) Change its vtp revision number to zero - ( if in client mode, change to server then transparent mode then back to client ( only applicable to vtp version 1/2) so it wont be able to overwrite the vtp database of the vtp domain it associated with.
5) optional - apply stp guard root to the 6500 trunks to the new switch, so to negate any change of the 6500 ports becoming a root port, ( should only be applicable when joining to different stp domains)
Could also apply this to the access-ports as you wont expect them to become a root port for anything either.
I am sure other suggestions will follow but for now I hope this is of assistance?
res
Paul
11-18-2017 07:54 AM - edited 03-06-2018 12:43 AM
Hello
Adding any switch a production network, (new or old) can cause outage, be it becasue a STP root convergence , vtp database overwrites, loops etc...
If this is to be a layer 2 access switch then configure it as you require but; make sure prior to attaching it to a live network:
1) Manually prune any unwarranted vlans off the trunk interconnects between the core and the new switch that isn't required
2) Increase the new switches STP Bridge ID for each vlan to high value so it wont even be considered as a root switch when it gets attached.- spanning-tree vlan xx priority xxxx
3) access-ports - apply stp portfast and bpduguard so to negate these ports going through the stp process thus negating unnecessary tcns. and also to prevent any unwarranted attachment of a non access-port devices ( DONT apply this to trunk ports - possible it may incurr loops)
4) Change its vtp revision number to zero - ( if in client mode, change to server then transparent mode then back to client ( only applicable to vtp version 1/2) so it wont be able to overwrite the vtp database of the vtp domain it associated with.
5) optional - apply stp guard root to the 6500 trunks to the new switch, so to negate any change of the 6500 ports becoming a root port, ( should only be applicable when joining to different stp domains)
Could also apply this to the access-ports as you wont expect them to become a root port for anything either.
I am sure other suggestions will follow but for now I hope this is of assistance?
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide