Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
25461
Views
30
Helpful
5
Replies

Cisco 3850 mgmt-vrf

isdollsm1
Level 1
Level 1

‎05-22-2015 12:58 PM - edited ‎03-08-2019 12:08 AM

I am moving from the 3750 series to the 3850 series and wanted to know if I need to use the mgmt-vrf port. From what I have read it is the out of band port and I use the vrf port on some of our Nexus switches so I am familiar but would you use that mgmt-vrf port over using Vlan1?  May seem like a dumb question but if I am in a IDF closet with a stack of 4 switches that connect back to our core via fiber what would you plug that vrf port into? From the below doc seems like you need some type of other connection device? Thanks for the help

 

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/int_hw_components/configuration_guide/b_int_3se_3850_cg/b_int_3se_3850_cg_chapter_0100.html#concept_A3C1CD368FAC4C189BECDDD80BBB8087

 

 

Labels:
0 Helpful
5 Replies 5

Mark Malone
VIP Alumni
VIP Alumni

‎05-22-2015 01:10 PM

Yes thats a management port exactly what you said out of band management so its a separate physical network from your production network and would connect back to a separate oob management switch along with other devices that also have management ports , its a dedicated network for managing your devices ,ensures connectivity at all times to your devices and provides a security for management traffic segregating it from production traffic
 

0 Helpful

isdollsm1
Level 1
Level 1
In response to Mark Malone

‎05-22-2015 01:16 PM

Thanks Mark. Since the vrf port is ethernet I would have to have a way to get it to connect back to a central device or other switch? Would there be a down side on using Vlan1 if I cant use vrf? Thanks

0 Helpful

Mark Malone
VIP Alumni
VIP Alumni
In response to isdollsm1

‎05-22-2015 01:43 PM

Hi If your going to set it as a full management port you would need to give it an ip address as it needs to be reachable remotley  , i dont think you can set them as switchports to belong in vlans ,  you should be able to remove the vrf commands from the port though but i would need to test that, our oob setup everything(all management ports from each device) are in the same subnet as its all segregated anyway and allows for reachability to all devices easily but its physically separate from production all management ports linking back to redundant central control oob switches.

Supported Features on the Ethernet Management Port

The Ethernet management port supports these features:

  • Express Setup (only in switch stacks)

  • Network Assistant

  • Telnet with passwords

  • TFTP

  • Secure Shell (SSH)

  • DHCP-based autoconfiguration

  • SMNP (only the ENTITY-MIB and the IF-MIB)

  • IP ping

  • Interface features

    • Speed—10 Mb/s, 100 Mb/s, 1000 Mb/s, and autonegotiation

    • Duplex mode—Full, half, and autonegotiation

    • Loopback detection

  • Cisco Discovery Protocol (CDP)

  • DHCP relay agent

  • IPv4 and IPv6 access control lists (ACLs)

  • Routing protocols

s per your doc

 

 

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to isdollsm1

‎05-22-2015 03:56 PM

If you use vlan1 than you just need to add that to your trunk (in-band).   The mgmt port has to have an IP address and treated like a host and can't be added to any vlan .  Also, you can't remove that port from the VRF.  If you are planning to have an out-of-band management system than the mgmt port is designed for that.  All you need is an IP address and a default route pointing to whatever switch you connect the mgmt port to.

HTH

0 Helpful

bret
Level 3
Level 3
In response to Mark Malone

‎10-06-2015 02:34 PM

I imagine you got your mgmt. interface working, but figured I would put this out there for the other folks looking.

vrf definition Mgmt-vrf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family

interface GigabitEthernet0/0
 description OOB Management
 vrf forwarding Mgmt-vrf
 ip address 172.23.1.10 255.255.255.224
 negotiation auto

ip route vrf Mgmt-vrf 0.0.0.0 0.0.0.0 172.23.1.1 name Mgmt-DefaultRoute

Customers Also Viewed These Support Documents