Hello,

what exactly do you mean with 'propagate' ? VTP is typically used for that purpose: you add a Vlan on the VTP server, and that Vlan is automatically propagated to all VTP client switches...

Is that (not) an option ?

Hello,

I explain more what I mean by "propagate".

Actually, If I want to declare a new vlan (trunk, ports, name) on many switchs (around 100), I need to open a SSH connection on each switch, and write on Excel where I am.

I would like to automotize the commands...

In fact, it's very strange to declare the new vlan on each switch (because I use multiple network loops), considering that sometimes this new vlan is not necessary on eah switch.

----

VTP is typically used for that purpose: you add a Vlan on the VTP server, and that Vlan is automatically propagated to all VTP client switches...

----

VTP server : interesting ...can you explain ? (Linux ? Windows ? Cisco ?)

---

Actually, the "VTP Mode Transparent" is done on each switch ...   

Regards,

Exemple using PUTTY, and SSH connection : 

conf t

int <value_int_trunk>

switchport trunk allowed vlan add 200

(...and other commands for the Spanning-Tree...)

vlan 200

name "erp_computer"

exit

do wr mem

end

show vlan

show config

show int status

Hello,

VTP in a nutshell works like this: you add the Vlan to the VTP server, and all switches will add that Vlan to their database. However, VTP would only take care of one part of what you are trying to do, which is:

vlan 200

name "erp_computer"

Adding Vlans to trunks requires logging in to each switch indeed...

Then can I consider that VTP Functionnalities (VTP Server inside the principal switch (core) and VTP Client) don't answer to my need.

A Script or a Tool with  SSH connections is mandatory to answer to my need.

Hello,

not really, indeed. VTP does not change the configuration, it just streamlines the vlan database across all switches in the VTP domain.

Hello,

you can use an EEM script. If you install this script on any device that has access to all switches, you can run the script once (event manager run ADD_VLAN).

The script assumes that the below is configured on all switches:

username admin privilege 15 password 0 cisco

!

line vty 0 4

transport input all

login local

This is the script for the first two switches  with IP addresses 1.1.1.1 and 2.2.2.2. You can add as many as you want.

event manager applet ADD_VLAN
event none
action 001 cli command "enable"
action 002 cli command "telnet 1.1.1.1" pattern "Username:"
action 003 cli command "admin" pattern "Password:"
action 004 cli command "cisco" pattern "#"
action 005 cli command "conf t" pattern "#"
action 006 cli command "vlan 200" pattern "#"
action 007 cli command "name erp_computer" pattern "#"
action 008 cli command "exit" pattern "#"
action 009 cli command "int GigabitEthernet0/1" pattern "#"
action 010 cli command "switchport trunk allowed vlan add 200" pattern "#"
action 011 cli command "end" pattern "#"
action 012 cli command "wr"
action 013 cli command "exit"
action 014 cli command "enable"
action 015 cli command "telnet 2.2.2.2" pattern "Username:"
action 016 cli command "admin" pattern "Password:"
action 017 cli command "cisco" pattern "#"
action 018 cli command "conf t" pattern "#"
action 019 cli command "vlan 200" pattern "#"
action 020 cli command "name erp_computer" pattern "#"
action 021 cli command "exit" pattern "#"
action 022 cli command "int GigabitEthernet0/1" pattern "#"
action 023 cli command "switchport trunk allowed vlan add 200" pattern "#"
action 024 cli command "end" pattern "#"
action 025 cli command "wr"
action 026 cli command "exit"

Hello,

I just start to understand the EEM script.

Some questions : 

1 + What is the extension of this script ?

2 + For the manual commands on Cisco, I use Putty (ssh) and the Cisco IOS commands.
But for a script, how to run it ?

3 + The commands inside your proposal are interesting;

but is it possible to run them inside a Microsoft Script (DOS or PowerShell) ?
In fact, I don't have Linux machine.

4 + "If you install this script on any device that has access to all switches",

What do mean by install ?

--

And on the other side, is it possible to build a virtual machine (vmware or oracle) to simulate Cisco Switchs ?
The goal is to be sure that nothing wrong can be made on the real switch, but done on virtual switchs.

---

JUST TO BE SURE THAT WE ARE ON THE SAME GOAL FOR THIS ISSUE : 

From a Windows Machine (W10) (remote commands), I run a Windows Script (DOS or POWERSHELL) that is able to do these actions : 

1 + Read all the lines from a CSV file that contain all the informations to open SSH connections to all the switchs (not at the same time)

(I try with a loop For and OpenSSH our PUTTY inside W10)

2 + For each switch, inside the loop, send Cisco IOS commands.

3 + I don't want to have some proposal with some manual commands inside a manual SSH connection.

Regards,

Hello,

this script is run directly from a switch or router command line. All you need is a router or switch that has connectivity to all the devices you want to execute the changes on.

You can cut and paste the entire script as is in config mode to the router or switch you want to run it from. You execute the script by simply typing:

Switch1#event manager run ADD_VLAN

It is not a DOS/PowerShell script.

Hello,

This is not the goal of this issue ; the goal is not to open each Switch SSH connection manually.
We have more than 300 switchs.
The goal is to run 1 script that is able to open all the Switch SSH connections, and run some IOS commands, and also write some logs.

Regards,

Hello,

you can replace 'telnet' with 'ssh' and log in to the switches. The EEM script lets you execute any command you want.

--> the goal is not to open each Switch SSH connection manually

You don't log in manually, that is the idea of the script, the login is automatic for each switch you add to the script.

I guess I am not really clear on what you want to achieve ?

All our switchs use SSH and TELNET is disabled.

For logs, I plan to use our SYSLOG server to catch the logs

Hello,

I would suggest to try the script on two or three of your switches (replace telnet with ssh) in order to see what I mean.

Syslog server should be configured with 'logging host' command on the switches. You could add that to the script as well.

In a parallel issue, I also ask to know if Cisco is able to supply "switch virtual machine" for tests. (no link with VLAN)

I would like to build a virtual infra with 10 Cisco virtual switchs, and the goal is to test this script, before going to real switch (on production).