x450e-24p replacing x350-24t with mirror backup not joining network

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
Good day everyone,

Here is the case. Yesterday a X350-24T of one of our clients started giving fan errors so while we process the RMA we deciced to replace it with a X450e-24P. What we did was blank the X450e, copy the config from the X350 and "tfpt put" that one into the default fabric X450e.

When we booted up the X450e into production we couldn't reach our default gateway. 

Things to keep in mind:

* Both switches are running the same XOS vers. 15.3.5.2 patch1-10
* We used an XGM2-2sf-1 expansion module (we checked and it was compatible with the X450e) for the connection with the gateway
* The replaced switch was part of an EAPS ring 

What could be the problem

- The expansion module or the transceiver? We can see that it has an active status with 10G speed (Which commands could allow us to troubleshoot this)
- Default routing related (how to check this besides using "show ip route")
- EAPS ring related (Unlikely since we cant even reach our default gateway)
- Gateway side related problem ? (Also a Extreme Switch, X650-24P)

Any help is appreciated.


Current config:

#
# Module devmgr configuration.
#
configure snmp sysName "SW_1_1A190A"
configure snmp sysLocation "Piso 19"
configure timezone name EST -300 noautodst
configure sys-recovery-level switch reset

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-26
configure vr VR-Default add ports 1-26
create vlan "CCTV"
configure vlan CCTV tag 62
create vlan "CTRL_19A"
configure vlan CTRL_19A tag 373
configure vlan "CTRL_19A" qosprofile QP8
configure vlan Default tag 350
create vlan "Defecto"
configure vlan Defecto tag 1
create vlan "Marcacion"
configure vlan Marcacion tag 99
create vlan "Piso_19"
configure vlan Piso_19 tag 419
create vlan "T-Copia"
configure vlan T-Copia tag 23
create vlan "telefonia"
configure vlan telefonia tag 190
create vlan "Usuarios"
configure vlan Usuarios tag 22
create vlan "wifi"
configure vlan wifi tag 310
configure vlan Default add ports 1-26 untagged
configure vlan Default ipaddress 10.1.171.30 255.255.255.0

# Module fdb configuration.
#
configure iparp vr VR-Default max_entries 4096
configure neighbor-discovery vr VR-Default timeout 10
configure neighbor-discovery vr VR-Mgmt timeout 10

# Module rtmgr configuration.
#
configure iproute add default 10.1.171.240

# Module mcmgr configuration.
#
# Module aaa configuration.

# Module acl configuration.
#
configure access-list zone DOS application Dos application-priority 1
configure access-list zone SYSTEM application NetLogin application-priority 3
configure access-list zone SYSTEM application HealthCheckLAG application-priority 4

#
# Module bfd configuration.
#
# Module cfgmgr configuration.
#
enable cli-config-logging

#
# Module dosprotect configuration.
#
# Module dot1ag configuration.
#
# Module eaps configuration.
#
configure eaps fast-convergence on
enable eaps
create eaps ED_19A
configure eaps ED_19A mode transit
configure eaps ED_19A primary port 23
configure eaps ED_19A secondary port 25
enable eaps ED_19A
configure eaps ED_19A add protected vlan CCTV
configure eaps ED_19A add protected vlan wifi
configure eaps ED_19A add protected vlan Default
configure eaps ED_19A add protected vlan Defecto
configure eaps ED_19A add protected vlan Piso_19
configure eaps ED_19A add protected vlan T-Copia
configure eaps ED_19A add control vlan CTRL_19A
configure eaps ED_19A add protected vlan Usuarios
configure eaps ED_19A add protected vlan telefonia

# Module edp configuration.
#
# Module elrp configuration.
#
enable elrp-client
configure elrp-client disable-ports exclude eaps-ring-ports
configure elrp-client periodic Default ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic Mgmt ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic CCTV ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic Piso_19 ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic T-Copia ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic telefonia ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic Usuarios ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic wifi ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic Defecto ports all interval 1 log-and-trap disable-port duration 60
configure elrp-client periodic Marcacion ports all interval 1 log-and-trap disable-port duration 60

# Module ems configuration.
#
configure syslog add 10.1.101.101:514 vr VR-Default local1
enable log target syslog 10.1.101.101:514 vr VR-Default local1
configure log target syslog 10.1.101.101:514 vr VR-Default local1 filter DefaultFilter severity Debug-Data
configure log target syslog 10.1.101.101:514 vr VR-Default local1 match Any
configure log target syslog 10.1.101.101:514 vr VR-Default local1 format timestamp seconds date Mmm-dd event-name none priority tag-name

# Module epm configuration.
#
disable watchdog
enable cpu-monitoring interval 20

# Module erps configuration.
#
# Module esrp configuration.
#
# Module ethoam configuration.
#
# Module etmon configuration.
#
# Module exsshd configuration.

# Module hal configuration.
#
# Module idMgr configuration.
#
create ldap domain "Unknown" default
configure ldap domain "Unknown" base-dn none

# Module ipSecurity configuration.
#
configure ip-security dhcp-snooping information circuit-id vlan-information 1 vlan Default

# Module ipfix configuration.
#
# Module lldp configuration.

# Module mrp configuration.
#
# Module msdp configuration.
#
# Module netLogin configuration.
#
# Module netTools configuration.
#
configure sntp-client primary 10.1.18.11 vr VR-Default
enable sntp-client

# Module poe configuration.
#
# Module rip configuration.
#
# Module ripng configuration.
#
# Module snmpMaster configuration.

# Module stp configuration.
#
configure mstp region 00049636f2be
configure stpd s0 delete vlan default ports all
disable stpd s0 auto-bind vlan default
enable stpd s0 auto-bind vlan Default

#
# Module telnetd configuration.

# Module tftpd configuration.

# Module thttpd configuration.
#
enable web http

# Module vmt configuration.
#
# Module vsm configuration.
#
Photo of Eduardo Mendizabal

Eduardo Mendizabal

  • 360 Points 250 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Patrick Voss

Patrick Voss, Alum

  • 11,594 Points 10k badge 2x thumb
Hello Eduardo,

What IP are you pinging and where are you pinging from?
Photo of Eduardo Mendizabal

Eduardo Mendizabal

  • 360 Points 250 badge 2x thumb
Hi Patrick,

we are going with

- ping vr vr-default 10.1.171.240

- ping 10.1.171.240

from console access to the x450
Photo of Patrick Voss

Patrick Voss, Alum

  • 11,594 Points 10k badge 2x thumb
do you see an fdb entries on the uplink port?

"show fdb port <uplink port>
Photo of Eduardo Mendizabal

Eduardo Mendizabal

  • 360 Points 250 badge 2x thumb
Right now I'm on my way to the client and from what I can they are rolling back to the x350 with the faulty fans. 

I know it's not optimal but they decided to do the change with a small window of 30 mins at noon in the middle of a weekday with users working.

By the time I get there there is probably no way for me to test any type of live commands (since the switch is not gonna be connected to the network)

Is there anything I could check before putting the x450 again on production (config related)?
Photo of EtherMAN

EtherMAN, Embassador

  • 6,960 Points 5k badge 2x thumb
I noticed you changed the tag ID of the default vlan to 350 and created another vlan with tag ID 1

You have an EAPS ring running on port 23 and 25 but you untagged your default vlan on all ports.

Is your gateway connected to port 23 or 25 and if so is it tagged on those adjacent switches or untagged....  

If you run you management vlan untagged then the adjacent has to be untagged also..

I have had problems too having an untagged vlan on an EAPS trunk port.  Typically all the vlans should be tagged on your EAPS primary and secondary ports.  
Photo of Eduardo Mendizabal

Eduardo Mendizabal

  • 360 Points 250 badge 2x thumb
Hey Etherman,

You gave me a good lead. I digged on the config and compared it to the original.  Apparently when the config was exported and imported all the "configure vlan" lines were not accepted by the switch and we ended up with config vlan default untagged in all ports, which seems to have been the problem. I'm going to check for any other problems when we get another window.

In perspective, always double check your config even if it is being imported directly with tftp get and put.
(Edited)
Photo of Patrick Voss

Patrick Voss, Alum

  • 11,594 Points 10k badge 2x thumb
This makes sense if you don't remove the ports from the default VLAN before pasting in the configuration. Definitely made that mistake before. :)