This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Basic Switch Configuration Best Practices

Basic Switch Configuration Best Practices

Ben_Parker
New Contributor II

‎04-01-2014 12:15 PM

What types of features/commands do people recommend when implementing basic Layer 2 switch configurations for replacements, or when building configuration templates what things do you make sure you hit?
So far my list looks like:

set IP
Set SNTP
Set Timezone
Set summertime
Set SNMP v3 credentials
set spanguard (and adminedge)
set uplinks to tagged (to reduce future downtime if changes are needed)
set port alias (as applicable)

What other types of recommendations or best practices do other people have?

Thanks,

0 Kudos
10 REPLIES 10

Langley__Michae
Extreme Employee

‎04-02-2014 02:25 PM

If configuring a EOS stackable product for use in a stack, I would suggest statically configuring the SNMPv3 Engine ID.

show snmp engineid
set snmp engineid

The reason for this is the Engine ID is based off the mac address of the current manager unit. If the manager were to change from one unit to another in the stack, SNMPv3 settings would need to be reset as the Engine ID would have changed. If the Engine ID is statically configured any subsequent manager would use what is in the stack configuration instead of their own default Engine ID.
0 Kudos

aloeffle
Contributor

‎04-02-2014 05:58 AM

Hi all.

I recommend to configure

set forcelinkdown enable
set gvrp disable
set line-editor delete backspace default

as well.

regards
Alex

0 Kudos

Ben_Parker
New Contributor II

‎04-01-2014 03:22 PM

Paul,
Thank you. These devices are all EOS legacy-Red. I did have the system contact information included.

I did not have radius included because that would require also setting up their radius. I do need to setup NAC for the customer as well though so that might be a good idea.

0 Kudos

Sathish_Arul
Extreme Employee

‎04-01-2014 02:09 PM

Radius/Tacacs configuration

SNMP server and community - for any monitoring server

NTP configuration

Switch administration credentials - Read Only & Read Write

STP or EAPS configuration - Loop prevention protocol

802.1x configuration - for end user authentication

Telnet/SSH configuration - for remote access

Access policies for Telnet/SSH access.

0 Kudos

dflouret
Extreme Employee

‎04-01-2014 01:02 PM

The first thing Extreme recommends is to remove all ports from vlan default and disable it (vlan default can't be deleted):
configure vlan default delete ports all
disable vlan default

Then you should create and configure specific vlans as needed.

Daniel
0 Kudos
GTM-P2G8KFN