cancel
Showing results for 
Search instead for 
Did you mean: 

I am new in extreme network and i want to validate my switch configuration..

I am new in extreme network and i want to validate my switch configuration..

suhas_bhoir
New Contributor
HI experts...

Thanks in advance...can you please validate attached configuration and let me know what are the wrong things are configured and specially for STP..

************************************************************************
BOMCSEXT6F01.1 # show configuration

#
# Module devmgr configuration.
#
configure snmp sysName "BOMCSEXT6F01"
configure sys-recovery-level switch reset

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-34
configure vr VR-Default add ports 1-34
configure vlan default delete ports 1-22
create vlan "CMC_ZONE"
configure vlan CMC_ZONE tag 4
create vlan "COMM_ZONE_NET"
configure vlan COMM_ZONE_NET tag 12
create vlan "INTERNAL_ZONE_NET"
configure vlan INTERNAL_ZONE_NET tag 6
create vlan "JMC_INTERNAL"
configure vlan JMC_INTERNAL tag 56
create vlan "JMC_WIRLESS"
configure vlan JMC_WIRLESS tag 57
create vlan "KG_VOICE_NET"
configure vlan KG_VOICE_NET tag 9
create vlan "KL_GUEST_NET"
configure vlan KL_GUEST_NET tag 50
create vlan "KPTL_INTERNAL"
configure vlan KPTL_INTERNAL tag 52
create vlan "KPTL_WIRLESS"
configure vlan KPTL_WIRLESS tag 53
create vlan "LEGECY_ZONE_NET"
configure vlan LEGECY_ZONE_NET tag 60
create vlan "MGMT_ZONE_NET"
configure vlan MGMT_ZONE_NET tag 15
create vlan "PUBLIC_RCOM_SRV_NET"
configure vlan PUBLIC_RCOM_SRV_NET tag 18
create vlan "PUBLIC_RIL_BKP_NET"
configure vlan PUBLIC_RIL_BKP_NET tag 19
create vlan "SAP_ZONE_NET"
configure vlan SAP_ZONE_NET tag 11
create vlan "STM_ETHERCHANNEL"
configure vlan STM_ETHERCHANNEL tag 24
create vlan "SYN_IPT_NET"
configure vlan SYN_IPT_NET tag 10
create vlan "TATA"
configure vlan TATA tag 200
create vlan "USERS_ZONE_NET"
configure vlan USERS_ZONE_NET tag 8
create vlan "VODAFONE_LAN"
create vlan "VODAFONE_WAN"
create vlan "VOICE_ZONE_NET"
configure vlan VOICE_ZONE_NET tag 2
create vlan "VPN_ZONE_NET"
configure vlan VPN_ZONE_NET tag 16
create vlan "WEB_VFONE_NET"
configure vlan WEB_VFONE_NET tag 20
create vlan "WEB_ZONE_NET"
configure vlan WEB_ZONE_NET tag 14
create vlan "WIRELESS_ZONE_NET"
configure vlan WIRELESS_ZONE_NET tag 7
configure vlan CMC_ZONE add ports 2, 21-34 tagged
configure vlan CMC_ZONE add ports 20 untagged
configure vlan COMM_ZONE_NET add ports 2, 21-34 tagged
configure vlan COMM_ZONE_NET add ports 10 untagged
configure vlan Default add ports 23-34 untagged
configure vlan INTERNAL_ZONE_NET add ports 2, 8, 18, 21-34 tagged
configure vlan INTERNAL_ZONE_NET add ports 1, 3-5 untagged
configure vlan JMC_INTERNAL add ports 2, 8, 21-34 tagged
configure vlan JMC_WIRLESS add ports 2, 21-34 tagged
configure vlan KG_VOICE_NET add ports 2, 21-34 tagged
configure vlan KG_VOICE_NET add ports 14 untagged
configure vlan KL_GUEST_NET add ports 2, 7, 21-22, 31-34 tagged
configure vlan KL_GUEST_NET add ports 19 untagged
configure vlan KPTL_INTERNAL add ports 2, 8, 21-34 tagged
configure vlan KPTL_WIRLESS add ports 2, 21-34 tagged
configure vlan LEGECY_ZONE_NET add ports 2, 21-34 tagged
configure vlan LEGECY_ZONE_NET add ports 13 untagged
configure vlan MGMT_ZONE_NET add ports 2, 21-34 tagged
configure vlan MGMT_ZONE_NET add ports 12 untagged
configure vlan PUBLIC_RCOM_SRV_NET add ports 2, 21-34 tagged
configure vlan PUBLIC_RCOM_SRV_NET add ports 17 untagged
configure vlan PUBLIC_RIL_BKP_NET add ports 2, 21-34 tagged
configure vlan SAP_ZONE_NET add ports 2, 21-34 tagged
configure vlan SAP_ZONE_NET add ports 9 untagged
configure vlan STM_ETHERCHANNEL add ports 2, 18, 21-34 tagged
configure vlan SYN_IPT_NET add ports 2, 8, 18, 21-34 tagged
configure vlan TATA add ports 2, 28, 31-34 tagged
configure vlan USERS_ZONE_NET add ports 2, 8, 18, 21-34 tagged
configure vlan USERS_ZONE_NET add ports 6 untagged
configure vlan VOICE_ZONE_NET add ports 2, 21-34 tagged
configure vlan VPN_ZONE_NET add ports 2, 21-34 tagged
configure vlan WEB_VFONE_NET add ports 2, 21-34 tagged
configure vlan WEB_ZONE_NET add ports 2, 21-34 tagged
configure vlan WEB_ZONE_NET add ports 11 untagged
configure vlan WIRELESS_ZONE_NET add ports 2, 7, 18, 21-34 tagged
configure vlan WIRELESS_ZONE_NET add ports 15-16 untagged
configure vlan Mgmt ipaddress 172.22.0.2 255.255.255.128
configure vlan INTERNAL_ZONE_NET ipaddress 172.22.0.242 255.255.252.0
configure vlan USERS_ZONE_NET ipaddress 172.22.88.189 255.255.248.0

#
# Module fdb configuration.
#

#
# Module rtmgr configuration.
#
configure iproute add 10.22.20.52 255.255.255.255 172.22.0.1

#
# Module mcmgr configuration.
#

#
# Module aaa configuration.
#

#
# Module acl configuration.

configure access-list zone SYSTEM application NetLogin application-priority 3
configure access-list zone SYSTEM application HealthCheckLAG application-priority 4
configure access-list zone SYSTEM application IdentityManager application-priority 5
configure access-list zone SYSTEM application VMTracking application-priority 6
configure access-list zone SYSTEM application Snmp application-priority 9
configure access-list zone SYSTEM application Telnet application-priority 10
configure access-list zone SYSTEM application Http application-priority 11
configure access-list zone SYSTEM application Ssh2 application-priority 12

#
# Module bfd configuration.
#

#
# Module ces configuration.
#

#
# Module cfgmgr configuration.
#
#
# Module dosprotect configuration.
#

#
# Module dot1ag configuration.
#
#
# Module eaps configuration.
#

#
# Module edp configuration.
#

#
# Module elrp configuration.
#

#
# Module ems configuration.
#
# Module epm configuration.
#

#
# Module erps configuration.
#

#
# Module esrp configuration.
#

#
# Module ethoam configuration.
#
#
# Module etmon configuration.
#
enable sflow
configure sflow collector 172.22.3.142 port 2055 vr "VR-Default"
configure sflow agent ipaddress 172.22.0.242
enable sflow ports 1
enable sflow ports 2
enable sflow ports 3
enable sflow ports 4
enable sflow ports 5
enable sflow ports 6
enable sflow ports 7
enable sflow ports 8
enable sflow ports 9
enable sflow ports 10
enable sflow ports 11
enable sflow ports 12
enable sflow ports 13
enable sflow ports 14
enable sflow ports 15
enable sflow ports 16
enable sflow ports 17
enable sflow ports 18
enable sflow ports 19
enable sflow ports 20
enable sflow ports 21
enable sflow ports 22
enable sflow ports 23
enable sflow ports 24
enable sflow ports 25
enable sflow ports 26
enable sflow ports 27
enable sflow ports 28
enable sflow ports 29
enable sflow ports 30
enable sflow ports 31
enable sflow ports 32
enable sflow ports 33
enable sflow ports 34
#
# Module hal configuration.
#
#
# Module idMgr configuration.
#
create ldap domain "Unknown" default
configure ldap domain "Unknown" base-dn none

#
# Module ipSecurity configuration.
#
configure ip-security dhcp-snooping information circuit-id vlan-information 4075 vlan JMC_INTERNAL
configure ip-security dhcp-snooping information circuit-id vlan-information 4074 vlan JMC_WIRLESS
configure ip-security dhcp-snooping information circuit-id vlan-information 4078 vlan KPTL_INTERNAL
configure ip-security dhcp-snooping information circuit-id vlan-information 4077 vlan KPTL_WIRLESS
#
# Module ipfix configuration.
#
# Module lldp configuration.
#
#
# Module mrp configuration.
#

#
# Module msdp configuration.
#

#
# Module netLogin configuration.
#
# Module netTools configuration.
#
#
# Module poe configuration.
#
# Module rip configuration.
#
# Module r.png configuration.
#
# Module snmpMaster configuration.
#
configure snmpv3 add community KGN_SNMP_RO name KGN_SNMP_RO user v1v2c_ro
configure snmpv3 add target-addr v1v2cNotifyTAddr1 param v1v2cNotifyParam1 ipaddress 10.22.20.52 transport-port 162 tag-list defaultNotify
configure snmpv3 add target-params v1v2cNotifyParam1 user v1v2cNotifyUser2 mp-model snmpv2c sec-model snmpv2c sec-level noauth
Module stp configuration.
#
configure mstp region 0004968bd6b5
configure stpd s0 delete vlan default ports all
disable stpd s0 auto-bind vlan default
enable stpd s0 auto-bind vlan Default
#
# Module synce configuration.
#
# Module telnetd configuration.
#
# Module tftpd configuration.
#
# Module thttpd configuration.
#
Module vmt configuration.
#
# Module vsm configuration.
#
* BOMCSEXT6F01.2 #

* BOMCSEXT6F01.2 #

* BOMCSEXT6F01.2 #

* BOMCSEXT6F01.2 #

* BOMCSEXT6F01.2 #

* BOMCSEXT6F01.2 # quit
*******************************************************************************

Regards
Suhas

4 REPLIES 4

Erik_Auerswald
Contributor II
Looking at the configuration, STP is not configured and not active on the EXOS switch. You might want to start by taking a look at the documentation (http://documentation.extremenetworks.com/exos_16/EXOS_16_2/STP/c_stp.shtml). STP configuration on EXOS is very flexible, but this makes it quite complex.

Ram3
Extreme Employee
In general, we need to add the untagged carrier vlan first and then proceed adding the other tagged vlan to STP domain. Are you facing any issues with this configuration?

Please refer below provided article for your reference:
https://gtacknowledge.extremenetworks.com/articles/Q_A/What-is-a-STP-Carrier-vlan

Ram3
Extreme Employee
A separate PVST+ domain needs to be configured for each VLAN that should be protected by STP.

Also, you cannot have STP using PVST+ and have untagged ports as part of the STP domain. When you try to enable the STP domain, you will get an error indicating an incorrect carrier vlan for the STP domain. If you add the STP port as tagged, you will be able to enable the domain.

Did you try to add default-encapsulation pvst-plus?

Make sure the STP configuration are in place. If not refer the below mentioned URL under the "ExtremeSwitching – Software" and select the EXOS concepts guide and EXOS command reference guide:
http://www.extremenetworks.com/support/documentation/

Please refer below provided articles for your reference:
https://gtacknowledge.extremenetworks.com/articles/Q_A/Does-EXOS-support-PVST-on-the-native-vlan-of-...

Yes i am facing multiple problem in my topology, My access switches are cisco and we found there are multiple root bridges in topology, and My extreme core switch is not acting as ROOT...what will be the cause..

All Cisco access switches are running PVST+

Suhas
GTM-P2G8KFN