Update nocsw.cfg

Services sync

docs/switch-ports.md

@@ -10,29 +10,22 @@ Gi1/0/1 |        |             | DEBUG
 Gi1/0/2 |        |             | DEBUG/trunk
 Gi1/0/3 |        | onboard eth | vin
 Gi1/0/4 |        |             | DEBUG/ipacct
-Gi1/0/5 |        | WAN         | ap-cf-srv
-Gi1/0/6 | 01.06A | WAN         | ap-cf-f-l
-Gi1/0/7 | 01.10A | WAN         | ap-cf-f-r
-Gi1/0/8 | 01.09A | WAN         | ap-cf-b1
-Gi1/0/9 | 01.18A | WAN         | ap-cf-a1
-Gi1/0/10| 01.08A | WAN         | ap-cf-a2
-Gi1/0/11| 01.20A | WAN         | ap-cf-c1
-Gi1/0/12| unknown| WAN         | ap-cf-qws
 Gi1/0/17| 01.08B | Gi1/0/8     | reception-sw
-Gi1/0/18| unknown| Gi1/0/8     | team-sw
+Gi1/0/18| D24    | Gi1/0/8     | team-sw
 Gi1/0/19| 01.19A | Gi1/0/8     | vocsw-A
 Gi1/0/20| 01.16A | Gi1/0/8     | vocsw-B
-Gi1/0/21| 01.21A | Gi1/0/8     | vocsw-C
+Gi1/0/22| 01.21A | Gi1/0/8     | wssw-cf
-Gi1/0/22| unknown| Gi1/0/8     | vocsw-D
+Gi1/0/25|        | WAN         | ap-cf-srv
-Gi1/0/24| 01.18B |             | presenter-A 
+Gi1/0/26| 01.06A | WAN         | ap-cf-f-l
-Gi1/0/25| 01.17A |             | presenter-B
+Gi1/0/27| 01.10A | WAN         | ap-cf-f-r
-Gi1/0/26| 01.20B |             | presenter-C
+Gi1/0/29| 01.20A | WAN         | ap-cf-b
-Gi1/0/27| 01.09A | eth0        | cambox-B
+Gi1/0/28| 01.08A | WAN         | ap-cf-a2
-Gi1/0/28| 01.05A | eth0        | cambox-C
+Gi1/0/30| 01.16A | WAN         | ap-cf-ws
-Gi1/0/29| 01.14A | eth0        | overflow
+Gi1/0/31| 01.18A | WAN         | ap-cf-a1
+Gi1/0/33| D22    | WAN         | ap-cf-sc
 Gi1/0/48|techpark| unknown     | techpark switch
-Gi1/0/51|unknown | gi0/49      | f0sw (MM fiber)
+Gi1/0/51|unknown | gi0/49      | f0sw (SM fiber)
-Gi1/0/52|unknown | n/a         | ipacct (SM fiber)
+Gi1/0/52|unknown | n/a         | ipacct/gkc (MM fiber)
 Te0/1   |        | enp1s0f0    | vin (MM fiber)
 
 F0 switch ports + panel
@@ -40,19 +33,12 @@ F0 switch ports + panel
 
 port    | panel  | deviceport  | name
 --------|--------|-------------|-----------------
-Gi0/1   | 01.14A | Gi1/0/24    | nocsw
+Gi0/8   | 01.14A | Gi1/0/24    | nocsw
-Gi0/2   | 01.02A | WAN         | ap-ws-ws1  
+Gi0/1   | 01.02A | WAN         | ap-ws-ws1  
-Gi0/3   | 01.06A | WAN         | ap-ws-ws2
+Gi0/2   | 01.06A | WAN         | ap-ws-ws2
-Gi0/11  | 01.01A |             | wired user
+Gi0/9  |unknown | Gi1/0/9    | uplink coresw (MM fiber)
-Gi0/12  | 01.03A |             | wired user  
-Gi0/13  | 01.05A |             | wired user  
-Gi0/14  |unknown |             | wired user   
-Gi0/15  |unknown |             | wired user  
-Gi0/16  |unknown |             | wired user  
-Gi0/20  |unknown |             | ws overflow (uses AP port)
-Gi0/49  |unknown | Gi1/0/49    | uplink coresw (MM fiber)
 
-NOC switch
+NOC switch WiP
 ----------
 
 Port    |  Name 

switch-configs/f0sw.cfg

@@ -0,0 +1,141 @@
+!TL-SG3210
+#
+vlan 20-23,25,29,290
+#
+vlan 20
+name "of-mgmt"
+#
+vlan 21
+name "of-wired"
+#
+vlan 22
+name "of-wifi"
+#
+vlan 23
+name "of-video"
+#
+vlan 25
+name "of-phones"
+#
+vlan 29
+name "of-prov"
+#
+#
+#
+#
+hostname "fl0sw"
+#
+mac address-table aging-time 300
+#
+logging buffer 6
+no logging file flash
+#
+enable password @_PW_@
+#
+system-time ntp UTC+02:00 10.20.0.1 185.117.82.66 4
+#
+spanning-tree
+spanning-tree mode mstp
+spanning-tree priority 61440
+spanning-tree mst configuration
+  name openfest
+#
+#
+user name admin privilege admin secret 5 @_ENCPW_@
+#
+#
+#
+#
+#
+#
+snmp-server
+snmp-server engineID local 80002e5703c46e1f44c0e8
+snmp-server community "@_PW_@" read-only "viewDefault"
+#
+snmp-server host 10.20.0.1 161 "monitoring" smode v2c slev noAuthNoPriv type trap
+snmp-server traps flash
+snmp-server traps spanning-tree topologychange
+snmp-server traps cpu
+snmp-server traps vlan create
+snmp-server traps vlan delete
+#
+interface gigabitEthernet 1/0/1
+  switchport mode trunk
+  switchport trunk allowed vlan 20-21,23,25
+  switchport pvid 25
+  description "ap-ws-ws1"
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+interface gigabitEthernet 1/0/2
+  switchport mode trunk
+  switchport trunk allowed vlan 20-21,23
+  switchport pvid 21
+  description "ap-ws-ws2"
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+interface gigabitEthernet 1/0/3
+  switchport access vlan 21
+  shutdown
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+interface gigabitEthernet 1/0/4
+  switchport access vlan 21
+  shutdown
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+interface gigabitEthernet 1/0/5
+  switchport access vlan 21
+  shutdown
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+interface gigabitEthernet 1/0/6
+  switchport access vlan 21
+  shutdown
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+interface gigabitEthernet 1/0/7
+  switchport mode trunk
+  switchport trunk allowed vlan 20-23,25,29
+  shutdown
+  spanning-tree
+  spanning-tree common-config port-priority 64
+#
+interface gigabitEthernet 1/0/8       
+  switchport mode trunk
+  switchport trunk allowed vlan 20-23,25,29
+  description "uplink NOC"
+  spanning-tree
+  spanning-tree common-config int-cost 100000
+#
+interface gigabitEthernet 1/0/9
+  switchport mode trunk
+  switchport trunk allowed vlan 20-23,25,29
+  description "uplink CORESW"
+  speed 1000
+  duplex full
+  spanning-tree
+  spanning-tree common-config int-cost 100000
+#
+interface gigabitEthernet 1/0/10
+  speed 1000
+  duplex full
+  shutdown
+  spanning-tree
+  spanning-tree common-config portfast enable
+#
+ip management-vlan 20
+interface vlan 20
+ip address 10.20.0.15 255.255.255.0 10.20.0.1
+#
+#
+line vty 0 5
+password @_PW_@
+login
+#
+end

switch-configs/nocsw.cfg

@@ -0,0 +1,116 @@
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!
+!    NOCSW for OpenFest 2022
+!
+!    HW: WS-C3750G-24TS
+!    SW: c3750-ipservicesk9-mz.122-55.SE6.bin
+!
+!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!
+version 12.2
+no service pad
+service timestamps debug uptime
+service timestamps log uptime
+no service password-encryption
+service unsupported-transceiver
+!
+hostname nocsw
+!
+enable secret 5 $1$fSD/$82QbgmM7wh0wUSmw9PGij1
+enable password @_PW_@
+!
+no aaa new-model
+switch 3 provision ws-c3750g-48ts
+system mtu routing 1500
+ip subnet-zero
+!
+!
+!
+!
+!
+!
+no errdisable detect cause gbic-invalid
+no file verify auto
+spanning-tree mode pvst
+spanning-tree extend system-id
+!
+vlan internal allocation policy ascending
+!
+interface range GigabitEthernet3/0/1-10
+ description MANAGEMENT DEBUG
+ switchport access vlan 20
+ switchport mode access
+ spanning-tree portfast trunk
+!
+interface range GigabitEthernet3/0/11-46
+ shutdown
+ spanning-tree portfast trunk
+!
+interface GigabitEthernet3/0/47
+ description PHONE NOC
+ switchport access vlan 25
+ switchport mode access
+ spanning-tree portfast trunk
+!
+interface GigabitEthernet3/0/48
+ description uplink
+ switchport trunk encapsulation dot1q
+ switchport mode trunk
+ spanning-tree portfast trunk
+!
+interface range GigabitEthernet3/0/49-52
+ shutdown
+!
+interface Vlan1
+ no ip address
+!
+interface Vlan20
+ ip address 10.20.0.28 255.255.255.0
+!
+interface Vlan24
+ description overflow
+ no ip address
+!
+ip classless
+ip http server
+ip http secure-server
+!
+snmp-server community @_PW_@ RO
+snmp-server trap-source Vlan20
+snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
+snmp-server enable traps tty
+snmp-server enable traps cluster
+snmp-server enable traps fru-ctrl
+snmp-server enable traps entity
+snmp-server enable traps cpu threshold
+snmp-server enable traps power-ethernet group 1-9
+snmp-server enable traps vtp
+snmp-server enable traps vlancreate
+snmp-server enable traps vlandelete
+snmp-server enable traps flash insertion removal
+snmp-server enable traps port-security
+snmp-server enable traps envmon fan shutdown supply temperature status
+snmp-server enable traps mac-notification
+snmp-server enable traps stackwise
+snmp-server enable traps license
+snmp-server enable traps config-copy
+snmp-server enable traps config
+snmp-server enable traps hsrp
+snmp-server enable traps rtr
+snmp-server enable traps bridge newroot topologychange
+snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
+snmp-server enable traps syslog
+snmp-server enable traps vlan-membership
+snmp-server host 10.20.0.1 version 2c @_PW_@
+!
+control-plane
+!
+!
+line con 0
+ exec-timeout 0 0
+line vty 0 15
+ password @_PW_@
+ login
+!
+end

switch-configs/uplink-gkc.cfg

@@ -1,29 +1,65 @@
 !
-version 12.2
+! uplink-gkc
+! map/remap single/multimode
+!
+version 15.0
 no service pad
 service timestamps debug datetime msec
 service timestamps log datetime msec
 no service password-encryption
+service unsupported-transceiver
 !
 hostname uplink-gkc
 !
 boot-start-marker
 boot-end-marker
 !
+enable secret 5 @_ENC_PW_@
 enable password @_PW_@
 !
-!
+username openfest password 0 @_PW_@
-!
 no aaa new-model
-system mtu routing 1600
+system mtu routing 1500
 authentication mac-move permit
-ip subnet-zero
 !
 !
 !
 !
+crypto pki trustpoint TP-self-signed-3033722368
+ enrollment selfsigned
+ subject-name cn=IOS-Self-Signed-Certificate-3033722368
+ revocation-check none
+ rsakeypair TP-self-signed-3033722368
+!
+!
+crypto pki certificate chain TP-self-signed-3033722368
+ certificate self-signed 01
+  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
+  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
+  69666963 6174652D 33303333 37323233 3638301E 170D3933 30333031 30303031 
+  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
+  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30333337 
+  32323336 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
+  8100CEFD 7A670CA6 EAEFF824 18E32007 93A8155F 709992C8 3E504F9B C9E3DF90 
+  02F00BE4 550A3DBF A5CAC4AF 4ECE4FE5 D7108F73 24968875 2FC78E2D B4FBFF2F 
+  30A422BC 6A4B52FA EBD38B3C 67443440 D09E2873 B66853B1 0F5B025C EDEB2062 
+  5503E5FB 34A309C6 233F71FB 9C1FC51A DA462944 8260B498 AB5525A2 9A8A7082 
+  1F690203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 
+  551D2304 18301680 14CC7457 1B2A771D D893647D CC417196 5259DBBF 11301D06 
+  03551D0E 04160414 CC74571B 2A771DD8 93647DCC 41719652 59DBBF11 300D0609 
+  2A864886 F70D0101 05050003 818100B4 31D3C8CF CDCF47E4 951D50E9 8E34EC75 
+  72541634 9E9225FF DE3257A1 0B9C5AE6 FF5D9FA9 A0CDAAB5 6806F741 874D5C4F 
+  D201B403 F01B00D8 5DE37C32 92146B27 56810D31 54AD2F29 16283B82 60F92664 
+  C3A54C91 6072B78C 1410CE13 819836D7 F560759C 6E7D700B FE0FB629 D93869C9 
+  CAAEF9F6 73C98242 F308FA41 0CEBF7
+  	quit
+!
+!
+!
+!
+!
+no errdisable detect cause gbic-invalid
 spanning-tree mode pvst
-spanning-tree etherchannel guard misconfig
 spanning-tree extend system-id
 !
 vlan internal allocation policy ascending
@@ -31,13 +67,14 @@ vlan internal allocation policy ascending
 !
 !
 !
+!
 interface FastEthernet0/1
  description debug
  switchport access vlan 999
  switchport mode access
  spanning-tree portfast
 !
-interface range FastEthernet0/2-24
+interface FastEthernet0/2-24
  shutdown
  spanning-tree portfast
 !
@@ -57,22 +94,48 @@ interface GigabitEthernet0/2
 !
 interface Vlan1
  no ip address
+ no ip route-cache
 !
 interface Vlan999
  ip address 172.31.42.101 255.255.255.0
+ no ip route-cache
 !
-ip classless
+ip http server
-ip route 0.0.0.0 0.0.0.0 10.21.0.1 254
+ip http secure-server
-no ip http server
-!
-!         
-ip sla enable reaction-alerts
-!
 snmp-server community @_PW_@ RO
 snmp-server location techpark-gkc
+snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
+snmp-server enable traps transceiver all
+snmp-server enable traps tty
+snmp-server enable traps cluster
+snmp-server enable traps entity
+snmp-server enable traps cpu threshold
+snmp-server enable traps vtp
+snmp-server enable traps vlancreate
+snmp-server enable traps vlandelete
+snmp-server enable traps flash insertion removal
+snmp-server enable traps port-security
+snmp-server enable traps auth-framework sec-violation
+snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
+snmp-server enable traps envmon fan shutdown supply temperature status
+snmp-server enable traps power-ethernet police
+snmp-server enable traps config-copy
+snmp-server enable traps config
+snmp-server enable traps config-ctid
+snmp-server enable traps energywise
+snmp-server enable traps event-manager
+snmp-server enable traps vstack
+snmp-server enable traps bridge newroot topologychange
+snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
+snmp-server enable traps syslog
+snmp-server enable traps mac-notification change move threshold
+snmp-server enable traps vlan-membership
+snmp-server enable traps errdisable
+snmp-server host 10.20.0.1 version 2c @_PW_@
 !
 !
 line con 0
+ exec-timeout 0 0
 line vty 0 4
  password @_PW_@
  login