====== sw-ug-01 ======
{{tag> rz infrastructure networking }}
Dies ist der Alcatel Lucent 48-Port Switch im Keller. Dieser hängt am Dauerstrom.
===== Management =====
IP: 10.0.0.1\\
User: admin\\
PW: Default RZ\\
Management: ssh -o HostKeyAlgorithms=ssh-dss -o MACs=hmac-md5 admin@coreswitch.shack\\
===== VLAN Table =====
^ VLAN-ID ^ Nutzung ^
| 1 | Default ^
| 2 | unifi ^
| 9 | ff-mesh ^
| 10 | infra ^
| 12 | wan ^
| 100 | static ^
| 200 | lan ^
| 210 | wlan ^
| 220 | wlangast ^
| 300 | musiker ^
| 400 | ff-uplink ^
| 410 | ff-client ^
| 500 | portal ^
===== Setup =====
==== Factory Reset ====
cd working
rm boot.cfg
cd ..
cd certified
rm boot.cfg
reload
==== Basis ====
ip interface "vlan_1" address 10.0.0.1 mask 255.255.255.0 vlan 10
ip static-route 0.0.0.0/0 gateway 10.0.0.3 metric 1
ip name-server 10.42.0.100 10.42.0.200
ip domain-name shack.space
ip domain-lookup
session timeout cli 3600
session timeout http 300
system name sw-ug-01
system contact server@shackspace.de
system location "Keller im mittleren Schrank"
aaa authentication default "local"
aaa authentication console "local"
aaa authentication telnet "local"
aaa authentication ftp "local"
aaa authentication http "local"
aaa authentication snmp "local"
aaa authentication ssh "local"
lldp chassis notification enable
lldp chassis tlv management port-description enable system-name enable system-description enable system-capabilities enable
lldp chassis tlv management management-address enable
lldp chassis tlv dot1 vlan-name enable port-vlan enable
lldp chassis tlv dot3 mac-phy enable
lldp chassis tlv med capability enable network-policy enable power enable
vlan 2 enable name "unifi"
vlan 9 enable name "ff-mesh"
vlan 10 enable name "infra"
vlan 12 enable name "wan"
vlan 100 enable name "static"
vlan 200 enable name "lan"
vlan 210 enable name "wlan"
vlan 220 enable name "wlangast"
vlan 300 enable name "musiker"
vlan 400 enable name "ff-uplink"
vlan 410 enable name "ff-client"
vlan 500 enable name "portal"
# kein Multicast support damit IPv6 im Freifunk geht
Ipv6 Multicast VLAN 410 Status disable
IP Multicast vlan 410 Status disable
==== VLANs / Ports ====
Port Untagged Tagged .... Comment
1/1 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/2 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/3 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/4 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/5 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/6 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/7 2 9 10 12 100 200 210 220 300 400 410 500 # UniFi Stuff
1/8 2 9 10 12 100 200 210 220 300 400 410 500 # UniFi Stuff
1/9 400 9 410 # Freifunknode
1/10 400 9 410 # Freifunknode
1/11 1 12 # WAN 12 tagged
1/12 1 12 # WAN 12 tagged
1/13 10 # infra 10 untagged
1/14 12 # WAN 12 untagged
1/15 12 # WAN 12 untagged
1/16 12 # WAN 12 untagged
1/17 200 # LAN
1/18 200 # LAN
1/19 200 # LAN
1/20 200 # LAN
1/21 200 # LAN
1/22 200 # LAN
1/23 200 # LAN
1/24 200 # LAN
1/25 200 # LAN
1/26 200 # LAN
1/27 200 # LAN
1/28 200 # LAN
1/29 200 # LAN
1/30 200 # LAN
1/31 200 # LAN
1/32 200 # LAN
1/33 200 # LAN
1/34 200 # LAN
1/35 200 # LAN
1/36 200 # LAN
1/37 200 # LAN
1/38 200 # LAN
1/39 200 # LAN
1/40 200 # LAN
1/41 200 # LAN
1/42 200 # LAN
1/43 200 # LAN
1/44 200 # LAN
1/45 200 # LAN
1/46 200 # LAN
1/47 200 # LAN
1/48 200 # LAN
1/49 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
1/50 1 2 9 10 12 100 200 210 220 300 400 410 500 # Routertrunk
# in Switch Config via:
while read port default vlan; do
echo vlan $default port default $port
tagged=$(sed 's/#.*//' <<<$vlan)
comment=$(sed 's/.*#//' <<<$vlan)
for vlanid in $tagged; do
echo vlan $vlanid 802.1q $port
done
done
==== Sichern ====
write memory
copy working certified