-------
Network
-------
New Switches :
2 x DELL N1548 Gbit/s Switch 48 Port
2 x DELL N4064F 10 Gbit/s Switch 48 Port
.. uml::
@startuml
header
<font color=red>Still in progress</font>
endheader
cloud "FHI-Net" as FHINet <<"141.14.128.0/20">> {
["Switch xx, Port yy"] as SP_xx_yy
["Switch XX, Port YY"] as SP_XX_YY
["Switch AA, Port AA"] as SP_AA_AA
["Switch BB, Port BB"] as SP_BB_BB
}
cloud "Q-Management" as mgmt <<192.168.1.0/24>> {
node q <<Frontend>> {
[emx1] <<192.168.1.1>>
}
' node "node-0-0-sp" as OOSP <<"x.x.x.x">>
' node "node-0-1-sp" as 01SP <<"y.y.y.y">>
}
'cloud "Q-Interconnect" <<"10.1.1.0/24">> {
' node "q_p7p1" <<"10.1.1.1">>
'}
node "q-msw-01" as qmsw01 {
[Port_01_48] <<"141.14.128.59">>
}
node "q-msw-02"
node "q-dsw-01"
node "q-dsw-02"
[SP_xx_yy] <-down-> [Port_01_48] : "1Gbit/s"
qmsw01 <-down-> mgmt : "1Gbit/s"
@enduml
Configuring the switches
========================
The Dell Networking N151548 front panel provides 48 Gigabit Ethernet RJ-45 ports and
four SFP+ 10G ports. For the inital configuration the console port which is located on the right side
of the front panel has to be used. The default rate is 9600 baud (8N1).
This switch will be used to connect the iDrac-Interfaces. Should be reachable from the FHI-Net.
Connect a terminal to the console and reset the switch (right side of the front panel)::
wait for Easy Setup Wizard
do not configure SNMP
the setup user account, root/k0b...en
set up VLAN1 routing
IP: 141.14.128.59 for q-msw-01 (rack 3)
IP: 141.14.128.60 for q-msw-02 (rack 1)
Netmask: /20
Default Gateway: 141.14.128.16
To enable ssh::
console>enable
console#config
console(config)#crypto-key generate rsa
console(config)#crypto-key generate dsa
console(config)#ip ssh server
Now make sure that the configuration is ok::
humma-kavula:q-doc junkes$ ssh root@q-msw-01
The authenticity of host 'q-msw-01 (141.14.128.59)' can't be established.
RSA key fingerprint is SHA256:Ss4qzEjy0fmE8U/7GM5wqxIcKjYkgUUdl9y5EAsGemM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'q-msw-01,141.14.128.59' (RSA) to the list of known hosts.
root@q-msw-01's password:
console>show ip interface vlan 1
Routing interface status....................... Up
Primary IP Address............................. 141.14.128.59/255.255.240.0
Method......................................... Manual
Routing Mode................................... Enable
Administrative Mode............................ Enable
Forward Net Directed Broadcasts................ Disable
Proxy ARP...................................... Enable
Local Proxy ARP................................ Disable
Active State................................... Active
MAC Address.................................... E4F0.0409.34FC
Encapsulation Type............................. Ethernet
IP MTU......................................... 1500
Bandwidth...................................... 10000 kbps
Destination Unreachables....................... Enabled
ICMP Redirects................................. Enabled
To make the things easyer the http - interface should be enabled too::
humma-kavula:q-doc junkes$ ssh root@q-msw-01
root@q-msw-01's password:
console>enable
console#config
console(config)#crypto certificate 1 generate
console(config-crypto-cert)#key-generate
console(config-crypto-cert)#exit
Certificate Generation Successful..
console(config)#ip http secure-server
Don't forget to save the configuration !::
console(config)#exit
console#wr
This operation may take few minutes.
Management interfaces will not be available during this time.
Are you sure you want to save? (y/n) y
Configuration Saved!
console#
Problem: Self signed certificates not trusted on new browsers. Cert generated for 0.0.0.0 (To be checked)
The same for the N4064F gigabit switches. These switches are equipped with a OOB ethernet interface. So no VLAN1 routing
must be used.
q-dsw-01 -> 141.14.128.61/20
q-dsw-02 -> 141.14.128.62/20