Wednesday, February 6, 2013

Sample Configuration: Nexus 5000 and Nexus 2000 with FEX



Introduction

The objective of this FAQ is to show how and when Nexus 5000 and 2000 switch NX-OS FEX feature is used. For more info of how NX-OS is compared to traditional IOS specifically on FEX feature, check out the following FAQ.
»Cisco Forum FAQ »Nexus 5000 and 2000 switches: What's new with NX-OS

Following is some illustration.

Scenario 1

Network Design and Topology


  Switch 1                 Switch 2

 Nexus 2000               Nexus 2000
  | | | |                  | | | |
  | | | |                  | | | |
 Nexus 5000 ======= Nexus 5000
      |                        |
      |                        |
Core Switch 1            Core Switch 2

In this scenario, there are two sets of Nexus switches which each set contains one Nexus 5000 and Nexus 2000 switches. In each set of Nexus switch, the associated Nexus 5000 and 2000 switches are interconnected using FEX technology.

Each Nexus 5000 connects to Core Switch as single line Layer-2 trunk. The two Core Switches do Layer-2 and Layer-3 connectivity for the Nexus switches. There is Layer-2 port channel trunk between Nexus 5000 switches. There is also Layer-2 port channel trunk between each set of Nexus switches via FEX ports.

Sample Configuration

Nexus 5000 and 2000

Switch 1

version 5.0(2)N2(1)
feature telnet
feature tacacs+
feature lacp
feature lldp
feature fex

logging level aaa 6
logging level afm 6
logging level cdp 6
logging level cfs 6
logging level fex 6
logging level ntp 6
logging level pfm 6
logging level evmc 6
logging level lacp 6
logging level lldp 6
logging level mvsh 6
logging level vshd 6
logging level ethpc 6
logging level ethpm 6
logging level nohms 6
logging level snmpd 6
logging level xmlma 6
logging level zschk 6
logging level dstats 6
logging level plugin 6
logging level radius 6
logging level tacacs 6
logging level bootvar 6
logging level monitor 6
logging level callhome 6
logging level confcheck 6
logging level provision 6
logging level securityd 6
logging level cert_enroll 6
logging level feature-mgr 6
logging level session-mgr 6
logging level pltfm_config 6
logging level port-channel 6
logging level spanning-tree 6
username admin password 5 ***************** role network-admin

banner motd #
*************************************************************************************
FOR AUTHORIZED USER ONLY
**************************************************************************************
#

ip domain-lookup
ip domain-lookup
tacacs-server key 7 "***************"
ip tacacs source-interface mgmt0
tacacs-server host 1.1.1.1 timeout 5
switchname Switch1
ip access-list 12
  10 permit ip 2.2.2.100/32 any
  20 permit ip 2.2.2.72/32 any
ip access-list 19
  10 permit ip 2.2.2.59/32 any
  20 permit ip 2.2.2.26/32 any
ip access-list 9
  10 permit ip 2.2.2.79/32 any
  20 permit ip 2.2.2.59/32 any
class-map type qos class-fcoe
class-map type queuing class-all-flood
  match qos-group 2
class-map type queuing class-ip-multicast
  match qos-group 2
class-map type network-qos class-all-flood
  match qos-group 2
class-map type network-qos class-ip-multicast
  match qos-group 2
fex 101
  pinning max-links 1
  description "FEX0101"
  type N2248T
snmp-server contact NOC
snmp-server location NOC
snmp-server source-interface trap mgmt0
snmp-server user admin network-admin auth md5 0x860aea30be2462b6054e97ca7a805802 priv 0x860aea30be2462b6054e97ca7a805802 localizedkey
snmp-server host 2.2.2.26 traps version 2c ****
snmp-server enable traps callhome event-notify
snmp-server enable traps callhome smtp-send-fail
snmp-server enable traps cfs state-change-notif
snmp-server enable traps cfs merge-failure
snmp-server enable traps aaa server-state-change
snmp-server enable traps zone unsupp-mem
snmp-server enable traps upgrade UpgradeOpNotifyOnCompletion
snmp-server enable traps upgrade UpgradeJobStatusNotify
snmp-server enable traps feature-control FeatureOpStatusChange
snmp-server enable traps sysmgr cseFailSwCoreNotifyExtended
snmp-server enable traps rmon risingAlarm
snmp-server enable traps rmon fallingAlarm
snmp-server enable traps rmon hcRisingAlarm
snmp-server enable traps rmon hcFallingAlarm
snmp-server enable traps config ccmCLIRunningConfigChanged
snmp-server enable traps snmp authentication
snmp-server enable traps vtp notifs
snmp-server enable traps vtp vlancreate
snmp-server enable traps vtp vlandelete
snmp-server community ****1 group network-admin
snmp-server community ***** group network-operator
snmp-server community ****1 use-acl 19
snmp-server community ***** use-acl 9
ntp source-interface  mgmt0
tacacs-server directed-request

vrf context management
  ip route 0.0.0.0/0 172.16.127.1
vlan 1,122
vlan 148
  name VoiceVlan
vlan 149
spanning-tree port type edge bpduguard default
spanning-tree loopguard default

logging level sysmgr 6

interface port-channel1
  description connection to Fabric-ext 1/1-2
  switchport mode fex-fabric
  fex associate 101
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149

interface port-channel2
  description connection to Switch 2 1/15-16
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149

interface Ethernet1/1
  description Uplink to Core Switch 1 te2/1
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149

interface Ethernet1/2

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15
  description connection to Switch 2 e1/15
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149
  channel-group 2

interface Ethernet1/16
  description connection to Switch 2 e1/16
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149
  channel-group 2

interface Ethernet1/17
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface Ethernet1/18
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface Ethernet1/19
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface Ethernet1/20
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface mgmt0
  description connection to Core Switch 1 g5/3
  no ip redirects
  ip address 172.16.127.9/25

interface Ethernet101/1/1
  switchport access vlan 148
  spanning-tree port type edge

interface Ethernet101/1/2
  switchport access vlan 148
  spanning-tree port type edge

interface Ethernet101/1/3
  switchport access vlan 148
  spanning-tree port type edge

interface Ethernet101/1/4
  switchport access vlan 148
  spanning-tree port type edge

interface Ethernet101/1/5
  switchport access vlan 148
  spanning-tree port type edge

interface Ethernet101/1/6
clock timezone EST -5 0
clock summer-time EDT 2 Sun Mar 02:00 1 Sun Nov 02:00 60
line console
line vty
mac address-table aging-time 14400
mac address-table notification mac-move
logging level kernel 6
logging level user 6
logging level mail 6
logging level daemon 6
logging level auth 6
logging level syslog 6
logging level lpr 6
logging level news 6
logging level uucp 6
logging level cron 6
logging level authpri 6
logging level ftp 6
logging level local0 6
logging level local1 6
logging level local2 6
logging level local3 6
logging level local4 6
logging level local5 6
logging level local6 6
logging level local7 6
boot kickstart bootflash:/n5000-uk9-kickstart.5.0.2.N2.1.bin
boot system bootflash:/n5000-uk9.5.0.2.N2.1.bin

Switch 2


version 5.0(2)N2(1)
feature telnet
feature tacacs+
feature lacp
feature lldp
feature fex

logging level aaa 6
logging level afm 6
logging level cdp 6
logging level cfs 6
logging level fex 6
logging level ntp 6
logging level pfm 6
logging level evmc 6
logging level lacp 6
logging level lldp 6
logging level mvsh 6
logging level vshd 6
logging level ethpc 6
logging level ethpm 6
logging level nohms 6
logging level snmpd 6
logging level xmlma 6
logging level zschk 6
logging level dstats 6
logging level plugin 6
logging level radius 6
logging level tacacs 6
logging level bootvar 6
logging level monitor 6
logging level callhome 6
logging level confcheck 6
logging level provision 6
logging level securityd 6
logging level cert_enroll 6
logging level feature-mgr 6
logging level session-mgr 6
logging level pltfm_config 6
logging level port-channel 6
logging level spanning-tree 6
username admin password 5 ***************** role network-admin

banner motd #
*************************************************************************************
FOR AUTHORIZED USER ONLY
**************************************************************************************
#

ip domain-lookup
ip domain-lookup
tacacs-server key 7 "***************"
ip tacacs source-interface mgmt0
tacacs-server host 1.1.1.1 timeout 5
switchname Switch2
ip access-list 12
  10 permit ip 2.2.2.100/32 any
  20 permit ip 2.2.2.72/32 any
ip access-list 19
  10 permit ip 2.2.2.59/32 any
  20 permit ip 2.2.2.26/32 any
ip access-list 9
  10 permit ip 2.2.2.79/32 any
  20 permit ip 2.2.2.59/32 any
class-map type qos class-fcoe
class-map type queuing class-all-flood
  match qos-group 2
class-map type queuing class-ip-multicast
  match qos-group 2
class-map type network-qos class-all-flood
  match qos-group 2
class-map type network-qos class-ip-multicast
  match qos-group 2
fex 101
  pinning max-links 1
  description "FEX0101"
  type N2248T
snmp-server contact NOC
snmp-server location NOC
snmp-server source-interface trap mgmt0
snmp-server user admin network-admin auth md5 0x860aea30be2462b6054e97ca7a805802 priv 0x860aea30be2462b6054e97ca7a805802 localizedkey
snmp-server host 2.2.2.26 traps version 2c ****
snmp-server enable traps callhome event-notify
snmp-server enable traps callhome smtp-send-fail
snmp-server enable traps cfs state-change-notif
snmp-server enable traps cfs merge-failure
snmp-server enable traps aaa server-state-change
snmp-server enable traps zone unsupp-mem
snmp-server enable traps upgrade UpgradeOpNotifyOnCompletion
snmp-server enable traps upgrade UpgradeJobStatusNotify
snmp-server enable traps feature-control FeatureOpStatusChange
snmp-server enable traps sysmgr cseFailSwCoreNotifyExtended
snmp-server enable traps rmon risingAlarm
snmp-server enable traps rmon fallingAlarm
snmp-server enable traps rmon hcRisingAlarm
snmp-server enable traps rmon hcFallingAlarm
snmp-server enable traps config ccmCLIRunningConfigChanged
snmp-server enable traps snmp authentication
snmp-server enable traps vtp notifs
snmp-server enable traps vtp vlancreate
snmp-server enable traps vtp vlandelete
snmp-server community ****1 group network-admin
snmp-server community ***** group network-operator
snmp-server community ****1 use-acl 19
snmp-server community ***** use-acl 9
ntp source-interface  mgmt0
tacacs-server directed-request

vrf context management
  ip route 0.0.0.0/0 172.16.127.1
vlan 1,122
vlan 148
  name VoiceVlan
vlan 149
spanning-tree port type edge bpduguard default
spanning-tree loopguard default

logging level sysmgr 6

interface port-channel1
  description connection to Fabric-ext 1/1-2
  switchport mode fex-fabric
  fex associate 101
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149

interface port-channel2
  description connection to Switch 2 1/15-16
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149

interface Ethernet1/1
  description Uplink to Core Switch 2 te2/1
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149

interface Ethernet1/2

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15
  description connection to Switch 1 e1/15
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149
  channel-group 2

interface Ethernet1/16
  description connection to Switch 1 e1/16
  switchport mode trunk
  switchport trunk native vlan 148
  switchport trunk allowed vlan 122,148-149
  channel-group 2

interface Ethernet1/17
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface Ethernet1/18
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface Ethernet1/19
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface Ethernet1/20
  description connection to Fabric-ext
  fex associate 101
  switchport mode fex-fabric
  switchport trunk native vlan 148
  switchport trunk allowed vlan 148-149
  channel-group 1

interface mgmt0
  description connection to Core Switch 2 g5/3
  no ip redirects
  ip address 172.16.127.10/25

interface Ethernet101/1/1
  switchport access vlan 149
  spanning-tree port type edge

interface Ethernet101/1/2
  switchport access vlan 149
  spanning-tree port type edge

interface Ethernet101/1/3
  switchport access vlan 149
  spanning-tree port type edge

interface Ethernet101/1/4
  switchport access vlan 149
  spanning-tree port type edge

interface Ethernet101/1/5
  switchport access vlan 148
  spanning-tree port type edge

interface Ethernet101/1/6
clock timezone EST -5 0
clock summer-time EDT 2 Sun Mar 02:00 1 Sun Nov 02:00 60
line console
line vty
mac address-table aging-time 14400
mac address-table notification mac-move
logging level kernel 6
logging level user 6
logging level mail 6
logging level daemon 6
logging level auth 6
logging level syslog 6
logging level lpr 6
logging level news 6
logging level uucp 6
logging level cron 6
logging level authpri 6
logging level ftp 6
logging level local0 6
logging level local1 6
logging level local2 6
logging level local3 6
logging level local4 6
logging level local5 6
logging level local6 6
logging level local7 6
boot kickstart bootflash:/n5000-uk9-kickstart.5.0.2.N2.1.bin
boot system bootflash:/n5000-uk9.5.0.2.N2.1.bin

Core Switch 1
upgrade fpd auto
version 12.2
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service counters max age 5
!
hostname CoreSwitch1
!
boot-start-marker
boot system flash sup-bootdisk:/s72033-ipservices_wan-mz.122-33.SXH7.bin
boot-end-marker
!
logging buffered informational
no logging console
no logging monitor
enable secret 5 *****
!
username admin privilege 15 secret 5 *****
aaa new-model
!
aaa session-id common
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
no ip source-route
!
!
!
no ip domain-lookup
ip domain-name xxx.com
mls netflow interface
mls flow ip interface-full
mls qos
mls cef error action reset
!
!
!
!
!
!
!
!
redundancy
 keepalive-enable
 mode sso
 main-cpu
  auto-sync running-config
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree vlan 112-113,116-117,120-123,128-129,132-133,136 priority 8192
spanning-tree vlan 137,140-141,144-145,148,150,152 priority 8192
spanning-tree vlan 114-115,118-119,124-127,130-131,134-135,138 priority 16384
spanning-tree vlan 139,142-143,146-147,149,151 priority 16384
diagnostic bootup level complete
diagnostic cns publish cisco.cns.device.diag_results
diagnostic cns subscribe cisco.cns.device.diag_commands
fabric timer 15
!
vlan internal allocation policy ascending
vlan access-log ratelimit 2000
!
vlan 112-152,999
!
!
!
interface Loopback0
 ip address 2.2.2.236 255.255.255.255
!
interface Port-channel1
 description Uplink to Core Switch 2
 ip address 172.16.46.41 255.255.255.252
 mls qos trust cos
!
interface TenGigabitEthernet2/1
 description Uplink to Nexus Switch 1 e1/1
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 148
 switchport trunk allowed vlan 122,148,149
 switchport mode trunk
 wrr-queue queue-limit 5 25 70 50 50 50 50
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
!
interface GigabitEthernet5/3
 description connection to Nexus Switch 1 mgmt0
 switchport
 switchport access vlan 122
 switchport mode access
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface TenGigabitEthernet5/4
 description Uplink to Core Switch 2 te5/4
 no ip address
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
 channel-group 1 mode on
!
interface TenGigabitEthernet5/5
 description Uplink to Core Switch 2 te5/5
 no ip address
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
 channel-group 1 mode on
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan122
 ip address 172.16.127.2 255.255.255.128
 ip helper-address 172.16.160.4
 ip helper-address 172.16.160.6
 no ip redirects
 standby 122 ip 172.16.127.1
 standby 122 priority 120
 standby 122 preempt
!
interface Vlan148
 ip address 172.16.122.2 255.255.255.128
 ip helper-address 172.16.160.4
 ip helper-address 172.16.160.6
 no ip redirects
 standby 148 ip 172.16.122.1
 standby 148 priority 120
 standby 148 preempt
!
interface Vlan149
 ip address 172.16.122.130 255.255.255.128
 ip helper-address 172.16.160.4
 ip helper-address 172.16.160.6
 no ip redirects
 standby 149 ip 172.16.122.129
 standby 149 priority 115
!
no ip http server
ip tacacs source-interface Loopback0
!
logging source-interface Loopback0
logging 2.2.2.21
!
tacacs-server host 2.2.2.50 timeout 5
tacacs-server directed-request
!
line con 0
 logging synchronous
line vty 0 4
 password 7 *****
 logging synchronous
line vty 5 15
 password 7 *****
 logging synchronous
 transport input telnet
!

Core Switch 2

upgrade fpd auto
version 12.2
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
service counters max age 5
!
hostname CoreSwitch2
!
boot-start-marker
boot system flash sup-bootdisk:/s72033-ipservices_wan-mz.122-33.SXH7.bin
boot-end-marker
!
logging buffered informational
no logging console
no logging monitor
enable secret 5 *****
!
username admin privilege 15 secret 5 *****
aaa new-model
!
aaa session-id common
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
no ip source-route
!
!
!
no ip domain-lookup
ip domain-name xxx.com
mls netflow interface
mls flow ip interface-full
mls qos
mls cef error action reset
!
!
!
!
!
!
!
!
redundancy
 keepalive-enable
 mode sso
 main-cpu
  auto-sync running-config
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree vlan 112-113,116-117,120-123,128-129,132-133,136 priority 8192
spanning-tree vlan 137,140-141,144-145,148,150,152 priority 8192
spanning-tree vlan 114-115,118-119,124-127,130-131,134-135,138 priority 16384
spanning-tree vlan 139,142-143,146-147,149,151 priority 16384
diagnostic bootup level complete
diagnostic cns publish cisco.cns.device.diag_results
diagnostic cns subscribe cisco.cns.device.diag_commands
fabric timer 15
!
vlan internal allocation policy ascending
vlan access-log ratelimit 2000
!
vlan 112-152,999
!
!
!
interface Loopback0
 ip address 2.2.2.237 255.255.255.255
!
interface Port-channel1
 description Uplink to Core Switch 1
 ip address 172.16.46.42 255.255.255.252
 mls qos trust cos
!
interface TenGigabitEthernet2/1
 description Uplink to Nexus Switch 2 e1/1
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 148
 switchport trunk allowed vlan 122,148,149
 switchport mode trunk
 wrr-queue queue-limit 5 25 70 50 50 50 50
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
!
interface GigabitEthernet5/3
 description connection to Nexus Switch 2 mgmt0
 switchport
 switchport access vlan 122
 switchport mode access
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface TenGigabitEthernet5/4
 description Uplink to Core Switch 1 te5/4
 no ip address
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
 channel-group 1 mode on
!
interface TenGigabitEthernet5/5
 description Uplink to Core Switch 1 te5/5
 no ip address
 wrr-queue cos-map 1 1 1
 wrr-queue cos-map 2 1 0
 wrr-queue cos-map 3 1 4 7
 wrr-queue cos-map 3 2 2
 wrr-queue cos-map 3 3 3
 wrr-queue cos-map 3 4 6
 mls qos trust cos
 channel-group 1 mode on
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan122
 ip address 172.16.127.3 255.255.255.128
 ip helper-address 172.16.160.4
 ip helper-address 172.16.160.6
 no ip redirects
 standby 122 ip 172.16.127.1
 standby 122 priority 115
!
interface Vlan148
 ip address 172.16.122.3 255.255.255.128
 ip helper-address 172.16.160.4
 ip helper-address 172.16.160.6
 no ip redirects
 standby 148 ip 172.16.122.1
 standby 148 priority 115
!
interface Vlan149
 ip address 172.16.122.131 255.255.255.128
 ip helper-address 172.16.160.4
 ip helper-address 172.16.160.6
 no ip redirects
 standby 149 ip 172.16.122.129
 standby 149 priority 120
 standby 149 preempt
!
no ip http server
ip tacacs source-interface Loopback0
!
logging source-interface Loopback0
logging 2.2.2.21
!
tacacs-server host 2.2.2.50 timeout 5
tacacs-server directed-request
!
line con 0
 logging synchronous
line vty 0 4
 password 7 *****
 logging synchronous
line vty 5 15
 password 7 *****
 logging synchronous
 transport input telnet
!




No comments: