Configuration assistance on a new 4900m

Unanswered Question

Im having difficulties getting pass this vrf command on the 4900m using the management port. Just hoping for any guidance that can get this switch simply connected and used for a management IP.


Snippet of the config

ip vrf mgmtVrf
!
vtp mode transparent
!
!
!
power redundancy-mode redundant
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet1
ip vrf forwarding mgmtVrf
ip address 10.10.10.10 255.255.255.0
speed auto
duplex auto
!


What do I need to do to get a simple IP onto the FA port (assuming the FA port is the mgmt port) and to make it accessible from anywhere in our internal network.  I understand the ip configuration and gateway but I dont understand the vrf portion.  tyvm in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 05/05/2010 - 16:22
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

[email protected]


Im having difficulties getting pass this vrf command on the 4900m using the management port. Just hoping for any guidance that can get this switch simply connected and used for a management IP.




!
interface FastEthernet1
ip vrf forwarding mgmtVrf
ip address 10.10.10.10 255.255.255.0
speed auto
duplex auto
!


What do I need to do to get a simple IP onto the FA port (assuming the FA port is the mgmt port) and to make it accessible from anywhere in our internal network.  I understand the ip configuration and gateway but I dont understand the vrf portion.  tyvm in advance


Eric


Try adding a default route for the vrf ie.


ip route vrf mgmgtVrf 0.0.0.0 0.0.0.0


Jon

Giuseppe Larosa Thu, 05/06/2010 - 06:48
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Eric,

you may need to add an rd under VRF configuration.

An rd has to be configured in order to start the VRF object.


ip vrf mgmtVrf

rd 100:100

!


Other users have reported problems in accessing TACACS+ AAA server without this parameter

This is a miss in documentation


Then, as Jon has suggested you need a default route in VRF to give reachability of other IP subnets


Edit:

to be noted this is thought for a form of logical out of band management

you can use an SVI in vlan X as your management address without dealing with VRFs


I've checked in some recent installed 4948-10GE and we used an SVI in global routing table instead of the management VRF.


Hope to help

Giuseppe

Actions

This Discussion