cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9961
Views
0
Helpful
24
Replies

SF-300 sh running-config output

Bartosz Kois
Level 1
Level 1

Hi

Would it be possible to change output style of "sh running-config" in SF-300 switches to Cisco IOS-like format (eg.: options related to the specific interface put together, add tabs) in the next release? That would be much more readable.

Thanks for any replay.

24 Replies 24

David Hornstein
Level 7
Level 7

Hi Bartosz,

I will forward this feature request off to the product manager..

If you would be so kind as to send contact details to  dhornste  at  cisco.com ( remove spaces and replace 'at' with @)  I want to dig a little deeper into your request.

regards Dave

Witam

The main thing is that "sh running-config" command in SF-300 is unreadable:

==== This is listing from SF-300:

interface gigabitethernet3

lldp med disable

exit

interface gigabitethernet4

lldp med disable

exit

interface vlan 1

ip address 10.0.1.102 255.255.255.0

exit

ip default-gateway 10.0.1.1

ip dhcp information option

interface vlan 1

no ip address dhcp

exit

no boot host auto-config

no bonjour enable

ip access-list extended ACL_PORT_1

permit ip 10.0.1.9 0.0.0.0 any

deny ip any any

exit

ipv6 access-list ACL6_PORT_1

permit ipv6 2001:e::1/128 any

deny ipv6 any any

exit

interface fastethernet1

service-acl input ACL_PORT_1 ACL6_PORT_1

=== And this is listing from C2950:

ip ssh time-out 120

ip ssh authentication-retries 3

ip ssh version 2

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

!

!

interface FastEthernet0/1

switchport access vlan 100

switchport mode access

ip access-group 101 in

spanning-tree portfast

spanning-tree bpdufilter enable

!

interface FastEthernet0/2

switchport access vlan 100

switchport mode access

ip access-group 102 in

spanning-tree portfast

spanning-tree bpdufilter enable

!

interface FastEthernet0/3

switchport access vlan 100

switchport mode access

ip access-group 103 in

spanning-tree portfast

spanning-tree bpdufilter enable

The commands are almost the same but the way in which they are presetend are totaly different. Main advantages are:

- all options related to a specific interface are in one place

- sections are divided by using "!" mark

- suboptions are prepended by a single space.

Is this possible to modify the output of this command in SF-300 in such a way?

Best regards

Bartosz Kois

Dnia 26-10-2011 o 14:27 otrzymano wiadomość od dhornste

David Hornstein David Hornstein created the discussion

"Re: SF-300 sh running-config output"

To view the discussion, visit: https://supportforums.cisco.com/message/3475061#3475061

Ivor Diedricks
Cisco Employee
Cisco Employee

Yes, we're already working on it. The next major firmware version for the 300 Series switches will support what you're looking for.

Ivor

Hi

That`s great. Could you tell me what is the expected EOL for this switch. I`m asking because we are planing to buy around 25 units in the next year for our network as a access switches.

Best regards

Bartosz Kois

No EOL plans. This product was released just last year.

Hi

There is one more thing I`d like to report. Please compare the speed of CLI interface on Putty and Linux SSH client. There is something that let SSH Linux client display data faster than on Putty.

Best regards

Bartosz Kois

Dnia 26-10-2011 o 19:11 otrzymano wiadomość od idiedric

Ivor Diedricks Ivor Diedricks created the discussion

"Re: SF-300 sh running-config output"

To view the discussion, visit: https://supportforums.cisco.com/message/3475374#3475374

Hi

There is also one missing option that I have found during tests. In “config-ip-al” submenu there is no “no” option that allow administrator to delete a specific rule. In case I want to modify a single rule I have to delete access-list and compose it from the beginning.

SWITCH-TEST(config-ip-al)#

  deny                 A deny-ip condition blocks traffic if the conditions

                       define in the deny statement are matched.

do                   execute an EXEC-level command

  end                  Exit from configure mode

  exit                 Exit from current context

  help                 Description of the interactive help system

  permit               A permit condition forward traffic if the conditions

                       define in the permit statement are matched.

Could you add that in the next release?

Best regards

Bartosz Kois

Hi Sir,

Related to ACL Binding issue, we like to know more details from you. Please help. What I understand is that one ACL e.g. Rule1 can bind to one interface e.g. fa1, but you like to bind this ACL "Rule1" to other interfaces e.g. fa2, and fa3. However, you cannot bind this Rule1 to fa2 and fa3 via CLI command. Am I right?

Please kindly advice. Thank you.

Hi

My main goal is to provide some security for my network. In this case I want to allow just one specific ip address on each interface. To achive that I configured one acl per each interface (ACL_PORT_1, ACL_PORT_2 etc. …) and bind the respectively to interfaces. The problem is that somehow (in my configuration) traffic on Fa1 port is limited to ACL_PORT_1, but acl on port Fa2 and Fa3 doesn’t work at all (I can send traffic on Fa2 and Fa3 from any ip address).

Best regards

Bartosz Kois

Thank you for the reply. We will look into the details and give you update asap.

Hi

I`ve probably found another bug. With my test configuration (included in the attachment) access lists apply only to traffic on fa1 port and not for fa2 and fa3 (on fa1 traffic is limted only to specified host whereas on fa2 and fa3 I can pass traffic from any host).

Another thing is that during reload switch should first disconnect SSH session otherwise session hangs.

Best regards

Bartosz Kois

Dnia 26-10-2011 o 19:11 otrzymano wiadomość od idiedric

Ivor Diedricks Ivor Diedricks created the discussion

"Re: SF-300 sh running-config output"

To view the discussion, visit: https://supportforums.cisco.com/message/3475374#3475374

Hi

May I ask when it will be available.

Best regards

Bartosz Kois

Hi Sir,

We will add "no" ACE command available in the future release. Thank you to point us out.

Meanwhile, we could able to re-produce the ACL binding issue in our lab. We're investigating this issue now. Will update you once we found out the root cause. Thank you.

Hi Sir,

We found out the root cause of ACL binding problem. We will fix this problem. Thank you and report this issue to our attention.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X