「設定に再起動が必要なコンフィグまとめ」の版間の差分

提供:hkatou_Lab
ナビゲーションに移動 検索に移動
ページの作成:「== Cisco == === ISR4000 / ASR1000 === license boot level <License_Level> <ref>Chapter: License Verification <nowiki>https://www.cisco.com/c/en/us/td/docs/routers/asr100…」
 
 
(同じ利用者による、間の48版が非表示)
1行目: 1行目:
いろいろなメーカーのネットワーク機器について、再起動しないと有効にならないコンフィグを集めました。
以下のようなシチュエーションで役に立ちます。
* 作業の役務を見積もるとき、夜間作業が必要か調べたい
* 保守交換後、OS Ver と running-config で diff が無くても、動作に差分があるとき
** TCAM サイズを変更するコマンドは、ROMMON / Boot Loader の変数に書き込まれて running-config に表示されない機器があります
* 初期構築時に設定追加・変更しておくことで運用に入ってからの停止作業を回避
== Cisco ==
== Cisco ==


=== ISR4000 / ASR1000 ===
=== ISR4000 / ASR1000 ===
license boot level <License_Level> <ref>Chapter: License Verification


<nowiki>https://www.cisco.com/c/en/us/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG/b_ASR1001HX-1002HX_HIG_chapter_0110.html</nowiki>
==== ASR1000 : license boot level { adventerprise | advipservices | ipbase } <ref>Chapter: License Verification
 
https://www.cisco.com/c/en/us/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG/b_ASR1001HX-1002HX_HIG_chapter_0110.html
 
license boot level <License_Level></ref> ====
 
* Universal イメージの IOS / IOS-XE はコマンドでライセンス レベルを変更可能
 
==== ISR4000 : platform hardware throughput level { 2500000 | 5000000 } <ref>Performance
 
https://www.cisco.com/c/en/us/td/docs/routers/access/4400/software/configuration/guide/isr4400swcfg/bm_isr_4400_sw_config_guide_chapter_0101.html#concept_3F15D3B0CBA64CA9BADC3C84FE0C63FB
 
To configure the throughput level, perform the following steps and to upgrade the throughput level use the platform hardware throughput level { 2500000 | 5000000} command.
 
In the user EXEC configuration mode, enter the enable command.
 
Enter configure terminal command to enter the global configuration mode.
 
To upgrade the throughput level, enter the platform hardware throughput level{2500000|5000000} command.
 
To exit global configuration mode, enter exit.
 
To save the configuration, enter the copy running-config startup-config command.
 
To reload the router enter reload. '''A reload is required to activate the throughput level.'''</ref> ====


license boot level <License_Level></ref>
==== ISR4000 : platform hardware throughput level boost <ref>platform hardware throughput level boost


platform hardware throughput level <ref>スループット レベルの設定
https://www.cisco.com/c/en/us/td/docs/routers/access/4400/software/configuration/guide/isr4400swcfg/bm_isr_4400_sw_config_guide_chapter_0101.html#concept_x2p_pkj_ndb


<nowiki>https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001-x/asr1hig-book/asr1hig-book_chapter_0101.html#con_1060881</nowiki>
Save the configuration and reload the device to enable Boost performance license. '''After the reload,''' the Boost Performance is activated as shown in this example.</ref>====
 
==== ASR1000 : platform hardware throughput level <ref>スループット レベルの設定
 
https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001-x/asr1hig-book/asr1hig-book_chapter_0101.html#con_1060881


Cisco ASR 1001-X ルータの組み込みエンベデッド サービス プロセッサは、ソフトウェア ライセンスに応じて、2.5 Gbps(デフォルト)、5 Gbps、10 Gbps、および 20 Gbps のスループットをサポートします。
Cisco ASR 1001-X ルータの組み込みエンベデッド サービス プロセッサは、ソフトウェア ライセンスに応じて、2.5 Gbps(デフォルト)、5 Gbps、10 Gbps、および 20 Gbps のスループットをサポートします。
20行目: 56行目:
コマンドを実行します。
コマンドを実行します。


次に、20 Gbps パフォーマンス アップグレード ライセンスの適用とルータのリロード後の
次に、20 Gbps パフォーマンス アップグレード ライセンスの適用と'''ルータのリロード後'''の
 
このコマンドの出力例を示します。</ref>====
* デフォルトは'''双方向'''で合計 2.5Gbps のスループット
* '''双方向'''で 20Gbps の最大スループットを設定可能
** 10G ポートの Rx / Tx の合計で 20Gbps を捌けるのと、同一の意味
 
* CSR1000V は再起動が不要と記載あり
 
==== ASR1001-HX : platform hardware crypto-throughput level { 8g | 8-16g } <ref>暗号化スループット レベルの設定<nowiki/>https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG.pdf
 
Cisco ASR 1001-HX ルータの暗号化スループット レベルを設定するには、次のコマンドを入力します。<syntaxhighlight lang="diff">
Router(config)# platform hardware crypto-throughput level ?
8-16g crypto throughput upgrade, bits per second
8g crypto throughput level, bits per second
Router(config)# platform hardware crypto-throughput level 8g
% Crypto Bandwidth set to 8G bps.
Router(config)# platform hardware crypto-throughput level 8-16g
% Crypto Bandwidth set to 16G bps.
</syntaxhighlight></ref> ====
 
* こちらは再起動が必要無いように読める
 
==== ASR1002-HX : platform hardware crypto-throughput level { 8g | 8-16g | 8-25g | 16-25g } <ref>暗号化スループット レベルの設定<nowiki/>https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG.pdf


このコマンドの出力例を示します。</ref>
Cisco ASR 1002-HX ルータの暗号化スループット レベルを設定するには、次のコマンドを入力します。<syntaxhighlight lang="diff">
Router(config)# platform hardware crypto-throughput level ?
16-25g crypto throughput upgrade, bits per second
8-16g crypto throughput upgrade, bits per second
8-25g crypto throughput upgrade, bits per second
8g crypto throughput level, bits per second
</syntaxhighlight></ref> ====


ASR1000 の例 :
* こちらは再起動が必要無いように読める


* デフォルトは双方向で合計 2.5Gbps のスループット
=== Catalyst8200 / 8300 ===
* 最大双方向で 20Gbps のスループットを設定可能


CSR1000V は再起動が不要
==== [https://www.cisco.com/c/en/us/td/docs/routers/cloud_edge/c8300/software_config/cat8300swcfg-xe-17-book/isr9000swcfg-xe-16-12-book_chapter_010.html#concept_0FBABD5F74924D36895FEF9912A283CF platform resource { service-plane-heavy | data-plane-heavy }] ====


=== Catalyst 6500 Sup720 ===
* Catalyst 8200 , 8300 は複数の CPU コアを、サービス プレーンとデータプレーンに振り分ける割合を変えることが可能
mls cef maximum-routes <ref>CAT 6500 and 7600 Series Routers and Switches TCAM Allocation Adjustment Procedures
* 最小 8 コアを備えている
* デフォルトは service-plane-heavy
* show platform software cpu alloc コマンドで、割り当て状況を確認可能
<syntaxhighlight lang="diff">
show platform software cpu alloc


<nowiki>https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117712-problemsolution-cat6500-00.html#anc3</nowiki>
CPU alloc information:
Control plane cpu alloc: 0
Data plane cpu alloc: 1-7
Service plane cpu alloc: 0
Template used: CLI-data_plane_heavy
</syntaxhighlight>


You can enter the mls cef maximum-routes ip <number in thousands> command in order to adjust the number of routing entries that are allocated to the IPv4. This does not increase the overall size of the FIB TCAM, but it reduces the number of routing entries that are allocated to the IPv6 in order to increase the amount of TCAM space for the IPv4.</ref>
==== [https://www.cisco.com/c/en/us/td/docs/routers/cloud_edge/c8300/software_config/cat8300swcfg-xe-17-book/m-available-licenses.html#Cisco_Task.dita_3e328700-9d53-4aa0-92d7-39de3006cc7f platform hardware throughput crypto] ====


=== Catalyst 2960 / 3750 / 3560 ===
==== [https://www.cisco.com/c/en/us/td/docs/routers/cloud_edge/c8300/software_config/cat8300swcfg-xe-17-book/m-available-licenses.html#Cisco_Task.dita_3e328700-9d53-4aa0-92d7-39de3006cc7f platform hardware throughput level MB] ====
sdm prefer { access | default | dual-ipv4-and-ipv6 { default | routing | vlan } | indirect-ipv4-and-ipv6-routing | routing | vlan } <ref>Chapter: Configuring SDM Templates
 
==== [https://www.cisco.com/c/en/us/td/docs/routers/cloud_edge/c8300/software_config/cat8300swcfg-xe-17-book/m-available-licenses.html#Cisco_Task.dita_34eb5481-3d5e-431a-9c39-6e19c76d893e (EXEC) license throughput crypto auto-convert] ====
 
==== [https://www.cisco.com/c/en/us/td/docs/routers/cloud_edge/c8300/software_config/cat8300swcfg-xe-17-book/m-available-licenses.html#Cisco_Task.dita_34eb5481-3d5e-431a-9c39-6e19c76d893e (EXEC) license throughput level auto-convert] ====
 
=== Cisco 8000 ===
 
==== hw-module profile route scale lpm tcam-banks <ref>[https://www.cisco.com/c/en/us/td/docs/iosxr/cisco8000/ip-addresses/b-ip-addresses-cr-8k/m-cisco-express-forwarding-commands.html#wp1459049907 hw-module profile route scale]</ref> ====
 
=== Catalyst 2960 / 3560 / 3750 ===
 
==== 3750 : sdm prefer { access | default | dual-ipv4-and-ipv6 { default | routing | vlan } | indirect-ipv4-and-ipv6-routing | routing | vlan } <ref>Chapter: Configuring SDM Templates
 
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg/swsdm.html</ref>====
 
* PBR / IPv6 はデフォルトで TCAM が割り当てられていないため、routing / dual stack テンプレートに変更 + 再起動が必要
 
==== system mtu jumbo <1500-9000> | <1500-9198> ====
 
* show run に出てこない
* show system mtu コマンドで確認可能
* 機種により対応範囲が異なる
** 3750G : 1500-9000
** 3560CX : 1500-9198<br />
=== Catalyst 4500 Sup6E ===
 
==== hw-module uplink mode { shared-backplane| tengigabitethernet } <ref>Supervisor Engine 6-E でのアップリンク モードの選択
 
https://www.cisco.com/c/ja_jp/td/docs/sw/lanswt-access/cat4500swt/cg/009/confg-gd/sw-int.html#18105
 
(注) hw-module uplink mode shared-backplane コマンドを使用して
 
アップリンク モードを'''変更する場合は、システムをリロードする必要'''が
 
あります。コンソールには、リロードを示すメッセージが表示されます。</ref> ====
 
* 要再起動
* 最初に TenGig を使っていなくて、増速で TenGig にするときに要注意
 
==== hw-module module <module_num> port-group <port_num> select [ gigabitethernet | tengigabitethernet ] ====
* WS-X4606-10GE-E で TwinGig コンバーターを使用するときに使用
* こちらは'''再起動の必要無し'''
 
 
=== Catalyst 6500 Sup720 / Sup720-10G ===
 
==== mls cef maximum-routes <ref>CAT 6500 and 7600 Series Routers and Switches TCAM Allocation Adjustment Procedures
 
https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117712-problemsolution-cat6500-00.html#anc3
 
You can enter the mls cef maximum-routes ip <number in thousands> command in order to adjust the number of routing entries that are allocated to the IPv4. This does not increase the overall size of the FIB TCAM, but it reduces the number of routing entries that are allocated to the IPv6 in order to increase the amount of TCAM space for the IPv4.</ref>====
 
 
=== Catalyst 6500 / 6800 Sup2T / Sup6T ===
 
==== 共通 : vlan internal allocation policy { ascending | descending } <ref>Configuring the Internal VLAN Allocation Policy<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-5SY/config_guide/sup6T/15_5_sy_swcg_6T.pdf
 
Note
 
The internal VLAN allocation policy is applied only following a reload. </ref> ====
 
==== 共通 : platform hardware acl reserve qos-banks { 1 | 2} <ref>Chapter 23 Restrictions for PFC QoS<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-5SY/config_guide/sup6T/15_5_sy_swcg_6T.pdf
 
Changes to the supported number of '''QoS TCAM entries take effect after a reload'''. Enter the show platform hardware acl
 
global-config command to display the QoS TCAM entry configuration:</ref> ====
 
==== Sup6T : hw-module switch {switch-id} slot {sup slot no.} operation-mode port-group {Port-group no. }  { TenGigabitEthernet | FortyGigabitEthernet } <ref name=":0">Chapter 4 Virtual Switching Systems<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-5SY/config_guide/sup6T/15_5_sy_swcg_6T.pdf
 
Note - The entire '''systems reloads after any mode conversion'''.</ref> ====
 
==== Sup6T : hw-module switch {switch-id} slot {sup slot no.} performance { TenGigabitEthernet | FortyGigabitEthernet } <ref name=":0" /> ====


<nowiki>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg/swsdm.html</nowiki></ref>


PBR はデフォルトで TCAM が割り当てられていないため、routing テンプレートに変更 + 再起動が必要


=== Catalyst 3850 / 3650 / 9000 ===
=== Catalyst 3850 / 3650 / 9000 ===
license boot level <license_level> <ref>Configuring Base and Add-On Licenses


<nowiki>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-6/configuration_guide/sys_mgmt/b_176_sys_mgmt_9300_cg/licenses.html#Cisco_Task.dita_f126c327-a647-4235-b1a2-930771e49f9d</nowiki>
==== license boot level <license_level> <ref>Configuring Base and Add-On Licenses
 
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-6/configuration_guide/sys_mgmt/b_176_sys_mgmt_9300_cg/licenses.html#Cisco_Task.dita_f126c327-a647-4235-b1a2-930771e49f9d


license boot level <license_level></ref>
license boot level <license_level></ref>====


9500 の場合 : sdm prefer { core <kbd>|</kbd> nat <kbd>|</kbd> distribution <kbd>|</kbd> custom } <ref>Chapter: Configuring SDM Templates
* Universal イメージの IOS / IOS-XE はコマンドでライセンス レベルを変更可能
* グローバル コンフィギュレーションで実施


<nowiki>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-6/configuration_guide/sys_mgmt/b_176_sys_mgmt_9500_cg/configuring_sdm_templates.html</nowiki></ref>
==== 9000 : license right-to-use [activate <kbd>|</kbd> deactivate ] [network-essentials <kbd>|</kbd> network-advantage ] [all <kbd>|</kbd> evaluation {all <kbd>|</kbd> slot <var>slot-number <1-8></var>}] [acceptEULA] <ref name=":1">[https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-6/configuration_guide/sys_mgmt/b_166_sys_mgmt_9300_cg/b_166_sys_mgmt_9300_cg_chapter_011.html#task_gfk_vvj_n1b Activating a License]</ref> ====


=== Nexus 9300 ===
* こちらは EXEC モードで実施
max-metric router-lsa external-lsa include-stub on-startup summary-lsa
* Evaluation (評価) モードで動作している場合は、ライセンスを購入して right-to-use で Permanent モードに変更します


* コマンド投入時、次回の再起動時に有効になる旨のメッセージが表示されます
==== 9000 : license right-to-use [activate | deactivate ] addon [dna-essentials | dna-advantage ] [all | evaluation | subscription {all | slot slot-number <1-8>}] [ acceptEULA] <ref name=":1" /> ====
 
* こちらは EXEC モードで実施
* Evaluation (評価) モードで動作している場合は、ライセンスを購入して right-to-use で Permanent モードに変更します
 
==== 9500 : sdm prefer { core <kbd>|</kbd> nat <kbd>|</kbd> distribution <kbd>|</kbd> custom } <ref>Chapter: Configuring SDM Templates
 
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-6/configuration_guide/sys_mgmt/b_176_sys_mgmt_9500_cg/configuring_sdm_templates.html</ref>====
 
* 9500H デフォルトの Core テンプレートの場合は MAC アドレステーブルや ARP が少ないため、Distribution に変更するケースがあります
 
 
=== Catalyst 3850XS 16.3.3- / 9400 / 9500 / 9600 ===
 
==== stackwise-virtual -> domain <domain_id> <ref>Configuring Cisco StackWise Virtual Settings
 
<nowiki>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_lbj_yyx_31b</nowiki>
 
Step 5
 
Device(config)#stackwise-virtual
 
Step 6
 
Device(config-stackwise-virtual)#domain 2
 
'''Step 10'''
 
reload</ref> ====
 
==== secure-stackwise-virtual authorization-key <128-bits> <ref>[https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-6/configuration_guide/ha/b_176_ha_9600_cg/configuring_cisco_stackwise_virtual.html Configuring Secure StackWise Virtual]
 
 
Step 3
 
secure-stackwise-virtual authorization-key <128-bits>
 
Example:
<code>Device(config)#<kbd>'''secure-stackwise-virtual authorization-key <128-bits>'''</kbd></code>
 
 
Step 4
 
reload
 
Example:
<code>Device#<kbd>'''reload'''</kbd></code>
</ref> ====
* 初期設定時のみと思われるため、特に問題なし
 
==== (config-if)# stackwise-virtual link 1 <ref>Configuring Cisco StackWise Virtual Link<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_wly_zyx_31b
 
Step 4
 
Device(config-if)#stackwise-virtual link 1
 
'''Step 7'''
 
Device#reload</ref> ====
 
* VSS とは異なり、SWV では SVL の増速に reload が必要になりました
 
==== (config-if)# stackwise-virtual dual-active-detection <ref>Configuring StackWise Virtual Fast Hello Dual-Active-Detection Link<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_yqn_bzx_31b</ref>====
 
* VSS とは異なり、SWV では DAD の設定に reload が必要になりました
 
==== stackwise-virtual -> dual-active detection pagp <ref>Enabling ePAgP Dual-Active-Detection<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_ump_ptf_r1b</ref>====
 
* dual-active detection pagp trust channel-group channel-group <id> の追加に再起動が必要無いか、要調査
 
==== switch stack-speed [high | low] ====
* C9300X から導入された、StackWise-1T を、C9300 の StackWise-480 に混在させるためのコマンド
 
 
=== Catalyst 9400 ===
 
==== (config-if)# enable <ref>アップリンク ポート<nowiki/>https://www.cisco.com/c/ja_jp/td/docs/switches/lan/catalyst9400/software/release/17-3/configuration_guide/int_hw/b_173_int_and_hw_9400_cg/configuring_interface_characteristics.html#concept_ayd_y5q_p1b
 
速度 10G、25G、および 40G はポートグループごとに相互に排他的です。
 
ポートグループでは任意の 1 つの速度をいつでも有効にできます。</ref>====
 
* スーパーバイザエンジンの'''再起動は必要ない'''けど、ポートグループごとに速度は 1 つに制限される模様
 
 
=== Catalyst 9500 ===
 
==== hw-module breakout module ====
 
* 9600 を見たあとだといかにも必要そうだが、'''この機種は reload が必要ない'''模様
 
=== Catalyst 9600 ===
 
==== hw-module breakout-enable <ref>Configuring a Breakout Interface<nowiki/>https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-2/configuration_guide/int_hw/b_172_int_and_hw_9600_cg/configuring_interface_characteristics.html#task_slc_34x_1jb
 
Step 3
 
hw-module breakout-enable
 
'''Step 5'''
 
reload</ref> ====
 
* 運用に入ってから再起動が必要とわかるとめんどい
* グローバル コンフィグの部分で再起動が必要に見えるため、予め入れといたほうが良さそう
 
 
 
=== Catalyst 9400X / 9500X / 9600X ===
Silicon One の X 系は SWV の SVL / DAD の変更で再起動が必要なくなりました <ref>[https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-10/configuration_guide/ha/b_1710_ha_9500_cg/configuring_cisco_stackwise_virtual.html#configuring_cisco_stackwise_virtual_link Dynamic addition and removal of SVL links are supported on the C9500X-28C8D model of Cisco Catalyst 9500 Series Switches, and therefore, a reload is not required for adding or removing the SVL links when the device is already operating in SVL mode.]</ref>
 
=== Nexus3000 <ref>[https://community.cisco.com/t5/tkb-%E3%83%87%E3%83%BC%E3%82%BF%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/nexus-%E3%82%B7%E3%83%AA%E3%83%BC%E3%82%BA-cvr-qsfp-sfp10g-%E3%81%AE%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/ta-p/3689358#toc-hId-1189404436 Nexus 3000 シリーズ]
 
switch(config)# hardware profile portmode ?
48x10g+4x40g 48x10G+4x40G port mode
52x10g+3x40g 52x10G+3x40G port mode
56x10g+2x40g 56x10G+2x40G port mode
60x10g+1x40g 60x10G+1x40G port mode
64x10g 64x10G port mode</ref> ===
 
==== hardware profile portmode <port_mode> ====
 
=== Nexus 3100 <ref>[https://community.cisco.com/t5/tkb-%E3%83%87%E3%83%BC%E3%82%BF%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/nexus-%E3%82%B7%E3%83%AA%E3%83%BC%E3%82%BA-cvr-qsfp-sfp10g-%E3%81%AE%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/ta-p/3689358#toc-hId--618050027 Nexus 3100/3200 シリーズ]
 
switch(config)# interface breakout module 1 port 49 map 10g-4x
Interface breakout configured. Please poweroff and no poweroff the module</ref> ===
 
==== 例) interface breakout module 1 port 49 map 10g-4x ====
 
=== Nexus 5600/6000 <ref>[https://community.cisco.com/t5/tkb-%E3%83%87%E3%83%BC%E3%82%BF%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/nexus-%E3%82%B7%E3%83%AA%E3%83%BC%E3%82%BA-cvr-qsfp-sfp10g-%E3%81%AE%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/ta-p/3689358#toc-hId-1869462806 Nexus 5600/6000 シリーズ]
switch(config)# interface breakout slot 2 port 1-4 map 10g-4x
 
Interface breakout configured. Please poweroff and no poweroff the module
</ref> ===
 
==== 例) interface breakout slot 2 port 1-4 map 10g-4x ====
 
=== Nexus 7000 / 7700 <ref>[https://community.cisco.com/t5/tkb-%E3%83%87%E3%83%BC%E3%82%BF%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/nexus-%E3%82%B7%E3%83%AA%E3%83%BC%E3%82%BA-cvr-qsfp-sfp10g-%E3%81%AE%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/ta-p/3689358#toc-hId-62008343 Nexus 7000/7700 シリーズ]</ref> ===
 
==== 例) interface breakout slot 2 port 1-4 map 10g-4x ====
 
=== Nexus9000 共通 ===
 
==== fips mode enable <ref>[https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/configuration/security/cisco-nexus-9000-series-nx-os-security-configuration-guide-release-105x/m-configuring-fips.html Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 10.5(x)]</ref> ====
'''hardware access-list tcam label''' <ref>[https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/configuration/security/cisco-nexus-9000-series-nx-os-security-configuration-guide-release-105x/m-configuring-ip-acls.html Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 10.5(x)]
 
Chapter: Configuring IP ACLs
 
The label size can be increased to 62 when you enter the '''hardware access-list tcam label ing-ifacl 6''' command and reload the switch.</ref>
 
==== hardware access-list tcam region <feature_name> <feature_size> <ref>Understand how to Carve TCAM Space - Nexus 9000<nowiki/>https://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/119032-nexus9k-tcam-00.html#anc7
 
Configuration
 
In order to reconfigure a TCAM region, use the
 
hardware access-list tcam region <feature_name>
 
<feature_size> command in the configuration terminal.
 
Once you have changed the regions to be the intended sizes,
 
'''you must reload the device.'''  </ref> ====
 
* TCAM の領域を変更するコマンド 要再起動
* [https://community.cisco.com/t5/%E3%83%87%E3%83%BC%E3%82%BF%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/nexus-9000%E3%82%B7%E3%83%AA%E3%83%BC%E3%82%BA-tcam-region-%E3%81%AE%E8%A8%AD%E5%AE%9A-tcam-resource-%E3%81%AE%E7%A2%BA%E8%AA%8D%E6%96%B9%E6%B3%95%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/ta-p/3163235 IPv6 ACL を設定するときは、デフォルトが 0 のケース]があり、領域を割り当てる必要があります
 
==== max-metric router-lsa external-lsa include-stub on-startup summary-lsa ====
* コマンド投入後、次回の再起動時に有効になる旨のメッセージが表示されます
* ただ、これは起動時に発動するコマンドのため、reload が必要とは違う気がします
* ただ、これは起動時に発動するコマンドのため、reload が必要とは違う気がします
==== system vlan <vlan-id> reserve <ref>[https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/configuration/layer-2-switching/cisco-nexus-9000-series-nx-os-layer-2-switching-configuration-guide-105x/m-configuring-vlans.html Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide, Release 10.5(x)]
Chapter: Configuring VLANs
About Reserved VLANs
The new reserved range takes effect after the running configuration is saved and the device is reloaded.</ref> ====
* Nexus がデフォルトで使用できない Vlan-ID の 3968 ~ 4095 を、別の Vlan-ID に変更するコマンド
* 1 個指定すると、続けて 127 個、合計 128 個の Vlan-ID が使用できなくなる
* Nexus 3000 , 5000 , 7000 でも使用可能
[https://www.cisco.com/c/ja_jp/td/docs/dcn/nx-os/nexus9000/102x/configuration/layer-2-switching/cisco-nexus-9000-nx-os-layer-2-switching-configuration-guide-102x/m-configuring-vlans.html#concept_D5ED0AAC38C94ED2B8DFFE88B4951EF2 VLAN 予約の例]
**************************************************
CONFIGURE NON-DEFAULT RANGE, "COPY R S" AND RELOAD
**************************************************
switch(config)# system vlan 400 reserve
"vlan configuration 400-527" will be deleted automatically.
Vlans, SVIs and sub-interface encaps for vlans 400-527 need to be removed by the user.
Continue anyway? (y/n) [no] y
Note: After switch reload, VLANs 400-527 will be reserved for internal use.
      This requires copy running-config to startup-config before
      switch reload.  Creating VLANs within this range is not allowed.
switch(config)# show system vlan reserved
system current running vlan reservation: 3968-4095
system future running vlan reservation: 400-527
switch(config)# copy running-config startup-config
[########################################] 100%
switch(config)# reload
This command will reboot the system. (y/n)?  [n] y
************
AFTER RELOAD
************
switch# show system vlan reserved
system current running vlan reservation: 400-527
=== Nexus9200 <ref name=":2">[https://www.cisco.com/c/ja_jp/td/docs/switches/datacenter/nexus9000/sw/93x/scalability/guide-935/cisco-nexus-9000-series-nx-os-verified-scalability-guide-935.html Cisco Nexus 9000 シリーズ NX-OS 検証済みスケーラビリティ ガイド リリース 9.3(5)]</ref> <ref name=":3">[https://www.cisco.com/c/ja_jp/td/docs/switches/datacenter/nexus9000/sw/93x/unicast/configuration/guide/b-cisco-nexus-9000-series-nx-os-unicast-routing-configuration-guide-93x/b-cisco-nexus-9000-series-nx-os-unicast-routing-configuration-guide-93x_chapter_011001.html Cisco Nexus 9000 シリーズ NX-OS ユニキャスト ルーティング設定ガイド]</ref> ===
==== system routing template-dual-stack-host-scale ====
==== system routing template-lpm-heavy ====
==== system routing template-l2-heavy ====
=== Nexus 9300 <ref name=":2" /> <ref name=":3" /> ===
==== system routing template-l2-heavy ====
==== system routing max-mode l3 ====
=== Nexus9300-EX <ref name=":2" /> <ref name=":3" /> ===
==== system routing template-dual-stack-host-scale ====
==== system routing template-lpm-heavy ====
==== system routing template-internet-peering ====
==== system routing template-l2-heavy ====
=== Nexus9300-FX <ref name=":2" /> <ref name=":3" /> ===
==== system routing template-lpm-heavy ====
==== system routing template-internet-peering ====
==== system routing template-dual-stack-host-scale ====
=== Nexus9300-FX2 <ref name=":2" /> <ref name=":3" /> ===
==== system routing template-lpm-heavy ====
==== system routing template-internet-peering ====
==== system routing template-dual-stack-host-scale ====
=== Nexus9300-GX <ref name=":2" /> <ref name=":3" /> ===
==== system routing template-lpm-heavy ====
==== system routing template-internet-peering ====
==== system routing template-dual-stack-host-scale ====
=== Nexus-9500 用 9700-EX or 9700-FX ラインカード <ref name=":2" /> <ref name=":3" /> ===
==== system routing max-mode host ====
==== system routing non-hierarchical-routing [max-l3-mode] ====
==== system routing mode hierarchical 64b-alpm ====
==== system routing template-lpm-heavy ====
==== system routing template-internet-peering ====
=== Nexus-9500-R 用 9600-R ラインカード <ref name=":2" /> <ref name=":3" /> ===
==== system routing template-internet-peering ====
== Juniper ==
=== MX204 ===
ポートの割当を変更したい場合は、以下を参照。変更後は PIC のリセットが必要。
==== set chassis fpc <fpc_num> pic <pic_num> port <port_num> speed <speed> <ref>Port Speed on MX204 Overview<nowiki/>https://www.juniper.net/documentation/us/en/software/junos/interfaces-ethernet/topics/topic-map/port-speed-configuration.html#concept-mx204
To change the default speed, you must select a port
and configure a different port speed on it
and '''reset both the PICs for the configuration to take effect.'''
For example, select 40GE or 100GE on PIC0 and 10GE on PIC1.
For this configuration to take effect, you must reset both PICs.</ref> ====
* シャーシ全体の再起動 + Junos 起動は必要無いけど、両方の PIC = 全ポートを Offline + Online で reset する必要あり
* [https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/command/request-chassis-pic.html request chassis pic]
==== [https://www.juniper.net/documentation/us/en/software/junos/interfaces-ethernet/topics/topic-map/port-speed-mx-routers.html Port Speed on MX Routers] ====
<syntaxhighlight lang="diff">
Table 1: Port Speed for MX204
PIC    Port  Port Speed Supported
PIC 0  0-3    4x10-Gigabit Ethernet
              40-Gigabit Ethernet
              100-Gigabit Ethernet
              Default: 4x10-Gigabit Ethernet
              Supports 1-Gbps speed on 10 Gigabit Ethernet ports (Junos OS Release 18.1 onwards)
PIC 1  0-7    10-Gigabit Etherner
              Supports 1-Gbps speed on 10 Gigabit Ethernet ports (Junos OS Release 18.1 onwards)
</syntaxhighlight>[https://www.juniper.net/documentation/en_US/day-one-books/DO_MX5G.pdf Figure 1.3 MX204 Packet Forwarding Engine]
[[ファイル:MX204_PFE.png|代替文=MX204 PFE|なし|フレーム|MX204 PFE]]
==== [https://www.juniper.net/documentation/us/en/software/junos/interfaces-ethernet/topics/topic-map/configure-port.html#xd_44b04e84b48f8267--22641f22-18c8148309f--7fb1__section_d2k_thb_dzb Configure Port Speed - PIC Level] ====
==== [https://apps.juniper.net/port-checker/mx204/ MX204 Port Checker] ====
=== MX304 ===
ポートの割当を変更したい場合は、以下を参照。変更後は PIC のリセットが必要。
==== [https://community.juniper.net/blogs/reema-ray/2023/03/28/mx304-deepdive MX304 Deepdive] ====
<syntaxhighlight lang="diff">
PIC Mode / Port Mode
Examples (X varies from 1 to 16 depending on the port speed):
set chassis fpc 0 pic0 pic-mode 100g number-of-ports X
set chassis fpc 0 pic0 pic-mode 400g number-of-ports X
set chassis fpc 0 pic0 pic-mode 10g number-of-ports X
set chassis fpc 0 pic0 pic-mode 25g number-of-ports X
set chassis fpc 0 pic0 pic-mode 50g number-of-ports X
</syntaxhighlight>
==== [https://apps.juniper.net/port-checker/mx304/ MX304 Port Checker] ====
=== PIC リセット コマンド例 ===
<syntaxhighlight lang="diff">
request chassis pic pic-slot 0 fpc-slot 0 offline
request chassis pic pic-slot 0 fpc-slot 0 online
</syntaxhighlight>


== Arista ==
== Arista ==


=== 7050X3 ===
==== zerotouch cancel <ref>Canceling Zero Touch Provisioning
 
https://www.arista.com/en/um-eos/eos-initial-switch-access#xx1131266
 
To avoid entering ZTP mode on subsequent reboots, create a startup-config file as described in Step 8 of Ethernet Management Port.</ref> ====
 
* 最初は startup-config が存在しないため、ZTP モードで起動する
* cancel すると自動で再起動がかかる
 
==== service routing protocols model { ribd | multi-agent } <ref><syntaxhighlight lang="diff">
localhost(config)#service routing protocols model multi-agent
! Change will take effect only after switch reboot
localhost(config)#
</syntaxhighlight></ref>====
 
* 2022/09 現在は ribd がデフォルト
* 最近は multi-agent を使うのが主流
* EVPN などでは multi-agent を使用する必要がある


=== DCS-7280R, DCS-7280R2, DCS-7500R, DCS-7500R2, DCS-7020R ===
=== DCS-7280R, DCS-7280R2, DCS-7500R, DCS-7500R2, DCS-7020R ===
hardware access-list mechanism tcam <ref>Support for Private VLAN


<nowiki>https://www.arista.com/en/um-eos/eos-virtual-lans-vlans?searchword=reload</nowiki>
==== hardware access-list mechanism tcam <ref>Support for Private VLAN
 
https://www.arista.com/en/um-eos/eos-virtual-lans-vlans?searchword=reload


On DCS-7280R, DCS-7280R2, DCS-7500R, DCS-7500R2, DCS-7020R
On DCS-7280R, DCS-7280R2, DCS-7500R, DCS-7500R2, DCS-7020R


Private VLAN and Algomatch features are mutually exclusive. Disable algomatch with the hardware access-list mechanism tcam command . Note that this requires a reload of the system to take effect.</ref>
Private VLAN and Algomatch features are mutually exclusive. Disable algomatch with the hardware access-list mechanism tcam command . Note that '''this requires a reload''' of the system to take effect.</ref> ====
 
=== 7050X3 ===
[https://arista.my.site.com/AristaCommunity/s/article/7050X3-Logical-Port 7050X3でのLogical Portの管理]<syntaxhighlight lang="diff">
7050SX3-48YC8, 7050SX3-48C8, 7050TX3-48C8ではスイッチのLogical Portの数が64でインタフェースの総数より少なくなっています。
</syntaxhighlight>
 
* 25G x 48 + ブレークアウト 25G x 4 波長 x 8 ポート = 80 ポートが最大だが、そのうち 64 ポートしか使えないことを意味する
* platform trident reset でトラフィック中断の発生するリセットが必要な場合がある<br />


== A10 ==
== A10 ==
Thunder 3030S CGN / 3040S CFW
A10 のマニュアルはインターネット上に公開されておらず、アカウント作成とログインが必要。
 
=== Thunder 3030S CGN ===
 
==== system resource-usage nat-pool-addr-count <ref>system resource-usage
 
https://documentation.a10networks.com/ACOS/271x/271-P6/ACOS_2_7_1-P6/html/ax-cli-reference-Responsive%20HTML5/ax-cli-reference/ax-cli-globalcfg-cmds/system_resource-usage.htm?rhsearch=system%20resource-usage%20nat-pool-addr-count&rhsyns=%20
 
nat-pool-addr-count --- Total IP source NAT pools
 
Reload or Reboot Required
 
To place a change to l4-session-count into effect, a reboot is required. A reload will not place this change into effect. For changes to any of the other system resources, a reload is required but a reboot is not required.</ref> ====
 
* CGN 用 NAT プールアドレス
 
=== Thunder 3040S CFW ===
 
==== system resource-usage nat-pool-addr-count <ref>system resource-usage
 
https://documentation.a10networks.com/ACOS/414x/ACOS_4_1_4-GR1-P1/html/cli-reference-Responsive%20HTML5/cli-reference/cli-globalcfg-cmds/system_resource-usage.htm?rhsearch=system%20resource-usage&rhsyns=%20
 
nat-pool-addr-count num --- Total number of NAT pool addresses available for configuration in the system. The range is platform specific.
 
Usage
 
To place a change to l4-session-count into effect,
 
a reboot is required.
 
A reload will not place this change into effect.
 
For changes to any of the other system resources,
 
a reload is required but a reboot is not required.</ref> ====
 
==== system resource-usage l4-session-count <ref>ACOS 5.2.1-P8 Command Line Interface Reference Guide
 
'''Usage'''
 
To place a change to l4-session-count into effect, a reboot is required.</ref> ====
 
==== cgnv6 resource-usage lsn-nat-addr-count <ref>cgnv6 resource-usage
 
https://documentation.a10networks.com/ACOS/414x/ACOS_4_1_4-GR1-P11/html/cliv6-Responsive%20HTML5/cliv6/cliv6_cgn_aka_lsn_cmds/cgnv6_resource-usage.htm?rhsearch=cgnv6%20resource-usage%20lsn-nat-addr-count&rhsyns=%20</ref> <ref><syntaxhighlight lang="diff">
(config)#cgnv6 resource-usage lsn-nat-addr-count 2048
Changes will come into effect next time you reload the Software.
</syntaxhighlight></ref> ====
 
* こちらはコマンドリファレンスに reload 必須との記載が無いが、コマンドを打つと reload が必要と出てくる
 
==== system promiscuous-mode ====
 
==== system-jumbo-global enable-jumbo ====
 
* non-FTA モデルでは変更時に reboot が必要  <ref>ACOS5.2.1-P8
 
Command_Line_Interface_Reference.pdf
 
NOTE:
 
On non-FTA models, after you enable (or disable) jumbo frame support, you must save the configuration (write memory command) and reboot (reboot command) to place the change into effect.</ref>
 
== Extreme VSP ==
 
==== boot config flags spbm-config-mode <ref>[https://documentation.extremenetworks.com/VOSS/SW/89/VOSSUserGuide/GUID-DCBDDD6D-57E4-486A-83A9-4D33886AA891.shtml#GUID-CD735C3D-7B32-466C-BB24-973CDB3B8C94 Virtual interswitch trunk (vIST)]
enable
configure terminal
no boot config flags spbm-config-mode
Save the configuration and reboot the switch.</ref> ====
 
==== boot config flags advanced-feature-bandwidth-reservation <ref>[https://documentation.extremenetworks.com/FABRICENGINE/SW/810/FabricEngineUserGuide/GUID-E463D2F1-8B68-4E81-8434-36C2114F13C7.shtml If you change the configuration, you must save the configuration, and then reboot the switch for the change to take effect.]</ref> ====
* 他の boot config flags コマンドも再起動が必要なものがある
 
== リファレンス ==
<references />
[[カテゴリ:その他]]

2024年10月9日 (水) 19:21時点における最新版

いろいろなメーカーのネットワーク機器について、再起動しないと有効にならないコンフィグを集めました。

以下のようなシチュエーションで役に立ちます。

  • 作業の役務を見積もるとき、夜間作業が必要か調べたい
  • 保守交換後、OS Ver と running-config で diff が無くても、動作に差分があるとき
    • TCAM サイズを変更するコマンドは、ROMMON / Boot Loader の変数に書き込まれて running-config に表示されない機器があります
  • 初期構築時に設定追加・変更しておくことで運用に入ってからの停止作業を回避

Cisco

ISR4000 / ASR1000

ASR1000 : license boot level { adventerprise | advipservices | ipbase } [1]

  • Universal イメージの IOS / IOS-XE はコマンドでライセンス レベルを変更可能

ISR4000 : platform hardware throughput level { 2500000 | 5000000 } [2]

ISR4000 : platform hardware throughput level boost [3]

ASR1000 : platform hardware throughput level [4]

  • デフォルトは双方向で合計 2.5Gbps のスループット
  • 双方向で 20Gbps の最大スループットを設定可能
    • 10G ポートの Rx / Tx の合計で 20Gbps を捌けるのと、同一の意味
  • CSR1000V は再起動が不要と記載あり

ASR1001-HX : platform hardware crypto-throughput level { 8g | 8-16g } [5]

  • こちらは再起動が必要無いように読める

ASR1002-HX : platform hardware crypto-throughput level { 8g | 8-16g | 8-25g | 16-25g } [6]

  • こちらは再起動が必要無いように読める

Catalyst8200 / 8300

platform resource { service-plane-heavy | data-plane-heavy }

  • Catalyst 8200 , 8300 は複数の CPU コアを、サービス プレーンとデータプレーンに振り分ける割合を変えることが可能
  • 最小 8 コアを備えている
  • デフォルトは service-plane-heavy
  • show platform software cpu alloc コマンドで、割り当て状況を確認可能
show platform software cpu alloc

CPU alloc information: 
 Control plane cpu alloc: 0
 Data plane cpu alloc: 1-7
 Service plane cpu alloc: 0
 Template used: CLI-data_plane_heavy

platform hardware throughput crypto

platform hardware throughput level MB

(EXEC) license throughput crypto auto-convert

(EXEC) license throughput level auto-convert

Cisco 8000

hw-module profile route scale lpm tcam-banks [7]

Catalyst 2960 / 3560 / 3750

3750 : sdm prefer { access | default | dual-ipv4-and-ipv6 { default | routing | vlan } | indirect-ipv4-and-ipv6-routing | routing | vlan } [8]

  • PBR / IPv6 はデフォルトで TCAM が割り当てられていないため、routing / dual stack テンプレートに変更 + 再起動が必要

system mtu jumbo <1500-9000> | <1500-9198>

  • show run に出てこない
  • show system mtu コマンドで確認可能
  • 機種により対応範囲が異なる
    • 3750G : 1500-9000
    • 3560CX : 1500-9198

Catalyst 4500 Sup6E

hw-module uplink mode { shared-backplane| tengigabitethernet } [9]

  • 要再起動
  • 最初に TenGig を使っていなくて、増速で TenGig にするときに要注意

hw-module module <module_num> port-group <port_num> select [ gigabitethernet | tengigabitethernet ]

  • WS-X4606-10GE-E で TwinGig コンバーターを使用するときに使用
  • こちらは再起動の必要無し


Catalyst 6500 Sup720 / Sup720-10G

mls cef maximum-routes [10]

Catalyst 6500 / 6800 Sup2T / Sup6T

共通 : vlan internal allocation policy { ascending | descending } [11]

共通 : platform hardware acl reserve qos-banks { 1 | 2} [12]

Sup6T : hw-module switch {switch-id} slot {sup slot no.} operation-mode port-group {Port-group no. } { TenGigabitEthernet | FortyGigabitEthernet } [13]

Sup6T : hw-module switch {switch-id} slot {sup slot no.} performance { TenGigabitEthernet | FortyGigabitEthernet } [13]

Catalyst 3850 / 3650 / 9000

license boot level <license_level> [14]

  • Universal イメージの IOS / IOS-XE はコマンドでライセンス レベルを変更可能
  • グローバル コンフィギュレーションで実施

9000 : license right-to-use [activate | deactivate ] [network-essentials | network-advantage ] [all | evaluation {all | slot slot-number <1-8>}] [acceptEULA] [15]

  • こちらは EXEC モードで実施
  • Evaluation (評価) モードで動作している場合は、ライセンスを購入して right-to-use で Permanent モードに変更します

9000 : license right-to-use [activate | deactivate ] addon [dna-essentials | dna-advantage ] [all | evaluation | subscription {all | slot slot-number <1-8>}] [ acceptEULA] [15]

  • こちらは EXEC モードで実施
  • Evaluation (評価) モードで動作している場合は、ライセンスを購入して right-to-use で Permanent モードに変更します

9500 : sdm prefer { core | nat | distribution | custom } [16]

  • 9500H デフォルトの Core テンプレートの場合は MAC アドレステーブルや ARP が少ないため、Distribution に変更するケースがあります


Catalyst 3850XS 16.3.3- / 9400 / 9500 / 9600

stackwise-virtual -> domain <domain_id> [17]

secure-stackwise-virtual authorization-key <128-bits> [18]

  • 初期設定時のみと思われるため、特に問題なし

(config-if)# stackwise-virtual link 1 [19]

  • VSS とは異なり、SWV では SVL の増速に reload が必要になりました

(config-if)# stackwise-virtual dual-active-detection [20]

  • VSS とは異なり、SWV では DAD の設定に reload が必要になりました

stackwise-virtual -> dual-active detection pagp [21]

  • dual-active detection pagp trust channel-group channel-group <id> の追加に再起動が必要無いか、要調査

switch stack-speed [high | low]

  • C9300X から導入された、StackWise-1T を、C9300 の StackWise-480 に混在させるためのコマンド


Catalyst 9400

(config-if)# enable [22]

  • スーパーバイザエンジンの再起動は必要ないけど、ポートグループごとに速度は 1 つに制限される模様


Catalyst 9500

hw-module breakout module

  • 9600 を見たあとだといかにも必要そうだが、この機種は reload が必要ない模様

Catalyst 9600

hw-module breakout-enable [23]

  • 運用に入ってから再起動が必要とわかるとめんどい
  • グローバル コンフィグの部分で再起動が必要に見えるため、予め入れといたほうが良さそう


Catalyst 9400X / 9500X / 9600X

Silicon One の X 系は SWV の SVL / DAD の変更で再起動が必要なくなりました [24]

Nexus3000 [25]

hardware profile portmode <port_mode>

Nexus 3100 [26]

例) interface breakout module 1 port 49 map 10g-4x

Nexus 5600/6000 [27]

例) interface breakout slot 2 port 1-4 map 10g-4x

Nexus 7000 / 7700 [28]

例) interface breakout slot 2 port 1-4 map 10g-4x

Nexus9000 共通

fips mode enable [29]

hardware access-list tcam label [30]

hardware access-list tcam region <feature_name> <feature_size> [31]

max-metric router-lsa external-lsa include-stub on-startup summary-lsa

  • コマンド投入後、次回の再起動時に有効になる旨のメッセージが表示されます
  • ただ、これは起動時に発動するコマンドのため、reload が必要とは違う気がします

system vlan <vlan-id> reserve [32]

  • Nexus がデフォルトで使用できない Vlan-ID の 3968 ~ 4095 を、別の Vlan-ID に変更するコマンド
  • 1 個指定すると、続けて 127 個、合計 128 個の Vlan-ID が使用できなくなる
  • Nexus 3000 , 5000 , 7000 でも使用可能

VLAN 予約の例

**************************************************
CONFIGURE NON-DEFAULT RANGE, "COPY R S" AND RELOAD
**************************************************
switch(config)# system vlan 400 reserve
"vlan configuration 400-527" will be deleted automatically. 
Vlans, SVIs and sub-interface encaps for vlans 400-527 need to be removed by the user. 
Continue anyway? (y/n) [no] y
Note: After switch reload, VLANs 400-527 will be reserved for internal use.
      This requires copy running-config to startup-config before
      switch reload.  Creating VLANs within this range is not allowed.

switch(config)# show system vlan reserved

system current running vlan reservation: 3968-4095

system future running vlan reservation: 400-527


switch(config)# copy running-config startup-config
[########################################] 100%

switch(config)# reload
This command will reboot the system. (y/n)?  [n] y

************
AFTER RELOAD
************

switch# show system vlan reserved

system current running vlan reservation: 400-527

Nexus9200 [33] [34]

system routing template-dual-stack-host-scale

system routing template-lpm-heavy

system routing template-l2-heavy

Nexus 9300 [33] [34]

system routing template-l2-heavy

system routing max-mode l3

Nexus9300-EX [33] [34]

system routing template-dual-stack-host-scale

system routing template-lpm-heavy

system routing template-internet-peering

system routing template-l2-heavy

Nexus9300-FX [33] [34]

system routing template-lpm-heavy

system routing template-internet-peering

system routing template-dual-stack-host-scale

Nexus9300-FX2 [33] [34]

system routing template-lpm-heavy

system routing template-internet-peering

system routing template-dual-stack-host-scale

Nexus9300-GX [33] [34]

system routing template-lpm-heavy

system routing template-internet-peering

system routing template-dual-stack-host-scale

Nexus-9500 用 9700-EX or 9700-FX ラインカード [33] [34]

system routing max-mode host

system routing non-hierarchical-routing [max-l3-mode]

system routing mode hierarchical 64b-alpm

system routing template-lpm-heavy

system routing template-internet-peering

Nexus-9500-R 用 9600-R ラインカード [33] [34]

system routing template-internet-peering

Juniper

MX204

ポートの割当を変更したい場合は、以下を参照。変更後は PIC のリセットが必要。

set chassis fpc <fpc_num> pic <pic_num> port <port_num> speed <speed> [35]

  • シャーシ全体の再起動 + Junos 起動は必要無いけど、両方の PIC = 全ポートを Offline + Online で reset する必要あり
  • request chassis pic

Port Speed on MX Routers

Table 1: Port Speed for MX204
PIC     Port   Port Speed Supported
PIC 0   0-3    4x10-Gigabit Ethernet
               40-Gigabit Ethernet
               100-Gigabit Ethernet
               Default: 4x10-Gigabit Ethernet
               Supports 1-Gbps speed on 10 Gigabit Ethernet ports (Junos OS Release 18.1 onwards)

PIC 1   0-7    10-Gigabit Etherner
               Supports 1-Gbps speed on 10 Gigabit Ethernet ports (Junos OS Release 18.1 onwards)

Figure 1.3 MX204 Packet Forwarding Engine

MX204 PFE
MX204 PFE

Configure Port Speed - PIC Level

MX204 Port Checker

MX304

ポートの割当を変更したい場合は、以下を参照。変更後は PIC のリセットが必要。

MX304 Deepdive

PIC Mode / Port Mode

Examples (X varies from 1 to 16 depending on the port speed):

set chassis fpc 0 pic0 pic-mode 100g number-of-ports X

set chassis fpc 0 pic0 pic-mode 400g number-of-ports X

set chassis fpc 0 pic0 pic-mode 10g number-of-ports X

set chassis fpc 0 pic0 pic-mode 25g number-of-ports X

set chassis fpc 0 pic0 pic-mode 50g number-of-ports X

MX304 Port Checker

PIC リセット コマンド例

request chassis pic pic-slot 0 fpc-slot 0 offline
request chassis pic pic-slot 0 fpc-slot 0 online


Arista

zerotouch cancel [36]

  • 最初は startup-config が存在しないため、ZTP モードで起動する
  • cancel すると自動で再起動がかかる

service routing protocols model { ribd | multi-agent } [37]

  • 2022/09 現在は ribd がデフォルト
  • 最近は multi-agent を使うのが主流
  • EVPN などでは multi-agent を使用する必要がある

DCS-7280R, DCS-7280R2, DCS-7500R, DCS-7500R2, DCS-7020R

hardware access-list mechanism tcam [38]

7050X3

7050X3でのLogical Portの管理

7050SX3-48YC8, 7050SX3-48C8, 7050TX3-48C8ではスイッチのLogical Portの数が64でインタフェースの総数より少なくなっています。
  • 25G x 48 + ブレークアウト 25G x 4 波長 x 8 ポート = 80 ポートが最大だが、そのうち 64 ポートしか使えないことを意味する
  • platform trident reset でトラフィック中断の発生するリセットが必要な場合がある

A10

A10 のマニュアルはインターネット上に公開されておらず、アカウント作成とログインが必要。

Thunder 3030S CGN

system resource-usage nat-pool-addr-count [39]

  • CGN 用 NAT プールアドレス

Thunder 3040S CFW

system resource-usage nat-pool-addr-count [40]

system resource-usage l4-session-count [41]

cgnv6 resource-usage lsn-nat-addr-count [42] [43]

  • こちらはコマンドリファレンスに reload 必須との記載が無いが、コマンドを打つと reload が必要と出てくる

system promiscuous-mode

system-jumbo-global enable-jumbo

  • non-FTA モデルでは変更時に reboot が必要 [44]

Extreme VSP

boot config flags spbm-config-mode [45]

boot config flags advanced-feature-bandwidth-reservation [46]

  • 他の boot config flags コマンドも再起動が必要なものがある

リファレンス

  1. Chapter: License Verification https://www.cisco.com/c/en/us/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG/b_ASR1001HX-1002HX_HIG_chapter_0110.html license boot level <License_Level>
  2. Performance https://www.cisco.com/c/en/us/td/docs/routers/access/4400/software/configuration/guide/isr4400swcfg/bm_isr_4400_sw_config_guide_chapter_0101.html#concept_3F15D3B0CBA64CA9BADC3C84FE0C63FB To configure the throughput level, perform the following steps and to upgrade the throughput level use the platform hardware throughput level { 2500000 | 5000000} command. In the user EXEC configuration mode, enter the enable command. Enter configure terminal command to enter the global configuration mode. To upgrade the throughput level, enter the platform hardware throughput level{2500000|5000000} command. To exit global configuration mode, enter exit. To save the configuration, enter the copy running-config startup-config command. To reload the router enter reload. A reload is required to activate the throughput level.
  3. platform hardware throughput level boost https://www.cisco.com/c/en/us/td/docs/routers/access/4400/software/configuration/guide/isr4400swcfg/bm_isr_4400_sw_config_guide_chapter_0101.html#concept_x2p_pkj_ndb Save the configuration and reload the device to enable Boost performance license. After the reload, the Boost Performance is activated as shown in this example.
  4. スループット レベルの設定 https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001-x/asr1hig-book/asr1hig-book_chapter_0101.html#con_1060881 Cisco ASR 1001-X ルータの組み込みエンベデッド サービス プロセッサは、ソフトウェア ライセンスに応じて、2.5 Gbps(デフォルト)、5 Gbps、10 Gbps、および 20 Gbps のスループットをサポートします。 ソフトウェア アクティベーションによるパフォーマンス アップグレード ライセンスを適用してから、ルータをリロードすることによって、ESP のスループットを 2.5 Gbps(デフォルト)から 5 Gbps にアップグレードできます。ESP のスループットは、任意のライセンス レベルから別のライセンス レベルにアップグレードできます。 ESP の現在のスループットレベルを決定するには、show platform hardware throughput level コマンドを実行します。 次に、20 Gbps パフォーマンス アップグレード ライセンスの適用とルータのリロード後の このコマンドの出力例を示します。
  5. 暗号化スループット レベルの設定https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG.pdf Cisco ASR 1001-HX ルータの暗号化スループット レベルを設定するには、次のコマンドを入力します。
    Router(config)# platform hardware crypto-throughput level ?
    8-16g crypto throughput upgrade, bits per second
    8g crypto throughput level, bits per second
    Router(config)# platform hardware crypto-throughput level 8g
    % Crypto Bandwidth set to 8G bps.
    Router(config)# platform hardware crypto-throughput level 8-16g
    % Crypto Bandwidth set to 16G bps.
    
  6. 暗号化スループット レベルの設定https://www.cisco.com/c/ja_jp/td/docs/routers/asr1000/install/guide/1001HX_1002HX/b_ASR1001HX-1002HX_HIG.pdf Cisco ASR 1002-HX ルータの暗号化スループット レベルを設定するには、次のコマンドを入力します。
    Router(config)# platform hardware crypto-throughput level ?
    16-25g crypto throughput upgrade, bits per second
    8-16g crypto throughput upgrade, bits per second
    8-25g crypto throughput upgrade, bits per second
    8g crypto throughput level, bits per second
    
  7. hw-module profile route scale
  8. Chapter: Configuring SDM Templates https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg/swsdm.html
  9. Supervisor Engine 6-E でのアップリンク モードの選択 https://www.cisco.com/c/ja_jp/td/docs/sw/lanswt-access/cat4500swt/cg/009/confg-gd/sw-int.html#18105 (注) hw-module uplink mode shared-backplane コマンドを使用して アップリンク モードを変更する場合は、システムをリロードする必要が あります。コンソールには、リロードを示すメッセージが表示されます。
  10. CAT 6500 and 7600 Series Routers and Switches TCAM Allocation Adjustment Procedures https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117712-problemsolution-cat6500-00.html#anc3 You can enter the mls cef maximum-routes ip <number in thousands> command in order to adjust the number of routing entries that are allocated to the IPv4. This does not increase the overall size of the FIB TCAM, but it reduces the number of routing entries that are allocated to the IPv6 in order to increase the amount of TCAM space for the IPv4.
  11. Configuring the Internal VLAN Allocation Policyhttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-5SY/config_guide/sup6T/15_5_sy_swcg_6T.pdf Note The internal VLAN allocation policy is applied only following a reload.
  12. Chapter 23 Restrictions for PFC QoShttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-5SY/config_guide/sup6T/15_5_sy_swcg_6T.pdf Changes to the supported number of QoS TCAM entries take effect after a reload. Enter the show platform hardware acl global-config command to display the QoS TCAM entry configuration:
  13. 13.0 13.1 Chapter 4 Virtual Switching Systemshttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-5SY/config_guide/sup6T/15_5_sy_swcg_6T.pdf Note - The entire systems reloads after any mode conversion.
  14. Configuring Base and Add-On Licenses https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-6/configuration_guide/sys_mgmt/b_176_sys_mgmt_9300_cg/licenses.html#Cisco_Task.dita_f126c327-a647-4235-b1a2-930771e49f9d license boot level <license_level>
  15. 15.0 15.1 Activating a License
  16. Chapter: Configuring SDM Templates https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-6/configuration_guide/sys_mgmt/b_176_sys_mgmt_9500_cg/configuring_sdm_templates.html
  17. Configuring Cisco StackWise Virtual Settings https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_lbj_yyx_31b Step 5 Device(config)#stackwise-virtual Step 6 Device(config-stackwise-virtual)#domain 2 Step 10 reload
  18. Configuring Secure StackWise Virtual Step 3 secure-stackwise-virtual authorization-key <128-bits> Example: Device(config)#secure-stackwise-virtual authorization-key <128-bits> Step 4 reload Example: Device#reload
  19. Configuring Cisco StackWise Virtual Linkhttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_wly_zyx_31b Step 4 Device(config-if)#stackwise-virtual link 1 Step 7 Device#reload
  20. Configuring StackWise Virtual Fast Hello Dual-Active-Detection Linkhttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_yqn_bzx_31b
  21. Enabling ePAgP Dual-Active-Detectionhttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/ha/b_173_ha_9500_cg/configuring_cisco_stackwise_virtual.html#task_ump_ptf_r1b
  22. アップリンク ポートhttps://www.cisco.com/c/ja_jp/td/docs/switches/lan/catalyst9400/software/release/17-3/configuration_guide/int_hw/b_173_int_and_hw_9400_cg/configuring_interface_characteristics.html#concept_ayd_y5q_p1b 速度 10G、25G、および 40G はポートグループごとに相互に排他的です。 ポートグループでは任意の 1 つの速度をいつでも有効にできます。
  23. Configuring a Breakout Interfacehttps://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-2/configuration_guide/int_hw/b_172_int_and_hw_9600_cg/configuring_interface_characteristics.html#task_slc_34x_1jb Step 3 hw-module breakout-enable Step 5 reload
  24. Dynamic addition and removal of SVL links are supported on the C9500X-28C8D model of Cisco Catalyst 9500 Series Switches, and therefore, a reload is not required for adding or removing the SVL links when the device is already operating in SVL mode.
  25. Nexus 3000 シリーズ switch(config)# hardware profile portmode ? 48x10g+4x40g 48x10G+4x40G port mode 52x10g+3x40g 52x10G+3x40G port mode 56x10g+2x40g 56x10G+2x40G port mode 60x10g+1x40g 60x10G+1x40G port mode 64x10g 64x10G port mode
  26. Nexus 3100/3200 シリーズ switch(config)# interface breakout module 1 port 49 map 10g-4x Interface breakout configured. Please poweroff and no poweroff the module
  27. Nexus 5600/6000 シリーズ switch(config)# interface breakout slot 2 port 1-4 map 10g-4x Interface breakout configured. Please poweroff and no poweroff the module
  28. Nexus 7000/7700 シリーズ
  29. Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 10.5(x)
  30. Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 10.5(x) Chapter: Configuring IP ACLs The label size can be increased to 62 when you enter the hardware access-list tcam label ing-ifacl 6 command and reload the switch.
  31. Understand how to Carve TCAM Space - Nexus 9000https://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/119032-nexus9k-tcam-00.html#anc7 Configuration In order to reconfigure a TCAM region, use the hardware access-list tcam region <feature_name> <feature_size> command in the configuration terminal. Once you have changed the regions to be the intended sizes, you must reload the device.  
  32. Cisco Nexus 9000 Series NX-OS Layer 2 Switching Configuration Guide, Release 10.5(x) Chapter: Configuring VLANs About Reserved VLANs The new reserved range takes effect after the running configuration is saved and the device is reloaded.
  33. 33.0 33.1 33.2 33.3 33.4 33.5 33.6 33.7 Cisco Nexus 9000 シリーズ NX-OS 検証済みスケーラビリティ ガイド リリース 9.3(5)
  34. 34.0 34.1 34.2 34.3 34.4 34.5 34.6 34.7 Cisco Nexus 9000 シリーズ NX-OS ユニキャスト ルーティング設定ガイド
  35. Port Speed on MX204 Overviewhttps://www.juniper.net/documentation/us/en/software/junos/interfaces-ethernet/topics/topic-map/port-speed-configuration.html#concept-mx204 To change the default speed, you must select a port and configure a different port speed on it and reset both the PICs for the configuration to take effect. For example, select 40GE or 100GE on PIC0 and 10GE on PIC1. For this configuration to take effect, you must reset both PICs.
  36. Canceling Zero Touch Provisioning https://www.arista.com/en/um-eos/eos-initial-switch-access#xx1131266 To avoid entering ZTP mode on subsequent reboots, create a startup-config file as described in Step 8 of Ethernet Management Port.
  37. localhost(config)#service routing protocols model multi-agent 
    ! Change will take effect only after switch reboot
    localhost(config)#
    
  38. Support for Private VLAN https://www.arista.com/en/um-eos/eos-virtual-lans-vlans?searchword=reload On DCS-7280R, DCS-7280R2, DCS-7500R, DCS-7500R2, DCS-7020R Private VLAN and Algomatch features are mutually exclusive. Disable algomatch with the hardware access-list mechanism tcam command . Note that this requires a reload of the system to take effect.
  39. system resource-usage https://documentation.a10networks.com/ACOS/271x/271-P6/ACOS_2_7_1-P6/html/ax-cli-reference-Responsive%20HTML5/ax-cli-reference/ax-cli-globalcfg-cmds/system_resource-usage.htm?rhsearch=system%20resource-usage%20nat-pool-addr-count&rhsyns=%20 nat-pool-addr-count --- Total IP source NAT pools Reload or Reboot Required To place a change to l4-session-count into effect, a reboot is required. A reload will not place this change into effect. For changes to any of the other system resources, a reload is required but a reboot is not required.
  40. system resource-usage https://documentation.a10networks.com/ACOS/414x/ACOS_4_1_4-GR1-P1/html/cli-reference-Responsive%20HTML5/cli-reference/cli-globalcfg-cmds/system_resource-usage.htm?rhsearch=system%20resource-usage&rhsyns=%20 nat-pool-addr-count num --- Total number of NAT pool addresses available for configuration in the system. The range is platform specific. Usage To place a change to l4-session-count into effect, a reboot is required. A reload will not place this change into effect. For changes to any of the other system resources, a reload is required but a reboot is not required.
  41. ACOS 5.2.1-P8 Command Line Interface Reference Guide Usage To place a change to l4-session-count into effect, a reboot is required.
  42. cgnv6 resource-usage https://documentation.a10networks.com/ACOS/414x/ACOS_4_1_4-GR1-P11/html/cliv6-Responsive%20HTML5/cliv6/cliv6_cgn_aka_lsn_cmds/cgnv6_resource-usage.htm?rhsearch=cgnv6%20resource-usage%20lsn-nat-addr-count&rhsyns=%20
  43. (config)#cgnv6 resource-usage lsn-nat-addr-count 2048
    Changes will come into effect next time you reload the Software.
    
  44. ACOS5.2.1-P8 Command_Line_Interface_Reference.pdf NOTE: On non-FTA models, after you enable (or disable) jumbo frame support, you must save the configuration (write memory command) and reboot (reboot command) to place the change into effect.
  45. Virtual interswitch trunk (vIST) enable configure terminal no boot config flags spbm-config-mode Save the configuration and reboot the switch.
  46. If you change the configuration, you must save the configuration, and then reboot the switch for the change to take effect.