Announcement

Collapse
No announcement yet.

Change ports from VLAN to VLAN in entirety

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Change ports from VLAN to VLAN in entirety

    Hello.. I've searched the internet far and wide... I am thinking this might not be possible the way I'm trying to accomplish it but I figured I'd send this out to see if anyone has a solution..

    We are implimenting a NAC (Network Access Control) system at work, which requires all the ports to be at a default configuration. We have a Data/Voice and Vendor Vlan. Many of our ports are assigned to the vendor VLAN but need to be moved back to the Data Vlan.

    Is there any way by witch to move the VLAN contents in its entirety from Vendor VLAN to Data VLAN? I cannot select all ports as some are trunks, others are special use and we don't want to adjust those. I tried doing a range command after the conf t command but it seems to be restricted to a maximum of 4 individual interfaces at a time.

    We have 820 switches to do this on so anything that can make it easier, is a good thing.

    Your assistance is appreciated!

  • #2
    Re: Change ports from VLAN to VLAN in entirety

    Assuming from your question that you don't have a centralized management tool to handle changes like this, I'd say this sounds like a scripting job.

    Can you connect to these switches via SSH? Do you have the relevant hostnames/IP addresses in a list? If so, I'd split this job in three separate parts:
    1. retrieve all configurations using a script
    2. have another script filter out everything but the interface configurations, remove interfaces that are not to be altered, and generate new configurations
    3. push the new configuration to the switches using a third script

    Part 3 should include adding a "reload in 15" statement to the new configs, and have a final script cancel the reload and do "wr mem" once the configuration has been verified to work. You could even make a few scripts to test connectivity.

    Comment


    • #3
      Re: Change ports from VLAN to VLAN in entirety

      Originally posted by Ser Olmy View Post
      Assuming from your question that you don't have a centralized management tool to handle changes like this, I'd say this sounds like a scripting job.

      Can you connect to these switches via SSH? Do you have the relevant hostnames/IP addresses in a list? If so, I'd split this job in three separate parts:
      1. retrieve all configurations using a script
      2. have another script filter out everything but the interface configurations, remove interfaces that are not to be altered, and generate new configurations
      3. push the new configuration to the switches using a third script

      Part 3 should include adding a "reload in 15" statement to the new configs, and have a final script cancel the reload and do "wr mem" once the configuration has been verified to work. You could even make a few scripts to test connectivity.
      I'm not on the network team but it doesn't sound like they have anything like that... They have a monitoring system called Orion/SolarWinds but I'm not sure if that would fit under this need..

      I've basically thought through much of your recomendation, I'm looking for the cisco IOS commands to achieve this in a simple manner

      Info: Data Vlan {Variable}
      Port IDs' {Constant - Provided by Vendor VLAN ID Group}

      What would be easiest if I could do something like
      conf t
      int range VLAN {VendorID#}
      switchport access vlan {DATA VLAN}

      But when you are in the int VLAN context, switchport is not a valid command.

      There's gotta be an easier way to do this.. 812 times....
      Last edited by Cthulhu; 7th December 2013, 07:31.

      Comment


      • #4
        Re: Change ports from VLAN to VLAN in entirety

        You actually have to do this:
        Code:
        interface GigabitEthernet 0/1
        switchport access vlan {data VLAN #}
        interface GigabitEthernet 0/2
        switchport access vlan {data VLAN #}
        ...and so on, for each relevant port on every switch. That's not difficult to script at all, provided you have the hostnames or IP addresses and login credentials to the switches in question.

        You will need to formulate exact criteria for the ports to be reconfigured, something like "every port currently in acccess VLAN A should be moved to VLAN B" or "all non-trunk ports in access VLAN A and all trunk ports with native VLAN A should be moved to VLAN B".

        Comment

        Working...
        X