hi folks, We have recently done a hardware refresh going from non-stacked Cisco C3560X switches to stacked Cisco 9300 switches. Note we didn't actually change any switch config in PF and reused the management ip of one of the old 3560x as the management ip of the new switch stack. Stacked switch in PF is still set to type "Cisco_Catalyst_3560"
Behaviour of new switches is fine wrt PF (we use mac auth bypass) except we cannot restart switches interfaces via PF following a vlan change (which I think is as expected looking at previous posts and is related to NAS-Port to ifindex mapping). Am I correct in saying that Cisco stacked switch support (in pf 9.1) is _only_ for the 3750/3750G models? (as per https://sourceforge.net/p/packetfence/mailman/message/28571664/) I've also manually grepped for stack in the relevant Cisco dir (/usr/local/pf/lib/pf/Switch/Cisco) grep stack *.pm Catalyst_3750G.pm: # NAS-Port bumps by +100 between stacks while ifIndex bumps by +500 Catalyst_3750.pm: # NAS-Port bumps by +100 between stacks while ifIndex bumps by +500 Looking at the NAS-Port / ifindex of 9300 here (via raddebug as per https://sourceforge.net/p/packetfence/mailman/message/36386651/) I get the following: desc / ifindex / NAS-Port 'TenGigabitEthernet1/0/48','56', '50148' 'TenGigabitEthernet2/0/48','124', '50248' 'TenGigabitEthernet3/0/48','192', '50348' 'TenGigabitEthernet4/0/48','260', '50448' 'TwoGigabitEthernet4/0/35','247', '50435' 'TwoGigabitEthernet4/0/36','248', '50436' 'TwoGigabitEthernet5/0/35','315', '50535' which can be expressed I think as "NAS-port bumps by +100 between stacks while ifindex bumps by +68". so that doesn't match the current nas-port to ifindex mapping as per the 3750. Next steps: a) To get stacked support I think I should in any case setup a new switch config in PF (for the stacked switch) with switch type 3750 and as per https://sourceforge.net/p/packetfence/mailman/packetfence-users/thread/34AC7571-3E0D-4654-B510-73DFE9507946%40inverse.ca/#msg23039406 close any open entries in locationlog table as per "UPDATE locationlog SET end_time = now() WHERE switch = 'a.b.c.d' AND (ISNULL(end_time) or end_time = 0" b) modify my individual 3750.PM for the 9300 nas_port to ifindex logic - or is there a cleaner way of doing this? (as my changes will get overwritten with any updates?) Can I create my own Catalyst_9300 config? Regards, Seb Sebastian Siebrasse IT - Senior Infrastructure & Systems Engineer UK Centre for Ecology & Hydrology www.ceh.ac.uk<http://www.ceh.ac.uk/> | @UK_CEH<https://twitter.com/UK_CEH> This email and any attachments are intended solely for the named recipients and are confidential. If you are not the intended recipient, please reply to the email to highlight the error and delete this email from your system; you must not use, disclose, copy, or distribute this email or any of its attachments. UK Centre for Ecology & Hydrology (UKCEH) has taken reasonable precautions to minimise risk of this email or any attachments containing viruses or malware, but the recipient should carry out its own virus and malware checks before opening the attachments. UKCEH does not accept any liability for any losses or damages which the recipient may sustain due to presence of any viruses. Opinions, conclusions or other information in this message and attachments that are not related directly to UKCEH business are solely those of the author and do not represent the views of UKCEH. We process your personal data in accordance with our Privacy Notice, available on the UKCEH website. https://www.ceh.ac.uk/privacy-notice Registered office address; Maclean Building Benson Lane, Crowmarsh Gifford, Wallingford, Oxfordshire, United Kingdom, OX10 8BB Companies Registered Name; UK Centre for Ecology & Hydrology Place of Registration; England Registered Company Number; 11314957
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
