Service Desk Knowledgebase: Networking: Difference between revisions
| Line 146: | Line 146: | ||
The wiring database is now updated. The '''VLAN''' that was on that port should now be removed '''no switch port access vlan nnn''' | The wiring database is now updated. The '''VLAN''' that was on that port should now be removed '''no switch port access vlan nnn''' | ||
===Updating VLANs in the Cisco switches=== | |||
Unused switch ports are set with the standard settings to enable a IP Phone to be plugged in without any configuration change. However, no other VLANs are enabled by default on the port. | |||
Any other equipment that is attached will require a VLAN to be enabled on that port in addition to merely patching the port through to the floor box. | |||
To enable/disable a VLAN on a port:- | |||
# Connect to laira. | |||
# Connect to the appropriate switch using telnet - the switches are named as wcname-swN.net.cl.cam.ac.uk (i.e. '''wc2e-sw1.net'''). At this point in time our network upgrade is not complete, when it is all wiring closest will have, in effect, a single switch. Until that is complete ports form 1-48 will be on switch 1, 48-96 on switch 2, etc. e.g. '''telnet wc1a-sw1.net''' | |||
# At the password prompt enter the access password. | |||
# At the prompt '''wc1a-sw1.net>''' type '''enable''' then '''[Enter]''', and give the enable password. | |||
# Look at the existing configuration for the '''show conf''' then '''[Enter]''', and page through by hitting space until you see the configuration entry for the port you want to change - for port 23 look for a line like '''interface GigabitEthernet0/23''' and verify what data VLAN is enabled on it. | |||
# To add (or remove) a VLAN enter '''conf terminal''' and '''[Enter]''' | |||
# Then select the interface you want to configure - '''interface gi0/23''' and '''Enter]''' | |||
# Add the required vlan with the command '''switchport access vlan 298''' and '''[Enter]''', or to remove vlan 298 from a port use the command '''no switchport access vlan 298''' and '''[Enter]''' | |||
# At the command prompt type '''exit''' and '''[Enter]''' | |||
# again at the next command prompt type '''exit''' and '''[Enter]''' | |||
# At the next prompt type '''write''' and '''[Enter]''' | |||
# check the configuration as detailed above, if all OK then ''exit'' | |||
== Contacts == | == Contacts == | ||
Revision as of 10:06, 22 January 2015
This is the Networking content page of the CL Wiki Service Desk Knowledgebase. Its purpose is to provide information to the Service Desk team on how to handle problems and requests about this CL service. If you are involved with the provision of this CL service please feel free to add to the knowledge about that it.
If CL staff need to tell the Service Desk team about problems with this service please email
sys-admin-aside@cl.cam.ac.uk.
Return to the Service Desk Knowledgebase SERVICE PORTFOLIO
Key Service Description & URLs
- The CL network
- Computer Laboratory News (Twitter use @UC_CL_SysAdm)
CL Customer Documentation
William Gates Building Floor Plans (inc. Room Codes):
- Ground floor (G)
- First floor (F)
- Second floor (S)
- Find a room
- Tag 298 = Managed Windows (AD delegated machines) 128.232.28.0/22
- Tag 398 = Managed Linux 128.232.64.0/20
- Tag 498 = Managed Macs 128.232.56.0/22
- Tag 105 = DMZ (with no Windows machines in it) 128.232.98.0/24
Further CL Sys-Admin Resources
- http://www.wiki.cl.cam.ac.uk/rowiki/SysInfo/HelpDesk/Networking - Networking
- http://www.wiki.cl.cam.ac.uk/rowiki/SysInfo/HelpDesk/Networking/VPN_request - Dealing with a VPN request
Underpinning Services
- ??? - Any supporting or underpinning services
Customer-base for this Service
- All staff and students of the Computer Laboratory
Costs
- Free to all current staff and PhD students of the Computer Laboratory.
SLA
- N/A
Service Desk Call Handling Procedure
- RT tickets can be escalated to the net-admin team by changing the Queue to net-admin with the Owner set to Nobody & Status set to new. Tell the requestor:
I am passing this request over to our Network Admin team who, I'm sure, will be in contact shortly.
Dealing with a VPN request
See http://www.wiki.cl.cam.ac.uk/rowiki/SysInfo/HelpDesk/Networking/VPN_request
Request to add machine to department network
If it is a private laptop then get them to register it at the DHCP request page and request a connection on the appropriate VLAN.
Adding IP addresses & CNAMES
1. Check that the person is entitled to what is being requested using
https://dbwebserver.ad.cl.cam.ac.uk/administration/HR/HRList.aspx
2. Determine the IP address range that should be use for a given requested VLAN using
https://dbwebserver.ad.cl.cam.ac.uk/SCG/Networks/Networks.aspx
3. Make sure Pageant.EXE is running and has your private key by double clicking on CL.ppk or similar.
4. Use PuTTY and go to the CL's ssh-remote-0.cl.cam.ac.uk
5. Make the PuTTY window longer.
6. Type kinit & press [Enter]
7. Enter your CL Password for CRSid@AD.CL.CAM.AC.UK & press [Enter]
8. Type ssh -K laira & press [Enter] to go to the privileged machine laira
7. Give your CL [sudo] password for CRSid: & press [Enter]
9. At the laira:~$ prompt use cd /anfs/glob/src/etc/named/src and [Enter]
10. Check-out the cl.data file with co -l cl.data and [Enter]
11. Use vi to edit the file with vi cl.data and [Enter]
Adding an IP Address:
- Search for the start of the address range with something like /128.232.98.1 and [Enter]
- Ctrl+F to scroll Forward to the next available address in the range.
- Down-arrow to start of line above where it should be.
- Use Shift+A to enter --INSERT-- mode
- Make an entry like:
saluki1.dtg IN A 128.232.98.206
IN TXT "RT#94231"
(NOTE: the gaps made using <Tab> not space)
- [Esc] out of INSERT mode
- :wq and [Enter] to write the file and quit vi
Adding a CNAME:
- Search for the machine name using something like /puppy38 and [Enter]
- Down-arrow to start of line above where it should be.
- Use Shift+A to enter --INSERT-- mode
- Make an entry like:
puppy38.dtg IN A 128.232.20.67
IN TXT "VM in husky cluster" ; oc243 rt#88303
acr31-containers.dtg IN CNAME puppy38.dtg ; rt#91603
rscfl-freebsd.dtg IN CNAME puppy38.dtg ; rt#94176
(NOTE: the gaps made using <Tab> not space)
- [Esc] out of INSERT mode
- :wq and [Enter] to write the file and quit vi
GENERAL NOTES on vi
- /string and [Enter] (search for the string)
- : = command
- :w and [Enter] is write
- :q! and [Enter] = quit without writing (if you mess up!)
- :help and [Enter] for help
- Arrow-keys scroll around text
- Ctrl+F to page-down scroll through text
- Shift+A to go into --INSERT-- mode
- [Esc] escape out of --INSERT-- mode
12. rcsdiff cl.data and [Enter] to check what changes have actually been made
13. Use ci -u cl.data and [Enter] to check-in and add a comment of the RT ticket number e.g. RT #94171 then [Enter] and exit with .[Enter]
14. Go up with cd .. and [Enter]
15. Use make install and [Enter] (give your CL [sudo] password for CRSid: & press [Enter] if required)
16. Use exit and [Enter] to close down PuTTY
17. In RT reply to the user and resolve the ticket.
Procedure for Patching
The patches are documented in the database. All physical cables on the patch panels should be documented. For patches for telephones only the patch should have a comment in it which has Telephone at the start. All other patches will also have a connection to a physical machine as well. If a person is being moved form one room to another then the Staff database should be updated when the move is completed with the new office number.
Adding a patch
- Go to the floorbox page and enter the box name (somethings like WC2E-012 - note box number always ends with 3 digits) and press [Enter]
- If no connection shows up for the port you plan to use press Add connection
- On the AddConnection page add in the port number (between 1 and 4, phones usually are in port 1) and the machine inventory number. Then click on create.
- You will be taken back to the floor box page. Click on trace by the connection you have just added.
- On the wiring trace page you should see a single line for a connection in the floor box. Click on Add Patch.
- You will then be on the Add Patch page. Enter the other end of the patch in the form HOST-012 (note use 3 digits with preceding zeros for the last part of the host port. Click on create
The wiring database is now completely updated. The VLAN now needs to be configured for that port.
Removing a patch
- Go to the floorbox page and enter the box name (somethings like WC2E-012 - note box number always ends with 3 digits) and press [Enter]
- Click on trace by the connection you have just added.
- On the wiring trace page you should see a four line trace for a connection in the floor box. Click on Delete All.
The wiring database is now updated. The VLAN that was on that port should now be removed no switch port access vlan nnn
Updating VLANs in the Cisco switches
Unused switch ports are set with the standard settings to enable a IP Phone to be plugged in without any configuration change. However, no other VLANs are enabled by default on the port.
Any other equipment that is attached will require a VLAN to be enabled on that port in addition to merely patching the port through to the floor box.
To enable/disable a VLAN on a port:-
- Connect to laira.
- Connect to the appropriate switch using telnet - the switches are named as wcname-swN.net.cl.cam.ac.uk (i.e. wc2e-sw1.net). At this point in time our network upgrade is not complete, when it is all wiring closest will have, in effect, a single switch. Until that is complete ports form 1-48 will be on switch 1, 48-96 on switch 2, etc. e.g. telnet wc1a-sw1.net
- At the password prompt enter the access password.
- At the prompt wc1a-sw1.net> type enable then [Enter], and give the enable password.
- Look at the existing configuration for the show conf then [Enter], and page through by hitting space until you see the configuration entry for the port you want to change - for port 23 look for a line like interface GigabitEthernet0/23 and verify what data VLAN is enabled on it.
- To add (or remove) a VLAN enter conf terminal and [Enter]
- Then select the interface you want to configure - interface gi0/23 and Enter]
- Add the required vlan with the command switchport access vlan 298 and [Enter], or to remove vlan 298 from a port use the command no switchport access vlan 298 and [Enter]
- At the command prompt type exit and [Enter]
- again at the next command prompt type exit and [Enter]
- At the next prompt type write and [Enter]
- check the configuration as detailed above, if all OK then exit
Contacts
Primary
- ???@cl.cam.ac.uk (Goes to ???)
- ???@lists.cam.ac.uk (Goes to ???)
- Tel: ???
Other
Availability
- Monday:
- Tuesday:
- Wednesday:
- Thursday:
- Friday:
- Saturday: Closed
- Sunday: Closed
Hints, Tips & Known Issues
Title Person (Date)
Categorising Keywords
- Network Networking VPN Router
