Narbik Workbooks, VMPS and some random stuff.

• December 29, 2009
• Uncategorized  
• CCIE  
• Narbik  
• VMPS  

I just re-cabled my home lab and setup everything so i could work on Narbik’s foundation workbooks. You can check out more at:

[http://www.micronicstraining.com

]1

These are the workbooks that you get before the bootcamp, to get you up to speed with individual technologies. All in all theres about 600 pages (~300 pages in Vol1 and the same in Vol2).

So far they are very good. Alot of refresheners and some new things that I have not encountered in detail yet. The most noticable of these is VMPS (Vlan Management Policy Server). I have skimmed over these in my previous studies, as its hardly a technology being used anymore (or so the texts says).

Basically its a technology that allows you to manage what vlans your workstations will be attached to. Its a Mac-address-to-vlan mapping tool.

You setup a VMPS server, which will pull the mappings through TFTP, and then you set the ports on the switch to dynamically learn of the vlan mappings. Its only a couple of commands, but i’d never set it up before:

"(config)# vmps server <ip-address> primary"
"(config)# vmps retry <retry-number>"
"(config)# vmps reconfirm <minutes>"
"(config-if)# switchport access vlan dynamic"

The above configures a primary VMPS server (add another line without the primary keyword to have a secondary server). It sets the retry count, which is the number of times the switch will try to contact the VMPS server. Finally the reconfirm parameter configures how often the switch should reconfirm the mac-address-to-vlan mapping.

Note that default behavior is to try and map the mac-address-to-vlan, if this fails the port is still open but no data can flow through it. In “secure” mode, the port is completely shut down.

You can verify the configuration by using:

"sh vmps"

The output “sh vmps” will produce looks like this:

Switch#sh vmps
VQP Client Status:
--------------------
VMPS VQP Version:   1
Reconfirm Interval: 60 min
Server Retry Count: 3
VMPS domain server: 192.168.1.2 (primary, current)
 192.168.1.1
Reconfirmation status
---------------------
VMPS Action:         No Dynamic Port

I have specified 192.168.1.2 as the primary VMPS server and 192.168.1.1 as the fallback one. Every 60 minutes the switch will reconfirm the mappings.

Thats about it for VMPS.

The other thing, which i have encountered before, especially during CCNP studies, is the voice vlan feature along with extending trust.

The entire idea is to have a Cisco phone connected to a switch port. You then want to have voice traffic on a certain vlan, data traffic on another. You want to trust the CoS values from the phone, but reset any CoS values the workstation connected to the phone is sending along.

Setting the voice vlan:

"(config-if)# switchport voice vlan <vlan-nr>"

And setting the data vlan:

"(config-if)# switchport access vlan <vlan-nr>"

Setting the CoS values on incomming frames from the workstation to the phone:

"(config-if)# switchport priority extend cos <cos-value(0-7)>"

And finally trust the CoS values if a Cisco phone is connected:

"(config-if)#mls qos trust device cisco-phone"

Apart from that, some random things about trunking, etherchannels and VTP has been covered.

Tip: Did you know you could see the VTP password currently in use, simply by issuing “sh vtp password” from the exec prompt?

Okay, off to play around some more 🙂