Lab 2: Initial setup

Lab 2: Initial setup

BigStartup is a small business that just started operations a few months ago. The owners have deter-
mined the need to rent a small portion of a nearby building's floor (the East Wing) from Cheap4Rent
Properties to house a new group of employees they just hired. These employees will use Windows PCs
and have a few networking connectivity requirements in their daily operations, such as printing and file
sharing. Because of this, you have been contacted to provide network consulting services and take care
of configuring and managing the switching equipment that BigStartup recently purchased.
Objectives
After completing this lab, you will be able to:
n Set your gear in factory values.
n Navigate through the AOS-CX CLI.
n Define a hostname on the Access-1 switch.
n Disable unused interfaces.
n Save the device's configuration and create checkpoints.
Lab topology

Task 2-1: Reset switches to factory default

Objectives
In this lab, you will verify that the Access-1 switch has the factory default configuration, simulating a
brand-new switch.

Lab 2: Initial setup 7

Steps
1. On your local computer, launch a web browser and enter the Aruba Training Lab web portal at
the URL: https://arubatraininglab.computerdata.com.
2. Enter your username and password (if you do not have one, ask your instructor for the cre-
dentials), and click the Sign in button.

3. Once logged in, you will be placed in the Remote Lab dashboard.

4. At the remote lab topology, right-click the Access-1 switch icon and select Open Console.

8 Task 2-1: Reset switches to factory default

 5. Log in to the switch using the following credentials:
n Username: admin
n Password: <no password—just press Enter>
Pod 54 Table 14 6300-A
6300 login: admin
Password:
Last login: 2024-03-26 18:40:35 from the console
User "admin" has logged in 5 times in the past 30 days
6300#

6. Verify that there is no saved configuration by entering the show startup-config command.
6300# show startup-config

Lab 2: Initial setup

startup-config doesn't exist

It is expected to receive the output "startup-config doesn't exist."

7. If you see a configuration displayed on your switch, it means that there is a previous con-
figuration that needs to be deleted before you can proceed with the labs. In this case, move to
step 8. However, if you receive a message stating that the configuration does not exist, you can
move on to step 12.
Sample output of a switch with a previously saved configuration:
6300# show startup-config
Startup configuration:
!
!Version ArubaOS-CX FL.10.13.1000
!export-password: default
!

Task 2-1: Reset switches to factory default 9

 ssh server vrf default
ssh server vrf mgmt
vsf secondary-member 2
vsf member 1
type jl668a
link 1 1/1/26-1/1/27
link 2 1/1/25
vlan 1
spanning-tree
interface mgmt
no shutdown
ip dhcp
interface 1/1/1
<<Omitted output>>

8. Delete the saved configuration by entering the erase startup-config command; answer y to the
question to confirm the action.
6300# erase startup-config
This will clear all non-VSF configurations from the startup-config. Additionally,
if any VSF member is not present in the stack, this command will remove the VSF
configurations of such members as well.

Erase checkpoint startup-config ? (y/n): y

9. Repeat the command to show the startup configuration: show startup-config.

6300# show startup-config
startup-config doesn't exist

Notice that the saved configuration no longer exists.

10. Even though the saved configuration was erased, any configurations made are still active at the
switch's running configuration. To delete the current configuration and ensure that your switch is
at the factory default state, reboot your switch with the boot system command, answer n (no) to
the prompt to save the configuration, and answer y (yes) to confirm the reboot action.
6300# boot system
Checking if the configuration needs to be saved...

Do you want to save the current configuration (y/n)? n

Checking for updates needed to programmable devices...

Done checking for updates.

1 non-failsafe device(s) also need to be updated.

Please run the 'allow-unsafe-updates' command to enable these updates.

This will reboot the entire switch and render it unavailable

10 Task 2-1: Reset switches to factory default

 until the process is complete.
Continue (y/n)? y
The system is going down for reboot.

11. Wait a couple of minutes for your switch to boot.

12. Using the remote lab interface, connect to Access-2, Core-1, and Core-2 and repeat steps 5 to 10
to ensure all the switches are at the factory default state.

Task 2-2: Explore the AOS-CX switch CLI

Objectives
In this task, you will explore and familiarize yourself with the AOS-CX switch CLI. Do not be afraid to try
out different commands on the CLI: you will learn by experimenting!
Steps
1. Using the Remote Lab dashboard, open a console connection to Access-1.
2. Log in with the following credentials:
n Username: admin
n Password: <no password – just press Enter>
6300 login: admin
Password:
Last login: 2024-03-26 18:33:04 from the console
User "admin" has logged in 4 times in the past 30 days
6300#

Notice that, once logged in, you will be placed in the manager context indicated by
the switch prompt followed by a #.

Lab 2: Initial setup

Operator context (>)
The operator context (>) enables you to execute commands to view—but not
change—the configuration. The operator context requires the least user privilege to
execute commands. In command descriptions, this context is listed as: Operator (>)
Switch prompt example
switch>

Manager context (#)

From the manager context (#), you can execute commands that do not require sav-
ing changes to the configuration. In command descriptions, this context is listed as:
Manager (#)
Switch prompt example

Task 2-2: Explore the AOS-CX switch CLI 11

 switch#

Navigating to the manager context (#)

To navigate to the manager command context (#), do one of the following:
n Log in to the switch CLI with a user ID that has the administrator role.
n From the operator context (>), enter the enable command. You must have
administrator authority to enter the enable command.
switch> enable
switch#
n From the configuration context (config), enter either the exit or the end com-
mand.
For example:
switch(config)# exit
switch#

Global configuration context (config)

From the global configuration context (config), you can execute commands that
change the configuration of the switch. In command descriptions, this context is lis-
ted as: config
Switch prompt example
switch(config)#

Navigating to the config context

To navigate to the config command context, do one of the following:
n From the manager context (#), enter the configure terminal command:
switch# configure terminal
switch(config)#
n From a child configuration context, enter the exit command.
For example:
switch(config-vlan-100)# exit
switch(config)#

3. Press the question mark (?) key to show the available commands that you can execute in the cur-
rent command context.
6300# ?
aruba-central Configure Aruba-Central
auto-confirm Disables user confirmation, and executes the operation
without prompting
boot Reboot all or part of the system; configure default boot

12 Task 2-2: Explore the AOS-CX switch CLI

 parameters
checkpoint Checkpoint information
clear Reset functions
configure Configuration from vty interface
container Configure a container for add-on applications
copy Copy data or files to/from the switch
debug Configure debug logging
diagnostics Change diagnostic commands availability
disable Turn off privileged mode command
end End current mode and change to enable mode
erase Erase device information or files
erps ERPS Configuration.
exit Exit current mode and change to previous mode
feature-pack Manage software feature pack subscriptions
https-server HTTPS Server management
issu Perform an in-service software upgrade
led Set LED state
list Print command list
macsec Configure the MAC Security (MACsec) protocol
member VSF member selection
mfgread read MFG EEPROM
mfgwrite write MFG EEPROM
mtrace Multicast traceroute for tracing multicast routing path
from a receiver to a source
no Negate a command or set its defaults
page Enable page break
ping Send ping requests to test network connectivity
ping6 Send IPv6 ping requests to test network connectivity
port-access Port based network access.
repeat Repeat a list of commands from history
secure-mode Set the secure mode setting. Requires a zeroization to
change modes
show Show running system information

Lab 2: Initial setup

ssh Configure SSH.
start-shell Start Bash shell
switch Execute switch commands
terminal-monitor Enables Terminal-monitor
top Top command
traceroute Trace the route to a device on the network
traceroute6 Trace the route to a device on the network
usb Commands to control the USB Port
vsf Virtual Switching Framework (VSF) commands
write Write running configuration to memory, network, or terminal
6300#

Task 2-2: Explore the AOS-CX switch CLI 13

 The commands displayed by the help are respective to the current context level
(manager). Page through the commands available at this level. Some important com-
mands are included.
n show, which enables you to examine current configuration parameters
n copy, which enables you to back up the switch configuration
n ping and traceroute, which are connectivity test tools

4. List the parameters available for the show command by typing show followed by ?.
6300# show ?
aaa Authentication, Authorization and Accounting
access-list Access control list (ACL)
accounting Show local accounting information
active-gateway Show active gateway settings
alias Short names configured for a set of commands
allow-unsafe-updates Show allowed non-failsafe updates
allow-unsupported-transceiver Show unsupported transceiver information
app-recognition Show application recognition information
arp Show IPv4 addresses from neighbor table
<<Omitted output>>

5. Enter the disable command.

6300# disable
6300>

How has the prompt changed?

Answer: This turns manager mode (context) on, taking you to the operator context. This means
only basic commands with no control over the device will be available.
6. Press the ? key to show the commands you can execute in the operator command context.
6300> ?
clear Reset functions
container Configure a container for add-on applications
enable Turn on privileged mode command
exit Exit current mode and change to previous mode
led Set LED state
list Print command list
mtrace Multicast traceroute for tracing multicast routing path from a
receiver to a source
no Negate a command or set its defaults
page Enable page break
ping Send ping requests to test network connectivity
ping6 Send IPv6 ping requests to test network connectivity
repeat Repeat a list of commands from history

14 Task 2-2: Explore the AOS-CX switch CLI

 show Show running system information
top Top command
traceroute Trace the route to a device on the network
traceroute6 Trace the route to a device on the network
user User account

Available commands in both manager and operator contexts are different. This is
used as basic role-based access control for defining what operators can do when
logged into the device.

7. Type enable and press Enter, which will turn privileged mode back on.
6300> enable
6300#

8. Type co, then press the Tab key twice to list commands that start with "co":
6300# co [tab] [tab]

What does the CLI display?

Answer: the CLI will display any commands starting with "co".
9. Type conf followed by a single [tab] press.
6300# configure

What has just happened to the command?

Answer: As no other command starts with "conf," the switch completes the configure command.

You can execute any command as soon as you have entered an unambiguous char-
acter string. For instance, conf [Enter] will have the same effect as configure [Enter].

Lab 2: Initial setup

10. Press the Enter key. This takes you to the global configuration mode, where you can start mak-
ing changes that take immediate effect upon the device's configuration.
6300# configure
6300(config)#

11. Press the ? key to show the available commands that you can execute in the global config mode.
6300(config)# ?
aaa Configure Authentication, Authorization and
Accounting feature
access-list Access control list (ACL)
alias Create a short name for the specified
command(s).
allow-unsafe-updates Allow non-failsafe updates of programmable

Task 2-2: Explore the AOS-CX switch CLI 15

 devices
allow-unsupported-transceiver Allow unsupported transceivers
app-recognition Enable and configure application recognition
apply Apply a configuration record
aruba-central Configure Aruba-Central
banner Customize login banner
<<Omitted output>>

You can notice how commands available here are different than in previous CLI
modes due the configuration nature of them.

12. Type interface 1/1/1, then press Enter. You will be moved to the interface sub configuration
mode.
6300(config)# interface 1/1/1
6300(config-if)#

13. Press the ? key. Again, you will see a different list of available commands for this subcontext.
6300(config-if)# ?
aaa Configure Authentication, Authorization and
Accounting feature
app-recognition Configure application recognition parameters
apply Apply a configuration record
arp Configure ARP commands
bfd Set BFD configuration
cdp Configure CDP operating mode
client Configure network client monitoring
description Add an interface description
dhcpv4-snooping Configure DHCPv4-Snooping
dhcpv6-snooping Configure DHCPv6-Snooping
downshift-enable Enable automatic speed downshift

14. Type end and press Enter.

6300(config-if)# end
6300#

What has just happened to the command prompt?

Answer: By entering end on any context level, the switch prompt will return to the operator con-
text.
15. Next, you will enter a command that is invalid and then fix issues with it by using the command-
recall feature. Enter this command exactly as shown: show hitory.
6300# show hitory
Invalid input: hitory

16. Recall the command by pressing the Up arrow key.

16 Task 2-2: Explore the AOS-CX switch CLI

 17. Go to the beginning of the command with the CTRL+a shortcut.
18. Go to the end of the command line with the CTRL+e shortcut.
19. With the Left and Right arrow keys, move your cursor to the correct position in "hitory" and
place the letter "s".
20. Press the Enter key at any time (no matter where your cursor is) to execute the command.
6300# show history
6 disable
5 enable
4 conf
3 int 1/1/1
2 end
1 show hitory

Repeating commands can be a useful way to enter similar commands more quickly, as
well as to correct mistakes in commands.

21. Enter show system and press the ? key.

6300# show system ?
interface-group Show interface group information
inventory Show installed hardware information
resource-utilization Utilization metrics of various system resources
serviceos Display serviceOS information
<cr>
6300# show system

The options available under show system are displayed. Notice the <cr> at the end.
This means that you can execute the command without supplying any further para-
meters.

Lab 2: Initial setup

22. View the system resource utilization on the switch.
6300# show system resource-utilization

System Resources:
Processes : 262
CPU usage(%) : 4
CPU usage(% average over 1 minute): 6
CPU usage(% average over 5 minute): 6
Memory usage(%) : 18
Open FD's : 2470
Storage 1: Endurance utilization = 0-10% (mmc-type-a), 0-10% (mmc-type-b), Health =
normal

Data written to various partitions since boot

Task 2-2: Explore the AOS-CX switch CLI 17

 Nos : 72 MB
Log : 6 MB
Coredump : 4 KB
Security : 664 KB
Selftest : 4 KB
Swap : 0 KB

Storage partition usage(%)

Nos : 20
Log : 2
Coredump : 1
Security : 1
Selftest : 1

ProcessCPU Usage(%)Memory Usage(%) Open FD's

-------------------------------------------------------------------------
(sd-pam) 0 0 7
aaautilscfgd 0 0 11
acctd 0 0 8
<<Omitted output>>

You will notice that a long output automatically populates, overrunning the screen
and not allowing you to read the first lines. You can use the page command to display
subsequent command outputs in portions, which gives you the ability to control
when to display the next page by pressing the space bar.

23. Use the page command followed by show system resource-utilization.

6300# page
6300# show system resource-utilization

System Resources:
Processes : 253
CPU usage(%) : 25
CPU usage(% average over 1 minute): 13
CPU usage(% average over 5 minute): 8
Memory usage(%) : 18
Open FD's : 2470
Storage 1: Endurance utilization = 0-10% (mmc-type-a), 0-10% (mmc-type-b), Health =
normal

Data written to various partitions since boot

Nos : 73 MB
Log : 6 MB
Coredump : 4 KB
Security : 720 KB
Selftest : 4 KB
Swap : 0 KB

18 Task 2-2: Explore the AOS-CX switch CLI

 Storage partition usage(%)
Nos : 20
Log : 2
Coredump : 1
Security : 1
-- MORE --, next page: Space, next line: Enter, quit: q

Now, the show commands break the output using the number of lines in the current
terminal window. You may manually enter the number of lines to be displayed at
once.

What are the current CPU and memory utilization of the switch?

Alternatively, you can use the top CPU and top memory commands to display these
numbers. A key difference between the show system resource-utilization and top
commands is that top commands list higher resources using commands first. Also,
the output displays the processes' ID and status, and the user runs the command (the
system or a real user logged into the device).
High CPU utilization is a symptom of an unstable process or situation happening in
the system, such a Layer 2, Layer 3, or layer 7 loop.

24. Press the space key a few times to scroll all the way down, or press the q key.
25. Try the show system command. This version of the command will also show the current host-
name, description SNMP contact and location, serial number, base MAC address, up time, and so
forth.
6300# show system

Lab 2: Initial setup

Hostname : 6300
System Description : FL.10.13.1000
System Contact :
System Location :

Vendor
Product Name
Chassis Serial Nbr
Base MAC Address
ArubaOS-CX Version
: Aruba
: JL668A 6300F 24G 4SFP56 Sw
: SG01KN701M
: 104f58-fc1440
: FL.10.13.1000

Time Zone : UTC

Up Time : 3 hours, 53 minutes

CPU Util (%) : 1
CPU Util (% avg 1 min) : 5

Task 2-2: Explore the AOS-CX switch CLI 19

 CPU Util (% avg 5 min) : 5
Memory Usage (%) : 18

What is the current hostname?

Answer: 6300
What is the chassis serial number?

Answer: It depends on your switch information. The previous example is showing the serial num-
ber as SG01KN701M.
What is the system base MAC address?

Answer: It depends on your switch information. The previous example is showing the MAC
adddress 104f58-fc1440.
What is the system up time?

Answer: It depends on your switch information. The previous example is showing the up time as
3 hours, 53 minutes.
26. Enter the list command.
6300# list
show hostname
show domain-name
list
configure { terminal }
disable
exit
end
page
page <2-1000>
no page
show running-config {all}
show session-timeout
start-shell
auto-confirm
no auto-confirm
diagnostics
no diagnostics
show history {timestamp}
repeat { id <A:1-500>|count <1-1000>|delay <1-1000> }
show vrf
show vrf VRF

20 Task 2-2: Explore the AOS-CX switch CLI

 show dhcp client vendor-class-identifier
show ztp information
-- MORE --, next page: Space, next line: Enter, quit: q

The list command shows the right syntax for all commands available at the current
context along with their variants and extensions. This can be helpful for discovering
new commands and previewing their different forms.

27. Enter the show version command.

6300# show version
-----------------------------------------------------------------------------
ArubaOS-CX
(c) Copyright 2017-2024 Hewlett Packard Enterprise Development LP
-----------------------------------------------------------------------------
Version : FL.10.13.1000
Build Date : 2024-01-29 21:09:42 UTC
Build ID : ArubaOS-CX:FL.10.13.1000:7720573f9b1b:202401292046
Build SHA : 7720573f9b1b321e9916f3bd11b5fcf426fd5238
Hot Patches :
Active Image : primary

Service OS Version : FL.01.14.0002

BIOS Version : FL.01.0002

What main AOS-CX code version is running in the system?

Answer: FL.10.13.1000
28. Enter the show images command.
6300# show images
---------------------------------------------------------------------------

Lab 2: Initial setup

ArubaOS-CX Primary Image
---------------------------------------------------------------------------
Version : FL.10.13.1000
Size : 1036 MB
Date : 2024-01-29 21:09:42 UTC
SHA-256 : 8c9ef264a59c66932fec49163b13ce7d0294b498b972e8c4eed1dc19314021a6

---------------------------------------------------------------------------
ArubaOS-CX Secondary Image
---------------------------------------------------------------------------
Version : FL.10.05.0021
Size : 642 MB
Date : 2020-10-29 10:36:02 PDT
SHA-256 : 4c795e8c9eec5952645ded19cf9a2018deb545c7ed0221f32a1a5bd0d64ee5f6

Default Image : primary

Task 2-2: Explore the AOS-CX switch CLI 21

 Boot Profile Timeout : 5 seconds

------------------------------------------------------
Management Module 1/1 (Active)
------------------------------------------------------
Active Image : primary
Service OS Version : FL.01.14.0002
BIOS Version : FL.01.0002

How many images does the system support?

Answer: Two images are supported: primary and secondary. Keep in mind that either one can be
set as active for the switch boot process.
What is the default image?

Answer: It depends on your switch configuration. The example above is showing the primary
image as active.
29. Enter the show capacities command.
6300# show capacities
System Capacities:
Capacities Name Value
----------------------------------------------------------------------------------------
<<Omitted output>>
Maximum number of entries in an Access Control List 8000
Maximum number of entries in a class 1000
Maximum number of entries in an Object Group 1024
Maximum number of entries in a policy 128
<<Omitted output>>
Maximum number of classifier policies configurable in a system 4000
Maximum number of IPv4 neighbors(# of ARP entries) supported in the system 49152
Maximum number of IPv6 neighbors(# of ND entries) supported in the system 49152
Maximum number of Keychains supported in the system 64
Maximum number of Keys supported in a single Keychain 64
Maximum number of Keys supported in the system 4096
Maximum number of L2 MAC addresses supported in the system 32768
<<Omitted output>>
Maximum number of routes (IPv4+IPv6) on the system 66046
Maximum number of IPv4 routes on the system 65536
Maximum number of IPv6 routes with prefix 0-64 61440
Maximum number of IPv6 routes with prefix 65-127 510
Maximum number of VLANs supported in the system 4094
Maximum number of VLAN Translation rules supported 4000
<<Omitted output>>

What is the maximum number of access control entries per access list supported in the system?

22 Task 2-2: Explore the AOS-CX switch CLI

 Answer: 8000
What is the maximum number of MAC addresses supported in the system?

Answer: 32,768
What is the maximum number of IP routes (IPv4 and IPv6 combined) supported in the system?

Answer: 66,046
What is the maximum number of VLANs supported in the system?

Answer: 4094

A similar command, show capacities-status displays similar information plus the

amount of resources/entries already consumed by the current device state.

Note that the system capacity varies based on the switch model. HPE Aruba Net-
working switch families CX 6400 Series, CX 8100 Series, CX 8300 Series, CX 9300
Series, and CX 10000 Series can be configured with a profile. System profiles set the
overall capabilities and capacities of the switch based on the selected profile used at
boot time. System profiles set capacities such as that of the hardware forwarding
table.
System profiles provide you with the flexibility to configure switches based on their
location in the network (for example, core, spine, leaf). When a switch boots without a
profile specifically configured, it boots with the default profile. When a switch is con-
figured with a non-default profile, the switch requires a reboot for the profile to be

Lab 2: Initial setup

applied.
Examples of profiles supported by the CX 8100 Series, CX 83xx Series, CX 9300 Ser-
ies, and CX 10000 Series are:
n L3-agg: Optimizes for Layer 3 forwarding with more table space allocated to
host (ARP/ND) entries.
n L3-core (the default on the CX 8320 Series): Optimizes for Layer 3 forwarding
with more table space allocated to route entries.
n Leaf (the default on the CX 8325 Series, CX 9300 Series, and CX 10000
Series): Optimizes for Layer 2 forwarding with more table space allocated to
overlay host entries (VXLAN).

Task 2-2: Explore the AOS-CX switch CLI 23

 n Spine: Optimizes for Layer 3 forwarding with more table space allocated to
route entries.

30. Execute the show interface 1/1/1 command.

6300# show interface 1/1/1

Interface 1/1/1 is up
Admin state is up
Link state: up for 3 days (since Thu Mar 28 15:12:51 UTC 2024)
Link transitions: 1
Description:
Persona:
Hardware: Ethernet, MAC Address: 10:4f:58:fc:14:67
MTU 1500
Type 1GbT
Full-duplex
qos trust none
Speed 1000 Mb/s
Auto-negotiation is on
Energy-Efficient Ethernet is disabled
Flow-control: off
Error-control: off
MDI mode: MDI
VLAN Mode: access
Access VLAN: 1
Rate collection interval: 300 seconds

Rate RX TX Total (RX+TX)

---------------- -------------------- -------------------- --------------------
Mbits / sec 0.00 0.00 0.00
KPkts / sec 0.00 0.00 0.00
Unicast 0.00 0.00 0.00
Multicast 0.00 0.00 0.00
Broadcast 0.00 0.00 0.00
Utilization % 0.00 0.00 0.00

Statistic RX TX Total
---------------- -------------------- -------------------- --------------------
Packets 0 317196 317196
Unicast 0 0 0
Multicast 0 231115 231115
Broadcast 0 86081 86081
Bytes 0 61423830 61423830
Jumbos 0 0 0
Dropped 0 0 0
Pause Frames 0 0 0

24 Task 2-2: Explore the AOS-CX switch CLI

 Errors 0 0 0
CRC/FCS 0 n/a 0
Collision n/a 0 0
Runts 0 n/a 0
Giants 0 n/a 0

What is the interface type?

Answer: 1GbT, it means, 1 Gigabit Ethernet base-T.

31. Now try the show interface 1/1/28 command.
6300# show interface 1/1/28

Interface 1/1/28 is down

Admin state is up
State information: Waiting for link
Link state: down for 4 days (since Thu Mar 28 15:12:51 UTC 2024)
Link transitions: 0
Description:
Persona:
Hardware: Ethernet, MAC Address: 10:4f:58:fc:14:4d
MTU 1500
Type 10G-DAC1 / 10G SFP+ 1m DAC
Full-duplex
qos trust none
Speed 0 Mb/s
Auto-negotiation is off
Flow-control: off
Error-control: off
VLAN Mode: access
Access VLAN: 1
Rate collection interval: 300 seconds

Lab 2: Initial setup

<<Omitted output>>

What is the interface type?

Answer: 10G-DAC1 / 10G SFP+ 1m DAC; it is a 10 Gigabit Direct Attach Cable with 1 meter
length.

Interfaces 1/1/25 to 1/1/28 in a 24-port switch model and 1/1/49 to 1/1/52 in a 48-
port switch model are SPF+ 25 Gig capable interfaces that support either trans-
ceivers or Direct Attached Cables (DACs). In this case, port 28 has a 10 Gig DAC
attached.

32. Execute the show interface transceiver command.

Task 2-2: Explore the AOS-CX switch CLI 25

 6300# show interface transceiver
-------------------------------------------------------------------------
Port Type Product Serial Part
Number Number Number
-------------------------------------------------------------------------
1/1/25 10G-DAC1 J9281D CN99KBZDX3 8121-1300
1/1/26 10G-DAC1 J9281D CN99KBZC4H 8121-1300
1/1/27 10G-DAC1 J9281D CN99KBZC6P 8121-1300
1/1/28 10G-DAC1 J9281D CN99KBZCDD 8121-1300

Task 2-3: Configure initial settings

Objectives
In this task, you will explore the AOS-CX configuration script and make minor customization changes,
such as setting a hostname, setting interface descriptions, and disabling unused ports. You will also ask
the system to display the event log contents.
Steps
1. Using the Remote lab dashboard, open a console connection to Access-1.
2. Log in with the following credentials:
n Username: admin
n Password: <no password – just press Enter>
3. Issue the show running-config command to display the current configuration of the system.
6300# show running-config
Current configuration:
!
!Version ArubaOS-CX FL.10.13.1000
!export-password: default
!
!
!
!
!
!
ssh server vrf default
ssh server vrf mgmt
vsf secondary-member 2
vsf member 1
type jl668a
link 1 1/1/26-1/1/27
link 2 1/1/25
vlan 1
spanning-tree
interface mgmt

26 Task 2-3: Configure initial settings

 no shutdown
ip dhcp
interface 1/1/1
no shutdown
no routing
vlan access 1
interface 1/1/2
no shutdown
no routing
vlan access 1

<<Omitted output>>

interface 1/1/27
no shutdown
interface 1/1/28
no shutdown
no routing
vlan access 1
interface vlan 1
ip dhcp
!
!
!
!
!
https-server vrf default
https-server vrf mgmt

You will notice that most portions of the configuration are shown by listing the
switch ports and their settings. The code version and actual admin account are listed
first.

Lab 2: Initial setup

4. Enter the configuration context by entering the configure terminal command.
6300# configure terminal
6300(config)#

5. Change the switch's hostname to Access-1.

6300(config)# hostname Access-1
Access-1(config)#

Notice that the device prompt has change to the new hostname, Access-1.

6. Apply the console session timeout to one day (1440 minutes) to prevent a logout during the lab
activities.
Access-1(config)# session-timeout 1440

Task 2-3: Configure initial settings 27

 7. Use the show interface brief command for displaying a table of ports and their more relevant
settings.
Access-1(config)# show interface brief
------------------------------------------------------------------------------------------
Port Native Mode Type Enabled Status Reason Speed Description
VLAN (Mb/s)
------------------------------------------------------------------------------------------
1/1/1 1 access 1GbT yes up 1000 --
1/1/2 1 access 1GbT yes down Waiting for link -- --
1/1/3 1 access 1GbT yes up 1000 --
1/1/4 1 access 1GbT yes down Waiting for link -- --

<<Omitted output>>

1/1/24 1 access 1GbT yes down Waiting for link -- --

1/1/25 -- VSF 10G-DAC1 yes down Waiting for link -- --
1/1/26 -- VSF 10G-DAC1 yes down Waiting for link -- --
1/1/27 -- VSF 10G-DAC1 yes down Waiting for link -- --
1/1/28 1 access 10G-DAC1 yes down Waiting for link -- --
vlan1 -- -- -- yes up -- --

What are the port's Mode values?

Answer: Port modes show the port's operational mode. Access ports transmit and receive a
single untagged VLAN. Trunk ports can carry multiple tagged VLANS in the same link. VSF ports
stack switches using VEF.
What ports are enabled?

Answer: By default, all ports are enabled on CX 6000 Series switches.

Notice that the CX 6000 Series switch family has all their ports configured as Layer 2
interfaces and enabled by default. Meanwhile, all CX 8xxx Series, CX 9300 Series, and
CX 10000 Series switches have administratively disabled ports and are configured as
routed ports.

8. You will now disable switch ports, to simulate a single switch topology using the switch Access-1
and two clients.

28 Task 2-3: Configure initial settings

 9. Configure or disable a single port. Eenter the interface configuration context by entering the
interface 1/1/2 command.
Access-1(config)# interface 1/1/2
Access-1(config-if)#

10. Disable the port with the shutdown command and return to the configuration context by entering
exit.
Access-1(config-if)# shutdown
Access-1(config-if)# exit
Access-1(config)#

To configure a contiguous port range by entering the interface <LOW_PORT_NUM>-

<HIGH_PORT_NUM> command. For example, interface 1/1/4-1/1/6 will allow the con-
figuration of interfaces 1/1/4, 1/1/5, and 1/1/6 all at once.

11. Disable ports 1/1/4 to 1/1/24.

Access-1(config)# interface 1/1/4-1/1/24
Access-1(config-if-<1/1/4-1/1/28>)# shutdown
Access-1(config-if-<1/1/4-1/1/28>)#
Access-1(config)#

12. Disable ports 1/1/25, 1/1/26, 1/1/27 and, 1/1/28.

Access-1(config)# interface 1/1/25
Access-1(config-if)# shutdown
Access-1(config-if)# interface 1/1/26
Access-1(config-if)# shutdown
Access-1(config-if)# interface 1/1/27
Access-1(config-if)# shutdown
Access-1(config-if)# interface 1/1/28
Access-1(config-if)# shutdown
Access-1(config-if)# exit

Lab 2: Initial setup

13. Enter the show interface brief command again.
Access-1(config)# show interface brief
--------------------------------------------------------------------------------------------
Port Native Mode Type Enabled Status Reason Speed Description
VLAN (Mb/s)
--------------------------------------------------------------------------------------------
1/1/1 1 access 1GbT yes up 1000 --
1/1/2 1 access 1GbT no down Administratively down -- --
1/1/3 1 access 1GbT yes up 1000 --
1/1/4 1 access 1GbT no down Administratively down -- --

<<Omitted output>>

1/1/25 1 access 10G-DAC1 no down Administratively down -- --

1/1/26 1 access 10G-DAC1 no down Administratively down -- --
1/1/27 1 access 10G-DAC1 no down Administratively down -- --
1/1/28 1 access 10G-DAC1 no down Administratively down -- --
vlan1 -- -- -- yes up -- --

Task 2-3: Configure initial settings 29

 What are the Enabled, Status, and Reason values for ports 1/1/27 and 1/1/28 now?

Answer: "no," "down," and "Administratively down," meaning that they were disabled (shut down)
by the administrator.
14. Verify the switch event log with the show events -r -n 10 command.
Access-1(config)# show events -r -n 10
---------------------------------------------------
Event logs from current boot
---------------------------------------------------
2024-04-01T19:20:04.699018+00:00 Access-1 lldpd[3912]: Event|106|LOG_INFO|CDTR|1|LLDP
neighbor 90:20:c2:c0:25:00 deleted
on 1/1/25
2024-04-01T19:19:55.236444+00:00 Access-1 lldpd[3912]: Event|106|LOG_INFO|CDTR|1|LLDP
neighbor 90:20:c2:c0:5c:00 deleted
on 1/1/26
2024-04-01T19:18:02.046584+00:00 Access-1 hpe-mstpd[4140]: Event|2006|LOG_INFO|CDTR|1|CST -
Root changed from 4096: 90:2
0:c2:c0:25:00 to 32768: 10:4f:58:fc:14:40
2024-04-01T19:18:01.944398+00:00 Access-1 intfd[813]: Event|404|LOG_INFO|UKWN|1|Link status
for interface 1/1/25 is down
- Administratively down
2024-04-01T19:18:01.934688+00:00 Access-1 intfd[813]: Event|404|LOG_INFO|UKWN|1|Link status
for interface 1/1/26 is down
- Administratively down<<Omitted output>>

What link stats messages can you see at the top related to ports 1/1/27 and 1/1/28?

Answer: The link status for interfaces 1/1/25 and 1/1/26 is now Administratively down.
What other messages in the event log do you get?

Answer: LLDP neighbors were deleted.

You should see notifications informing you that Link Layer Discover Protocol (LLDP)
neighbors have been deleted because the ports have been disabled. Also, since AOS-
CX switches periodically attempt to contact the Aruba Activate Cloud service and the
switch has no internet connectivity, the device complains that the service is unreach-
able.
The usage of additional parameters could filter many show commands. In this
example, the -r parameter makes the show output start with more recent events first.
and -n ten only displays the last 10 entries in the log.

15. Define interface descriptions for ports 1/1/1 and 1/1/3. Do not leave interface 1/1/3 yet.

30 Task 2-3: Configure initial settings

 Access-1(config)# interface 1/1/1
Access-1(config-if)# description To_PC1
Access-1(config-if)# interface 1/1/3
Access-1(config-if)# description To_PC3

Navigating between interface contexts is possible without returning to the con-

figuration context. The CLI help will not complete the command, as this is not a com-
mand available at the context level.

16. At the interface 1/1/3 context level, enter the show running-config current-context com-
mand.
Access-1(config-if)# show running-config current-context
interface 1/1/3
description To_PC3
no shutdown
no routing
vlan access 1
exit

This command is a shortcut for displaying only the commands available at the con-
text/subcontext level. Get used to it, since it is of great use when configuring and
editing ports, protocols, access control lists, and so forth.

17. Enter the show interface 1/1/3 command, followed by | include Description.
Access-1(config-if)# show interface 1/1/1 | include Description
Description: To_PC1

The pipe (|) command filters the output of show commands according to the criteria
specified by the include, exclude, count, begin, or redirect parameters.

Lab 2: Initial setup

Strings of characters that follow the filtering tool (for example, "Description" in the
preceeding command) are case sensitive. Typing the wrong capitalization may lead
to the absence of output.

18. Enter end to return to the manager context.

Access-1(config-if)# end
Access-1#

Task 2-3: Configure initial settings 31

Task 2-4: Create and explore checkpoints
Objectives
You have made some configuration changes in 6300-A; now is a good time to keep those changes
stored in the system and protect them from any power cycle events. Next, you will explore checkpoints,
see how they are created, and make your own to save your progress.
Steps
1. Using the Remote lab dashboard, open a console connection to Access-1.
2. Log in with the following credentials:
n Username: admin
n Password: <no password – just press Enter>
3. Verify the existing checkpoints.
Access-1# show checkpoint
NAME TYPE WRITER DATE(YYYY/MM/DD) IMAGE VERSION
CPC20240401194222_Access-1_6300 latest System 2024-04-01T19:42:22Z FL.10.13.1000
CPC20240401191802_Access-1_6300 checkpoint System 2024-04-01T19:18:02Z FL.10.13.1000
CPC20240401190614_Access-1_6300 checkpoint System 2024-04-01T19:06:14Z FL.10.13.1000
CPC20240401183236_Access-1_6300 checkpoint System 2024-04-01T18:32:36Z FL.10.13.1000
Access-1#

How many entries did you get?

Answer: It depends on your switch and previous students. It may vary from a few to dozens.

AOS-CX systems are 100% database driven. This means that configuration scripts
you save are stored in a local database instead of a regular configuration file. The
database is periodically tracked and whenever the changes are made, they will be
automatically stored after a five minute idle period. Any new configuration change,
followed by a five minute idle period, will create a new checkpoint that can later be
used to back up or restore the running configuration state of the system.
On demand checkpoints can be generated by saving the running configuration or cre-
ating custom checkpoints.

Notice that those are sample outputs. Results may vary between switches depending
on the use of the switch and activities.

4. Save the current switch configuration using the write memory command.

32 Task 2-4: Create and explore checkpoints

 Access-1# write memory
Copying configuration: [Success]
Access-1#

5. List the switch checkpoints again.

Access-1# show checkpoint
NAME TYPE WRITER DATE(YYYY/MM/DD) IMAGE VERSION
startup-config startup User 2024-04-01T20:11:21Z FL.10.13.1000
CPC20240401194222_Access-1_6300 latest System 2024-04-01T19:42:22Z FL.10.13.1000
CPC20240401191802_Access-1_6300 checkpoint System 2024-04-01T19:18:02Z FL.10.13.1000
CPC20240401190614_Access-1_6300 checkpoint System 2024-04-01T19:06:14Z FL.10.13.1000
CPC20240401183236_Access-1_6300 checkpoint System 2024-04-01T18:32:36Z FL.10.13.1000

Is there any new checkpoint?

What is its name?

Answer: Yes, checkpoint startup-config was created.

6. Create a checkpoint called Lab2 using the running configuration as the source.
Access-1# copy running-config checkpoint Lab2
Copying configuration: [Success]
Access-1#

7. List the switch checkpoints one more time.

Access-1# show checkpoint
NAME TYPE WRITER DATE(YYYY/MM/DD) IMAGE VERSION
Lab2 latest User 2024-04-01T20:13:50Z FL.10.13.1000
startup-config startup User 2024-04-01T20:11:21Z FL.10.13.1000
CPC20240401194222_Access-1_6300 checkpoint System 2024-04-01T19:42:22Z FL.10.13.1000
CPC20240401191802_Access-1_6300 checkpoint System 2024-04-01T19:18:02Z FL.10.13.1000
CPC20240401190614_Access-1_6300 checkpoint System 2024-04-01T19:06:14Z FL.10.13.1000

Lab 2: Initial setup

CPC20240401183236_Access-1_6300 checkpoint System 2024-04-01T18:32:36Z FL.10.13.1000

8. Now make a checkpoint called Lab2_final using the running-config as the source.
Access-1# copy running-config checkpoint Lab2_final
Copying configuration: [Failure]
Cannot create duplicate checkpoint, configuration already exists in checkpoint Lab3
Access-1#

AOS-CX cannot have two different configuration snapshots with identical contents in
its database (that would not be resource efficient). If you want to rename a check-
point, then you will have to delete it first, then create a new one.

9. Erase checkpoint Lab2 and confirm by entering y.

Task 2-4: Create and explore checkpoints 33

 Access-1# erase checkpoint Lab2
Erase checkpoint Lab2 ? (y/n): y

10. Try creating the Lab2_final checkpoint again.

Access-1# copy running-config checkpoint Lab2_final
Copying configuration: [Success]

11. List the switch checkpoints one more time.

Access-1# show checkpoint
NAME TYPE WRITER DATE(YYYY/MM/DD) IMAGE VERSION
Lab2_final latest User 2024-04-01T20:18:56Z FL.10.13.1000
startup-config startup User 2024-04-01T20:11:21Z FL.10.13.1000
CPC20240401194222_Access-1_6300 checkpoint System 2024-04-01T19:42:22Z FL.10.13.1000
CPC20240401191802_Access-1_6300 checkpoint System 2024-04-01T19:18:02Z FL.10.13.1000
CPC20240401190614_Access-1_6300 checkpoint System 2024-04-01T19:06:14Z FL.10.13.1000
CPC20240401183236_Access-1_6300 checkpoint System 2024-04-01T18:32:36Z FL.10.13.1000

Keeping track of when checkpoints are created is important during regular main-
tenance tasks. This is the reason configuring all switches with a Network Time Pro-
tocol (NTP) server is important.
Since IP connectivity is not enabled yet, you will continue working without setting up
an NTP server and trust the system clock for now. NTP configuration will be covered
in a later module.

You have completed Lab 2!

34 Task 2-4: Create and explore checkpoints