Text only | Text with Images

Networking-Forums.com

General Category => Forum Lobby => Topic started by: SofaKing on January 27, 2015, 12:37:10 PM

Title: FNG
Post by: SofaKing on January 27, 2015, 12:37:10 PM
FNG added a new VLAN to our esx servers and forgot to use the key word "add" even though he was told, "Do not forget this - you do not want to learn this the hard way."

He learned this the hard way.  Afternoon wasted recovering everything.
Title: Re: FNG
Post by: Seittit on January 27, 2015, 01:03:32 PM
Could've been worse, could've enabled VTP across the domain and broken everything.


Sent from my iPhone using Tapatalk
Title: Re: FNG
Post by: that1guy15 on January 27, 2015, 01:54:56 PM
We have all been there. :) I dont know a single person who has not done this. If they havent then they will. But do it twice and expect walking papers.

I saw some EEM examples on Reddit that restricted this but cant find them. Also someone suggested aliases like "Vlan_add" but those just mask the issue. Proper change habits are key for screwups like this.
Title: Re: FNG
Post by: SofaKing on January 27, 2015, 03:50:11 PM
I'll look into the EEM examples.  Could be good to apply.  We have not given him too bad of a time.  Jokingly told him this is his one and only free pass :)

At my old job I accidentally blew away a tape library.  Spent the whole night recovering it.

Edit:
Here is the EEM example.  I tested it and it does work -

EEM:
event manager applet ALLOWED-VLAN
event cli pattern "switchport trunk allowed vlan +[0-9]+.*" mode "interface" enter
action 001 puts "ERROR: switchport trunk allowed vlan is not allowed. Use Add/Remove"


Test:
switch-as1(config)#int fa1/0/5
switch-as1(config-if)#switchport trunk encapsulation dot1q
switch-as1(config-if)#switchport trunk allowed vlan 221
ERROR: switchport trunk allowed vlan is not allowed. Use Add/Remove -->this is the error we get back when trying to add a vlan without using key words "add or remove"

switch-as1(config-if)#switchport trunk allowed vlan add 221 --> used key word "add" and the switch took the command
switch-as1(config-if)#
Title: Re: FNG
Post by: deanwebb on January 27, 2015, 04:08:23 PM
My line lead did the VLAN add trick... without the add... blew out our test environment. :lol:
Title: Re: FNG
Post by: wintermute000 on January 27, 2015, 08:29:12 PM
I've seen a CCIE do this. much lolz

The other good one is when you're ssh/telnet from another ssh/telnet session, do a trace then attempt to cancel via Ctrl-Shift-X + 6. Which drops you back to your original telnet line. Esp if the hostnames are similar, you start working on the wrong session...
Title: Re: FNG
Post by: sgtcasey on January 28, 2015, 06:29:36 PM
Like most, I've done it.  Sitting there thinking, "I don't need a change to add a simple VLAN to this trunk!"

Type - type - type - ENTER

Wow, it usually doesn't sit there this long "thinking".  Oh shi...

/me grabs laptop and console cable and runs to the data center to bring the server access switch back up.
Text only | Text with Images