Main Menu

FNG

Started by SofaKing, January 27, 2015, 12:37:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

SofaKing

FNG
January 27, 2015, 12:37:10 PM
FNG added a new VLAN to our esx servers and forgot to use the key word "add" even though he was told, "Do not forget this - you do not want to learn this the hard way."

He learned this the hard way.  Afternoon wasted recovering everything.
Networking -  You can talk about us but you can't talk without us!

Seittit

#1
January 27, 2015, 01:03:32 PM
Could've been worse, could've enabled VTP across the domain and broken everything.


Sent from my iPhone using Tapatalk

that1guy15

#2
January 27, 2015, 01:54:56 PM
We have all been there. :) I dont know a single person who has not done this. If they havent then they will. But do it twice and expect walking papers.

I saw some EEM examples on Reddit that restricted this but cant find them. Also someone suggested aliases like "Vlan_add" but those just mask the issue. Proper change habits are key for screwups like this.
That1guy15
@that1guy_15
blog.movingonesandzeros.net

SofaKing

#3
January 27, 2015, 03:50:11 PM Last Edit: January 27, 2015, 04:22:24 PM by SofaKing
I'll look into the EEM examples.  Could be good to apply.  We have not given him too bad of a time.  Jokingly told him this is his one and only free pass :)

At my old job I accidentally blew away a tape library.  Spent the whole night recovering it.

Edit:
Here is the EEM example.  I tested it and it does work -

EEM:
event manager applet ALLOWED-VLAN
event cli pattern "switchport trunk allowed vlan +[0-9]+.*" mode "interface" enter
action 001 puts "ERROR: switchport trunk allowed vlan is not allowed. Use Add/Remove"


Test:
switch-as1(config)#int fa1/0/5
switch-as1(config-if)#switchport trunk encapsulation dot1q
switch-as1(config-if)#switchport trunk allowed vlan 221
ERROR: switchport trunk allowed vlan is not allowed. Use Add/Remove -->this is the error we get back when trying to add a vlan without using key words "add or remove"

switch-as1(config-if)#switchport trunk allowed vlan add 221 --> used key word "add" and the switch took the command
switch-as1(config-if)#
Networking -  You can talk about us but you can't talk without us!

deanwebb

#4
January 27, 2015, 04:08:23 PM
My line lead did the VLAN add trick... without the add... blew out our test environment. :lol:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

wintermute000

#5
January 27, 2015, 08:29:12 PM
I've seen a CCIE do this. much lolz

The other good one is when you're ssh/telnet from another ssh/telnet session, do a trace then attempt to cancel via Ctrl-Shift-X + 6. Which drops you back to your original telnet line. Esp if the hostnames are similar, you start working on the wrong session...

sgtcasey

#6
January 28, 2015, 06:29:36 PM
Like most, I've done it.  Sitting there thinking, "I don't need a change to add a simple VLAN to this trunk!"

Type - type - type - ENTER

Wow, it usually doesn't sit there this long "thinking".  Oh shi...

* sgtcasey grabs laptop and console cable and runs to the data center to bring the server access switch back up.
Taking the sh out of IT since 2005!
Print
Go Up Pages1
User actions