Setting up Cisco Catalyst Switch for home-lab
This post covers the first step in setting up my new home lab, configuring a Cisco switch for the new air-gapped environment which I will install Proxmox VE into later.
I recently bought 10 Lenovo M72e Tiny i3-3220T machines to build a little home lab. The built-in RAID card in one of the HP Microservers I bought coming up to 2 years ago hoping to use for a bit of home lab work failed, and without hard-disks it is close to useless. I have kept it for spares for the remaining system but I needed another plan for my lab and these 10 mini PCs cost me more-or-less what I would have spent on replacing the micro server. The biggest thing I miss with these compared to the HP Microserver is the iLO (out-of-band management).
Unfortunately the model of switch I have to hand (Catalyst 2970) does not have the capability to function as a DNS or NTP server, however it has been configured to provide DHCP services. This might be a temporary arrangement, my main network switch is a TP-Link POE switch and DHCP is provided by my router - I may wish to mirror this setup in the lab environment in order to accurately test potential changes to my home network. I have a newer switch as well, and I may migrate to that too if it can be configured to provide DNS or NTP and support SSH for configuration (another thing this one does not have, but SSH is a prerequisite for the Puppet Cisco IOS module).
Reset the switch to defaults
First thing I did was to reset the switch by holding down the mode button for 10s, or until lights cycle through flashing green to solid green.
If not already connected to the serial console (I was so I could see the startup process), connect through serial console at 9600 baud. For example, using the cu
(call-up) utility:
cu -l /dev/ttyS0 -s 9600
I cancelled the autoconfigure routine and set the enable password (which must be 1-25 alphanumeric characters, can start with a digit and allows spaces but ignores leading spaces):
Switch>enable
Switch#configure terminal
Switch(config)#enable secret password
(remain in configure mode for the next steps…)
Enable DHCP server
Create a range of excluded addresses, in-case we need some later:
Switch(config)#ip dhcp excluded-address 192.168.100.200 192.168.100.254
Create a DHCP pool and enter pool configuration mode:
Switch(config)#ip dhcp pool default-pool
Set the network (i.e. range the DHCP server should offer to clients):
Switch(dhcp-config)#network 192.168.100.0 /24
Switch(dhcp-config)#exit
Set the switch’s IP address:
Switch(config)#interface vlan 1
Switch(config-if)#ip address 192.168.100.1 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Create static DHCP allocation
Assign 192.168.100.210
to the master Proxmox VE node:
Switch(config)#ip dhcp pool pve-static
Switch(dhcp-config)#host 192.168.100.210 255.255.255.0
Switch(dhcp-config)#client-identifier aabb.ccdd.eeff
Switch(dhcp-config)#exit
Set the telnet password
In order to be able to connect to the CLI via telnet, a password must be set (otherwise the switch just disconnects with “Password Required”). These commands came from the internet - in reality I set this via the web UI because I did not have the serial cable to hand when I realised I could not connect to the CLI over the network:
Switch(config)#line vty 0 4
Switch(config-line)#login
Switch(config-line)#password password
Switch(config-line)#exit
Save the settings
Exit configure mode and copy configuration to startup configuration:
Switch(config)#exit
Switch#copy running-config startup-config