Configuring Cisco switchport for access point
When working with a multi-device environment, along with routers and switches we need to interact with other network gear(s) like wireless devices. This example will show how to configure a switch with specific ports to be connected to Access Point (AP) as trunk.
In our test case, assuming the VLANs configured on AP are vlan 100 and vlan 200 for users, and the native VLAN is vlan 10, and the code is as follows:
from netmiko import ConnectHandler
import time
def apvlanpush(routerip,switchport):
uname="cisco"
passwd="cisco"
device = ConnectHandler(device_type='cisco_ios', ip=routerip, username=uname, password=passwd)
cmds="interface "+switchport
cmds=cmds+"\nswitchport mode trunk\nswitchport trunk encapsulation dot1q\n"
cmds=cmds+ "switchport trunk native vlan 10\nswitchport trunk allowed vlan add 10,100,200\nno shut\n"
xcheck=device.send_config_set(cmds)
print (xcheck)
device.disconnect()
def validateswitchport(routerip,switchport):
uname="cisco"
passwd="cisco"
device = ConnectHandler(device_type='cisco_ios', ip=routerip, username=uname, password=passwd)
cmds="show interface "+switchport+" switchport "
outputx=device.send_command(cmds)
print (outputx)
device.disconnect()
apvlanpush("192.168.255.245","FastEthernet2/0")
time.sleep(5) # 5 seconds
validateswitchport("192.168.255.245","FastEthernet2/0")
The output is as follows:
As we see, the AP needs to be connected to our switchport, which needs to be a trunk, with certain access VLANs to be allowed; hence we create two methods, the first of which passes router/switch name and the interfaces that needs to be configured.
Once the configuration is successfully pushed on the switch, we execute the validateswitchport method to validate if the same port is now in trunk mode. The output of the validateswitchport method spills out the output of the command, on which we can further introduce the regex and splits to get any specific information we want from that output (such as the Administrative Mode or Operational Mode).
As an enhancement, we can also use the outputs from the validation method to call other methods that would perform some additional configs (if required), based on the result that we got earlier. (For example, changing the Trunking Native Mode VLAN to 20).
Let's see the new code with the additional enhancement of changing the native VLAN to 20. The code is as follows:
from netmiko import ConnectHandler
import time
def apvlanpush(routerip,switchport):
uname="cisco"
passwd="cisco"
device = ConnectHandler(device_type='cisco_ios', ip=routerip, username=uname, password=passwd)
cmds="interface "+switchport
cmds=cmds+"\nswitchport mode trunk\nswitchport trunk encapsulation dot1q\n"
cmds=cmds+ "switchport trunk native vlan 10\nswitchport trunk allowed vlan add 10,100,200\nno shut\n"
xcheck=device.send_config_set(cmds)
print (xcheck)
device.disconnect()
def validateswitchport(routerip,switchport):
print ("\nValidating switchport...."+switchport)
uname="cisco"
passwd="cisco"
device = ConnectHandler(device_type='cisco_ios', ip=routerip, username=uname, password=passwd)
cmds="show interface "+switchport+" switchport "
outputx=device.send_command(cmds)
print (outputx)
outputx=outputx.split("\n")
for line in outputx:
if ("Trunking Native Mode VLAN: 10" in line):
changenativevlan(routerip,switchport,"20")
device.disconnect()
def changenativevlan(routerip,switchport,nativevlan):
print ("\nNow changing native VLAN on switchport",switchport)
uname="cisco"
passwd="cisco"
device = ConnectHandler(device_type='cisco_ios', ip=routerip, username=uname, password=passwd)
cmds="interface "+switchport
cmds=cmds+"\nswitchport trunk native vlan "+nativevlan+"\n"
xcheck=device.send_config_set(cmds)
print (xcheck)
validateswitchport(routerip,switchport)
device.disconnect()
apvlanpush("192.168.255.245","FastEthernet2/0")
time.sleep(5) # 5 seconds
validateswitchport("192.168.255.245","FastEthernet2/0")
The output is explained in two sections as follows:
- Validating and changing the native VLAN to 20:
- Revalidating with the new native VLAN number:
As we see in the final validation, now we have a native VLAN 20, instead of the earlier 10. This is also a good troubleshooting technique as in multiple scenarios there are requirements of a what if analysis (to take decisions based upon the evaluation of a certain condition) in which we need to take some actions based on the dynamic results received. Since, here in our code we validated that the native VLAN needs to be 20, hence we performed another action to correct that earlier config.