Foundry FastIron GS FGS648P

Write this up.

hostname hostname
ip dns domain-name mgmt.pmtpa.wmnet
ip dns server-address resolver1 resolver2

Authentication

enable super-user-password password
username root password password
aaa authentication login default local enable

Enable SSH:

crypto key generate

Disable telnet, web management, tftp:

no telnet server
no web-management
tftp disable

Configure the IP address first:

ip address ip 255.255.0.0

VLANs

For each:

vlan nr name name

For the management vlan:

vlan 3 name management
  management-vlan
  default-gateway 10.1.0.1 1

Logging

logging host 10.0.0.1
logging facility local6

SNMP

snmp-server community community ro
snmp-server contact Wikimedia Admins <noc@wikimedia.org>
snmp-server location Rack racknr, PowerMedium, Tampa, Florida, USA

SNTP

sntp server dobson.wikimedia.org

Spanning-tree

We don't use spanning-tree, disable it for all VLANs by default:

no global-stp

Multicast

Access switches should be passively snooping for IGMP:

ip multicast passive

RANCID

RANCID monitors and backs up changes of the switch configuration.