I was looking at Nexus 3064-T for one of the projects that I was involved in that required 10GBASE-T but while I was waiting for a demo unit I was tasked to play with the Quanta T3040-LY3. I’ve worked with them a little bit since some of our clients have them deployed and sometimes I get phone calls about helping them to get it working. Technically, I didn’t have to but I didn’t want to be the guy who doesn’t try help.
The Quanta’s syntax is almost identical to IOS which is not a surprise since there are vendors out there copy the CLI commands. Only one I’ve encountered so far that is completely different from IOS is Junos OS. Having said that, it was quite easy to convert my template to Quanta equivalent commands. However, I did have to read the docs when I had questions on how to do a specific command on their OS.
Configuration
The configuration shown here are pretty basic so if you’re looking at advanced stuff then you might want to move on to the next site. If you work with IOS, then there’s really no need to explain line by line since it’s pretty self-explanatory, for the most part. Here’s a sample configuration:
hostname networkjutsu-switch ! no username guest enable password passwordhere username admin password passwordhere ! ip domain-name networkjutsu.com ip name-server 192.168.200.100 ip name-server 192.168.201.100 ! port-channel load-balance src-dst-ip all vtp vtp mode transparent lldp med all no cdp run all ! vlan database !Do you remember vlan database in Cisco IOS? vlan 99 vlan name 99 MGMT_192.168.1.0/24 vlan 10 vlan name 10 DATA exit ! interface vlan 1 no ip address shutdown interface vlan99 ip address 192.168.1.100 255.255.255.0 no shutdown no ip redirects no ip unreachables ! serviceport protocol none !This is to disable DHCP on the management port of the switch. !To statically assign an IP address to the management port then !use serviceport ip ipaddresshere subnetmaskhere gatewayhere command. ! ip dhcp snooping vlan 1-4093 ! no ip dhcp snooping information option no ip dhcp snooping verify mac-address ip dhcp snooping ! errdisable recovery cause bpdu spanning-tree edgeport bpduguard ! sflow rate 2000 sflow receiver 1 ip 192.168.100.200 sflow source-interface vlan 99 ! interface range 0/1 - 0/40 no shutdown switchport access vlan 10 switchport mode access storm-control broadcast spanning-tree edgeport ! interface range 0/41 - 46 no shutdown switchport tagging 1,10,99 switchport allowed vlan add 10,99 ip dhcp snooping trust exit ! interface range 0/47 - 48 no shutdown channel-group 1 mode active interface port-channel 1 no shutdown switchport tagging 1,10,99 switchport allowed vlan add 10,99 ip dhcp snooping trust ! ip default-gateway 192.168.1.1 no ip http server no ip http secure-server ! logging traps debug logging host 192.168.202.100 ipv4 ! line console line vty no sessions line ssh ! sntp clock timezone CA 8 0 after-utc sntp server 172.16.100.50 ipv4 sntp server 172.16.100.60 ipv4 sntp source-interface vlan 99 ! aaa authentication login default radius enable aaa authentication enable default enable ! radius source-interface vlan 17 radius server timeout 2 radius server retransmit 1 radius server host auth 192.168.210.100 name radius01 port 1812 radius server host acct 192.168.210.100 name radius01 port 1813 radius server key auth 172.16.100.100 keyusedbytheradiusserverhere !RADIUS key cannot be more than 16 characters. radius server host auth 172.16.100.101 name radius02 port 1812 radius server host acct 172.16.100.101 name radius02 port 1813 radius server key auth 172.16.100.101 keyusedbytheradiusserverhere ! exit copy run start
Thoughts
As you can see, the configuration is almost identical as the IOS. There are some differences but for the most part almost identical. The OS does allow you to configure the switch via web, but it was quite painful to use. It’s still better to just use the CLI than the Web GUI.
The switch is pretty inexpensive compared to its competitors. However, there are few things that I didn’t quite like about it. First, the switch didn’t have QSFP. If I am not mistaken, at the time I played with this switch they weren’t selling a 10GBASE-T with QSFP uplinks in them like the Cisco Nexus 3064-T, 3172TQ, or Juniper QFX5100. Second, the RADIUS key was limited to 16 characters. Not such a big deal but it is quite a hassle to involve the RADIUS person/department to generate a shorter key for the switch. Third, I was using a demo unit and it had a trial OS license expired that didn’t warn me that it was expired and ports are unusable. It was quite annoying that the OS didn’t warn me about it instead of me wasting time in figuring out why the ports would automatically be in disabled state when I literary admin up the ports. Last, I was not able to configure SNMP ACL. I looked at the docs and I didn’t find a way to configure it. I believe this should come standard with the OS.
Disclosure
NetworkJutsu.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.
