Password: 5w1tch!

Creating a networking setup for the switch

1. Go to the node networking tab
2. Create → “Switch management” Linux bridge
   1. name: vmbr1
   2. Autostart: On
   3. VLAN aware: On
   4. Bridge ports: enp8s0f1
3. Create → “Switch trunk” Linux bridge
   1. name: vmbr2
   2. Autostart: On
   3. VLAN aware: On
   4. Bridge ports: enp8s0f0

Creating the VM

1. Create a VM with Q35, 2 cores, 2GB of RAM and a network device in proxmox.

   1. We need to change the BIOS’s reported system-product-name to ENCS5412/K9. For that go to the VM Options and change the SMBIOS settings (type 1) and set the product variable to ENCS5412/K9
   2. Create one network interface net0 connected to the default vmbr0 to use for ssh.
   3. Create another network interface to manage the switch. If you created vmbr1previously now it is the time to use it.
      1. Bridge: vmbr1 (or any other switch that represents an upstream from the switch interfaces)
      2. VLAN Tag: 2363
      3. Firewall: No

2. Install almalinux v8.6 from the vault repo, minimal image with sshd, configure only the first net interface (the one not connected to the switch)

3. enable IOMMU in the hypervisor host

4. passthrough 0000:0e:00 11ab:be00 to the VM

5. Install the following packages

   1. yum install pciutils
   2. yum install python3-dnf-plugin-versionlock
   3. yum install python3

6. Check that 01:00.0 Ethernet controller: Marvell Technology Group Ltd. Device be00 (rev 01) appears in the PCI listing

7. Block distro updates at the v8.6 level. (https://avinetworks.com/docs/latest/how-to-tie-a-system-to-a-specific-update/)

   1. echo '8.6' > /etc/yum/vars/releasever

<aside> 🚨 Careful as there are kernel patches that are newer than the modules cisco provided, so we need to be careful with module ⇒ kernel compatiblity.

</aside>

Configure the internal network interface for the switch

1. mv /etc/sysconfig/network-scripts/ifcfg-enp6s18 /etc/sysconfig/network-scripts/ifcfg-int-LAN

   1. replace with NAME=int-LAN
   2. replace with BOOTPROTO=none
   3. replace with ONBOOT=yes
   4. replace with IPV6_AUTOCONF=no

   TYPE=Ethernet
   PROXY_METHOD=none
   BROWSER_ONLY=no
   BOOTPROTO=none
   DEFROUTE=yes
   IPV4_FAILURE_FATAL=no
   IPV6INIT=yes
   IPV6_AUTOCONF=no
   IPV6_DEFROUTE=yes
   IPV6_FAILURE_FATAL=no
   NAME=int-LAN
   UUID=a5e0c9f5-0420-4aa8-8b6d-8d720337e0d3
   DEVICE=int-LAN
   ONBOOT=yes
   

2. create a file /etc/systemd/network/70-int-LAN-name.link

   [Match]
   MACAddress=BC:24:11:6C:DA:AB
   
   [Link]
   name=int-LAN
   

3. Create VLAN interface config

   # nmcli con add type vlan con-name int-LAN.2363 ifname int-LAN.2363 dev int-LAN id 2363 ip4 169.254.1.1/16