I recently learned of the existence of interface templates. Previously I had been using int range a lot to make mass updates to our access ports, but this wasn’t really scaling well and took ages to do on some of our 7 switch stacks.
For anybody who hasn’t used interface templates before, they are a mechanism to configure once and apply to many interfaces. Not only is this convenient, it reduces the size of your configuration quite a bit.
We built a number of templates for use in our network, one for each vlan we assign ports to. Since we standardised the access vlans across all switches (e.g. vlan 100 is always for users, vlan 200 is always for voice, vlan 600 is always for guest access etc), this makes all the templates across all switches identical.
What goes into a template? pretty much any configuration you can apply to an interface, you can put in a template. Heres an example of a template for a user port.
template USER storm-control broadcast level pps 1k storm-control action shutdown spanning-tree portfast spanning-tree bpduguard enable spanning-tree guard root switchport access vlan 100 switchport mode access switchport voice vlan 200 switchport port-security maximum 2 switchport port-security violation protect switchport port-security aging time 3 switchport port-security service-policy input MARKING service-policy output 2P6Q3T-WRED description USER !
And then to apply it to an interface:
interface Gi1/0/25 source template USER !
Thats literally all of the configuration you need on an interface. The problem now is, if you do a show run on an interface, all you get is “source template USER”. There is a different show command to solve that problem.
SW1#show derived-config interface gi1/0/25 Building configuration... Derived configuration : 501 bytes ! interface GigabitEthernet1/0/25 description USER switchport access vlan 100 switchport mode access switchport voice vlan 200 switchport port-security maximum 2 switchport port-security violation protect switchport port-security aging time 3 switchport port-security storm-control broadcast level pps 1k storm-control action shutdown spanning-tree portfast spanning-tree bpduguard enable spanning-tree guard root service-policy input MARKING service-policy output 2P6Q3T-WRED end
You can also mix and match on an interface, and have configuration directly on the interface. The the interface configuration will override the template configuration. It still looks a bit weird in show run though.
template USER storm-control broadcast level pps 1k storm-control action shutdown spanning-tree portfast spanning-tree bpduguard enable spanning-tree guard root switchport access vlan 100 switchport mode access switchport voice vlan 200 switchport port-security maximum 2 switchport port-security violation protect switchport port-security aging time 3 switchport port-security service-policy input MARKING service-policy output 2P6Q3T-WRED description USER ! interface Gi1/0/25 description Marketing Laptop source template USER ! SW1#show run int gi1/0/25 Building configuration... Current configuration : 92 bytes ! interface GigabitEthernet1/0/25 description Marketing Laptop source template USER end SW1#show derived-config interface gi1/0/25 Building configuration... Derived configuration : 506 bytes ! interface GigabitEthernet1/0/25 description Marketing Laptop switchport access vlan 100 switchport mode access switchport voice vlan 200 switchport port-security maximum 2 switchport port-security violation protect switchport port-security aging time 3 switchport port-security storm-control broadcast level pps 1k storm-control action shutdown spanning-tree portfast spanning-tree bpduguard enable spanning-tree guard root service-policy input MARKING service-policy output 2P6Q3T-WRED end
I found interface templates really useful during a recent network upgrade. It wasn’t too long ago I became CCNA certified and these weren’t even mentioned on the courses, which is a shame.
These templates are configured on 9200L switches, if you are interested.
Dan McIntyre 