Trunk port problem

Dear
I have problem, I need to config trunk port on SLM2048 but I can not see any options in web gui
How can I do this problem my switch informations are on below
Model Name
SLM2048
Hardware Version
00.03.00
Boot Version
1.0.1
Firmware Version
1.0.1

The router does not like the combination of cards you have in the chassis.
In order for a PRI configuration to work, the controller slot should support both voice and data capabilities. This is possible only on slot 0 and slot 1 in the 1760.
Make sure you are inserting the VWIC module into slot 0 or slot 1 in order for the PRI to work properly. MAke sure you have a PVDM in the chassis by looking for the "PVDM OK" LED on the back of the chassis.
Anther reason you are seeing this is that you don't have enough DSP resources to support 30 B channels.
See this doc on CCO for details:
http://www.cisco.com/en/US/products/hw/routers/ps221/products_tech_note09186a0080094a66.shtml

Similar Messages

[Cisco ISE 1.2 with 3850 - Trunk AP] Problem with MAB

Hi everyone,
After reading some documentation about using MAB in a trunk port with the 3850 I would like to know if someone has implemented ISE policies with a 3850 interface in trunk mode. My problem is that when I try using MAB in a trunk port the mac address of the AP it´s no visible in the "show mac address interface" and because of that the AP is not authenticated in ISE. The thing is that if I use a 2960 everything goes smoothly with no problems!
Let me show you what I have,
interface GigabitEthernet1/0/3
description AP
switchport trunk native vlan 999
switchport mode trunk
trust device cisco-phone
authentication event fail action next-method
authentication host-mode multi-host
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
mab
snmp trap mac-notification change added
snmp trap mac-notification change removed
dot1x pae authenticator
dot1x max-req 4
auto qos voip cisco-phone
service-policy input AutoQos-4.0-CiscoPhone-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
############################################# switch model - 3850 ##################################################
SW1#sh mac address-table interface GigabitEthernet1/0/3
          Mac Address Table
Vlan    Mac Address       Type        Ports
SW1#sh dot1x interface Gi1/0/3
Dot1x Info for GigabitEthernet1/0/3
PAE                       = AUTHENTICATOR
QuietPeriod               = 60
ServerTimeout             = 0
SuppTimeout               = 30
ReAuthMax                 = 2
MaxReq                    = 4
TxPeriod                  = 30
Switch Ports Model              SW Version        SW Image              Mode
*    1 56    WS-C3850-48P       03.03.03SE        cat3k_caa-universalk9 INSTALL
############################################# Different switch model - 2960 ##################################################
interface GigabitEthernet1/0/1
description AP
switchport trunk native vlan 999
switchport mode trunk
srr-queue bandwidth share 1 30 35 5
priority-queue out
authentication event fail action next-method
authentication host-mode multi-host
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
mab
snmp trap mac-notification change added
snmp trap mac-notification change removed
mls qos trust device cisco-phone
mls qos trust cos
dot1x pae authenticator
dot1x max-req 4
auto qos voip cisco-phone
service-policy input AUTOQOS-SRND4-CISCOPHONE-POLICY
SW1#$cation sessions interface GigabitEthernet1/0/1
            Interface: GigabitEthernet1/0/1
          MAC Address: xxxx.xxxx.4a38
           IP Address: 172.18.1.170
            User-Name: xx-xx-xx-xx-4A-38
               Status: Authz Success
               Domain: DATA
       Oper host mode: multi-host
     Oper control dir: both
        Authorized By: Authentication Server
          Vlan Policy: N/A
      Session timeout: N/A
         Idle timeout: N/A
    Common Session ID: 0A18129D000060E39DAE8A8A
      Acct Session ID: 0x0000725D
               Handle: 0x0F00028C
Runnable methods list:
       Method   State
       mab      Authc Success
       Switch Ports Model              SW Version            SW Image
     1 28    WS-C2960X-24PS-L   15.0(2)EX5            C2960X-UNIVERSALK9-M
SW2#sh dot1x interface Gi1/0/1
Dot1x Info for GigabitEthernet1/0/1
PAE                       = AUTHENTICATOR
QuietPeriod               = 60
ServerTimeout             = 0
SuppTimeout               = 30
ReAuthMax                 = 2
MaxReq                    = 4
TxPeriod                  = 30
Am I doing something wrong?
BR,

I know what you mean and I agree with what you are saying :) Nonetheless, at the moment, the official stance from Cisco on this is that 802.1x is not supported on trunk ports. Now one can argue that MAB is different but I think we are just splitting hairs here :)
Like I said, I have gotten stuff to work before but always had some goofy things happening so in general I have stayed away from doing it.
Now in your situation, if your configuration is working fine on the 2960 but not on the 3850, then most likely the issue is with the XE code running on the 3850s. The XE code has been very problematic until recently so you are probably hitting some sort of a defect. As a result, I recommend that you upgrade the switch(es) to 3.3.5 or 3.6.1. Version 3.7.x is also out but it just came out 8 days ago so I would not recommend going to it.
Thank you for rating helpful posts!

Trunk Port for 2950 and 2960G

Hi Guys,
I have tried connecting 2 switch using a trunk port in able for VLAN to run on 2950 switch, 2950 and 2960G, but the problem is, it keeps going up and down when I check the logs. The client experienced intermittent network connection by this problem. What seems to be the problem here? I already replaced the cables.
Here is the config:
They are connected via cross-cable
2950:
Int f0/24 --> 100mbps port
switchport mode trunk
2960G:
Int G0/1 --> 1Gbps port
switchport mode trunk
*I believe they will auto negotiate their current speed and duplex.
Thanks in advance.
Cheers!

Yes, they have the same settings.
Here it is:
int g0/2
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:23, output 00:00:00, output hang never
Last clearing of "show interface" counters 5d18h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 21000 bits/sec, 21 packets/sec
5 minute output rate 495000 bits/sec, 180 packets/sec
5180581 packets input, 1243581478 bytes, 0 no buffer
Received 62493 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 30119 multicast, 0 pause input
0 input packets with dribble condition detected
179416978 packets output, 2694243274 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
int f0/24
MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 100BaseTX
input flow-control is unsupported output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters 5d18h
Input queue: 2/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 504000 bits/sec, 180 packets/sec
5 minute output rate 22000 bits/sec, 22 packets/sec
179389710 packets input, 2690183405 bytes, 0 no buffer
Received 26481884 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
4510 input errors, 3566 CRC, 243 frame, 0 overrun, 0 ignored
0 watchdog, 17984825 multicast, 0 pause input
0 input packets with dribble condition detected
5180070 packets output, 1243477217 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out

Authenticating Trunk Ports - VLAN list

I have a requirement to authenticate trunk ports to wireless access-points on our Cisco switch, By default all ports are access ports and we run MAB authentication. I have managed to change the port to a trunk using Cisco-av-pair attribute in ACS (cisco-av-pair = deivce-traffic-class=switch)
My problem now is that I need to add a VLAN allowed list on the port once it has changed to a trunk port (switchport trunk allowed vlan x,y,z). ideally we would not want to statically assign the VLAN's on each port as an AP could be on any port and may wish to authenticate other trunk ports using different VLAN's in the future. Below is the configuration used on the ports.
cisp enable
interface FastEthernet0/2
description *** Client Device ***
switchport access vlan 2
switchport mode access
no logging event link-status
authentication event fail action next-method
authentication event server dead action reinitialize vlan 3
authentication event server alive action reinitialize
authentication order mab dot1x webauth
authentication priority mab dot1x webauth
authentication port-control auto
authentication fallback GUEST_FALLBACK
mab eap
dot1x pae authenticator
dot1x timeout tx-period 3
dot1x timeout supp-timeout 10
dot1x max-reauth-req 1
dot1x timeout auth-period 600
no cdp enable
spanning-tree portfast
Any help will be greatly appreciated.
Thanks
John

Hello
I would suggest the following:
>> Arrange for some physical enclosure (locked) or any other physical security control to ensure authorized access to the device. Any technical work-around or band-aid solution should only be temporary. What is someone just switches of your switches? DOS attack!! This could also be done by mistake, resulting in an unstructred threat.
>> Enable monitoring for these switches (ICMP,SNMP) so that you are alerted when they are unplugged.
>> Change the NATIVE VLAN from the default (VLAN 1)
>> Disable Trunk negotiation (ON mode)
Regards
Farrukh

Access to trunk port clarification

Hello-
I am looking to clarify a point of confusion for myself regrading connecting an access port to a trunk port. Consider the following switchport config on switch1:
Switch#1
interface GigabitEthernet0/5
switchport
switchport access vlan 6
....and the corresponding config on it's neighbor:
Switch#2
Interface GigabitEthernet10/8
switchport
switchport mode trunk
switchport trunk allowed vlan 1,6,100
My first question is- Is this a valid configuration? Secondly, what would the expected results be? I am curious about what vlans would be allowed to pass through..
Thanks in advance-
Brian

This would work fine but not recommended.
Also the traffic between the switches would be only Native Vlan and vlan 6 will pass through.
SW1-----F0/1----------f0/1----SW2
SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 auto n-802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1,6
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6
SW1#
SW2
SW2#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1,6,100
Port Vlans allowed and active in management domain
Fa0/1 1,6,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,100
SW2#
2) Part of this config is that any vlans which are been configured under the SW1 would be allowed through that access port.
ex:
SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 auto n-802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1,6,10,20,30,40,50,60,70,80,90,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,10,20,30,40,50,60,70,80,90,100 ...>>>>>>>>>>all vlans are allowed here.
b)
Were as on Switch 2 if you create all these vlans and u dont allow that to go through the trunk interface which you have configured those vlans would nt be flowing through.
eg;
SW2#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1,6,100
Port Vlans allowed and active in management domain
Fa0/1 1,6,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,100>>>>>>>>>>>>>>>.Only 3 vlans would be flowing through due to explicit defined. but if you defined allowed all then all vlans would be shown here.
i created all the vlans above on sw2 but you can see only 3 vlans are allowd as you have explicitly defined it.
Hope this clarifies your query.
Regards
Inayath
*************Plz dont forget to rate posts***********

Can I use straight cable to connect trunk ports between 2 switches?

Hi,
Am I able to use straight instead of cross cable to connect trunk ports between 2 switches??
thanks!

Hi Devang,
When a 10/100 Fast Ethernet interface is enabled, one end of the link must perform media dependent interface (MDI) crossover (MDIX), so that the transmitter on one end of the data link is connected to the receiver on the other end of the data link (a crossover cable is typically used).
The Auto-MDIX feature eliminates the need for crossover cabling by performing an internal crossover when a straight cable is detected during the auto-negotiation phase.
HTH, if yes please rate the post.
Ankur

Best practices for configure Rogue Detector AP and trunk port?

I'm using a 2504 controller. I dont have WCS.
My questions are about the best way to configure a Rogue Detector AP.
In my lab environment I setup the WLC with 2 APs. One AP was in local mode, and I put the other in Rogue Detector mode.
The Rogue Detector AP was connected to a trunk port on my switch. But the AP needed to get its IP address from the DHCP server running on the WLC. So I set the native vlan of the trunk port to be the vlan on which the WLC management interface resides. If the trunk port was not configured with a native vlan, the AP couldn't get an address through DHCP, nor could the AP communicate with the WLC. This makes sense because untagged traffic on the trunk port will be delivered to the native vlan. So I take it that the AP doesn't know how to tag frames.
Everything looked like it was working ok.
So I connected an autonomous AP (to be used as the rogue), and associated a wireless client to it. Sure enough it showed up on the WLC as a rogue AP, but it didn't say that it was connected on the wire. From the rogue client I was able to successfully ping the management interface of the WLC.
But the WLC never actually reported the rogue AP as being connected to the wired network.
So my questions are:
1. What is the correct configuration for the trunk port? Should it not be configured with a native vlan? If not, then I'm assuming the rogue detector AP will have to have a static IP address defined, and it would have to be told which vlan it's supposed to use to communicate with the WLC.
2. Assuming there is a rogue client associated with the rogue AP, how long should it reasonably take before it is determined that the rogue AP is connected to the wired network? I know this depends on if the rogue client is actually generating traffic, but in my lab environment I had the rogue client pinging the management interface of the WLC and still wasn't being picked up as an on-the-wire rogue.
Thanks for any input!!

#what's the autonomous AP's(as Rogue AP) Wired and Wireless MAC address?
it has to be +1 or -1 difference. If Wired MAC is x.x.x.x.x.05 and the wireless mac should be x.x.x.x.x.04 or 06. It is not going to detect if the difference is more than + 1 or - 1.
#Does the switch sees the Rogue AP's wired MAC on its MAC table.
Rogue Detector listens to ARPs to get all the Wired MAC info and forwards to WLC, It compares with Wireless MAC, if there is a +1 or -1 difference then it will be flagged as Rogue on wire. And the client that connected to it is also marked as found on wire.
Regards to Trunking, Only Native vlan matters per trunk link, just configure the right vlan as native and we're done.
It is not mandatory to keep the Rogue detector on Management vlan of wlc. It can also be on L3 vlan also as long as it can join the WLC to forward the learnt wired MACs.
So if we don't have +1, -1 difference on Rogues then you've to use RLDP which will work with your existing setup to find Rogue on wire. there's a performance hit when we use this feature on local mode APs.
Note: For AP join - AP can't understand Trunk, meaning if AP connected to Trunk it'll only talk to its native vlan irrespective of AP mode, however rogue detector listens to the Trunk port to learn MACs via ARPs from different VLANs and forwards to WLC using native vlan.

Port Problem, cant Recieve Mail

Hi
Just recently my mail has stopted working due to a port problem. By my inbox i get a small icon which is a triangle with an explanation mark in. When i click it the first message i get is:
*Connection Failed*
+There may be a problem with the mail server or network. Check the settings for account "POP Account" or try again.+
+The server error encountered was: The connection to host mail.kahane.co.uk on port 110 failed.+
Then it willl give me a chice to go offline or online, ill click online and the icon is still there so i click the icon again and the second message i get is:
Alert
+There may be a problem with the mail server or network. Check the settings for account "POP Account" or try again.+
+The server error encountered was: The connection to host mail.kahane.co.uk on port 110 failed.+
I haven't changed any settings in the preferances or done anything which may have caused this. Incase you need to know i am on a POP account.
I would much appreciate any help, thanks

Me too... it comes and goes. It all started when I got a wireless router.

How to check trunk port on 3548 xl switch

Hi all,
i have 3548 xl switch i know on other switches i can use command
sh int trunk but on this switch it does not work.
do anyone knows which command we can use to check trunk ports other then this
sh int fa switchport???????????
thanks
mahesh

Hi all,
i have 3548 xl switch i know on other switches i can use command
sh int trunk but on this switch it does not work.
do anyone knows which command we can use to check trunk ports other then this
sh int fa switchport???????????
thanks
mahesh
Hi Mahesh,
What error it shows when you issue show interface trunk on switches ..
Ganesh.H

Port protected on trunk ports

I have a router to a 3550 switch feeding in a star toplogy one 2950 off each port. I have port protprected on the ports of each of the 2950s. The question is can I do port protected on all my trunk ports except the uplink port on the 3550? I am wanting to stop any user on the network from seeing another. My other option is to do a vlan per switch but would perfer not to bring down the network as it is already live and in heavy usage.
Thank you for your help in advance.

Yes, you can enable protected mode on trunk ports
Configuring Protected Ports
Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.
Protected ports have these features:
•A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.
•Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
•Protected ports are supported on 802.1Q trunks.
link:
http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_20_ea2/configuration/guide/swtrafc.html#wp1158863
HTH

Service instance and trunk ports

hi I have the following configuration:
interface Port-channel1
description SHN-AX1-1-2-CNRY
switchport trunk allowed vlan none
switchport mode trunk
load-interval 30
no keepalive
service instance 1 ethernet
encapsulation untagged
l2protocol peer lacp
bridge-domain 1
service instance 2 ethernet
description IDP_VLAN_2
encapsulation dot1q 2
bridge-domain 3998
service instance 3 ethernet
description BBR_VLAN
encapsulation dot1q 420
bridge-domain 3998
service instance 4 ethernet
description MGMT_VLAN
encapsulation dot1q 95
bridge-domain 3998
service instance 5 ethernet
description STATIC_VLAN
encapsulation dot1q 3641,3644,3777,3291
bridge-domain 3998
service instance 6 ethernet
description SME_VLAN
encapsulation dot1q 2098,2339
bridge-domain 3998
interface Port-channel1
description SHN-AX1-1-2-CNRY
switchport trunk allowed vlan none
switchport mode trunk
load-interval 30
no keepalive
service instance 1 ethernet
encapsulation untagged
l2protocol peer lacp
bridge-domain 1
service instance 2 ethernet
description IDP_VLAN_2
encapsulation dot1q 2
bridge-domain 3998
service instance 3 ethernet
description BBR_VLAN
encapsulation dot1q 420
bridge-domain 3998
service instance 4 ethernet
description MGMT_VLAN
encapsulation dot1q 95
bridge-domain 3998
service instance 5 ethernet
description STATIC_VLAN
encapsulation dot1q 3641,3644,3777,3291
bridge-domain 3998
service instance 6 ethernet
description SME_VLAN
encapsulation dot1q 2098,2339
bridge-domain 3998
interface GigabitEthernet0/1
switchport trunk allowed vlan none
switchport mode trunk
channel-group 1 mode on
interface GigabitEthernet0/2
switchport trunk allowed vlan none
switchport mode trunk
channel-group 1 mode on
interface Port-channel12
description SHN-AGG-BX1
switchport trunk allowed vlan 34,50,76,3998
switchport mode trunk
mtu 9000
interface GigabitEthernet0/23
switchport trunk allowed vlan 34,3998
switchport mode trunk
mtu 9000
channel-group 12 mode active
interface GigabitEthernet0/24
switchport trunk allowed vlan 34,3998
switchport mode trunk
mtu 9000
channel-group 12 mode active
the input interfaces are gigEth0/1 and gigEth0/2 and the output interfaces are gigEth0/23 and gigEth0/24.
the ingress traffic at the input port has a single tag and the ingress traffic at the output port has two tags.
please explain me, where tags would be pushed/popped and why??
thank you.

Hello.
You might have confused service instance configuration and usual switchport mode trunk.
Please refer figure 11-10 in the document http://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/12-2_52_ey/configuration/guide/3800x3600xscg/swevc.html
>But there is a typo - per description it should be "enc doat1q 20" under service instance 9on the picture).
Also under Figure 11-2 we have following example:
QinQ is also supported when sending packets between an EFP and a switchport trunk, because the switchport trunk is implicitly defined as rewrite ingress tag pop 1 symmetric. The same external behavior as Method 1 can be achieved with this configuration:
Switch (config)# interface gigabitethernet0/1
Switch (config-if)# service instance 1 Ethernet
Switch (config-if-srv)# encapsulation dot1q 1-100
Switch (config-if-srv)# bridge-domain 30
Switch (config)# interface gigabitethernet0/2
Switch (config-if)# switchport mode trunk
Again, service instance 1 on Gigabit Ethernet port 0/1 is configured with the VLAN encapsulations used by the customer: C-VLANs 1-100. These are forwarded on bridge-domain 30. The service provider facing port is configured as a trunk port. The trunk port implicitly pushes a tag matching the bridge-domain that the packet is forwarded on (in this case S-VLAN 30).

Switch trunking ports

Hello,
If I have switch A that has 3 vlans with ip addresses in other words 3 switch virtual interfaces and I configure one port as a switchport trunk that has the following commands switchport trunk mode and encapulasation dot1q. Now if I want connect to another switch B to allow those same vlans to go accross and then put 5 ports in those 3 vlans. The port from switch B that connects to switch A I would configure with the following commands switchport mode trunk and encapulasation dot1 my question is do I just configure on both switch ports switchport trunk allowed vlan all for devices from both switches in the same vlans to talk to each other or do I still need to add more commands to both switches like add the same svi from switch A to Switch B?

Hi Horacio
It sounds like you are pretty much there from reading your original post.
Using the following commands creates a trunk port between the switches:
#switchport trunk encapsulation dot1q
#switchport mode trunk
If you use these commands on both the switches you are connecting together, you should get a trunk port form and by default this allows all vlans to pass traffic across it.
If you want to restrict the trunk so that it only passes traffic for specific vlans, this can be achieved using the following command:
#switchport trunk allowed vlan [X]
Replace the [X] with the vlans you want to allow. Make sure you do this both sides otherwise you may find one side sending traffic which is dropped by the other side.
Make sure the Layer 2 Vlans exist on both switches. The SVI you mentioned with be the default gateway for hosts in that Vlan and only needs to exist on the switch which is performing the intervlan routing, you do not need an SVI on each switch for every Vlan.
Hope this helps

10 Gig Trunk Port

I'm setting up two 3750E switches on a bench prior to installing them - with a ten Gig port trunk port between them. I am running PVST and have pretty standard switch configuration. Show span indicates that all my vlans are forwarding between the ports but the packet rate keeps increasing as if its in a loop. Must be something obvious but can't find it - is there anything special you have to do to those ten GIG Modules to get them to work.
# interface ten gig 1/0/2
# sw trunk enc dot1q
# sw mode trunk
# sw nonegotiate

pardon me. I thought you are saying that packets are dropping but you are talking about STP loop.
As mentioned in other post, check if this link creating STP loop because of UDLD ? Maybe one of your cable not working or some other reason.
Though in LR you dont need an attenuator but check the power levels at both sides.Are they within receiver sensitivity? as you must be connecting back to back just with patch cables.

Report of trunk ports

Hi
Is it possible to make a report that list my trunk ports and what switch / interface its on ?
I have a large network. I know i have lot of switches where trunk interface is in fastethernet ports. I would like to change that and make that all trunk is on gigabit ports. So would be nice to have a list with that.
I have tried the report Wired Detailed Device Inventory. Under trunk it says false/true.. But the interface the report says true to is not always true its a trunk port, and vice versa. So cant use that one.
If its not possible to run a report that do this is it then possible to make a job with cli commands my self ?
Im thinking that the: sh int status cli command could work. There i can see wich ports are access and trunks. And then a cli command to give me hostname or IP of switch as well.. if i could get that exported to a csv file i could import that to excel and clean it up my self and sort it so i only had trunk ports on fastethernet interfaces.
Thanks :)
/ Carsten

This is Part2 (strange results of recursive with clause)
from wrong result of 11gR2 Recursive with clause part3
SQL> with tmp(day1) as(select date '2009-06-01' from dual),
2 rec(day1) as(
3 select day1 from tmp
4 union all
5 select add_months(day1,1)
6    from rec
7   where add_months(day1,1) < date '2010-05-05')
8 select * from rec;
select add_months(day1,1)
ERROR at line 5:
ORA-01790: expression must have same datatype as corresponding expression
SQL> with rec(dayc,LV) as(
2 select cast(date '2010-04-15' as date),1 from dual
3 union all
4 select cast(dayc+1 as date),LV+1
5    from rec
6   where LV<= 3)
7 select * from rec;
DAYC      LV
10-04-15   1
10-04-14   2
10-04-13   3
10-04-12   4

Can't apply ALC to trunk port

Hi,
I'm trying to configure a Cisco Catalyst 6500 switch to not allow traffic from our traffic generators to go over the trunk link to the rest of the network. Currently I have multiple VLANs that correspond to different lab setups, each having traffic generators on them. The trunk port is used to connect VMs to each of the setups (on different VLANs) but I'm seeing that the traffic generators sometimes flood the trunk link and cause management be unusable.
I want to configure a port-based ACL to block traffic from the traffic generators from going over the trunk port but I don't see the "ip access-group" command available on this interface.
Here's the config for my trunk interface:
CATALYST2#show run int gi1/1
Building configuration...
Current configuration : 124 bytes
interface GigabitEthernet1/1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
end
When I go into config mode and try to tie an ACL to the interface, the command isn't available:
CATALYST2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CATALYST2(config)#int gi1/1
CATALYST2(config-if)#ip access-group ?
% Unrecognized command
Any idea why? I need a way to block this traffic (either via IP or MAC ACLs). My understanding is that trunk ports are able to have port-based ACLs applied to them that will act on all VLANs but I can't seem to do it.
Thanks for your help in advance!

After some more research, I noticed that to configure a PACL on a trunk port, you must first configure port prefer mode. The command to put a trunk port in port prefer mode is "access-group mode prefer port" on the interface. Unfortunately that command isn't available in my CLI either... Still stuck.

Trunk port problem

Similar Messages

Maybe you are looking for