2950 RSPAN problem

Similar Messages

• Catalyst 2950 interface problem

  Hi, Sirs.
  My Catalyst 2950-24 (IOS Ver 12.1.22EA7)stops communicate with an other switch port of a Catalyst 3512XL-EN after catalyst 2950 powered on 1 or 2 days.
  th show interface shows that 2476498 ignored.
  FastEthernet0/1 is up, line protocol is up (connected)
  Hardware is Fast Ethernet, address is 000d.28c0.cf41 (bia 000d.28c0.cf41)
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
  reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, media type is 100BaseTX
  input flow-control is unsupported output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 3d19h, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 28000 bits/sec, 44 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
  10033048 packets input, 806430104 bytes, 2476489 no buffer
  Received 10031591 broadcasts (0 multicast)
  0 runts, 0 giants, 0 throttles
  0 input errors, 0 CRC, 0 frame, 0 overrun, 2476498 ignored
  0 watchdog, 2217265 multicast, 0 pause input
  0 input packets with dribble condition detected
  357799 packets output, 25835259 bytes, 0 underruns
  0 output errors, 0 collisions, 2 interface resets
  0 babbles, 0 late collision, 0 deferred
  0 lost carrier, 0 no carrier, 0 PAUSE output
  0 output buffer failures, 0 output buffers swapped out
  what does is mean?

  Hello,
  what other switches do you have in your network ? If you have just the 2950 and the 3500, make sure that the 2950 is the root switch for all your VLANs, by configuring the global command:
  spanning-tree vlan x priority 0
  Also, check the log on the 2950 for the following message:
  SCHAN ERROR INTR: SRC=6 DST=5 OPCODE=20 ERRCODE=5
  If you see those, chances are that you have a faulty unit. Here is the relevant bug info:
  CSCdv83336 Bug Details
  Under certain level of traffic load, the (2950) switch will start logging the following messages on the console:
  SCHAN ERROR INTR: SRC=6 DST=5 OPCODE=20 ERRCODE=5
  and after a few seconds, the switch will stop passing any traffic. In some cases, the switch seemed still forwarding broadcast and multicast traffic, which will cause STP problem if the switch has redundant link and is not supposed to be the root for the VLAN, as both port will go forwarding.
  The same error message has been identified in CSCdu87836.
  An assessment of the impact
  Unit stops passing any traffic.
  WORKAROUND
  Several units were returned by CISCO. The units were re-screened to the latest test program, and failed the SDRAM memory test.
  Customer should RMA unit back to Cisco
  Regards,
  Nethelper

• RSPAN problem

  Hi
  I would like to config RSPAN between switch#A and switch#B, i have config switch#A with RSPAN source session on interface f0/22, reflector-port on int f0/8 and vlan 99. Switch#B i have config RSPAN dest session on interface f0/4 , it's not work !! (No any input traffic on interface f0/4). Please help me to suggest and correct my config
  This's my config RSPAN on switch#A
  monitor session 1 destination interface Fa0/4
  monitor session 1 source remote vlan 99
  and SwitchB
  monitor session 1 source interface Fa0/22
  monitor session 1 destination remote vlan 99 reflector-port Fa0/8
  P.S. Two switch is 2950(SI) connect between them with trunk

  Hi
  I try to do follow the document but it still not work
  I created the vlan span (vlan 99) and no any port access on it like this :
  VLAN Name Status Ports
  1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
  Fa0/5, Fa0/6, Fa0/7, Fa0/9
  Fa0/10, Fa0/11, Fa0/12, Fa0/13
  Fa0/14, Fa0/15, Fa0/16, Fa0/17
  2 Outside active Fa0/8, Fa0/18, Fa0/19, Fa0/20
  Fa0/21, Fa0/22
  99 VLAN0099 active
  please suggest me if i'm wrong
  Thanks
  PS. Kevin thanks for reply and gave me a good document

• Another damn RSPAN problem

  Guys, RSPAN seems to be a pretty common topic here and I was wondering if someone can help me. I have poured over the documents and forums, but I cannot see why my setup won’t work.
  Basic overview time, 2 Cat 4507Rs (swc3b and swc230) connected via isl trunk. All vlans allowed on trunk.
  RSPAN vlan 109 has been setup on vtp server and propagated to all switches.
  Config as follows:
  SWC230:
  monitor session 1 source interface Fa4/47 [PC I want to sniff is in f4/47]
  monitor session 1 destination remote vlan 109
  SWC3B:
  monitor session 1 source vlan 109
  monitor session 1 destination interface Gi7/18
  [sniffer is connected in g7/18]
  IOS on both switches is Version 12.2(20)EW.
  I have tried a few permutations with the configuration: putting swc3b g7/18 into remote vlan 109, taking it out again; putting a port on SWC230 into vlan 109 (switchport access vlan 109), in the hope that this was would function as a ‘reflector port’.
  Nothing works. I have noticed that vlan 109 is pruned on the trunk between swc230 > swc3b. That was kinda why I tried putting a port on swc230 into vlan 109.
  Any advice gratefully received.

  Amit, thanks for the response, but I've cracked it. All that was missing was 'remote' from the source command on swc3b i.e.
  monitor session 1 source REMOTE vlan 109
  Once this was done, it worked like a charm.

• 2950 VLAN Problem

  I have a 2950 that is running the same configuration as three other 2950s in my data center. All are running the same IOS, 12.1(9)EA1. This switch does not seem to be learning the management VLAN that I have created for all of my cisco devices. The configuration running on this switch is similar to this config, with a different hostname and VLAN2 IP address. I am unable to remotely manage this device or ping it by the IP address that is assigned to VLAN2. There is communication over the trunk port though, and I am able to connect devices to this switch and they connect to my network without any issues. Any idea how I can resolve this? please let me know if I can provide any additional information. Thanks.
  Current configuration : 3356 bytes
  version 12.1
  no service pad
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  hostname cisco2950DC3
  logging buffered 10000 debugging
  ip subnet-zero
  spanning-tree mode pvst
  no spanning-tree optimize bpdu transmission
  spanning-tree extend system-id
  interface FastEthernet0/1
  switchport access vlan 100
  spanning-tree portfast
  interface FastEthernet0/2
  switchport access vlan 100
  spanning-tree portfast
  interface FastEthernet0/24
  switchport access vlan 100
  interface GigabitEthernet0/1
  description Trunk to 3550
  switchport mode trunk
  interface GigabitEthernet0/2
  description Trunk to cisco2950dc4
  interface Vlan1
  no ip address
  no ip route-cache
  shutdown
  interface Vlan2
  ip address 10.1.2.24 255.255.254.0
  no ip route-cache
  ip default-gateway 10.1.2.1
  ip http server
  logging trap debugging
  logging 192.168.1.10
  snmp-server engineID local xxx
  line con 0
  login local
  stopbits 1
  line vty 0 4
  exec-timeout 15 0
  login local
  line vty 5 15
  exec-timeout 15 0
  login
  monitor session 1 source interface Fa0/1 - 23 rx
  monitor session 1 destination interface Fa0/24
  end

  Here are the diag commands from the far end 2950 switch. This 2950 is also configured as a VTP client. The only VTP server on my network is a 3550 that we have setup a the core.
  cisco2950DC3#sh vlan
  VLAN Name Status Ports
  1 default active
  2 LAN_Mgmt active
  3 VLAN0003 active
  10 VLAN0010 active
  11 VLAN0011 active
  100 VLAN0100 active Fa0/1, Fa0/2, Fa0/3, Fa0/4
  Fa0/5, Fa0/6, Fa0/7, Fa0/8
  Fa0/9, Fa0/10, Fa0/11, Fa0/12
  Fa0/13, Fa0/14, Fa0/15, Fa0/16
  Fa0/17, Fa0/18, Fa0/19, Fa0/20
  Fa0/21, Fa0/22, Fa0/23, Fa0/24
  101 VLAN0101 active
  102 VLAN0102 active
  103 VLAN0103 active
  104 VLAN0104 active
  110 VLAN0110 active
  200 VLAN0200 active
  1002 fddi-default act/unsup
  1003 token-ring-default act/unsup
  1004 fddinet-default act/unsup
  1005 trnet-default act/unsup
  VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
  1 enet 100001 1500 - - - - - 0 0
  2 enet 100002 1500 - - - - - 0 0
  3 enet 100003 1500 - - - - - 0 0
  10 enet 100010 1500 - - - - - 0 0
  11 enet 100011 1500 - - - - - 0 0
  100 enet 100100 1500 - - - - - 0 0
  101 enet 100101 1500 - - - - - 0 0
  102 enet 100102 1500 - - - - - 0 0
  103 enet 100103 1500 - - - - - 0 0
  104 enet 100104 1500 - - - - - 0 0
  110 enet 100110 1500 - - - - - 0 0
  200 enet 100200 1500 - - - - - 0 0
  1002 fddi 101002 1500 - - - - - 0 0
  1003 tr 101003 1500 - - - - srb 0 0
  1004 fdnet 101004 1500 - - - ieee - 0 0
  1005 trnet 101005 1500 - - - ibm - 0 0
  cisco2950DC3#sh int trunk
  Port Mode Encapsulation Status Native vlan
  Gi0/1 on 802.1q trunking 1
  Gi0/2 desirable 802.1q trunking 1
  Port Vlans allowed on trunk
  Gi0/1 1-4094
  Gi0/2 1-4094
  Port Vlans allowed and active in management domain
  Gi0/1 1-3,10-11,100-104,110,200
  Gi0/2 1-3,10-11,100-104,110,200
  Port Vlans in spanning tree forwarding state and not pruned
  Gi0/1 1-3,10-11,100-104,110,200
  Gi0/2 1-3,10-11,100-104,110,200
  cisco2950DC3#sh vtp status
  VTP Version : 2
  Configuration Revision : 4
  Maximum VLANs supported locally : 250
  Number of existing VLANs : 16
  VTP Operating Mode : Client
  VTP Domain Name : hlvtp
  VTP Pruning Mode : Disabled
  VTP V2 Mode : Disabled
  VTP Traps Generation : Disabled
  MD5 digest : 0x3B 0x4D 0x4D 0x4A 0x03 0xF5 0x15 0x9E
  Configuration last modified by 10.1.2.1 at 8-14-94 04:35:44

• 2950 Ping problem

  two switches are connected with each other, trunk port status is up but I Cannot ping & telnet the switch, but sometime when i restart the switch it start to work again but soon i start to face this problem

  Hi,
  Just chk the port status of the switches during when u r not able to ping..... If possible could u post the config. of the interfaces to have a detailed look on that.
  Rgs

• Catalyst 2950 problem

  cisco Switch 2950 showing problem while connecting with other device(Packetwave bridge 100) or switch(Dlink)
  Output of uplink port is:
  %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk FastEthernet0/22 VLAN1.
  00:20:54: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet0/22 on VLAN0001. Inconsistent port type

  The message means that a Spanning tree BPDU was received with a dot1q tag on a port that is not configured as a trunk.
  This means that either the port is not configured as a trunk and should be, or that the connecting device is configured as a trunk and should not be.
  The second syslog message indicates that the port is being blocked due to the inconsistency as described above.

• 802.1x RADIUS authentication problem with Cat 2950 to CiscoSecure ACS 3.3

  I wondered if anyone can help or shed any light on the following problem.
  I am getting an authentication error when doing a RADIUS authentication to CiscoSecure ACS 3.3 running on a Windows 2003 server, the authentication request is coming from a Catalyst 2950 switch which is doing 802.1x for Windows XP clients. This problem only happens when the XP client connects to 2950 switches, Cat 3550s and 3560s work fine.
  The Cat2950 is running 12.1.20 (EA1) which is more or less the latest IOS.
  The error I get from ACS 3.3 is "Invalid message authenticator in EAP request" when the 2950 tries to authenticate an XP client for 802.1x to the ACS server using RADIUS.
  Doing a RADIUS and 802.1x debug on the 2950 I see a message about 'Unknown EAP type', I am using PEAP on the XP client doing EAP-MS-CHAPv2 authentication, the same XP client authenticates fine with 3550 and 3560 switches problem only affects 2950s. Can anyone confirm the 2950 supports EAP-MS-CHAPv2?
  I have checked and re-checked the shared secret and it definitely matches on 2950 and ACS.
  One thing I noticed in the RADIUS debug is the 2950 sends 18 bytes for attribute 79 when the RFC defines attribute 79 should be 3 bytes or less, I don't know if this is related to the problem or is correct behaviour.

  Hi, I am new with 802.1x, and was hoping that someone would help with these queries:
  1. How is a certificate requested without being allowed on a network that is not authenticated with 802.1x. I had to first connect to an active network, retrieve a certificate with the proper username and password, and then physically connect to the port on the 2950 switch which was enabled to do 802.1x
  2. My config is as below:
  aaa new-model
  aaa authentication dot1x default group radius
  aaa authenication login default group radius
  dot1x system-auth-control
  interface f0/1
  switchport mode access
  dot1x port-control auto
  end
  I able to login using the radius server, so radius is working (on ports other than f1/0). However when connecting to f1/0, the port on the 2950 remains blocked.
  3. The certificate is issued by the ca server, is viewable via Internet explorer,and is issued to the correct username which is on the active directory.
  I even tried using local authenication with 802.1x, this did not work
  4. If I have a certificate, will this automatically give me access to the 802.1x port?
  5. I have windows 2000, and authenication is set to 'Smart Card or other certificate.
  Am I missing anything?
  Any advise will be greatly appreciated
  Chris

• Weird Problem! Cisco 2950

  Hi, I really dont know if this issue is applicable here but I am desperate for help now. We have a wireless project providing internet access in a very remote location. There are wireless mesh accesspoints connected back to back by wireless Point2MultiPoint Links (P2MP). I have 2 BSU (Base Station Units) each connected to 3 CPEs. The 2 BSU's are connected to zero configuratoin 2950 switch.Below is a brief on the technical scenario:-
  1. Wired backhaul subnet 10.10.10.0/27.
  BSU ONE: 10.10.10.2
  BSU TWO: 10.10.10.3
  2. DHCP Relay 192.168.2.0/24.
  Issue:
  The problem is that when I connect both the BSU to the switch they perform well. But after 10-15 minutes the other BSU (10.10.10.2) starts giving huge delays and finally times out. Disconnecting the stable BSU (10.10.10.3) from the switch brings the other one up. The switch already has STP enabled.
  Is there a loop in the network? Any problem with the BSUs? Are the Mesh Access Points broadcasting? How do I troubleshoot this? Your valuable comments, suggestions will definitely get me somehwere.
  Attachments: network scenario, ping snapshots of the BSUs.
  Regards
  Sarfaraz

  Hi Dennis,
  We are using Tropos 5210 Mesh Routers as Access Points and a Colubris 3500 Controller for a portal page.
  The distance between each mesh unit is more than 50 metres.

• Problem 2950 arp address not mapped to a destination port

  I have a problem loosing connectivity to some switch connected directly to my 2950.
  I have the mac address in the arp table but when not working the mac-address is not linked to any port in the show mac-address table.
  Please help

  I think this could be simply a question of aging. The ARP tables are aged out after 4 hours. By contrast, the entries in the MAC forwarding tables are aged out after 5 minutes. All it means is that the host has not sent any frames to or through this particular switch in the last 5 minutes.
  There can be other explanations, but they are rare. For example, if your host is actually a service address in a WLBS cluster configured in unicast mode, then the host will source its frames from a different address from the address it gives in response to an ARP request.
  Another is if you have port security configured with a timeout shorter than your ARP table. You may have reached the maximum permitted MAC addresses. That would also account for your intermittent connectivity.
  But, as I said, these are very particular cases.
  Kevin Dorrell
  Luxembourg

• Problem in Starting 2950

  When i start to configured our Cisco 2950 Switch through Consol Cable , is display me this message and rebot again,
  File "flash:/c2950-i6q4l2-mz.121-22.EA6.bin" uncompressed and installed, entry p
  oint: 0x80010000
  executing...
  Error: hardware not supported by firmware.
  Try loading newer software instead.
  System Resetting...

  I just delete the previous config.text file from the Flash memory, and copy the new one to the flash from the TFTP server, when i restart the switch the above error genrated, due to this error, switch is start display the error and restart again, what is the solution of this problem,
  How can i solve this problem, Give me a solution.
  Thank You

• Cisco 2950 trunk s shutdown problem

  i have a network on fiber.i have use cisco 2950 switches in that topolgy.my problem is that sometimes the trunk ports automatically shutdown which creates a lot of problem.when the ports shutdown the cpu usage of switch goes to 66.normally it remains at 30.secondly i give redunant path to every vlan and now the vlan spanning tree has stopped because cisco 2950 doesnot support more than 64 stp.
  What could be the problem?or iam thinking about the bandwidth..How much bandwidth does cisco 2950 switch can max carry?
  Posted by WebUser Umair Zia from Cisco Support Community App

  If the trunk port went into shutdown, then there's gotta be a reason why.
  Can you post the output to the command "sh post" particularly the time when the port went "down"?

• Cat 2950 and Notel wireless AP problem

  Dear Experts
  Connected with 12 Notel wireless Access Point 7220 and 7215, my company's Cat 2950 is sufferring a system crash problem. Once the AP losing and regainning power, they will seek for the
  authentication to the wireless gateway 2250, and if the 2250 fail to authenticate these AP, they will keep rebooting, resulting in the whole Cat 2950 crash. The following is from the crashinfo:
  C2950 Software (C2950-I6Q4L2-M), Version 12.1(12c)EA1, RELEASE SOFTWARE (fc1)
  Compiled Sun 24-Nov-02 23:31 by antonino
  Signal = 10, Code = 0x10, Uptime 00:09:04
  EPC: 80184E5C, ErrEPC: 60000001, BadVA: 0x0D0D0D11, SREG: 1000E703
  Cause: 0x00000010 (code 4): Address Error (load or ifetch) exception
  Signal 10, Exception code (0x0010)!
  Frame 00: SP = 0x80C84980 PC = 0x80184E5C
  Frame 01: SP = 0x80C849B8 PC = 0x80440E74
  Frame 02: SP = 0x80C84A78 PC = 0x80440014
  Frame 03: SP = 0x80C84AA8 PC = 0x801C3CFC
  Frame 04: SP = 0x80C84AC0 PC = 0x801C3CE8
  -Traceback= 80184E5C 80440E74 80440014 801C3CFC 801C3CE8
  Thanks very much for your reading and help!!

  The first thing you might want to try is upgrading the 2950 code , that is very old code .The latest is 12.1.22-EA5a .

• Catalyst 2950 - Problem updating IOS

  I am trying to upgrade from version 12.1 (14) EA1a to version 12.1 (22) EA5 on a Catalyst 2950. When I look at the flash directory, I see the following:
  Directory of flash:/
  2 -rwx 269 Jan 01 1970 00:01:27 env_vars
  3 -rwx 1247 Mar 09 1993 06:09:06 config.text
  4 -rwx 5 Mar 09 1993 06:09:06 private-config.text
  7 -rwx 110 Mar 01 1993 00:01:39 info
  8 -rwx 2958970 Mar 01 1993 00:03:19 c2950-i6q4l2-mz.121-14.EA1a.bin
  9 drwx 2304 Mar 01 1993 00:04:30 html
  84 -rwx 110 Mar 01 1993 00:04:41 info.ver
  7741440 bytes total (2480640 bytes free)
  When I try to delete the old file (c2950-i6q4l2-mz.121-14.EA1a.bin), I receive a message that the No such file or directory exists. There is no typo when I entered the filename. Also, there seems to be a discrepancy in what free bytes are being shown as available. The system shows 2480640 free bytes, but by my calculations, there should be 4778425 bytes available. Are they files that are hidden and why can I not delete the other file? Thanks.

  Hi,
  Are you able to dlete any other file except this from the flash. This could be a problem in accessing the flash properly. I would suggest try formatting the flash:, this will make the flash sectors empty and will be as a new scratched one. This should help in uploading the new IOS.
  ***** Please make sure that the switch doesnot reboot at while while you format the switch and upgrade the IOS as the switch will fall in rommon with any image.
  HTH,
  -amit singh

• 2950 SX and 3550-12G Connection Problem

  In a Network we have 2950-SX as edge switches and 3550-12G as access switches. In 2950-SX we have 24-Port 10/100 Ethernet ports and 2-Fixed F.O ports which connector is MTRJ. in 3550-12G we have 12-Giga bit module in which we are using SC-1000 Base SX port.
  To connect these switches we are using one side MTRJ and other side SC connector Patch Cord (company manufactured). We have try MTRJ male and female both type of Patch cords to connect 2950 with 3550 but we fail every time. We have try to swap the RX-TX on the SC side but result is same and connection between 2950 and 3550 didn’t up so please advice any suggestion.

  Try to set the encapsulation on the 355012G to dot1q.
  [switchport trunk encapsulation dot1q]