6509 and 4948 Switch Routing Question

We have a 6509 switch in our core that handles routing between dozens of VLANs with it's MSFC. I'm connecting a remote Layer 3 4948 Switch to the 6509 via a Gigabit Fiber Link.
The 4948 will be connected to servers on a couple subnets as well as an alternate internet connection that I would like to have the 4948 route between locally but also send traffic to the VLAN's on the 6509. We are using EIGRP as our internal routing protocol.
The question I'm running into is whether I can setup a trunk link between the 6509 and the 4948, VTP, and setup EIGRP to route only using one of the trunk VLANs and between the local VLANs (with SVIs) and routed ports or would it be best to just setup a routed port to connect to one VLAN on the 6509.
The advantage I see if the trunk idea is feasible is that I can allocate certain ports to be access ports and go back to the 6509 to route and not be affected by local routing on the 4948. I absolutely do not want the 4948 to take over routing of my entire network as it will be on the edge and the 6509 is the core switch/router.
The advantage with using the 4948 connected to the 6509 as a routed port is that nothing on the 4948 will interface with the 6509 at Layer 2 and I can also keep VLAN's local to that switch. On the downside though this would prevent me from setting up VLAN's that span across the network connected to the 6509 or other areas of the network.
My other question is whether I should use the same EIGRP AS# on the 4948 so it interacts and shares routes with the 6509 or use a separate AS# to keep things isolated.
Any thoughts or ideas on these questions?

Thanks for the advice.
I would assume then I would simply assign one physical port on my 4948 with an IP address with the no switchport command and then set the ip address configuration rather than assign a SVI identical to the subnet connected to on the 6509?
Then could I create a new VLAN on the 4948 for the servers with an SVI to point my servers to as their default gateway. I could then use eigrp to get routes shared between the switches and across my network. I'm assuming I could just assign the physical port on the 6509 to one of my vlans as an access port (old 6509 CATOS so I don't have the "no switchport" configuration option).
Also, will it cause any problems if I have the same vlan setup on both switches (even though I'm not trunking them) as long as I don't use the same ip address space on each?
Does that sound about right?
Any other thoughts or suggestions?
Jim

Similar Messages

How often should the Cisco 6509 and 3750 switches be rebooted? Does Cisco have a best practice recommendation?

How often should the 6509's and 3750's switches be rebooted?
Does Cisco have a best practice document on this and recommendation how long the switch should be up before it gets rebooted?
Why is a reboot needed if there are no indications of issues on the log?

I'd agree with Larry here.
If you're not seeing any issues with your IOS revision and there are no relevant PSIRTs (security notices applicalble to features and or exposure of your device requiring an IOS upgrade) then you can go a very long time without rebooting, if ever.
I'm sure it's far from a record, but our corporate distribution router that supports >1000 downstream devices day in and day out has never been rebooted since installation just over 5 years ago. I have a top of rack Layer 2 switch (2900 series running CatOS) that's almost at 10 years.
That said, you should have some monitoring scheme that assures you everything is healthy. But as long as memory and cpu are happy, the device will run forever.

UCS: switching/routing question

Hi,
I am trying to get a definitive answer to how switching and routing occurs in the UCS environment described below. I am also looking for a"primer" on the functions and overall process the IC plays in the UC.
We currently have 2x6120 conected to 6 chassis'. Most of them are ESX hosts with multiple VM's, each with VM's in different vlans. We are using the 1000v instead of the regular VDS. The IC's connect to a 7K with vlan SVI's. So, if there is a vm in vlan A that needs to communicate with a VM in vlan B, what is the route the data would take? Would they goto the 7K since that's where the SVI is or is the IC smart enough to make the switching decision?
Thanks in advance.

Hello Sudip,
Regarding introductions to the way the Fabric Interconnects work, check out the I/O Management section at the following page:
http://www.cisco.com/en/US/prod/ps10265/ucs_advantage_video_library.html
M. Sean McGee does a pretty good series on fundamental aspects of the UCS System.
By the way, the fabric interconnects are usually abbreviated as FI, not IC. This can help eliminate a little confusion when you talk to other UCS users. :-)
Regards,
Trevor
======================================================================================
If my answers have been helpful in any way, please rate accordingly. Thanks!

SNMP OIDs to identify port mode setting on 3750, 6509 and Nexus switches

Is there and OID I can use to determine if a port is setup as an access or trunk port?
Thanks

Hi Jeff,
for the c6500 I use CISCO-STACK-MIB::vlanPortIslOperStatus
vlanPortIslOperStatus.13.43 = notTrunking
vlanPortIslOperStatus.13.44 = trunking
and for the Catatlyst 2k/3k CISCO-VTP-MIB::vlanTrunkPortDynamicStatus:
vlanTrunkPortDynamicStatus.1 = notTrunking
vlanTrunkPortDynamicStatus.50 = trunking
! ifIndex
Unfortunately I don't have any Nexus yet.
HTH
Rolf

Vlan routing questions on the 6509

We have a 6509 VSS at our main site and one vlan (an IP class C size) is comprised of a large number of servers with single Gb interfaces. These are connected to the 6509 via various methods - blade centers with GB portchannels, some directly attached to the core, and some via 4948s with 10Gb trunk uplinks. My question is this...I know we have way too many servers in one subnet (this is not all of our servers) and I know that all broadcasts will hit every individual server but how does the 6509 ASICs handle the packets in and out of the vlan with multiple connections to that vlan on the 6509s? Can packets get routed through that 6509 vlan router interface simultaneously from the multiple layer 2 connections on the 6509s? What I am asking is if the 6509 vlan routing interface throttles all the Gb interfaces into a single GB interface through the vlan routing interface? What about the few servers on the 10Gb interfaces - are they throttled to a single routing 10Gb interface or does each connection have it's own connection to the routing interface? What I want to know is if the 6509 acts as though it was like a single separate (1G and 10Gb) router attached to the vlan - like a bunch of switches connected together with a single separate router attached to one of the interfaces for routing out of the vlan. Thanks

Packet switching within the vlan is not what I am asking about. I want to understand the process the 6509s use when they route from a vlan (one subnet) to another vlan (subnet) - L3 routing out of the vlan.
It's pretty much the same thing which is what Reza was explaining.
It can be helpful sometimes in terms of design etc. to think of a L3 switch as you would if it was a physical router and L2 switches but in terms of forwarding thinking of it like that is misleading.
In terms of forwarding L3 traffic the SVI does not correspond to the physical interface of the router. The actual interfaces used would, in the case of the 6500, be the physical port connections for the source and destination devices on their corresponding linecards.
If the linecards did not have DFCs then a part of the packet is sent by the linecard to the PFC for a forwarding decision. If they do have DFCs then they can make the forwarding decision locally.
Either way the forwarding decision is made by looking at the FIB (Forwarding Information Base) which is stored on the PFC and on each DFC if the linecards have them. The FIB should have entries for connected and remote networks (learnt via the IP routing table), the next hop IP and it's L2 mac address so all the information needed to forward the packet at L3 is there.
So, as Reza says, the packet is then switched either locally on the linecard from one port to another or is sent from the ingress linecard to the linecard with the egress port via the switch fabric.
Any bottlenecks within the chassis apply to both L2 and L3 forwarding eg oversubscription etc.
The above is a very high level view of how it works. If you want to understand it in greater detail it would be worth having a read of the link Reza provided.
Jon

Router 2811 and C2960 Switch Trunking Problem

Hi all
I got an problem with a trunking problem between Router 2811 and C2960 switch
In router 2811 - I created f0/0.1 10.65.20.1 (VLAN 1) and f0/0.48 10.65.23.1 (VLAN 48)
In C2960 - Vlan 1 10.65.20.30 , VLAN 48 10.65.23.30
Finally I can only ping VLAN 1 IP but fail to ping VLAN 48 IP, can help me how to troubleshoot it?
Hugo
Router 2811 Configuration:
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.65.20.1 255.255.255.0
interface FastEthernet0/0.48
encapsulation dot1Q 48
ip address 10.65.23.1 255.255.255.0
C2960 Configuration:
interface FastEthernet0/24
switchport mode trunk

2811#sh vlans
Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.1
This is configured as native Vlan for the following interface(s) :
FastEthernet0/0
Protocols Configured: Address: Received: Transmitted:
IP 10.65.20.1 388873 262275
Other 0 1723
390760 packets, 71854310 bytes input
263998 packets, 53723195 bytes output
Virtual LAN ID: 48 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.48
Protocols Configured: Address: Received: Transmitted:
IP 10.65.23.1 0 0
Other 0 20
0 packets, 0 bytes input
20 packets, 1883 bytes output
2960_24#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/24 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/24 1-4094
Gi0/1 1-4094
Port Vlans allowed and active in management domain
Fa0/24 1,48
Gi0/1 1,48
Port Vlans in spanning tree forwarding state and not pruned
Fa0/24 1,48
Gi0/1 1,48

No 'ip routing' command on switch and yet intervlan routing.

Hi,
In my companies 4500 switch I see there is intervlan routing configured for the 4 Vlans it has but I do not see any 'ip routing' command on it
to enable routing on the switch. Can a switch route even though the command isnt there?

Ran the 'show run all' command and it was there. Thought '
sh run | i ip' would display it but didn't.
Thanks for the command.
We just turned enterprise. I keep forgetting that.

Trunking between a router and a switch

i used the topology and the configuration described on the pictures included on this post.. but the problem that the ping failed between the switch and the router

The router config might not have been captured correctly coz it would not allow you to configure the subinterface with no vlan id after the encapsulation. But you can try this, define the native vlan 1 on the router's subtinterface for subnet 172.16.1.0/24. Also, what address of the router are you pinging from the switch?

EEM scripting assistance: Switch, router and AP CDP

We would like to create an EEM script which will let the switch populate the interface description based on the CDP neighbour, however, we want the script to only populate the interface if (and only if) the CDP is a Cisco wireless access point (AP), a Cisco Catalyst switch and a Cisco router.   We DO NOT want the interface description to be edited if the CDP neighbour is a Cisco phone or a Cisco DMP (for example).
This is our EEM script:
event manager applet update-port
event none
event neighbor-discovery interface regexp GigabitEthernet.* cdp add
action 100 if $_nd_cdp_capabilities_string eq "Router" goto 200
action 110 elseif $_nd_cdp_capabilities_string eq "Switch" goto 200
action 120 if $_nd_cdp_capabilities_string eq "Switch" goto 200
action 200 cli command "enable"
action 210 cli command "config t"
action 220 cli command "interface $_nd_local_intf_name"
action 230 cli command "description $_nd_cdp_entry_name"
action 400 else
action 500 end
And this is a sample of our “sh cdp neighbor” output:
Switch#sh cdp n d
Device ID: Wireless
Entry address(es):
IP address: <REMOVED>
Platform: cisco AIR-CAP3602I-N-K9   , Capabilities: Router Trans-Bridge
Interface: GigabitEthernet0/8, Port ID (outgoing port): GigabitEthernet0.1
Holdtime : 146 sec
Version :
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Mon 10-Dec-12 23:52 by prod_rel_team
advertisement version: 2
Duplex: full
Power drawn: 15.400 Watts
Power request id: 19701, Power management id: 2
Power request levels are:15400 0 0 0 0
Power Available TLV:
    Power request id: 0, Power management id: 0, Power available: 0, Power management level: 0
Management address(es):
Device ID: 00:0f:44:02:c5:29
Entry address(es):
IP address: <REMOVED>
Platform: Cisco DMP 4310G, Capabilities: Host
Interface: GigabitEthernet0/3, Port ID (outgoing port): eth0
Holdtime : 157 sec
Version :
5.4
advertisement version: 2
Duplex: full
Power Available TLV:
    Power request id: 0, Power management id: 0, Power available: 0, Power management level: 0
Management address(es):
Device ID: CALM040.mgmt.educ
Entry address(es):
IP address: <REMOVED>
Platform: cisco WS-C3750E-24PD, Capabilities: Switch IGMP
Interface: GigabitEthernet0/10, Port ID (outgoing port): GigabitEthernet1/0/22
Holdtime : 126 sec
Version :
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.0(2)SE, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Fri 27-Jul-12 23:26 by prod_rel_team
advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF0000000000000023AC075300FF0000
VTP Management Domain: 'ACTEducation'
Native VLAN: 99
Duplex: full
Power Available TLV:
    Power request id: 0, Power management id: 1, Power available: 0, Power management level: -1
Management address(es):
IP address: <REMOVED>
Device ID: 00:0f:44:02:b6:31
Entry address(es):
IP address: <REMOVED>
Platform: Cisco DMP 4310G, Capabilities: Host
Interface: GigabitEthernet0/2, Port ID (outgoing port): eth0
Holdtime : 169 sec
Version :
5.4
advertisement version: 2
Duplex: full
Power Available TLV:
    Power request id: 0, Power management id: 0, Power available: 0, Power management level: 0
Management address(es):
Best Regards/Leo

action 221 regexp "^([^\.])\." $_nd_cdp_entry_name match hostaction 230 cli command "description $host"
Hi Joe,
So the EEM is going to look like this:
event manager applet update-port
event neighbor-discovery interface regexp GigabitEthernet.* cdp add
action 100 regexp "(Switch|Router)" $_nd_cdp_capabilities_string
action 110 if $_regexp_result eq 1
action 200 cli command "enable"
action 210 cli command "config t"
action 220 cli command "interface $_nd_local_intf_name"
action 230 regexp "^([^\.])\." $_nd_cdp_entry_name match host
action 240 cli command "description $host"
action 500 end
Is this correct?

The difference of the IEEE802.1x Auth between Cisco Routers and Catalyst switches

Hello
I am investigating the difference of the IEEE802.1x Auth between Routers and Switches.
Basically dot1x auth is availlable on Catalyst Switches. however if I want to check to
PortBased Multi-Auth , MAC address Auth and any certification Auth with this feature,
Is it possible to integrate into Cisco Router such as Cisco 891F ?
In my opinion Cisco891F is also available to use basic IEEE802.1x but if it compares with Catalyst switches such as Cat3560X
I think there might be any unsupported feature on Cisco 891F.
I appreciate any information. thank you very much in advance.
Best Regards,
Masanobu Hiyoshi

Many time in interviews asked comaprison between cisco routers and switches that i was answerless bcoz i dont have much knowledge about that.Can anyone provide me the compariosin sheet of the same.how are the cisco devices differ with each other how much Bandwidth each routres support and Etc...
Ummmm ... The most common question I get is "what is the difference between a router and a switch".
However, if you get a question like this, then my impression to this line of questioning are:
1. The candidate they are looking for has in-depth knowledge of routers and switches. And I mean IN-DEPTH!;
2. They are not looking for a candidate. They just want to stroke their ego. There is not alot of people who can give you the "names and numbers" of routers and switches at a snap of a finger. And if you do happen to know the answer, then and there, then expect a tougher follow-up question.

About to make the switch internet question

Hey,
I am just about to make the switch and get a Mac Pro and I have a question that needs answering. I have two Linksys routers a Wireless-G and a Wireless-N. I need to know if I will be able to use either of these routers with a Mac? What I wanna do is hook the mac up directly to the router (Wired) as the main computer on my network and have all my windows computers hooked up to the router on wireless. I wanna get this figured out before I spend that big of a chunk of money.
Thanks

Yes. A router is not platform specific (mac vs
windows). The only thing you won't be able to do is
upgrade the router's firmware, which requires a
windows machine.
You most certainly can upgrade the LinkSys firmware from OS X. It doesn't work with Safari, but you can use Firefox, SeaMonkey, or Netscape (possibly others, though I have not tried it with any others).
Mac Pro 2.66, 3 GB RAM Mac OS X (10.4.7)

Two quick VLAN routing questions

lets say I have a L3 switch routing 4 VLANs
VLAN 1 is 192.168.10.0/24, the switch's virtual interface is 192.168.10.254 inside this vlan
VLAN 2 is 192.168.20.0/24, the switch's virtual interface is 192.168.20.254 inside this vlan
VLAN 3 is 192.168.30.0/24, the switch's virtual interface is 192.168.30.254 inside this vlan
VLAN 4 is 192.168.40.0/24, the switch's virtual interface is 192.168.40.254 inside this vlan
there is only one router going out from this switch to the net, and lets say it is in VLAN 1 and it's address is 192.168.10.1
first question-- inside of the L3 switch I will need to add a default route of 0.0.0.0 0.0.0.0 192.168.10.1
so that all traffic not corresponding to a 192.168.x.x address knows where to get out to the net, correct?
secondly- when configuring that router, is there a difference if I use the following static route:
192.168.20.0 255.255.255.0 192.168.10.254
instead of
192.168.20.0 255.255.255.0 192.168.20.254
either way, the packet gets to the L3 switch, but in one case it gets there via the VLAN interface inside of VLAN 1, and in the other case, it gets there via the VLAN interface inside of the VLAN for which the traffic is destined anyway. what im trying to figure out is, will this make any difference at all? especially in terms of broadcast packets?
if it makes no difference, then is it safe to say that the following static route would be optimal?
192.168.0.0 255.255.0.0 192.168.10.254
Solved!
Go to Solution.

Re "firstly". Correct. The L3 switch will route traffic according to its routing table. By default it knows all IP subnets to which it is directly connected to, i.e. all the VLAN subnets. If you have to add a default route manually or not depends on the exact implementation. It may well be that the L3 switch will use the any default gateway for routing which you use for the IP settings of the switch itself (if there is an option in the web interface to set a default gateway). If you cannot define a default gateway on the L3 switch you probably have to add a static route manually. The easiest way should be to check the current routing table and see if there is a default gateway or not.
Re "secondly". A router can only forward packets to the next hop router. The next hop router must be connected to that router. The route "192.168.20.0 255.255.255.0 192.168.10.254" is correct for a router with IP address 192.168.10.1 and subnet mask 255.255.255.0 as 192.168.10.254 is connected to the router. "192.168.20.0 255.255.255.0 192.168.20.254" is not correct. The router cannot learn the path to a specific subnet 192.168.20.0/255.255.255.0 by using a gateway in that subnet. It is not correct to use that kind of a route and you should not use it even if it might even work (because the router does a plain ARP request to find the MAC address of 192.168.20.254 and your L3 switch will respond to the ARP request even if it is on the internet of 192.168.10.254). The very moment when there would be another router between the 10 and 20 subnets it would not work anymore...
Re your conclusion: I would recommend to keep four static routes for the existing subnets on the L3 switch instead of putting everything into a larger single subnet which includes a lot of addresses which are not connected there. Technically it works if you only use working IP addresses. But you will see some loops if you send something to 192.168.55.50 or similar. The gateway router will send it to the L3 switch which will send it back to the gateway. They should figure it's a loop but still I would not recommend this kind of setup... Add routes for each of the L3 switch subnet...

Where to download ciscoview for 4948 switch?

I just picked up some second hand 4948 switches and wanted to install the embeded managment software. I can't find it anywhere in the downloads section? can anyone help..
is there a better FREE solution for managing these? I tried config profesional, but it only shows the routing config. There seems to be so many options.

The free GUI for managing Cisco switches would be Cisco Network Assistant (CNA). It installs on a client PC, not as embedded software on the switch itself. CCP, as you discovered, is designed for routers.
The switch has a very basic http(s) server that just puts a GUI on the CLI. coincidentally you do need to enable it to use CNA.

6509 and power failure

We have our 6509 on upc power back up but everytime we have power outage my 6509 has stops responding for at least a min and we get down pages for the vlans configured on MSFC. Has anyone seen this. I'm running cat6000-supk9.8-1-3.bin on SUP and c6msfc-jsv-mz.121-22.E2.bin on MSFC.
Thanks.

No, 6509 is one of our remote site in westcoast and monitoring system resides in our datacenter in Michigan. 6509 connected via Flexwan module at the datacenter and then we have another router and a switch which then connects to monitoring system. NOt only the monitoring system send pages but all servers went down and we lost all connectivity to this site for more than a min.
Model of my power supply is WS-CAC-1300W, there have not been any changes made in recent past.
Thanks.

Can I use Airport for a computer to computer network AND my wireless router

...at the same time?
I've got a MacBook Air and a MacBook Pro which I can happily connect together to share files or do screen sharing via a computer to computer airport network, or I can also switch (via Finder's airport menu) to my router's wireless network to access t'internet.
But, is it possible to NOT have to switch this over? I'd like to be able to share both computers' files AND be online at the same time. I'm hoping that the airport network can access the other Mac AND the wireless router simultaneously.
I'm guessing I couldn't use internet sharing on one of the computers because BOTH of them need to be switched to the ad-hoc computer to computer network.
I apologise if this question has been asked in the forums before, but it's impossible to do a meaningful search with keywords "airport" "internet" "computer to computer network" - those words cover pretty much every network-related post!

Airport can only connect to one wireless interface at a time...
However you are going about things the wrong way, what you want is a LAN... and that is exactly what your router provides, connect both computers to the router and then initiate file sharing and other local protocols.
If it does not work you will have to configure your router to enable devices to communicate with each other.
To do so you enter the *router's IP address* into your web browser's address bar, you can find this under *system preferences> network> airport>*
i.e. some common router private addresses: 192.168.1.254, 192.168.0.1, 10.0.1.10
This will display the router's web interface, you will need to refer to your router's documentation to find out how to configure it, but many are self explanatory or provide on page help. What most "user friendly" routers call it is "device isolation" or something similar, - this needs to be disabled (to allow all clients to communicate with each other).

6509 and 4948 Switch Routing Question

Similar Messages

Maybe you are looking for