Add 3850 Switch to existing Core Stack

Similar Messages

• Core LAN with 3850 switches

  Hi everyone,
  I know Cisco does not classify the 3850 series switches as a core switch even in small implementations neither there is information on StackWise-480 how this is working in high availability in a similar way as VSS. What I am wondering whether I could create a DSN (Data-Center Services Node) with 2 of those switches, insert ASAs or Load Balancers in a DSN manner and L3 port-channel those into each switch, something similar to MEC in VSS.
  Anybody has any experience in implementing those switches in a similar way or it has any comments on that I would greatly appreciate it.
  Thanks in advance.
  Remi

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Again, can't speak specifically about the 3850s, although in principle, believe its supposed to function like StackWise does on a 3750s.
  On the 3750s stacks, failure of a member switch isn't too bad, but failure of the stack master can cause a "blip".  One potential issue, again on 3750s, is by default, stacks use the original stack master's MAC, and also by default, it changes when a new stack master is elected.  This can cause MEC port-channels to drop.  In theory, stack members are supposed to be able to continue to L2 forward during even a stack master reelection.  L3 forwarding depends on NSF settings (and stack MAC).  Stack MAC issues can be mitigated by using the persistent option.
  I recall (?) reading 3850s stacks are more VSS like than 3750 stacks (although "regular" VSS only supports two members).
  So, again, I'm unsure how solid a 3850 stack would be.
  PS:
  Depending on your core port needs, maybe a 4500-X VSS pair would be a better choice.

• Add configured switch to stack

  Hello.
  I have the next situation. I have 3850 switch stack of 4 switches. I also have standalone switch, totally configured. Is there any way I could add this standalone switch with saved config?

  I also have standalone switch, totally configured. Is there any way I could add this standalone switch with saved config?
  Your standalone switch must have NO CONFIG. 
  Your standalone switch must have the same IOS XE version as the current stack. 
  Your standalone switch must have the same Feature Set (IP Base, Advanced IP, etc.) as the current stack.

• What is the max number of 3850 switches in a stack

  This doc states 4.  Has there been any change to allow more?
  http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3850-series-switches/qa_c67-722110.html

  Up to 9 Cisco Catalyst 3850 switches can be stacked together to build single logical StackWise-480 switch since Cisco IOS XE Release 3.3.0SE.
  Prior to Cisco IOS XE Release3.3.0SE, up to 4 Cisco Catalyst 3850 switches could be stacked together.
  http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3850-series-switches/qa_c67-722110.html

• How many Cisco Catalyst 3850 switches can make up a Cisco StackPower stack?

  I know the number of Cisco 3850 switches for stacking is 9, so, if I make up a Cisco StackPower stack, MAX is 9, too?

   Hi, emma, only 4 switches can become part of the same Cisco StackPower stack in a ring topology.
  For the Cisco 3850 switches stack number,there are two types:
  Up to 9 Cisco Catalyst 3850 switches can be stacked together to build single logical StackWise-480 switch since Cisco IOS XE Release 3.3.0SE. Prior to Cisco IOS XE Release3.3.0SE, up to 4 Cisco Catalyst 3850 switches could be stacked together.

• 3850 switch stack upgrade with minimum downtime

  I was wondering if it is possible to do an upgrade of the individual stack members one at a time?
  Is it possible to go from one major release to another doing this?
  Is it possible to do this going from one minor release to another?
  Is it possible to upgrade one stack member at a time within the maintenance release?
  Thanks

  I was wondering if it is possible to do an upgrade of the individual stack members one at a time?
  Ans: Yes you can, but the switch will leave the stack 
  Is it possible to go from one major release to another doing this?
  Is it possible to do this going from one minor release to another?
  Is it possible to upgrade one stack member at a time within the maintenance release?
  Ans for all above 3: For Stack configuration to work properly, switches must have the exactly same ISO
  Recommendation: If they're many switches in stack,
  1. upload the IOS file in all the switches
  2. change the boot order in running config by:
  boot system flash: <new ios fiile name> 
  boot system flash: <old ios fiile name>
  3.  take the reload one  by one & copy the running config
  4. in this case, basically you would be making the new parallel switch stack by adding the reloaded switch with same config but with new IOS image  

• Cisco 3850 Switch and Windows 7 IP Conflicts

  Team,
  Last evening (Christmas eve) we setup a pair of Cisco 3850 with IP Base version 3.3.35SE (recommended) and 3.7.0E (very latest).
  We got these to replace a very old switch that had died. Attached to this network are windows 7 PC's with all the standard patches, service packs, etc.
  with standard port configs - no PC would work - and in fact on each screen we got the windows 7 IP Conflict pop up box.
  This seemed very odd to us, as we know these IP's are all static (no dhcp on this segment at all)
  we went with a very vanilla config on each port
  interface g1/0/1
  switchport host
  that is it - nothing special at all.
  well, after hours of research we found the 3850 has a problem where its "ip device tracking" (even though disabled, by way of NOT being enabled on any interface) will effect the windows 7 PC's ip address in use detection port start up phase!
  This is a very big problem. I am frankly SHOCKED Cisco would release a major switch that is going to not work when connected to the average network with windows 7 PC's.
  we tried 3+ hours of prescribed work-arounds found when researching this issue -
  ip device tracking probe delay 10 (global config)
  ip device tracking max 0 (disabed, on interface)
  finally,
  nmsp attach suppress (interface, however this appears to be a default command in all IOS-XE versions we tried, as the command did NOT show in the show run) . this effected many different nic card vendors (laptops, desktops) and nic card drivers levels from old to very recent.
  Finally,
  we compared a 3850 in another location to this one - and we never got HIT by this problem before because that 3850 only as TRUNK ports and no windows 7 hosts directly attached.
  Doing more research, I found out this also can effect vmware guests running windows SERVER.
  this is now a huge issue as we have a scheduled deployment of 3850's throughout our network which is going to be put on hold.
  the work-around I came up with which is not great is -
  Make ALL the "access" ports connected to PC TRUNK ports and leave the NATIVE vlan (untagged) as the vlan you want the PC's to be in
  interface g1/0/1
  switchport mode trunk
  switchport trunk native vlan 1
  this is NOT an acceptable workaround as this presents security issues even with
  switchport trunk allowed vlan 1, etc. as the only allowed vlan.
  Note: this issue manifested itself and windows 7 PC's were UNABLE to use the network. if you do "ipconfig /all | more" you would see
  192.168.0.140(duplicate) and the interface would actually use 169.254.0.239(duplicate) so the duplicate message appeared twice in the output.
  1) With and without an SVI interface on each 3850 for the vlan where the windows 7 machines had a duplicate
  2) when we had an SVI and the command ip device tracking probe use-svi (or whatever the hidden command is I forget now, but it took it)
  3) when we had aaa new-model configured - and not configured - thinking this was some artifact of having aaa turn on something like 802.1x port state
  4) when could confirm NO DHCP SNOOPING
  5) when we DID not use static IP's - and had the switch assign DHCP addresses - the Windows 7 PC's STILL had duplicates and didnt work for their "Just leased" ip's.
  6) when we could confirm ios-xe ip device tracking = disabled with show ip device tracking status, etc.
  This is a major problem for this 3850 and unless we get a definitive answer on why this is happening and how we can rectify we are going to have to return our 3850's and get HP Procurve's something I would rather avoid doing. There is NO REASON I can imagine other than older switches who's ports default to ROUTED ports (i.e.. no ip switchport) where a switch should not at least function as a bare switch with essentially a default configuration out of the box.
  Any ideas? I'm working well now with the ports ALL in trunking mode with vlan 1 native, but this is not a scalable workaround we can live with as we have security risks of a port not blocking certain vlans from going out ports to pc's, etc. that attackers could send tags on at that point, etc.
  thanks,
  Joe Brunner
  #19366

  thanks for replying - i'm not onsite (its a standalone network) - but here is what it is -
  Answers in line -
  This all stems from a switch replacement correct?
  yes a 10 year old Allied Telesyn switch was replaced that had no config - like a hub, just used for connectivity.
  Are these 3850's in a stack?
  >yes, tested all aspects of the stack many times.
  Does it have a managment ip address -If so, is it using the old switch ip address
  >old switch had no ip - i made a "management interface" on vlan 1 - BUT no ip on the built-in management interface on the switch.
  What are they connecting to? (a router/L3 switch/anohter switch- cisco-HP etc..)
  >various other devices - only 1 link back to a single 3750x stack. that switch is "hardened" so to speak to reveal or propagate very little by design.
  How are they connected( L3 interface/L2 trunk/access port)
  >all ports are left in trunk mode with vlan 1 as the active and untagged port. this was the workaround done to ever get the switch going. in "out of the box" or default mode as we initially wanted (no config) links to windows 7 PC's didnt work. links to linux or other devices non-windows did work!
  Are thse switches performing inter-vlan routing or just acting as host switches?
  >dumb flat network, no routing.
  Is ip routing enabled?
  >not unless enabled on 3850 by default. I didnt type "ip routing"
  Do you have multiple vlans in your network and if so ar ethe being propergated to these new switches?
  Your 7 pcs = are they just client pcs not servers?
  client PC's - no servers OS per say.
  can you confirm something like ICS isnt enabled (Internet connection sharing)  on any of them?
  >yes not enabled.
  Are the just using one NIC each?
  > one machine is dual homed - but we know where its "second nic" goes - to another cisco network which is NOT connected back to this one. we traced all our ports a few times thinking even perhaps some small hub was "reflecting" traffic back to us - like a blackbox. Strangest thing -
  default config out of the box - with ALL ports SHUTDOWN EXCEPT the single windows 7 facing port - the windows 7 machine STILL registered an IP CONFLICT when connected to the 3850 - even when it had NO SVI's!!! (i know mind numbing). if you disconnected the pc and connected it to an old cisco switch - it worked fine!!! wow.
  sh switch
  2 identical 3850's in working stack. power and network stacked. both at same version, etc - upgraded each time with "software install file flash:<long ios name>.bin
  tested all power and general 3850 stacking. saw no issues.
  sh int trunk
  >all ports are now trunks (hence the workaround used to get it up).
  has 20 trunks to PC's and some single connected switches (far away on fiber) - all allow only vlan 1 - no other vlans were created - very very simple network. vlan 1 is native
  sh vlan brief
  >just vlan 1 - no vlans created, checked this many times - had vlan 100 at one point - made sure it was gone over a period of hours.
  sh vtp status
  not setup - left complete default; no vtp domain set - connected to all switches in transparent model if a switch connection exists.
  sh cdp neighbours
  cant post (for god and country LOL) but there is one link back to our "core" so to speak - that switch is hardened not to allow any settings to slip over to new switches so hence no vtp, cdp is one to help troubleshooting.
  sh ip route
  just the L and C routes for the vlan 1 ip address 192.168.17.1/24
  no static routes
  no vlan interfaces other than int vlan 1
  no ip address on g0/0/0 -> the default 3850 management interface hard assigned to the 3850 VRF you cant remove.
  int g0/0/0
  ip vrf forwarding Switch_Mgmt
  i can get over there if you think of anything else key to show the group.
  thanks,
  Joe

• Has anyone deployed converged access with 3850 switches and 5760 WLCs?

  Has anyone deployed a converged access network architecture with 3850 switches and 5760 WLCs? I have done lots of projects with the 5508 WLCs In a centralized deployment. Basically with this design, I manage 2 logical networks as the wireless network is an overlay over the wired network. I can design firewall to segregate traffic between the wired and wireless hence I can carry both staff and guest traffic.
  Now Cisco is telling us that there is new design such that the dats plane traffic can be dropped locally through the 3850 switched. I am not sold on this and have not found any recommended best practices on when should we use a converged access architecture.
  Pros
  With converged access, data traffic is terminated at the MA which is on the switches, hence the WLC will not be a bottleneck? This is to prepare adoption for 802.11ac?
  Less hops for voice calls from user A to user B as data control traffic is dropped locally.
  Cons
  Now how do I segregate guest and staff traffic if my security folks say I need a firewall?
  Troubleshooting wireless client mobility will be a nightmare as the 3850 switches are MA.
  Pushing and upgrading code for the Code will mean upgrading the stack of switches in the LAN riser. This will be painful in a huge campus environment like an university.
  Can someone convince me why would a customer choose converged access?
  Sent from Cisco Technical Support iPad App

  They choose CA because of the capwap termination at the switch. You can still use a 5508 and tunnel guest to a DMZ segment if you wish. You will need a 5508 though is you want to tunnel traffic to an anchor WLC.
  Sent from Cisco Technical Support iPhone App

• CiscoView not displaying all switches in a 3750-Stack

  Hi,
  I am running LMS 4.1 and have an issue with Inventory: I have a stack of four 3750 switches, but only two of them are showing up in CiscoView. If I right-click - Topology - Device Report ;  I see all four switches.
  The switches are standard 3750 switches and should be included in the Device Packages for CiscoView
  Also if I go Reports  - Detailed Device ; I see the same two devices show up under Module Information. However when I go to Reports - Device Attributes ; I see all four devices correctly displayed.
  I have tried and deleted and added the stack in CiscoPrime, but with same result.
  Any ideas what the cause and fix could be?
  Thanks

  No, the problem is not in ciscoworks but on the stacks.
  You may need to take a backup of one of the stacks, port descriptions vlans , etc, and then do a write erase.
  Next you will need to Read The F Manual to make the other stack always be the master. Something in the config registry...  -) I don't recall what or how.
  Then you can connect the 2 switches from the other stack you erased to the existing stack, and then power the new member on.
  Then you should have one stack.
  The stack IP you deleted can be removed from ciscoworks, the other will be updated.
  Then you can configure the new stack members as they were configured previously, port descriptions vlans , etc.
  Cheers,
  Michel

• Do I need to create ip address to another switch when i use stack?

  Good Day!
  Please help me to answer this question in my title. I have 2 switches my old switch has configure ip address and i will use stack to my another switch the old one will be the primary and new switch is the secondary do i need to configure the ip address of the new 1 or  no need? i'm totally confuse on it. I hope you can help me regarding on this matter.Thank you.

  no Need.
  Here is the procedure:
  Tips to Add a Switch as a Slave to the Stack
  To add a switch, as a slave, to a stack, complete these steps:
  Note: Make sure the switch that you add into the stack has the same IOS version as the switches in the stack. Refer to Catalyst 3750 Software Upgrade in a Stack Configuration with Use of the Command-Line Interface to upgrade the IOS in a catalyst 3750 switch.
  Change the switch priority of the switch to be added to "1".switch stack-member-number priority new-priority-valueNote: This step is optional, but it will make sure that the switch has fewer chances to become a stackmaster in the future.
  Power off the switch that is to be added.
  Make sure that the stack is fully connected so that, when you connect the new switch, the stack will be at least in half connectivity and does not partition.
  Connect the new switch to the stack with the StackWise ports.
  Power on the newly added switch.
  After the new switch comes up, issue the command show switch to verify stack membership.
  HTH
  Regards
  Inayath
  ***********Plz dont forget to rate all usefull posts*********

• Emergency Responder and Cisco 3850 Switches

  I'm running Cisco ER V8.5, and recently installed new Cisco 3850 Switches. All the phones connected to the 3850 switches show a "unlocated" status. I've check the hardware compatibility Matrix for ER V8.5 and the 3850 is not on it.
  What are my options for locating these phones in ER and assigning them to an ERL. Manually defining the phones? Is there a patch or update to ER V8.5 that would make a 3850 compatible?

  I haven't used the 3850's with ER yet so can't speak to that specifically, but generally speaking you have more flexibility using location by subnets vs switches.  Scalability-wise, you can add way more subnets than switches.  There's more going on under the hood if you're locating by switches so the process overhead is greater.
  The only downside with using subnets is if you need to get more granular with your locations than your deployed subnets allow (ie a single voice subnet for an entire building but you need to define and assign locations at the floor level).  As long as you've been a little forward thinking on the route/switch side, you'll be fine.
  hope that helps,
  will

• Please make the FGS add on available. it exists so don't lie and say it doesn't! Why is FF so anti gamers?

  FGS is a game simplifier that is available through Facebook FF pretends that the add on does not exist. I don't know why FF hates gamers and gaming but it is very annoying. Please don't make me go to the EVIL google Chrome browser

  OK you win.. I'm going to switch to Chrome. I hate it already but given your inability to create a functioning browser I don't have a lot of choices. You oughta shame yourselves for doing this to good followers. I've been with FF since version1.

• CER and 3850 Switches

  I understand that CER versions lower than 9.x do not support 3850 switches. I am in a situation where my customer is running 8.6 and there isn't a plan yet on the horizon to upgrade their CER. Could one possibly add all of the phones manually on the 3850 switch to make it work? I realize this isn't best practice but wondered if it would work.

  ERL are located through Subnets, not the room number. If you want room number, you will have to use a Cisco switch. It uses CDP to pull the MAC address from the switch port. (using CDP)

• Cisco Catalyst 3850 switches

   How many Cisco Catalyst 3850 switches can stack into a single logical entity?

   Hi, emma, only 4 switches can become part of the same Cisco StackPower stack in a ring topology.
  For the Cisco 3850 switches stack number,there are two types:
  Up to 9 Cisco Catalyst 3850 switches can be stacked together to build single logical StackWise-480 switch since Cisco IOS XE Release 3.3.0SE. Prior to Cisco IOS XE Release3.3.0SE, up to 4 Cisco Catalyst 3850 switches could be stacked together.

• Cisco prime 2.1 not showing wired clients connected to Cisco 3850 switches

  Hello All,
  I have around 80 Cisco 3850 switches at a customer network and they are using prime infrastructure 2.1.2 to manage these devices. Most of the features are working fine except that the prime does not show the wired clients connected to the switches. The wireless clients are shown properly but not the wired clients. Their core switches are nexus 7k. The SNMP configuration on the switches is as follows.
  snmp-server group xxxx  v3 priv write xxxx-VIEW-WR
  snmp-server view xxx-VIEW-WR mib-2 included
  snmp-server trap-source Vlan100
  snmp-server host x.x.x.x version 3 priv testuser
  Please help me to resolve this issue.
  Shabeeb

  I managed to get the end hosts connected in 3850 switches with the use of snmp context command. But now the issue is that prime is showing only the mac address of the device , not the IP address. 
  Is there anyway to resolve this issue?