Catalyst 3550 stack and etherchannel
I wonder if it is possiable to organize gigabit etherchannel from stack of two catalyst 3550 to server. The problem is to connect server's 2-port NIC to both switches, not just one, and have loadbalancing over 2 links while staying connected in case one of the switches goes down. If not, is it possiable with 3750 switches.
Hi,
This is not possible on 3550's as they do not use true stacking feature on that and moreover both the switches have different configs and they do not get Sync. I think it is possible in case of 3750's, though havnt tried myself.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12119ea1/3750scg/swethchl.htm#1033981
regards,
-amit singh
Similar Messages
-
Switch stacking and Etherchannel
Hi,
on doing some research I came to a question which I cannot answer so far, when you stack 2 switches together you are effectivly creating a larger single switch (correct if otherwise), so when you connect two switches together via EtherChannel ports aren't you achieving the same thing ?
Differences between these two situations needs clarification please.
ThanksDisclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
No, they are quite different.
Etherchannel allows you to bundle multiple links into one logical link, is roughly somewhat like MLPPP or an ATM inverted mux.
Stacking allows you to bundle multiple independent switches into one logical switch.
You can use both, together, or not.
Etherchannel now has also has an industry standard, LACP. Stacking is very proprietary and may differ between different devices. For example, you can stack original generation 3750s, StackWise, with later generation 3750s (E/X models) StackWisePlus, but both won't stack with 2960S, FlexStack, or later 2960 FlexStack-Plus series models, although FlexStack and FlexStack-Plus can stack together. There's also StackWise-480 for the 3850, which I think only works between them. There's also, other Cisco devices, VSS, which makes a pair like one, sort of a special dual stack, but interestingly, those use "ordinary" ports, often Etherchanneled, the other stacking technologies use special stacking ports (generally offering more bandwidth). -
Password reset on a Cisco Catalyst 3550 series
We have a Cisco Catalyst 3550 series, and we don't have the password to gain access to the switch through a web browser. My question is if I reset the password using Hyper-terminal, does changing the password affect any vlan or fiber optic settings that I should know about. Or does resetting the password changes our switch to factory settings?
Hi,
The password recovery procedure for your switch is described in this document:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-2950-series-switches/12040-pswdrec-2900xl.html
If you follow the instructions in the document exactly, you will retain the original configuration - you just rename the configuration file so that it is not loaded when the switch boots up. However, you will still be able to display it after the switch boots up using the more flash:config.old . Eventually, you can even load it into running-config using copy flash:config.old running-config command. At that point, the old passwords will be brought back but because you already are in the privileged EXEC mode, you can change them and save the updated configuration.
VLANs should not be affected as long as you do not delete the vlan.dat file located in FLASH. Fiber optic ports should not be affected as long as you are using original Cisco GBICs. If you're using 3rd party GBICs, it may be necessary to enter the service unsupported-transceiver hidden command in the global configuration mode before they get recognized.
Good luck!
Best regards,
Peter -
Using Catalyst 3550 Switch with Linksys Home Router and Cable Internet
I've about pulled what little hair I have out of my head on this one, and need some configuration help.
I have a Cisco Catalyst 3550 switch with five Windows 7 desktops, an Avaya PBX and five Avaya IP phones attached. All of these devices are on a 192.168.0.0/24 subnet, and are communicating properly. I will refer to this as network # 1. I also have SEPARATE network, we'll call network # 2, using AT&T ADSL service and a Netgear 4-port/wireless router/ADSL modem combo device, which is functioning properly with a couple of other Windows 7 desktops over its own wired Ethernet network, using DHCP, and also on a 192.168.0.0/24 subnet. I thought it would be a simple integration, just plugging one of the 3550's ports to one of the DSL router's ports, in order to give the five Windows 7 desktop computers on network # 1 internet access via the DSL modem. Guess I was wrong. When I connect the two switches together, although I get a good connectivity (green lights on both ports) and am able to ping the DSL router's gateway address (192.168.0.252) from network # 1's computers, the computers on network # 1 cannot access the internet. Also, the working computers on network # 2 lose their internet access as long as the two switches are connected together. I am not a Cisco guru, but there's got to be a way to make this scenario work. Can someone provide me with a 3550 configuration that will allow me to extend my internet service from network # 2 on the DSL router to my 3550 switch and their computers? Here's what I am looking for:
INTERNET ---> ADSL MODEM ---> NETGEAR ROUTER ---> CISCO 3550 SWITCH ---> NETWORK DEVICES WITH INTERNET ACCESSThe Netgear router is probably what's doing the natting. Is the 3550 configured for routing or is it straight L2? If you have the 3550 configured as L3, then it's going to be easy to do what you want. Just add a static route on the Netgear to point the subnet that it doesn't know about to the 3550. For example, if the Netgear is addressed at 192.168.1.1 and the Cisco 3550 is addressed at 192.168.1.2, but it also knows about the 192.168.0.0/24 (separate vlan), then you would put a static route on your Netgear for 192.168.0.0/24 to go to 192.168.1.2.
The way that I would do it is to create a separate vlan on the 3550 and assign an address to it. Once you do that, make the port that the other switch connects to an access port of that vlan. (It would need to be on the same subnet as the existing equipment.) All of your devices would use it as a default gateway and then you would do the rest as above. You could also use RIP between the Netgear and Cisco if you can't do static routing.
HTH,
John -
Catalyst 3550 and unidirectional multicast
I have several segments routed by several Catalysts 3550. In one of the segments i start multicast TV streamer. I use IGMP and PIM to route the multicast. But how to restrict the clients only to receive multicast TV stream not to send multicast traffic to other segments joined the same group ?
Setting a boundary or setting scope will restrict all multicast traffic and preventing any local client from sending any multicast would also prevent forwarding the received multicast any further. Depending on the topology and what the processing requirements are this might or might not be a good solution.
Another alternative to consider is if you want to allow received multicast to be forwarded but want local originated multicast not to be forwarded would be to configure an outbound access list on the interface. In the access list would be a line like this:
deny ip 224.0.0.0 15.255.255.255
this will deny any packet with any broadcast destination address which has a source address within the local subnet. The acccess list would also have to have appropriate permit commands for the traffic that you do want to send (perhaps permit ip any any).
HTH
Rick -
Etherchannel issue between 3750 stack and WS-CBS3012 for IBM blade centre
Hi,
We are trying to configure Etherchannel between four ports of cisco 3750 stack(2ports from one switch of stack and two ports from another switch of same stack). We are facing issues with this setup. The ports in WS-CBS3012 are going to err disable mode.
Is there any limitations associated with such a cross-stack etherchannel configuration. Please suggest if there is any particular sequence of configuration involved.
Switch1 in stack
int gi 3/0/3
switchport mo trunk
switchport trunk allowed vlan 10-30
sw tr en dot1q
channel-group 1 mode on
spanning-tree guard root
switch 2 in stack
int gi 3/0/3
switchport mode trunk
switchport trunk allowed vlan 10-30
sw tr en dot1q
channel-group 1 mode on
spanning-tree guard root
int port-channel 1
switchport mode trunk
switchport trunk allowed vlan 10-30
sw tr en dot1q
channel-group 1 mode on
spanning-tree guard root
in WS-CBS3012 ports are configured with trunk,allowed vlan and etherchannel configuration with mode on.
With Regards,
Madhan kumar GHi,
The commnad "no spanning-tree etherchannel guard misconfig" on WS-CBS3012 resolved the issue.
Regards,
Madhan kumar G -
Cluster switch and etherchannels
I`m configuring etherchannel between two catalyst 2950 stacked using gbic gigastack 3500XL and two gbic 1000BaseT to form the port group, I configured a cluster with both switches and I tried to connect to a Stacked core switch 3750, but when I connected the second gbic 1000BaseT the network fails.
Is possible setting up Etherchannel between two different switches using a cluster configuration to a core switch 3750?
Jesus CanasteroHi Jesus,
Support for cross-stack etherchannels is mentioned here for the 3750:
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a008017ed8f.html
Lack of support for cross-stack etherchannels for gigastacked switches is not explicitly mentioned in any document, however. The lack of support is implied by not being listed among the supported features.
HTH,
Bobby
*Please rate helpful posts. -
3550 smi and xls randomly slowing network down
Please help i have over 50 3350 xl's and smi Cisco switches, which at random time on different floor in a 20 story building slows network down. The switches are not struggling traffic or reporting errors. I have logged many calls with cisco and together we configed udld loopguard spanning treeport fast and upgrade all devices to the latest ios. but after doing tests by transferring 1 gig data from client building to hosting facilty some switches take 50% more time to tranferrer the data. The swtiches are gig stacked in pairs of 3 which connect to 2 4000 switches via fibre. Any ideas what else this could be. ? I have noticed that the gig stacks to each other are mauanlly set to half duplex. is this normal or should i false to full duplex ?
It shows Spanning-tree Protocol failures in some Catalyst 3550 models
Try bug CSCdy21905 -
Catalyst 3850 Stack VLANs, layer 2 vs. layer 3 design question
Hello there:
Just a generic, design question, after doing much reading, I am just not clear as when to use one or the other, and what the benefits/tradeoffs are:
Should we configure the switch stack w/ layer 3, or layer 2 VLANs?
We have a Catalyst 3850 Stack, connected to an ASA-X 5545 firewall via 8GB etherchannel.
We have about 100 servers (some connected w/ bonding or mini-etherchannels), and 30 VLANs.
We have several 10GB connections to servers.
We push large, (up to) TB sized files from VLAN to VLAN, mostly using scp.
No ip phones, no POE.
Inter-VLAN connectivity/throughput and security are priorities.
Originally, we planned to use the ASA to filter connections between VLANs, and VACLs or PACLs on the switch stack to filter connections between hosts w/in the same VLAN.
Thank you.If all of your servers are going to the 3850 then I'd say you've got the wrong switch model to do DC job. If you don't configure QoS properly, then your servers will start dropping packets because Catalyst switches have very, very shallow memory buffers. These memory buffers get swamped when servers do non-stop traffic.
Ideally, Cisco recommends the Nexus solution to connect servers to. One of the guys here, Joseph, regularly recommends the Catalyst 4500-X as a suitable (and financial) alternative to the more expensive Nexus range.
In a DC environment, if you have a lot of VM stuff, then stick with Layer 2. V-Motion and Layer 3 don't go hand-in-hand. -
Catalyst 3550: Loading IOS via TFTP from ROMmon?
Hi everybody,
I need to load an IOS from ROMmon-mode to a Catalyst 3550.
Of cause I could do that via xmodem but I thought it should also be possible via TFTP.
What I did:
switch: IP_ADDRESS=192.168.1.1
switch: IP_SUBNET_MASK=255.255.255.0
switch: TFTP_SERVER=192.168.1.2
switch: TFTP_FILE=c3550-ipservicesk9-mz.122-35.SE5.bin
switch: DEFAULT_GATEWAY=192.168.1.1
switch: set
BOOT=tftp://192.168.1.2/c3550-ipservicesk9-mz.122-35.SE5.bin
DEFAULT_GATEWAY=192.168.1.1
IP_ADDRESS=192.168.1.1
IP_SUBNET_MASK=255.255.255.0
MAC_ADDR=00:0F:90:7F:B1:00
MODEL_NUM=WS-C3550-48-SMI
MODEL_REVISION_NUM=L0
MOTHERBOARD_ASSEMBLY_NUM=73-5701-09
MOTHERBOARD_REVISION_NUM=A0
MOTHERBOARD_SERIAL_NUM=CAT08130PUT
POWER_SUPPLY_PART_NUM=34-0967-02
POWER_SUPPLY_SERIAL_NUM=DTH08094HH7
SYSTEM_SERIAL_NUM=CAT0813Z29A
TFTP_FILE=c3550-ipservicesk9-mz.122-35.SE5.bin
TFTP_SERVER=192.168.1.2
switch: boot tftp://192.168.1.2/c3550-ipservicesk9-mz.122-35.SE5.bin
Loading "tftp://192.168.1.2/c3550-ipservicesk9-mz.122-35.SE5.bin"...tftp://192.168.1.2/c35 50-ipservicesk9-mz.122-35.SE5.bin: permission denied
Error loading "tftp://192.168.1.2/c3550-ipservicesk9-mz.122-35.SE5.bin"
Interrupt within 5 seconds to abort boot process.
Boot process failed...
switch: boot
Loading "tftp://192.168.1.2/c3550-ipservicesk9-mz.122-35.SE5.bin"...tftp://192.168.1.2/c35 50-ipservicesk9-mz.122-35.SE5.bin: permission denied
Error loading "tftp://192.168.1.2/c3550-ipservicesk9-mz.122-35.SE5.bin"
Interrupt within 5 seconds to abort boot process.
Boot process failed...
Am I doing something wrong or is it generally impossible to load an IOS via TFTP to a 3550?
Thanks in advance
RolfI am pretty sure you can't boot from a TFTP server with the Catalyst 3550 (or any of the other standalone access switches - 2950, 3550, 3560 3750 etc). If you want to recover one you need to recover it using XModem via the console:
http://www.cisco.com/en/US/products/hw/switches/ps628/products_tech_note09186a0080169696.shtml
I used to think you had to do this at 9600-baud, however you can increase the baudrate and it only takes 10-20 minutes (I couldn't get 115200 to work but 57600 worked OK and took about 20-minutes).
You need to remember to put the baud rate back to 9600 when the image is back on as it gets stored in NVRAM and reboots etc are at the stored speed (i.e. changing it after it has booted under the line con 0 doesn't get saved to NVRAM).
HTH
Andy -
dear all,
how to configure policy-map on catalyst 3550 to shapping bandwidth. I've tried to setting that police-map in one of interface, but when I wrote sh policy-map interface fa0/1, in class-map field, the result are
class-map: policeIn (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
match: access-group 112qm_police_inform_feature: CLASS_SHOW
Could u give me a clue..??
thx.
..::rhiez::..hi,
i've checked statistic of interface and there is traffic on that interface :
Hardware is Fast Ethernet, address is xxxx.xxxx.xxxx.xxxx(bia xxxx.xxxx.xxxx)
MTU 1500 bytes, BW 512 Kbit, DLY 100 usec,
reliability 255/255, txload 102/255, rxload 42/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 100Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters 00:03:16
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 85000 bits/sec, 67 packets/sec
5 minute output rate 961000 bits/sec, 201 packets/sec
12965 packets input, 2137646 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
38564 packets output, 23504798 bytes, 0 underruns
0 output errors, 46 collisions, 0 interface resets
0 babbles, 0 late collision, 62 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
is there another way to shapping bandwidth per vlan or per port interface on catalyst 3550 with IOS 12.1(8).
thx.
..::rhiez::.. -
Need help - Catalyst 3550 on CCM4.1 Voip
Guys.
We had a Catalyst 3550 switch fail last week, and the guy who really knows this system has left the company.
The switch has a non-free molecules error, which i believe is terminal.
I've sourced a replacement switch and need help configuring it.
I copied the running config from it's sister switch (there are only 2 switches on this ccm), however, the sister switch is a 3560.
I changed the I.P address and switch name before uploading it to the 3550 on the off chance it might just work.
Show run on the 3550 shows that it might be configured, but when i connected it, it took the gateway down.
I'm really up the creek at the moment unless i can get someone to either look at it, find an old config or get this guy back in for a few hours.
Any advice would be greatly received.
Looking at show run, i see two refernces to VLAN's
interface Vlan1
ip address 170.205.238.3 255.255.255.0
interface Vlan10
ip address 10.10.0.254 255.255.255.0
ip classless
ip route 0.0.0.0 0.0.0.0 170.205.238.1
no ip http server
The I.P address 170.205.238.1 is alien to me.. i don't know what this is. However, what i do know is that i never changed this. This IP address is the same in the 3560.
Could this cause an issue ?. I'm not aware of anything on a 170.X.X.X subnet, this could have been some legacy from the previous owners of the building.
The first 3 ports in the switch are connected to the publisher, subscriber and gateway router.
Does it matter which port is connected to which component. ?
I believe that i can't be too far away from configuring this, but without any help, i'm a bit stuck.
LEE-SW-CC_VOIP-01#show run
Building configuration...
Current configuration : 6147 bytes
version 12.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LEE-SW-CC_VOIP-01
enable secret 5 $1$2BRP$UtiYkRMAsp7roykkfRDo3/
username cisco privilege 15 secret 5 $1$mh3w$w8H5ygAfDUOBdiE2UftB8.
ip subnet-zero
ip routing
vtp domain LEE
vtp mode transparent
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
vlan 10
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/2
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/3
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/6
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/7
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/8
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/9
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/10
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/11
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/12
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/13
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/14
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/15
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/16
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/17
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/18
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/19
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/20
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/21
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/22
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/23
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface FastEthernet0/24
switchport mode access
switchport voice vlan 10
no ip address
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
mls qos trust cos
udld port aggressive
auto qos voip trust
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
mls qos trust cos
udld port aggressive
auto qos voip trust
priority-queue out
interface Vlan1
ip address 170.205.238.3 255.255.255.0
interface Vlan10
ip address 10.10.0.254 255.255.255.0
ip classless
ip route 0.0.0.0 0.0.0.0 170.205.238.1
no ip http server
logging trap debugging
line con 0
exec-timeout 0 0
privilege level 15
login local
line vty 0 4
privilege level 15
login local
length 0
line vty 5 15
privilege level 15
login local
length 0
end
LEE-SW-CC_VOIP-01#Always wanting to learn more, I re-instated the test config and ran those commands.
LEE-SW-CC_VOIP-01#show cdp neighbor
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
LEE-SW-CC_VOIP-01#show ip int brief
Interface IP-Address OK? Method Status Prot
ocol
Vlan1 170.205.238.2 YES NVRAM up down
Vlan10 10.10.0.254 YES NVRAM up down
FastEthernet0/1 unassigned YES unset down down
FastEthernet0/2 unassigned YES unset down down
FastEthernet0/3 unassigned YES unset down down
FastEthernet0/4 unassigned YES unset down down
FastEthernet0/5 unassigned YES unset down down
FastEthernet0/6 unassigned YES unset down down
FastEthernet0/7 unassigned YES unset down down
FastEthernet0/8 unassigned YES unset down down
FastEthernet0/9 unassigned YES unset down down
FastEthernet0/10 unassigned YES unset down down
FastEthernet0/11 unassigned YES unset down down
FastEthernet0/12 unassigned YES unset down down
FastEthernet0/13 unassigned YES unset down down
FastEthernet0/14 unassigned YES unset down down
FastEthernet0/15 unassigned YES unset down down
FastEthernet0/16 unassigned YES unset down down
FastEthernet0/17 unassigned YES unset down down
FastEthernet0/18 unassigned YES unset down down
FastEthernet0/19 unassigned YES unset down down
FastEthernet0/20 unassigned YES unset down down
FastEthernet0/21 unassigned YES unset down down
FastEthernet0/22 unassigned YES unset down down
FastEthernet0/23 unassigned YES unset down down
FastEthernet0/24 unassigned YES unset down down
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
LEE-SW-CC_VOIP-01# -
Catalyst 3750E's and DHCP Snooping
I am using on our perimeter Catalyst 3750E's and 4500 series switches and I have DHCP Snooping enabled. Each switch has redundant Layer 3 10Gb uplinks back to our Core/Distribution switches. We have a central DHCP server and each switch writes its snooping database back to a central TFTP server.
This was working fine until we upgraded our Active Directory domain to a 2008 domain, with our DHCP server now residing on a Windows 2008R2 server.
Since the upgrade all 12 stacks of 3750E's will no longer write of the dhcp snooping database.
show ip dhcp snooping database
Agent URL : tftp://<path>
Write delay Timer : 3600 seconds
Abort Timer : 300 seconds
Agent Running : No
Delay Timer Expiry : 17 (00:00:17)
Abort Timer Expiry : Not Running
Last Succeded Time : None
Last Failed Time : None
Last Failed Reason : No failure recorded.
Total Attempts : 0 Startup Failures : 0
Successful Transfers : 0 Failed Transfers : 0
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 0
Media Failures : 0
All of the 4500's (5 of them) however still work as they did prior to the upgrade.
show ip dhcp snooping database
Agent URL : tftp://<path>
Write delay Timer : 3600 seconds
Abort Timer : 60 seconds
Agent Running : No
Delay Timer Expiry : 2737 (00:45:37)
Abort Timer Expiry : Not Running
Last Succeded Time : 07:18:07 EDT Wed Jun 15 2011
Last Failed Time : None
Last Failed Reason : No failure recorded.
Total Attempts : 13 Startup Failures : 0
Successful Transfers : 13 Failed Transfers : 0
Successful Reads : 0 Failed Reads : 0
Successful Writes : 13 Failed Writes : 0
Media Failures : 0
Is this a software bug and has anybody else seen this after upgrading to a Windows 2008 AD domain?well i found this
When DHCP snooping is disabled and DAI is enabled, the switch shuts down all the hosts because all
ARP entries in the ARP table will be checked against a nonexistent DHCP database. When DHCP
snooping is disabled or in non-DHCP environments, use ARP ACLs to permit or to deny ARP packets
We dont do arp acl
Here is a little infor on the setup on 6500
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs: Q,W,E,RT,TY,Y
Insertion of option 82 is enabled
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
Interface Trusted Rate limit (pps)
GigabitEthernetX/X yes unlimited
Port-channel yes unlimited
port config port-channel
ip arp inspection trust
ip dhcp snooping trust
2960 config
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:Q
Insertion of option 82 is disabled
circuit-id default format: vlan-mod-port
remote-id: 1111:1111:1111 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface Trusted Allow option Rate limit (pps)
Port-channel yes yes unlimited
port config
interface Port-channel
ip arp inspection trust
ip dhcp snooping trust -
Catalyst 3550-48 unable to boot
Hi,
I have a catalyst 3550-48 switch which is running the ios image c3550-ipbase-mz.122-25.SEB4.bin. the problem is now its not booting, it directly goes to rommon mode from there if I issue the command boot flash:c3550-ipbase-mz.122-25.SEB4.bin it gives me the error message like loading ...... c3550-ipbase-mz.122-25.SEB4.bin .....magic number mismatch:bad mzip file
please help me to resolve the issueHi Friend,
Seems to be a corrupt image. The best solution will be to xmodem the same image again.
Download the same image again from cisco.com and xmodem to the switch.
Have a look at this xmodem procedure
http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a0080320001.html
HTH, if yes please rate the post.
Ankur -
Catalyst 3550 & 3560/3750 command 'show mls qos interface statistics'
On the Catalyst 3550 the command 'show mls qos interface statistics' will show ingress packet (or byte) counts with DSCP values. If you have policers configured then it also shows a count of packets that have been marked down to another DSCP value due to policing or any that have been dropped (obviously 'mls qos monitor dscp x' needs configuring). The same command on the 3560/3750 only shows the ingress & egress DSCP values, there is no column that shows packets (or bytes) that have been policed or dropped. Is there any command to display the same information with the 3560/3750?
Neither platform show counters when the command 'show policy-map interface x/x' is used so this won't work.
Thanks
AndyHi, I believe there is a command on the 3560 'sh mls qos interface policers' may be what you are looking for.
Here is what the command says it outputs:
To display QoS information at the interface level. This information includes:
The configuration of the egress queues and the CoS3-to-egress-queue map
Which interfaces have configured policers
Ingress and egress statistics, which includes the number of bytes that have been dropped
Maybe you are looking for
-
We have a iMac that is used by 3 different people, each with a separate log-in. Under Yosemite, can the individual users access the new features of Yosemite, i.e., iPhone access, using their individual Apple ID's? If yes, how? What does the sytem ad
-
Mini Display to Mini Display cable
Hello. I have a 27inch mid 2010 iMac and I'm soon to buy the new 27inch 2012 iMac. Is there a reason the apple store does not carry a mini displayport to mini displayport (male to male) cable to connect the older iMac as a 2nd monitor? Has Apple dee
-
Exporting Files when publishing
I'm trying to publish a project that consist of two menus. One on slide one, and one on slide two. In the menus, there are 'click boxes' that I have pointed to files. (pdf, htm, etc..) When I go to publish, it says the files may require output or som
-
Submit query button parameter form issue
hi im facing problem submit query button . im working in as 10g r2. Every thing is working fine but when i click on submit query button of parameter form. it gives error and and page cant find. its reason that it takes localhost name in url and local
-
What about ftp-access from www?
Hi folks, first I want to say, I browsed the forum since May 08. Second please excuse my English. I'm still trying to set up TC for FTP access from www. afp works but what about ftp? - I talk about ftp (RFC959) described in 1985! Why it does not work