Catalyst Switch Uptime
There is a site that I have just become responsible for and the first thing that I noticed is that some of the switches uptime is over 2years without a reboot. What is the longest your switch or router should go before it gets rebooted? Is there a white paper that explains the problems that can occur if you don't reboot, such as memory leak, vlan bleeding, etc.
Thanks,
John
While there have been a few releases of Catalyst code that have problems like memory leaks, they are the exception to the rule. Unlike some other operating systems there is generally not a need for a periodic reboot to clear memory problems. In general the Catalyst code is not bothered very much with issues of memory leaks and other similar problems. And memory fragmentation is usually not much of a problem - in contrast to some other operating systems. So uptimes of 2 years are not rare and are generally not a cause for concern. In general I would not reboot a Catalyst switch until there is a demonstrated need for it.
HTH
Rick
Similar Messages
-
The difference between VTP server and transparent mode on Catalyst Switch.
Hello
I have a question about the difference between VTP server mode and VTP transparent mode on general catalyst switch.
Basically VTP server mode can create and modify VLAN configuration but actually there is not any VLAN configuration through running-config, is it true? When I checked it on Cat3550, certainly there is not VLAN configuration on VTP server mode. But VTP transparent can create VLAN and configuration but does not synchronize with other switch VLAN status. I appreciate any related information and reason of the VTP server mode specification, thank you very much.
[VTP Transparent mode]
3550#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 27
VTP Operating Mode : Transparent
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
*omit
3550#
3550#sh run
Building configuration...
*omit
vlan 99
name TEST-VLAN
[VTP Server mode]
3550#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 27
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
*omit
3550#
3550#sh run
Building configuration...
*no VLAN like above configuration on VTP transparent mode.
Best Regards,
Masanobu HiyoshiHi mhiyoshi,
3550#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 27
VTP Operating Mode : Transparent
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
*omit
3550#
3550#sh run
Building configuration...
*omit
vlan 99
name TEST-VLAN
The above out put indicates that Vlan is created and then mode changed to transparent. i.e why revision no is 0.
3550#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 27
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
*omit
3550#
3550#sh run
Building configuration...
*no VLAN like above configuration on VTP transparent mode.
This indicates that vlan never created in server mode nor learnt from another switch as revision no is 0 -
The difference of the IEEE802.1x Auth between Cisco Routers and Catalyst switches
Hello
I am investigating the difference of the IEEE802.1x Auth between Routers and Switches.
Basically dot1x auth is availlable on Catalyst Switches. however if I want to check to
PortBased Multi-Auth , MAC address Auth and any certification Auth with this feature,
Is it possible to integrate into Cisco Router such as Cisco 891F ?
In my opinion Cisco891F is also available to use basic IEEE802.1x but if it compares with Catalyst switches such as Cat3560X
I think there might be any unsupported feature on Cisco 891F.
I appreciate any information. thank you very much in advance.
Best Regards,
Masanobu HiyoshiMany time in interviews asked comaprison between cisco routers and switches that i was answerless bcoz i dont have much knowledge about that.Can anyone provide me the compariosin sheet of the same.how are the cisco devices differ with each other how much Bandwidth each routres support and Etc...
Ummmm ... The most common question I get is "what is the difference between a router and a switch".
However, if you get a question like this, then my impression to this line of questioning are:
1. The candidate they are looking for has in-depth knowledge of routers and switches. And I mean IN-DEPTH!;
2. They are not looking for a candidate. They just want to stroke their ego. There is not alot of people who can give you the "names and numbers" of routers and switches at a snap of a finger. And if you do happen to know the answer, then and there, then expect a tougher follow-up question. -
i experienced a TCP delay on catalyst 4506, avoid the problem when i replaced 4506's with dummy unmanaged switches.
i used two PCs(PC 1 and PC 2) and two 4506 switches (S1 and S2)
PC 1 is connected to S1 (fast ethernet port)
PC 2 is connected to S2 (fast ethernet port)
S1 is connected to S2 (SFP gigabit ethernet port)
-I started continuous UDP,TCP,MULTICAST and PING from PC1 to PC2
-I unplugged link between Switch 1 and Switch 2
all communication stopped.
-I plugged link between Switch 1 and Switch 2
-UDP,MULTICAST and PING started immediately but TCP started with approximately 15 seconds delay. :-(
I repeated same procedure with unmanaged dummy switches instead of 4506, there wasnt 15 seconds delay. TCP showed up in 1 second.
How can I avoid TCP delay on catalyst switches? Probably some tuning with configuration would do the job?
tx for helpinghi gp and thank you very much for responding to this unusual problem.
- switch ports to the PCs are configured as portfast.
- switch ports between two catalyst switches are not configured (default)
- i didnt use the 'switchport access' command since they are default layer 2 interfaces. would 'switchport access vlan 1' command make any difference?
- i looked at the port status and confirmed connection is 100 mbps full duplex.
unusual issue is; ping, udp, multicast shows up in a very short time after I re-plug the uplink. that proves all ports are in forwarding state. only TCP shows up with delay, which doesnt occur on 200 $ unmanaged switch??
thanks in advance for any suggestions -
Can a Catalyst switch terminate a QinQ (double vlan tagged) connection on an SVI?
Can a Catalyst switch terminate a QinQ connection on an SVI? Is anything similar possible?
I know I can pass through QinQ traffic through a switch at L2, but can I take it in at L2 with double tags and terminate it on a L3 SVI somehow?
Im looking for a simple way of making a WAN lab environment.
IE I want to do the equivalent of this on a Catalyst such as a 3560/3750:
interface GigabitEthernet0/0.1
encapsulation dot1Q 101 second-dot1q 1
ip vrf forwarding 100101
ip address 1.1.1.1/24
interface GigabitEthernet0/0.2
encapsulation dot1Q 101 second-dot1q 2
ip vrf forwarding 100102
ip address 2.2.2.2/24
thanks in advance.Can a Catalyst switch terminate a QinQ connection on an SVI? Is anything similar possible?
I know I can pass through QinQ traffic through a switch at L2, but can I take it in at L2 with double tags and terminate it on a L3 SVI somehow?
Im looking for a simple way of making a WAN lab environment.
IE I want to do the equivalent of this on a Catalyst such as a 3560/3750:
interface GigabitEthernet0/0.1
encapsulation dot1Q 101 second-dot1q 1
ip vrf forwarding 100101
ip address 1.1.1.1/24
interface GigabitEthernet0/0.2
encapsulation dot1Q 101 second-dot1q 2
ip vrf forwarding 100102
ip address 2.2.2.2/24
thanks in advance. -
Differences between MSFC1 and MSFC2 in Catalyst switches
Hi,
Want to know the differences between MSFC1 and MSFC2 in Catalyst switches.Hi,
There is not much difference between MSFC1 and MSFC2, the main difference is how the MSFCs send the hardware programming to the PFC. The MSFC1 uses MLS to program the hardware by using the first packet of the traffic. While the MSFC2 uses CEF-based MLS to program the PFC so that the supervisor can make the hardware switching of the packet. NOtice the difference if the MSFC1 needs to see the first packet while the MSFC2, in theory will not need to see a first packet as it uses the CEF routing table to program the PFC2. Now, the kicker, if MSFC2 in sup1A , all this CEF-based MLS is not used since it needs PFC2 to be able to do this. Sup1A does not come with PFC2 only Sup2 comes with PFC2. The MSFCs gives the Cat6K a L3 ability and it's important but the switching performance of the switch depends on the PFC.
Here is a link on MSFC2 data sheet:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_data_sheet09186a00800887fd.html
Please rate helpful posts. -
Dacl on ACS 5.1 and Catalyst switch 3560
Dear all
I have ACS 5.1 and Catalyst switch 3560 with version 12.2(53)SE. I configure a dacl on the ACS and I use it on authorization profile.
This authrization profile is used on access policy.
I tried the authentication but it doesn't work. I checked the ACS logs and I found that the user is authenicated successfuly but the dacl gives this error (The Access-Request for the requested dACL is missing a cisco-av-pair attribute with the value aaa:event=acl-download. The request is rejected)
Steps:
11001 Received RADIUS Access-Request
11017 RADIUS created a new session
11025 The Access-Request for the requested dACL is missing a cisco-av-pair attribute with the value aaa:event=acl-download. The request is rejected
11003 Returned RADIUS Access-Reject
DACL:
deny ip host 1.2.3.4 1.2.3.0 0.0.0.255 log
permit ip any any log
Thanks on advance,Dear Tiago
I applied the command "radius-server vsa send". Now I can see the dacl is applied but I can't see it on the switch and even the authentication is succueeded ont the ACS logs but it give me unauthoized on the switchport. You can see the logs( started with the username acstest and the access-list is applied but it doesn't work and you can see theat it goes for mab after eap timed out). I hope you can help on this issue.
Dec 13,10 10:29:00.513 AM
00-23-AE-7A-58-A6
00-23-AE-7A-58-A6
Default Network Access
Lookup
Dot1x-3560-Switch
1.2.3.4
FastEthernet0/5
TESTACS
22056 Subject not found in the applicable identity store(s).
Dec 13,10 10:28:29.186 AM
#ACSACL#-IP-Guest-4cfcc14d
Dot1x-3560-Switch
1.2.3.4
TESTACS
Dec 13,10 10:28:28.726 AM
acstest
00-23-AE-7A-58-A6
Default Network Access
PEAP (EAP-MSCHAPv2)
Dot1x-3560-Switch
1.2.3.4
FastEthernet0/5
TESTACS
Thanks, -
Understanding ISE and dACL.
I don't understand correlation between ACL and dACL.
If dACL is downloaded to the Catalyst switch what is the status of the ACL attached to physical port. Is dACL appended to the existing ACL? When I typed ‘sh ip access-list int fa0/1’ I can see only dACL for access domain and dACL for voice domain appended to the previous dACL and no ACL lines.
Regards,
ViceHi,
Downloadable ACLs (dACL) are applied from your RADIUS server based on authentication and authorization policies. It overrides any standard interface ACL.
Standard interface ACLs are in place to limit traffic on the port before 802.1x or MAB authentication.
When an authenticated session terminates on the interface the standard ACL will be re-applied until the next authentication. -
Cryptographic IOS versions on Catalyst Switches
1. Where can one find the differences between Catalyst switch IOS with cryptographic features and without cryptographic features?
2. In order to access Cat switches over SSH and HTTPS, do we require Cryptographic versions of the Cat IOS?
3. What does "k9" stands for in IOS names? e.g. "3560-ipservicesk9"
ThanksHi
Answer to Q1 :
Best plase to compare the Catos and IOS is
www.cisco.com/go/fn
there you can search by ios names or platforms or features and compare images.
Answer to Q2 :
Yes you need Cryptographic version
Answer to Q3 :
K9 stand for Cryptographic version if you have ipservicesk9 you can do SSH in the feature navigator if you search the ios without K9 you will find this :
IP SERVICES W/O Crypto
that means this catos does not support Cryptographic.
Best Regards Bahman Mozaffari.
Please Rate if Helpful. -
Router "snmp-server contact" command for catalyst switches??
From the router you can configure the "snmp-server contact <text>" command
to set the system contact for SNMP. Is there any equivalent command for
Catalyst switches? I know that there's a "set system contact" command for
CatOS but i'm sure if it has something to do with SNMP.
Thanks in advance.Yes, set system contact on switch is the same that on the router for the above command. Once you use this this command to enter the contact info, it can be polled via the SNMP MIB Object sysContact (.1.3.6.1.2.1.1.4) from RFC1213-MIB. Example, if I use 'set system contact foo', I see the following using the 'show system' output:
System Name System Location System Contact CC
foo
Polling the above via the above MIB object on the switch:
% snmpwalk .1.3.6.1.2.1.1.4
system.sysContact.0 = foo
Similarly, if you set the 'System Name' on the switch using the command 'set system name ', can be polled via sysName (.1.3.6.1.2.1.1.5) from RFC1213-MIB
Lastly, 'set system location ', once set can be polled via sysLocation (.1.3.6.1.2.1.1.6) from RFC1213-MIB -
Update table which provide information about NAT feature support in Catalyst switches?
Hi,
I'm searching an update table which provide information about NAT feature support in Catalyst switches.
I would like to know if the Nexus 7000 support NAT but my table below is too old -> Updated: Apr 05, 2006.
From my research, it's not possible but i'm looking for an official documentation.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a008011c629.shtml
Thanks in advance
FrançoisHi,
No support of NAT on N7ks, see this posthttps://supportforums.cisco.com/thread/2045647
Your table is the latest one I know of so you'll have to look at the switches datasheets to really know but I highly doubt that newer switches not in the table support this feature.
Regards
Alain
Don't forget to rate helpful posts. -
Cisco 4507 Catalyst switch goes down
Hi,
We have cisco 4507 catalyst switch in which end users are connected. today this catalyst switch goes down , i checked the input power was normal but the Switch is not running. All the notification lights like supervisior engine and Fan status lights are showing in RED colur . So i switched off the SMPS and wait for some time and i switched ON , the switch starts running and in 3-4 minutes it again goes down.
Thanks and Best Regards,Get on the console port and watch it while it is booting up. It will usually tell you why it is failing in the logs or messages as it is booting up .
-
Can MPLS aware Netflow ver. 9 be enabled on the catalyst switches 6500
HI, I'm working for KOREA TELECOM, and currently providing MPLS VPN.
We're planning to provide our customer with traffic report using NetFlow..
I read some documents which reads Netflow ver.9 can be enabled on Cisco GSR 12000 Series, but no mention about catalyst switches. So, I ' m curious about that Netflow ver 9 can be activated on catalyst 6500 series.. because the point where switch is located already have mpls encapsulated packet ( mpls vpn packet).
Thank you , in advance.NetFlow is now integral to Cisco 6500. A configuration we recommend is as below:
mls netflow // This enables NetFlow on the Supervisor.
mls nde sender version 7
mls aging long 64 // This breaks up long-lived flows into (roughly) one-minute segments.
mls aging normal 32 // This ensures that flows that have finished are exported in a timely manner.
mls flow ip interface-full
mls nde interface
The next two commands will help to enable NetFlow data export for bridged traffic which is optional. You can specify the list of VLANs here to enable bridged traffic.
ip flow ingress layer2-switched vlan
ip flow export layer2-switched vlan
Apart from this, NetFlow has to be enabled on the MSFC using the below commands.
ip flow egress // This command has to be executed on all the L3/VLAN interfaces.
ip flow-export destination {hostname|ip_address} 9996 // The hostname or IP address of the flow server
ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: Loopback0
ip flow-export version 9
ip flow-cache timeout active 1
snmp-server ifindex persist
The new Cisco Flexible NetFlow actually allows for export of MPLS specific information (I believe it is stack lables) in addition to information on IP Address, port, etc. But you will need a tool that can support these additional fields. Otherwise you can view IP, port, protocol, etc related information from MPLS links.
Regards,
Don Thomas Jacob
ManageEngine NetFlow Analyzer -
Cannot Establish Gigabit Link Between Catalyst Switches and GSR Router
The GSR Gigabit interface is configured for no negotiation auto and the line protocol goes up when connected to the Catalyst switch.
The Catalyst switch port remains unconnected even when it is physically attached to the GSR router.The flow control settings must match on both sides for the link to come up. It is highly recommended that you configure auto-negotiation to on for both devices. (Auto-negotiation is enabled by default on all Catalyst switches.) Otherwise, if you have a layer 1 problem, the link remains up and a unidirectional link will result.
The initial software releases that support Gigabit Ethernet on the GSR router do not support gigabit auto-negotiation.
The following command configures gigabit auto-negotiation on the Catalyst 6000/6500:
set port negotiation module/port disable|enable -
Cisco nexus 9508 Vpc with catalyst switches
Hi,
i am karthik.
we are going to build the nexus 9508 with NX-OS in our data center. in existing we are having 50's of catalyst L2 and L3 switches.
If we perform the Vpc with 9K and catalyst switches. is there any restrictions on particular model catalyst switches will support Vpc with 9K?
Kindly clarify my question?
Thanks in advance for the valuable response!!!!Hi,
i am having 4500 series switches and 6E sup engine.
Then we are having nexus 9508 and N2232PP. when we try to configure fex between these switches.
in Nexus 9508 showing unknown features error.
Current Nx-OS version is n9000-dk9.6.1.2.I2.2.bin.
Maybe you are looking for
-
What do I have to do to get itunes to recognize or acknowledge my ipod when i plug it in?
Help with Ipod touch 4 connecting to itunes please?
-
Hfs: Runtime corruption detected on my external Back up disk
Using Drive Genius 3 on my iMac. I received an email from this application with Re: Drive Genius: DrivePulse™ Drive Integrity Warning. The message states: A potentially critical system error has occurred: hfs: Runtime corruption detected on FreeAgent
-
HT4097 Help restoring disabled ipad 4 that has not been synced to a computer.
I tried to restore my iPad 4, but at the end of the process iTunes says it's unable to restore because there is a password. Then it tells me to enter my password, but the iPad is disabled. Any suggestions?
-
Limitation of row and column in FR report
Hi all, i want to know what is the maximum number of row and column that we can display in FR report. and is there any possibility to increase the number of row and column in FR reports,if yes then how? Thanks in advance.
-
How do I change colour negative to positive?
How do I change colour negative to positive?