Cisco 3850 AP licenses.
I'm hoping somebody can help me, I am about to deploy 3850s on a site with ~ 30 x 2602i AP's I have a couple of questions.
1. I can't figure out whether I need to buy licenses or not for the 3850s, I don't understand the difference between the MA and MC modes
It needs to send the 4 wireless networks on site back to an anchor controller (5508) at another location, none of the wireless networks need to interact with anything wired at site.
2. Do I need to upgrade the anchor controller as it is currently running 6.0.188.0 firmware before it will work?
If your planning on anchoring then the 3850 needs to be a MA and MC so you do need license.
As far as WLC code, you need to upgrade to 7.3.112.0
CUWN Converged Access Solution Components and Hierarchal Mobility IRCM Compatibility Matrix
Table 13 CUWN Converged Access Solution Components and Hierarchical Mobility IRCM Compatibility Matrix
Service
7.3.112.01
IOS XE
3.2.0SE
Layer 2 and Layer 3 Roaming
Y
Y
Wireless Guest Anchor/Termination
Y
Y2
wIPS and AwIPS Rogue Detection
Y
Y3
Fast Roaming (CCKM) in a mobility group
Y
Y
Location Services
Y
Y
Radio Resource Management (RRM)
Y4
Y4
Management Frame Protection (MFP)
Y
Y
AP Failover and SSO
Y5
Y
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Similar Messages
-
Hello all)
I have the task to configure QoS for SSID. I have 1602E points and 4 SSIDs per point. I want to priorities one of them. APs are connected to cisco 3850. Please help me how can I do it?Bandwidth and Priority Management at SSID Level
The next step is to take care of the QoS policy at the SSID level. This step applies to both the Catalyst 3850 switch and to the 5760 controller. This configuration assumes that voice and video traffic is identified through the use of class-map and access-lists and is tagged properly. However, some incoming traffic that is not targeted by the access-list may not display its QoS marking. In that case, you can decide if this traffic should be marked with a default value or left untagged. The same logic goes for traffic already marked but not targeted by the class-maps. Use the default copy statement in a table-map in order to ensure that unmarked traffic is left unmarked and that tagged traffic keeps the tag and it not remarked.
Refer the link for the Complete Configuration : www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/116479-configure-qos-00.html#anc15 -
Cisco 3850 Mobility Agent unable to connect clients
Hi
We are trying to use Cisco 3850 as Mobility agents with 5760. We can't seem to get the clients to authenticate to the radius server. We don't even see them appear in the radius logs.
We have defined the radius server and the profile
wlan Wireless 2 WAP
aaa-override
accounting-list Radius
client vlan wireless
security dot1x authentication-list Radius
session-timeout 1800
no shutdown
radius server Primary
address ipv4 x.x.x.x auth-port 1812 acct-port 1813
timeout 5
retransmit 2
key 7 ........
radius server Primary
address ipv4 x.x.x.x port 1812 acct-port 1813
timeout 5
retransmit 2
key 7 .........
The client appears to connect to the AP but can't authenticate so gets kicked off
If we do a test aaa group username password then it says that it's sucessful.
In the debug we get 802.1X required but then it never seems to get any further.Alright, so I finally figured out the issue with this. I had a Mobility Anchor set on the guest WLAN and once I removed that all started working again.
What is Mobility Anchor?
A. Mobility Anchor, also referred to as Guest tunneling or Auto Anchor Mobility, is a feature where all the client traffic that belongs to a WLAN (Specially Guest WLAN) is tunneled to a predefined WLC or set of controllers that are configured as Anchor for that specific WLAN. This feature helps to restrict clients to a specific subnet and have more control over the user traffic. Refer to the Configuring Auto-Anchor Mobility section of Cisco Wireless LAN Controller Configuration Guide, Release 7.0 for more information on this feature. -
Cisco 3850 and Licences for WLC??
Hello
We have a client who needs a new switch which is capable of intervlan routing and also a WLC.
I am thinking a 48 port 3850 with IP Base which gives intervlan routing and WLC support.
However I am not sure if we need to purchase additional AP licences or whether they are built in?
CheersIn 3850 WLC functionality, your switch stack could act as MA (Mobiity Agengt) or MC (Mobility Controller). AP license required for your 3850, only if it is acting as MC. (for MA you do not require any AP licenses). Max 50 AP can handle by given 3850 switch stack. For MC functionality minimum you required IPbase image. (not LANbase)
So it is based on your design you need to purchase 3850 AP license. In your case if it is for a single switch where client want WLC functionality (with no other controller available) then you have to go with AP license depend on how many AP they want to deploy.
BRKCRS-2889 CiscoLive material will give you good overview of this new Converged Access Deployment model & MA/MC functionalilty & few design options.
HTH
Rasika
**** Pls rate all useful responses **** -
Cisco 3850 Switch and Windows 7 IP Conflicts
Team,
Last evening (Christmas eve) we setup a pair of Cisco 3850 with IP Base version 3.3.35SE (recommended) and 3.7.0E (very latest).
We got these to replace a very old switch that had died. Attached to this network are windows 7 PC's with all the standard patches, service packs, etc.
with standard port configs - no PC would work - and in fact on each screen we got the windows 7 IP Conflict pop up box.
This seemed very odd to us, as we know these IP's are all static (no dhcp on this segment at all)
we went with a very vanilla config on each port
interface g1/0/1
switchport host
that is it - nothing special at all.
well, after hours of research we found the 3850 has a problem where its "ip device tracking" (even though disabled, by way of NOT being enabled on any interface) will effect the windows 7 PC's ip address in use detection port start up phase!
This is a very big problem. I am frankly SHOCKED Cisco would release a major switch that is going to not work when connected to the average network with windows 7 PC's.
we tried 3+ hours of prescribed work-arounds found when researching this issue -
ip device tracking probe delay 10 (global config)
ip device tracking max 0 (disabed, on interface)
finally,
nmsp attach suppress (interface, however this appears to be a default command in all IOS-XE versions we tried, as the command did NOT show in the show run) . this effected many different nic card vendors (laptops, desktops) and nic card drivers levels from old to very recent.
Finally,
we compared a 3850 in another location to this one - and we never got HIT by this problem before because that 3850 only as TRUNK ports and no windows 7 hosts directly attached.
Doing more research, I found out this also can effect vmware guests running windows SERVER.
this is now a huge issue as we have a scheduled deployment of 3850's throughout our network which is going to be put on hold.
the work-around I came up with which is not great is -
Make ALL the "access" ports connected to PC TRUNK ports and leave the NATIVE vlan (untagged) as the vlan you want the PC's to be in
interface g1/0/1
switchport mode trunk
switchport trunk native vlan 1
this is NOT an acceptable workaround as this presents security issues even with
switchport trunk allowed vlan 1, etc. as the only allowed vlan.
Note: this issue manifested itself and windows 7 PC's were UNABLE to use the network. if you do "ipconfig /all | more" you would see
192.168.0.140(duplicate) and the interface would actually use 169.254.0.239(duplicate) so the duplicate message appeared twice in the output.
1) With and without an SVI interface on each 3850 for the vlan where the windows 7 machines had a duplicate
2) when we had an SVI and the command ip device tracking probe use-svi (or whatever the hidden command is I forget now, but it took it)
3) when we had aaa new-model configured - and not configured - thinking this was some artifact of having aaa turn on something like 802.1x port state
4) when could confirm NO DHCP SNOOPING
5) when we DID not use static IP's - and had the switch assign DHCP addresses - the Windows 7 PC's STILL had duplicates and didnt work for their "Just leased" ip's.
6) when we could confirm ios-xe ip device tracking = disabled with show ip device tracking status, etc.
This is a major problem for this 3850 and unless we get a definitive answer on why this is happening and how we can rectify we are going to have to return our 3850's and get HP Procurve's something I would rather avoid doing. There is NO REASON I can imagine other than older switches who's ports default to ROUTED ports (i.e.. no ip switchport) where a switch should not at least function as a bare switch with essentially a default configuration out of the box.
Any ideas? I'm working well now with the ports ALL in trunking mode with vlan 1 native, but this is not a scalable workaround we can live with as we have security risks of a port not blocking certain vlans from going out ports to pc's, etc. that attackers could send tags on at that point, etc.
thanks,
Joe Brunner
#19366thanks for replying - i'm not onsite (its a standalone network) - but here is what it is -
Answers in line -
This all stems from a switch replacement correct?
yes a 10 year old Allied Telesyn switch was replaced that had no config - like a hub, just used for connectivity.
Are these 3850's in a stack?
>yes, tested all aspects of the stack many times.
Does it have a managment ip address -If so, is it using the old switch ip address
>old switch had no ip - i made a "management interface" on vlan 1 - BUT no ip on the built-in management interface on the switch.
What are they connecting to? (a router/L3 switch/anohter switch- cisco-HP etc..)
>various other devices - only 1 link back to a single 3750x stack. that switch is "hardened" so to speak to reveal or propagate very little by design.
How are they connected( L3 interface/L2 trunk/access port)
>all ports are left in trunk mode with vlan 1 as the active and untagged port. this was the workaround done to ever get the switch going. in "out of the box" or default mode as we initially wanted (no config) links to windows 7 PC's didnt work. links to linux or other devices non-windows did work!
Are thse switches performing inter-vlan routing or just acting as host switches?
>dumb flat network, no routing.
Is ip routing enabled?
>not unless enabled on 3850 by default. I didnt type "ip routing"
Do you have multiple vlans in your network and if so ar ethe being propergated to these new switches?
Your 7 pcs = are they just client pcs not servers?
client PC's - no servers OS per say.
can you confirm something like ICS isnt enabled (Internet connection sharing) on any of them?
>yes not enabled.
Are the just using one NIC each?
> one machine is dual homed - but we know where its "second nic" goes - to another cisco network which is NOT connected back to this one. we traced all our ports a few times thinking even perhaps some small hub was "reflecting" traffic back to us - like a blackbox. Strangest thing -
default config out of the box - with ALL ports SHUTDOWN EXCEPT the single windows 7 facing port - the windows 7 machine STILL registered an IP CONFLICT when connected to the 3850 - even when it had NO SVI's!!! (i know mind numbing). if you disconnected the pc and connected it to an old cisco switch - it worked fine!!! wow.
sh switch
2 identical 3850's in working stack. power and network stacked. both at same version, etc - upgraded each time with "software install file flash:<long ios name>.bin
tested all power and general 3850 stacking. saw no issues.
sh int trunk
>all ports are now trunks (hence the workaround used to get it up).
has 20 trunks to PC's and some single connected switches (far away on fiber) - all allow only vlan 1 - no other vlans were created - very very simple network. vlan 1 is native
sh vlan brief
>just vlan 1 - no vlans created, checked this many times - had vlan 100 at one point - made sure it was gone over a period of hours.
sh vtp status
not setup - left complete default; no vtp domain set - connected to all switches in transparent model if a switch connection exists.
sh cdp neighbours
cant post (for god and country LOL) but there is one link back to our "core" so to speak - that switch is hardened not to allow any settings to slip over to new switches so hence no vtp, cdp is one to help troubleshooting.
sh ip route
just the L and C routes for the vlan 1 ip address 192.168.17.1/24
no static routes
no vlan interfaces other than int vlan 1
no ip address on g0/0/0 -> the default 3850 management interface hard assigned to the 3850 VRF you cant remove.
int g0/0/0
ip vrf forwarding Switch_Mgmt
i can get over there if you think of anything else key to show the group.
thanks,
Joe -
Can anyone please tell me if Cisco CME Voice Recording licences need to be annually updated?
Also Call Manager Express licences cover the users indefinitely?Hi Manthan,
Cisco Unified CME Permanent License
When you purchase a Cisco Unified CME permanent license, the permanent license is installed on the device when the product is shipped to you. A permanent license never expires and you will gain access to that particular feature set for the lifetime of the device across all IOS release. If you purchase a permanent license for Cisco Unified CME , you do not have to go through the Evaluation Right to Use and Right To Use (RTU) licensing processes for using the features. If you want to purchase a CME-SRST license for your existing device, you have to go through the RTU licensing process for using the features. There is no change in the existing process for purchasing the license.
The Cisco Unified CME permanent license is available in the form of an XML cme-locked3 file. You should get the XML file and load it in the flash memory of the device. To install the permanent license from the command prompt, use the license install flash0:cme-locked3 command. The cme-locked3 is the xml file of the license.
Collaboration Professional Suite License
Collaboration Professional is a new suite of licenses. The Collaboration Professional Suite can be purchased either as a permanent license or an RTU license.
Collaboration Professional Suite Permanent License —When you purchase the Collaboration Professional Suite license, by default, the Cisco Unified CME licenses are delivered as part of the Collaboration Professional Suite. You do not have to separately install and activate the Cisco Unified CME license. The Collaboration Professional Suite permanent license is available in the form of an XML file. You should get the XML file and load it in the flash memory of the device. To install the permanent license from the command prompt, use the license install flash:lic_name command.
Collaboration Professional Suite RTU License—When you purchase the Collaboration Professional Suite RTU license, you do not have to go through the Evaluation Right to Use process. However, you have to go through the RTU licensing process for using the Cisco Unified CME features. To install the Collaboration Professional Suite RTU license from the command prompt, use the license install flash0:colla_pro command. To activate the license, use the license boot module c2951 technology-package collabProSuitek9 command.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/admin/configuration/guide/cmeover.html#wp2286954
HTH
Manish -
Unable to change boot file on Cisco 3850
I was working on a Cisco 3850 24 port switch today and I read that it doesn't use the normal "boot system flash:XYZ.bin" but instead it's something like this:
"software install file flash:XYZ.bin new"
That changes the install package or something which makes it boot in the newly selected package which contains the new IOS. Anyway, when i put in that command I get something about "Failed to ...." or something. I'm sorry but I'm at home now and I don't have the device with me and it just occured to me to post this on the forum for possible help. Either way, it's specifically says "Failed..." as the first word which is not what it should normally say.
I used these directions:
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12686/deployment_guide_c07-727067.html#wp9000169
I am in Install mode. Can anyone help me figure out why this is happening before my outage window on Sunday night? I've downloaded the new version of the IOS from Cisco.com and verified it is currently located in the flash of this device.
Thanks for any help you can provide!Joshua,
Plesae find quick guide on upgrading and booting, see below as a reference.
Recovering from a 3850 boot failure.
There are multiple reasons a 3850 may fail to boot correctly including a corrupt boot image, a corrupt packages.conf file, missing files, etc. Below are a few different possible recovery methods to try. I will also explain the two possible mode options, Install and bundle and why you might want to use one or the other.
Install vs. Bundle Mode
There are a few difference in the two modes, I would recommend reading over the config guide for more in-depth details. The recommended mode during operation is INSTALL mode because it allows for more features and requires fewer resources when booting.
++Install Mode
This is the out-of-the-box mode that your switch will be in. INSTALL mode uses a package provisioning file named packages.conf to boot the switch.
If you happen to be in bundle mode upon boot, you can simply boot your switch in install mode by booting the software package provisioning file that resides in flash. If packages.conf doesn�t exist in flash, you need to expand the bundle into the flash file system by running
Switch# software expand file flash: cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin to flash:
Once this completes, you will have all the needed files in flash. You can then change the boot statement to boot to packages.conf
Switch#Config t
Switch(config)# no boot system
Switch(config): boot system switch all flash:packages.conf (do not modify this file, unless necessary)
Switch#write memory
The provisioning file contains a list of software packages to boot, mount, and run. The ISO file system in each installed package is mounted to the root file system directly from flash.
NOTE **Auto-upgrade is disabled, by default. (once in install mode - execute the following command in global config: software auto-upgrade enable )
NOTE **Auto-upgrade includes an auto-copy process and an auto-extract process.
++Bundle Mode
As noted previously, bundle mode consumes more memory than booting in install mode because the packages are extracted from the bundle and copied to the RAM. If you decide to convert to bundle mode, you will first need to download the .bin file from CCO if you don�t already have it in flash. Once in flash, you can simply change your boot statement to point to the (.bin) file:
Switch#Config t
Switch(config)# no boot system
Switch(config): boot system switch all flash: cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
Switch#write memory
The provisioning file contained in a bundle is used to decide which packages to boot, mount, and run. Packages are extracted from the bundle and copied to RAM.
NOTE **Auto install and smart install functionality is not supported in bundle boot mode.
Recovery Methods
USB
The 3850 has a USB port on the front that can be used for both console access and also the ability to utilize a flash drive for image backup and recovery.
If you happen to be stuck at the switch: prompt with a corrupt image or .conf file, you can easily boot to a file stored on the USB drive.
1. Verify that the flashdrive is recognized and the .bin file exists
switch: dir usbflash0:
Directory of usbflash0:/
74 -rw- 223734376 cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
2. Boot to the USB image
switch: boot usbflash0:cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
Corrupt packages.conf
I�ve seen instances in which packages.conf continually calls files that no longer exist in flash. You can boot to an image from ROMMON just fine, however upon reload it will call packages.conf again and fail to boot. If this happens, I recommend backing up the existing packages.conf file by renaming it or deleting all together. NOTE: The previous step is mandatory as the next step will fail if a .conf file already exists. You can then run an BUNDLE extract which will create a new packages.conf file.
1. Once booted up (in BUNDLE mode) verify the files in flash
Switch#dir flash:
Directory of flash:/
15500 -rwx 1243 Aug 1 2013 07:04:02 +00:00 packages.conf
2. Copy or rename the existing packages.conf file
Switch#cp flash:packages.conf flash:packages.conf.badop flash:packages.conf flash:packages.conf.bad
Destination filename [packages.conf.bad]?
Copy in progress...C
1243 bytes copied in 0.140 secs (8879 bytes/sec)
Switch#dir flash:
Directory of flash:/
15500 -rwx 1243 Aug 1 2013 07:04:02 +00:00 packages.conf
15502 -rw- 1243 Aug 1 2013 11:53:51 +00:00 packages.conf.bad
3. Delete packages.conf
Switch#del flash:packages.conf
Delete filename [packages.conf]?
Delete flash:/packages.conf? [confirm]
4. Expand BUNDLE to create new packages.conf
Switch#software expand running switch 1 to flash:
Preparing expand operation ...
[1]: Expanding the running bundle
[1]: Copying package files
[1]: Package files copied
[1]: Finished expanding the running bundle
5. Verify boot
Switch#show boot
Switch 1
Current Boot Variables:
BOOT variable does not exist
Boot Variables on next reload:
BOOT variable = flash:packages.conf;
Manual Boot = no
Enable Break = no
6. Reload Switch
switch#reload
Reload command is being issued on Active unit, this will reload the whole stack
Proceed with reload? [confirm]
Emergency Recovery
If all else fails, the 3850 has a �trap door� method of recovering the system. All you need is a terminal connected to the management port of the 3850 running a tftp server. Download a valid image file from CCO and store it in the root of the tftp server.
On the switch, you are most likely stuck at the switch: prompt. If however you are in some sort of boot loop, you can use the �mode� button on the front of the switch to break the cycle. Simply hold the button for roughly 10 seconds and the switch should react by breaking the cycle and stopping at a switch: prompt. The following steps will walk you through the recovery:
1. Set the switch IP
switch: set IP_ADDR 192.0.2.123/255.255.255.0
2. Set the default gateway
switch: set DEFAULT_ROUTER 192.0.2.1
3.Test connectivity by pinging terminal (that contains the tftp server)
switch: ping 192.0.2.1
ping 192.0.2.1 with 32 bytes of data ...
Host 192.0.2.1 is alive.
4. Verify that the emergency files exist in the switches file system
switch: dir sda9:
Directory of sda9:/
2 drwx 1024 .
2 drwx 1024 ..
11 -rwx 18958824 cat3k_caa-recovery.bin
36903936 bytes available (20866048 bytes used)
5. Run the emergency install feature
switch: emergency-install tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
The bootflash will be erased during install operation, continue (y/n)?Y
Starting emergency recovery (tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin)...
Reading full image into memory......................done
Nova Bundle Image
Kernel Address : 0x6042f5d8
Kernel Size : 0x317ccc/3243212
Initramfs Address : 0x607472a4
Initramfs Size : 0xdc6546/14443846
Compression Format: .mzip
Bootable image at @ ram:0x6042f5d8
Bootable image segment 0 address range [0x81100000, 0x81b80000] is in range [0x80180000, 0x90000000].
File "sda9:cat3k_caa-recovery.bin" uncompressed and installed, entry point: 0x811060f0
Loading Linux kernel with entry point 0x811060f0 ...
Bootloader: Done loading app on core_mask: 0xf
### Launching Linux Kernel (flags = 0x5)
Initiating Emergency Installation of bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
Downloading bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Validating bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Installing bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Verifying bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
Package cat3k_caa-base.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-drivers.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-infra.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-iosd-universalk9.SPA.150-1.EX2.pkg is Digitally Signed
Package cat3k_caa-platform.SPA.03.02.02.SE.pkg is Digitally Signed
Package cat3k_caa-wcm.SPA.10.0.111.0.pkg is Digitally Signed
Preparing flash...
Syncing device...
Emergency Install successful... Rebooting
Restarting system.
Please let me know if you have any further questions.
HTH
Regards
Inayath -
How can i configure hsrp in cisco 3850 switch please guide me
how can i configure hsrp in cisco 3850 switch please guide me
Hi Mauleshg,
Please the below mention link to configure Hsrp hope this will help you.
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/ip/configuration_guide/b_fhrp_3se_3850_cg/b_fhrp_3se_3850_cg_chapter_010.html
Br.
Mohseen Patel -
Emergency Responder and Cisco 3850 Switches
I'm running Cisco ER V8.5, and recently installed new Cisco 3850 Switches. All the phones connected to the 3850 switches show a "unlocated" status. I've check the hardware compatibility Matrix for ER V8.5 and the 3850 is not on it.
What are my options for locating these phones in ER and assigning them to an ERL. Manually defining the phones? Is there a patch or update to ER V8.5 that would make a 3850 compatible?I haven't used the 3850's with ER yet so can't speak to that specifically, but generally speaking you have more flexibility using location by subnets vs switches. Scalability-wise, you can add way more subnets than switches. There's more going on under the hood if you're locating by switches so the process overhead is greater.
The only downside with using subnets is if you need to get more granular with your locations than your deployed subnets allow (ie a single voice subnet for an entire building but you need to define and assign locations at the floor level). As long as you've been a little forward thinking on the route/switch side, you'll be fine.
hope that helps,
will -
Cisco 3850 Switch getting message %SPI_FC-3-HIGH_WMARK_REACHED
Hi Team,
We have one Cisco 3850 Switch installed at the Customer site and getting the message as below,
Mar 28 10:57:11.578: %SPI_FC-3-HIGH_WMARK_REACHED: Number of messages in the queue for channel 9 has reached maximum.
-Traceback= 1#830db5fd318976b0280defe233875463 :10000000+153F71C :10000000+B5E9B0 :10000000+B5EBA4 :10000000+3CC5CC :10000000+3CD0B4 :10000000+39AB00 :10000000+27CDD2C :10000000+7C7814 :10000000+27AC29C
.Mar 28 10:58:31.585: %SPI_FC-3-HIGH_WMARK_REACHED: Number of messages in the queue for channel 9 has reached maximum.
-Traceback= 1#830db5fd318976b0280defe233875463 :10000000+153F71C :10000000+B5E9B0 :10000000+B5EBA4 :10000000+3CC5CC :10000000+3CD0B4 :10000000+39AB00 :10000000+27CDD2C :10000000+7C7814 :10000000+27AC29C
--More-- .Mar 28 10:59:51.586: %SPI_FC-3-HIGH_WMARK_REACHED: Number of messages in the queue for channel 9 has reached maximum.
-Traceback= 1#830db5fd318976b0280defe233875463 :10000000+153F71C :10000000+B5E9B0 :10000000+B5EBA4 :10000000+3CC5CC :10000000+3CD0B4 :10000000+39AB00 :10000000+27CDD2C :10000000+7C7814 :10000000+27AC29C
Please suggest the meaning of these messages and suggestion for resolution on the same.
Attaching show version, show logging for this Switch.
Regards
AshutoshHi Akilhasan,
The switch is hitting a bug which is currently under investigation. The latter implies there is no official workaround, but my suggestion would be that you consider reloading the switch outside of business hours (considering preventive measures i. e. back the configuration up, save changes, etc.).
The most stable version and recommended per Cisco is 03.03.03. There is newer 03.06.00 available, just released past June, so you may consider as well upgrading the IOS, of course under a properly carried out risk assessment, and you can roll back if something unexpected occurs. I would suggest doing so only if you have a solid knowledge of the customer's network and business needs.
Hope this helps.
Kind regards,
- Ed -
Cisco 3850 Redundant Power Supply Reporting Issue
We have deployed several Cisco 3850's. Several are showing the following symptom
ont2-tc3-es01#sh env power
SW PID Serial# Status Sys Pwr PoE Pwr Watts
1A PWR-C1-715WAC DCB1702G0QU OK Good Good 715
1B PWR-C1-715WAC DCB1702G0G6 No Response Good Good 715
Every single switch at this particular location has the same status on the B power supply. The problem was there on the previous code level (3.2.2) and we recently upgraded to 3.3.5 to resolve some SNMP bugs on the switches we also expected the latest Assurewave version to fix this issue also. So couple questions:
1. Anyone else seeing this?
2. Anyone found a fix for it?
Thanks!
MartyHi Zabeel,
I did talk with TAC - per the engineer there are two bugs that cause the issue and one was fixed in 3.3.5 - so we upgraded all our 3850's to that code level. Unfortunately for us, that still didn't fix the issue. TAC suggested that it may be fixed in rev 3.7.0, but that has not officially been confirmed by Cisco's developers.
We're waiting for the official "fix" before going through another round of switch upgrades.
TAC did suggest reseating the power supply if you still have the issue after the upgrade to 3.3.5 - but that's not really an option for me since my switches are geographically spread out.
HTH
Marty -
Cisco 3850 SSO and NSF failover time
Dear Member,
I m trying to setup a network with few second fail-over with Cisco 3850 stack, C3850 support SSO and NSF on OSPF.
However, when the Master fails, Slave take up the role and re-learn routing information and around 10 sec to fail-over.
May any brothers have this experience and 10 sec fail-over should be the normal behavior or can be enhance?
Attach diagram for reference.
Regards
RussGreat, adding the following command and only have 1 ping loss with end to end.
=========================
Stack-mac persistent timer 0
router ospf 1
nsf cisco enforce global
======================== -
Cisco 3850 support BFD ?
Hi ,
how can i enable and config BFD on the Cisco 3850 .
i had check eigrp plugin but It have not BFD Platform Support .
Core_IDC3850#sh eigrp plugins
EIGRP feature plugins:::
eigrp-release : 7.00.00 : Portable EIGRP Release
: 1.00.13 : Source Component Release(rel7)
parser : 2.02.00 : EIGRP Parser Support
igrp2 : 3.00.00 : Reliable Transport/Dual Database
external-client : 1.02.00 : Service Distribution Client Support
eigrp-nsf : 2.00.00 : Platform Support
Spatial Reuse Prot : 1.01.00 : Platform Support
mtr : 1.00.01 : Multi-Topology Routing(MTR)
EVN/vNets : 1.00.00 : Easy Virtual Network (EVN/vNets)
ipv4-af : 2.01.01 : Routing Protocol Support
ipv4-sf : 1.02.00 : Service Distribution Support
ipv6-af : 2.01.01 : Routing Protocol Support
ipv6-sf : 2.01.00 : Service Distribution Support
vNets-parse : 1.00.00 : EIGRP vNets Parse Support
snmp-agent : 1.01.01 : SNMP/SNMPv2 Agent Support
Core_IDC3850#
My 3850 OS ver
Switch Ports Model SW Version SW Image Mode
* 1 32 WS-C3850-24T 03.03.01SE cat3k_caa-universalk9 INSTALL
Br
HoraceAs per the Cisco Feature Navigator output, this switch model does not support BFD.
Herewith attached the supported feature of this switch model 3.3.1 software version.
HTH
Rasika
**** Pls rate all useful responses **** -
Linux ntp server with cisco 3850
hi all
i'm trying to make sync with linux ntp with cisco 3850 here is the what i did
linux centos 6.5 (on the ucs virtual machin) . this is a ntp server
ip 10.1.1.251
===================================================
For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
restrict 10.1.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html)
#server 1.centos.pool.ntp.org iburs
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 127.127.1.0
fudge 127.127.1.0 stratum 2
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
and cisco 3850 configured this one
ntp server 10.1.1.241
and
show ntp status
clock is unsynchronized, stratum 16, reference is null
why...didn't work.. somebody help me..Is there a typo in your post or configuration? You show the NTP server IP address as 10.1.1.251, but the router configured to use 10.1.1.241.
Regards -
Hi,
i would like to know if i could use the cisco 3850 as a pass through to register with cisco 5508 (flex connect) at our main site. at the moment i can see the AP registering to cisco 3850 and not 5508. if i plug in the ap to a cisco 2960 will connect to 5508 ?
also which mode should it be if the above is possbile (Moblity controller mode or Mobility agent mode)
ThanksHi Raskia,
Thanks for your reply. so if i go for option 1 can i still use mobility tunnel and mobility anchor feature. I need to for form a mobility tunnel to 5508 on the inside network and another tunnel to 4400 controller in the dmz (i know it has problems with tunnel to 4404 controller due to ios problems but if i can do to 5508 it will be fine)
its a shame if i cant do the above i will have to remove the wireless feature and use it as l2 switch. when i do no wireless management inter x then does it remove the router (l3) bit of the router?
Thanks
Maybe you are looking for
-
ITunes 7.1.1 won't recognize iPod and gets stuck. Help needed!
Since I updated to version 7.1.1, iTunes does not recognize my iPod (a 15GB Model M9460LL). I can work with iTunes before I connect the iPod, but when I do connect it, iTunes freezes up: the beach ball spins endlessly, and the iPod screen stays on "d
-
How can I determine what is taking up my hard drive space?
I have a 55GB hard drive with 6.83GB of free space remaining. I find it hard to believe that I have 50GB of space used. How do I find out what is taking up the 50GB of disc space? I manually run the sudo daily, weekly, monthly jobs so I don't believe
-
Calling SQL packages from java
How do I call ORACLE sql packages from java? We are still using Oracle 7.3. Any sample code would be appreciated.
-
I do things on my MBP (software builds) that REQUIRE consistent timestamps. I also travel extensively, which frequently results in "going backwards in time' (flying east to west). Updating date/time automatically causes total confusion for my builds,
-
Need Help Booting to My HD ... I think
A few days ago, I turned on my computer and it got stuck on the gray screen with the apple. After a few restarts, it would progress to a blue screen -- and then nothing. I used my Snow Leopard disk to run disk utilities: repair disk and verify disk.