Cisco 3850 AP licenses.

Similar Messages

• Cisco 3850 SSID qos

  Hello all)
  I have the task to configure QoS for SSID. I have 1602E points and 4 SSIDs per point. I want to priorities one of them. APs are connected to cisco 3850. Please help me how can I do it?

  Bandwidth and Priority Management at SSID Level
  The next step is to take care of the QoS policy at the SSID level. This step applies to both the Catalyst 3850 switch and to the 5760 controller. This configuration assumes that voice and video traffic is identified through the use of class-map and access-lists and is tagged properly. However, some incoming traffic that is not targeted by the access-list may not display its QoS marking. In that case, you can decide if this traffic should be marked with a default value or left untagged. The same logic goes for traffic already marked but not targeted by the class-maps. Use the default copy statement in a table-map in order to ensure that unmarked traffic is left unmarked and that tagged traffic keeps the tag and it not remarked.
  Refer the link for the Complete Configuration : www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/116479-configure-qos-00.html#anc15

• Cisco 3850 Mobility Agent unable to connect clients

  Hi
  We are trying to use Cisco 3850 as Mobility agents with 5760. We can't seem to get the clients to authenticate to the radius server. We don't even see them appear in the radius logs.
  We have defined the radius server and the profile
  wlan Wireless 2 WAP
  aaa-override
  accounting-list Radius
  client vlan wireless
  security dot1x authentication-list Radius
  session-timeout 1800
  no shutdown
  radius server Primary
  address ipv4 x.x.x.x auth-port 1812 acct-port 1813
  timeout 5
  retransmit 2
  key 7 ........
  radius server Primary
  address ipv4 x.x.x.x port 1812 acct-port 1813
  timeout 5
  retransmit 2
  key 7 .........
  The client appears to connect to the AP but can't authenticate so gets kicked off
  If we do a test aaa group username password then it says that it's sucessful.
  In the debug we get 802.1X required but then it never seems to get any further.

  Alright, so I finally figured out the issue with this. I had a Mobility Anchor set on the guest WLAN and once I removed that all started working again.
  What is Mobility Anchor?
  A. Mobility Anchor, also referred to as Guest tunneling or Auto Anchor Mobility, is a feature where all the client traffic that belongs to a WLAN (Specially Guest WLAN) is tunneled to a predefined WLC or set of controllers that are configured as Anchor for that specific WLAN. This feature helps to restrict clients to a specific subnet and have more control over the user traffic. Refer to the Configuring Auto-Anchor Mobility section of Cisco Wireless LAN Controller Configuration Guide, Release 7.0 for more information on this feature.

• Cisco 3850 and Licences for WLC??

  Hello
  We have a client who needs a new switch which is capable of intervlan routing and also a WLC.
  I am thinking a 48 port 3850 with IP Base which gives intervlan routing and WLC support.
  However I am not sure if we need to purchase additional AP licences or whether they are built in?
  Cheers

  In 3850 WLC functionality, your switch stack could act as MA (Mobiity Agengt) or MC (Mobility Controller). AP license required for your 3850, only if it is acting as MC. (for MA you do not require any AP licenses). Max 50 AP can handle by given 3850 switch stack. For MC functionality minimum you required IPbase image. (not LANbase)
  So it is based on your design you need to purchase 3850 AP license. In your case if it is for a single switch where client want WLC functionality (with no other controller available) then you have to go with AP license depend on how many AP they want to deploy.
  BRKCRS-2889 CiscoLive material will give you good overview of this new Converged Access Deployment model & MA/MC functionalilty & few design options.
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Cisco 3850 Switch and Windows 7 IP Conflicts

  Team,
  Last evening (Christmas eve) we setup a pair of Cisco 3850 with IP Base version 3.3.35SE (recommended) and 3.7.0E (very latest).
  We got these to replace a very old switch that had died. Attached to this network are windows 7 PC's with all the standard patches, service packs, etc.
  with standard port configs - no PC would work - and in fact on each screen we got the windows 7 IP Conflict pop up box.
  This seemed very odd to us, as we know these IP's are all static (no dhcp on this segment at all)
  we went with a very vanilla config on each port
  interface g1/0/1
  switchport host
  that is it - nothing special at all.
  well, after hours of research we found the 3850 has a problem where its "ip device tracking" (even though disabled, by way of NOT being enabled on any interface) will effect the windows 7 PC's ip address in use detection port start up phase!
  This is a very big problem. I am frankly SHOCKED Cisco would release a major switch that is going to not work when connected to the average network with windows 7 PC's.
  we tried 3+ hours of prescribed work-arounds found when researching this issue -
  ip device tracking probe delay 10 (global config)
  ip device tracking max 0 (disabed, on interface)
  finally,
  nmsp attach suppress (interface, however this appears to be a default command in all IOS-XE versions we tried, as the command did NOT show in the show run) . this effected many different nic card vendors (laptops, desktops) and nic card drivers levels from old to very recent.
  Finally,
  we compared a 3850 in another location to this one - and we never got HIT by this problem before because that 3850 only as TRUNK ports and no windows 7 hosts directly attached.
  Doing more research, I found out this also can effect vmware guests running windows SERVER.
  this is now a huge issue as we have a scheduled deployment of 3850's throughout our network which is going to be put on hold.
  the work-around I came up with which is not great is -
  Make ALL the "access" ports connected to PC TRUNK ports and leave the NATIVE vlan (untagged) as the vlan you want the PC's to be in
  interface g1/0/1
  switchport mode trunk
  switchport trunk native vlan 1
  this is NOT an acceptable workaround as this presents security issues even with
  switchport trunk allowed vlan 1, etc. as the only allowed vlan.
  Note: this issue manifested itself and windows 7 PC's were UNABLE to use the network. if you do "ipconfig /all | more" you would see
  192.168.0.140(duplicate) and the interface would actually use 169.254.0.239(duplicate) so the duplicate message appeared twice in the output.
  1) With and without an SVI interface on each 3850 for the vlan where the windows 7 machines had a duplicate
  2) when we had an SVI and the command ip device tracking probe use-svi (or whatever the hidden command is I forget now, but it took it)
  3) when we had aaa new-model configured - and not configured - thinking this was some artifact of having aaa turn on something like 802.1x port state
  4) when could confirm NO DHCP SNOOPING
  5) when we DID not use static IP's - and had the switch assign DHCP addresses - the Windows 7 PC's STILL had duplicates and didnt work for their "Just leased" ip's.
  6) when we could confirm ios-xe ip device tracking = disabled with show ip device tracking status, etc.
  This is a major problem for this 3850 and unless we get a definitive answer on why this is happening and how we can rectify we are going to have to return our 3850's and get HP Procurve's something I would rather avoid doing. There is NO REASON I can imagine other than older switches who's ports default to ROUTED ports (i.e.. no ip switchport) where a switch should not at least function as a bare switch with essentially a default configuration out of the box.
  Any ideas? I'm working well now with the ports ALL in trunking mode with vlan 1 native, but this is not a scalable workaround we can live with as we have security risks of a port not blocking certain vlans from going out ports to pc's, etc. that attackers could send tags on at that point, etc.
  thanks,
  Joe Brunner
  #19366

  thanks for replying - i'm not onsite (its a standalone network) - but here is what it is -
  Answers in line -
  This all stems from a switch replacement correct?
  yes a 10 year old Allied Telesyn switch was replaced that had no config - like a hub, just used for connectivity.
  Are these 3850's in a stack?
  >yes, tested all aspects of the stack many times.
  Does it have a managment ip address -If so, is it using the old switch ip address
  >old switch had no ip - i made a "management interface" on vlan 1 - BUT no ip on the built-in management interface on the switch.
  What are they connecting to? (a router/L3 switch/anohter switch- cisco-HP etc..)
  >various other devices - only 1 link back to a single 3750x stack. that switch is "hardened" so to speak to reveal or propagate very little by design.
  How are they connected( L3 interface/L2 trunk/access port)
  >all ports are left in trunk mode with vlan 1 as the active and untagged port. this was the workaround done to ever get the switch going. in "out of the box" or default mode as we initially wanted (no config) links to windows 7 PC's didnt work. links to linux or other devices non-windows did work!
  Are thse switches performing inter-vlan routing or just acting as host switches?
  >dumb flat network, no routing.
  Is ip routing enabled?
  >not unless enabled on 3850 by default. I didnt type "ip routing"
  Do you have multiple vlans in your network and if so ar ethe being propergated to these new switches?
  Your 7 pcs = are they just client pcs not servers?
  client PC's - no servers OS per say.
  can you confirm something like ICS isnt enabled (Internet connection sharing)  on any of them?
  >yes not enabled.
  Are the just using one NIC each?
  > one machine is dual homed - but we know where its "second nic" goes - to another cisco network which is NOT connected back to this one. we traced all our ports a few times thinking even perhaps some small hub was "reflecting" traffic back to us - like a blackbox. Strangest thing -
  default config out of the box - with ALL ports SHUTDOWN EXCEPT the single windows 7 facing port - the windows 7 machine STILL registered an IP CONFLICT when connected to the 3850 - even when it had NO SVI's!!! (i know mind numbing). if you disconnected the pc and connected it to an old cisco switch - it worked fine!!! wow.
  sh switch
  2 identical 3850's in working stack. power and network stacked. both at same version, etc - upgraded each time with "software install file flash:<long ios name>.bin
  tested all power and general 3850 stacking. saw no issues.
  sh int trunk
  >all ports are now trunks (hence the workaround used to get it up).
  has 20 trunks to PC's and some single connected switches (far away on fiber) - all allow only vlan 1 - no other vlans were created - very very simple network. vlan 1 is native
  sh vlan brief
  >just vlan 1 - no vlans created, checked this many times - had vlan 100 at one point - made sure it was gone over a period of hours.
  sh vtp status
  not setup - left complete default; no vtp domain set - connected to all switches in transparent model if a switch connection exists.
  sh cdp neighbours
  cant post (for god and country LOL) but there is one link back to our "core" so to speak - that switch is hardened not to allow any settings to slip over to new switches so hence no vtp, cdp is one to help troubleshooting.
  sh ip route
  just the L and C routes for the vlan 1 ip address 192.168.17.1/24
  no static routes
  no vlan interfaces other than int vlan 1
  no ip address on g0/0/0 -> the default 3850 management interface hard assigned to the 3850 VRF you cant remove.
  int g0/0/0
  ip vrf forwarding Switch_Mgmt
  i can get over there if you think of anything else key to show the group.
  thanks,
  Joe

• Cisco Call Manager License

  Can anyone please tell me if Cisco CME Voice Recording licences need to be annually updated?
  Also Call Manager Express licences cover the users indefinitely?

  Hi Manthan,
  Cisco Unified CME Permanent License
  When you purchase a Cisco Unified CME permanent license, the permanent  license is installed on the device when the product is shipped to you. A  permanent license never expires and you will gain access to that  particular feature set for the lifetime of the device across all IOS  release. If you purchase a permanent license for Cisco Unified CME , you  do not have to go through the Evaluation Right to Use and Right To Use  (RTU) licensing processes for using the features. If you want to  purchase a CME-SRST license for your existing device, you have to go  through the RTU licensing process for using the features. There is no  change in the existing process for purchasing the license.
  The Cisco Unified CME permanent license is available in the form of an  XML cme-locked3 file. You should get the XML file and load it in the  flash memory of the device. To install the permanent license from the  command prompt, use the license install flash0:cme-locked3 command. The cme-locked3 is the xml file of the license.
  Collaboration Professional Suite License
  Collaboration Professional is a new suite of licenses. The Collaboration  Professional Suite can be purchased either as a permanent license or an  RTU license.
  Collaboration Professional Suite Permanent License —When you purchase  the Collaboration Professional Suite license, by default, the Cisco  Unified CME licenses are delivered as part of the Collaboration  Professional Suite. You do not have to separately install and activate  the Cisco Unified CME license. The Collaboration Professional Suite  permanent license is available in the form of an XML file. You should  get the XML file and load it in the flash memory of the device. To  install the permanent license from the command prompt, use the license install flash:lic_name command.
  Collaboration Professional Suite RTU License—When you purchase the  Collaboration Professional Suite RTU license, you do not have to go  through the Evaluation Right to Use process. However, you have to go  through the RTU licensing process for using the Cisco Unified CME  features. To install the Collaboration Professional Suite RTU license  from the command prompt, use the license install flash0:colla_pro command. To activate the license, use the license boot module c2951 technology-package collabProSuitek9 command.
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/admin/configuration/guide/cmeover.html#wp2286954
  HTH
  Manish

• Unable to change boot file on Cisco 3850

  I was working on a Cisco 3850 24 port switch today and I read that it doesn't use the normal "boot system flash:XYZ.bin" but instead it's something like this:
  "software install file flash:XYZ.bin new"
  That changes the install package or something which makes it boot in the newly selected package which contains the new IOS.  Anyway, when i put in that command I get something about "Failed to ...." or something.  I'm sorry but I'm at home now and I don't have the device with me and it just occured to me to post this on the forum for possible help.  Either way, it's specifically says "Failed..." as the first word which is not what it should normally say.
  I used these directions:
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12686/deployment_guide_c07-727067.html#wp9000169
  I am in Install mode.  Can anyone help me figure out why this is happening before my outage window on Sunday night?  I've downloaded the new version of the IOS from Cisco.com and verified it is currently located in the flash of this device. 
  Thanks for any help you can provide!

  Joshua,
  Plesae find quick guide on upgrading and booting, see below as a reference.
  Recovering from a 3850 boot failure.
  There are multiple reasons a 3850 may fail to boot correctly including a corrupt boot image, a corrupt packages.conf file, missing files, etc.  Below are a few different possible recovery methods to try.  I will also explain the two possible mode options, Install and bundle and why you might want to use one or the other.
  Install vs. Bundle Mode
  There are a few difference in the two modes, I would recommend reading over the config guide for more in-depth details. The recommended mode during operation is INSTALL mode because it allows for more features and requires fewer resources when booting.
  ++Install Mode
  This is the out-of-the-box mode that your switch will be in.  INSTALL mode uses a package provisioning file named packages.conf to boot the switch.
  If you happen to be in bundle mode upon boot, you can simply boot your switch in install mode by booting the software package provisioning file that resides in flash. If packages.conf doesn�t exist in flash, you need to expand the bundle into the flash file system by running
  Switch# software expand file flash: cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin to flash:
  Once this completes, you will have all the needed files in flash. You can then change the boot statement to boot to packages.conf
  Switch#Config t
  Switch(config)# no boot system
  Switch(config): boot system switch all flash:packages.conf  (do not modify this file, unless necessary)
  Switch#write memory
  The provisioning file contains a list of software packages to boot, mount, and run. The ISO file system in each installed package is mounted to the root file system directly from flash.
  NOTE **Auto-upgrade is disabled, by default. (once in install mode - execute the following command in global config: software auto-upgrade enable )
  NOTE **Auto-upgrade includes an auto-copy process and an auto-extract process.
  ++Bundle Mode
  As noted previously, bundle mode consumes more memory than booting in install mode because the packages are extracted from the bundle and copied to the RAM.  If you decide to convert to bundle mode, you will first need to download the .bin file from CCO if you don�t already have it in flash.  Once in flash, you can simply change your boot statement to point to the (.bin) file:
  Switch#Config t
  Switch(config)# no boot system
  Switch(config): boot system switch all flash: cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
  Switch#write memory
  The provisioning file contained in a bundle is used to decide which packages to boot, mount, and run. Packages are extracted from the bundle and copied to RAM.
  NOTE **Auto install and smart install functionality is not supported in bundle boot mode.
  Recovery Methods
  USB
  The 3850 has a USB port on the front that can be used for both console access and also the ability to utilize a flash drive for image backup and recovery.
  If you happen to be stuck at the switch: prompt with a corrupt image or .conf file, you can easily boot to a file stored on the USB drive.
  1. Verify that the flashdrive is recognized and the .bin file exists
  switch: dir usbflash0:
  Directory of usbflash0:/
  74  -rw-  223734376  cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
  2. Boot to the USB image
  switch: boot usbflash0:cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
  Corrupt packages.conf
  I�ve seen instances in which packages.conf continually calls files that no longer exist in flash.  You can boot to an image from ROMMON just fine, however upon reload it will call packages.conf again and fail to boot.  If this happens, I recommend backing up the existing packages.conf file by renaming it or deleting all together.  NOTE: The previous step is mandatory as the next step will fail if a .conf file already exists.  You can then run an BUNDLE extract which will create a new packages.conf file.
  1. Once booted up (in BUNDLE mode) verify the files in flash
  Switch#dir flash:
  Directory of flash:/
  15500  -rwx        1243   Aug 1 2013 07:04:02 +00:00  packages.conf
  2. Copy or rename the existing packages.conf file
  Switch#cp flash:packages.conf flash:packages.conf.badop flash:packages.conf flash:packages.conf.bad
  Destination filename [packages.conf.bad]?
  Copy in progress...C
  1243 bytes copied in 0.140 secs (8879 bytes/sec)
  Switch#dir flash:
  Directory of flash:/
  15500  -rwx        1243   Aug 1 2013 07:04:02 +00:00  packages.conf
  15502  -rw-        1243   Aug 1 2013 11:53:51 +00:00  packages.conf.bad
  3. Delete packages.conf
  Switch#del flash:packages.conf
  Delete filename [packages.conf]?
  Delete flash:/packages.conf? [confirm]
  4. Expand BUNDLE to create new packages.conf
  Switch#software expand running switch 1 to flash:
  Preparing expand operation ...
  [1]: Expanding the running bundle
  [1]: Copying package files
  [1]: Package files copied
  [1]: Finished expanding the running bundle
  5. Verify boot
  Switch#show boot
  Switch 1
  Current Boot Variables:
  BOOT variable does not exist
  Boot Variables on next reload:
  BOOT variable = flash:packages.conf;
  Manual Boot = no
  Enable Break = no
  6. Reload Switch
  switch#reload
  Reload command is being issued on Active unit, this will reload the whole stack
  Proceed with reload? [confirm]
  Emergency Recovery
  If all else fails, the 3850 has a �trap door� method of recovering the system.  All you need is a terminal connected to the management port of the 3850 running a tftp server.  Download a valid image file from CCO and store it in the root of the tftp server.
  On the switch, you are most likely stuck at the switch: prompt.  If however you are in some sort of boot loop, you can use the �mode� button on the front of the switch to break the cycle.  Simply hold the button for roughly 10 seconds and the switch should react by breaking the cycle and stopping at a switch: prompt. The following steps will walk you through the recovery:
  1. Set the switch IP
  switch:  set IP_ADDR 192.0.2.123/255.255.255.0
  2. Set the default gateway
  switch: set DEFAULT_ROUTER 192.0.2.1
  3.Test connectivity by pinging terminal (that contains the tftp server)
  switch: ping 192.0.2.1
  ping 192.0.2.1 with 32 bytes of data ...
  Host 192.0.2.1 is alive.
  4. Verify that the emergency files exist in the switches file system
  switch: dir sda9:
  Directory of sda9:/
      2  drwx  1024       .
      2  drwx  1024       ..
     11  -rwx  18958824   cat3k_caa-recovery.bin
  36903936 bytes available (20866048 bytes used)
  5. Run the emergency install feature
  switch: emergency-install tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
  The bootflash will be erased during install operation, continue (y/n)?Y
  Starting emergency recovery (tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin)...
  Reading full image into memory......................done
  Nova Bundle Image
  Kernel Address    : 0x6042f5d8
  Kernel Size       : 0x317ccc/3243212
  Initramfs Address : 0x607472a4
  Initramfs Size    : 0xdc6546/14443846
  Compression Format: .mzip
  Bootable image at @ ram:0x6042f5d8
  Bootable image segment 0 address range [0x81100000, 0x81b80000] is in range [0x80180000, 0x90000000].
  File "sda9:cat3k_caa-recovery.bin" uncompressed and installed, entry point: 0x811060f0
  Loading Linux kernel with entry point 0x811060f0 ...
  Bootloader: Done loading app on core_mask: 0xf
  ### Launching Linux Kernel (flags = 0x5)
  Initiating Emergency Installation of bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin
  Downloading bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
  Validating bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
  Installing bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
  Verifying bundle tftp://192.0.2.1/cat3k_caa-universalk9.SPA.03.02.02.SE.150-1.EX2.bin...
  Package cat3k_caa-base.SPA.03.02.02.SE.pkg is Digitally Signed
  Package cat3k_caa-drivers.SPA.03.02.02.SE.pkg is Digitally Signed
  Package cat3k_caa-infra.SPA.03.02.02.SE.pkg is Digitally Signed
  Package cat3k_caa-iosd-universalk9.SPA.150-1.EX2.pkg is Digitally Signed
  Package cat3k_caa-platform.SPA.03.02.02.SE.pkg is Digitally Signed
  Package cat3k_caa-wcm.SPA.10.0.111.0.pkg is Digitally Signed
  Preparing flash...
  Syncing device...
  Emergency Install successful... Rebooting
  Restarting system.
  Please let me know if you have any further questions.
  HTH
  Regards
  Inayath

• How can i configure hsrp in cisco 3850 switch please guide me

  how can i configure hsrp in cisco 3850 switch please guide me

  Hi Mauleshg,
  Please the below mention link to configure Hsrp hope this will help you.
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/ip/configuration_guide/b_fhrp_3se_3850_cg/b_fhrp_3se_3850_cg_chapter_010.html
  Br.
  Mohseen Patel

• Emergency Responder and Cisco 3850 Switches

  I'm running Cisco ER V8.5, and recently installed new Cisco 3850 Switches. All the phones connected to the 3850 switches show a "unlocated" status. I've check the hardware compatibility Matrix for ER V8.5 and the 3850 is not on it.
  What are my options for locating these phones in ER and assigning them to an ERL. Manually defining the phones? Is there a patch or update to ER V8.5 that would make a 3850 compatible?

  I haven't used the 3850's with ER yet so can't speak to that specifically, but generally speaking you have more flexibility using location by subnets vs switches.  Scalability-wise, you can add way more subnets than switches.  There's more going on under the hood if you're locating by switches so the process overhead is greater.
  The only downside with using subnets is if you need to get more granular with your locations than your deployed subnets allow (ie a single voice subnet for an entire building but you need to define and assign locations at the floor level).  As long as you've been a little forward thinking on the route/switch side, you'll be fine.
  hope that helps,
  will

• Cisco 3850 Switch getting message %SPI_FC-3-HIGH_WMARK_REACHED

  Hi Team,
  We have one Cisco 3850 Switch installed at the Customer site and getting the message as below,
  Mar 28 10:57:11.578: %SPI_FC-3-HIGH_WMARK_REACHED: Number of messages in the queue for channel 9 has reached maximum.
  -Traceback= 1#830db5fd318976b0280defe233875463  :10000000+153F71C :10000000+B5E9B0 :10000000+B5EBA4 :10000000+3CC5CC :10000000+3CD0B4 :10000000+39AB00 :10000000+27CDD2C :10000000+7C7814 :10000000+27AC29C
  .Mar 28 10:58:31.585: %SPI_FC-3-HIGH_WMARK_REACHED: Number of messages in the queue for channel 9 has reached maximum.
  -Traceback= 1#830db5fd318976b0280defe233875463  :10000000+153F71C :10000000+B5E9B0 :10000000+B5EBA4 :10000000+3CC5CC :10000000+3CD0B4 :10000000+39AB00 :10000000+27CDD2C :10000000+7C7814 :10000000+27AC29C
   --More--         .Mar 28 10:59:51.586: %SPI_FC-3-HIGH_WMARK_REACHED: Number of messages in the queue for channel 9 has reached maximum.
  -Traceback= 1#830db5fd318976b0280defe233875463  :10000000+153F71C :10000000+B5E9B0 :10000000+B5EBA4 :10000000+3CC5CC :10000000+3CD0B4 :10000000+39AB00 :10000000+27CDD2C :10000000+7C7814 :10000000+27AC29C
  Please suggest the meaning of these messages and suggestion for resolution on the same.
  Attaching show version, show logging for this Switch.
  Regards
  Ashutosh

  Hi Akilhasan,
  The switch is hitting a bug which is currently under investigation. The latter implies there is no official workaround, but my suggestion would be that you consider reloading the switch outside of business hours (considering preventive measures i. e. back the configuration up, save changes, etc.). 
  The most stable version and recommended per Cisco is 03.03.03. There is newer 03.06.00 available, just released past June, so you may consider as well upgrading the IOS, of course under a properly carried out risk assessment, and you can roll back if something unexpected occurs. I would suggest doing so only if you have a solid knowledge of the customer's network and business needs.
  Hope this helps. 
  Kind regards,
  - Ed

• Cisco 3850 Redundant Power Supply Reporting Issue

  We have deployed several Cisco 3850's. Several are showing the following symptom
  ont2-tc3-es01#sh env power
  SW  PID                 Serial#     Status           Sys Pwr  PoE Pwr  Watts
  1A  PWR-C1-715WAC       DCB1702G0QU  OK              Good     Good     715
  1B  PWR-C1-715WAC       DCB1702G0G6  No Response     Good     Good     715
  Every single switch at this particular location has the same status on the B power supply. The problem was there on the previous code level (3.2.2) and we recently upgraded to 3.3.5 to resolve some SNMP bugs on the switches we also expected the latest Assurewave version to fix this issue also. So couple questions:
  1. Anyone else seeing this?
  2. Anyone found a fix for it?
                 Thanks!
                            Marty

  Hi Zabeel,
                     I did talk with TAC - per the engineer there are two bugs that cause the issue and one was fixed in 3.3.5 - so we upgraded all our 3850's to that code level. Unfortunately for us, that still didn't fix the issue. TAC suggested that it may be fixed in rev 3.7.0, but that has not officially been confirmed by Cisco's developers.
           We're waiting for the official "fix" before going through another round of switch upgrades.
          TAC did suggest reseating the power supply if you still have the issue after the upgrade to 3.3.5 - but that's not really an option for me since my switches are geographically spread out.
     HTH
               Marty

• Cisco 3850 SSO and NSF failover time

  Dear Member,
  I m trying to setup a network with few second fail-over with Cisco 3850 stack, C3850 support SSO and NSF on OSPF.
  However, when the Master fails, Slave take up the role and re-learn routing information and around 10 sec to fail-over.
  May any brothers have this experience and 10 sec fail-over should be the normal behavior or can be enhance?
  Attach diagram for reference.
  Regards
  Russ

  Great, adding the following command and only have 1 ping loss with end to end.
  =========================
  Stack-mac persistent timer 0
  router ospf 1
  nsf cisco enforce global
  ========================

• Cisco 3850 support BFD ?

  Hi ,
    how can i enable and config BFD on the Cisco 3850 .
  i had check eigrp plugin but It have not BFD Platform Support .
  Core_IDC3850#sh eigrp plugins
  EIGRP feature plugins:::
      eigrp-release      :   7.00.00 : Portable EIGRP Release                 
                         :   1.00.13 : Source Component Release(rel7)
      parser             :   2.02.00 : EIGRP Parser Support                   
      igrp2              :   3.00.00 : Reliable Transport/Dual Database       
      external-client    :   1.02.00 : Service Distribution Client Support    
      eigrp-nsf          :   2.00.00 : Platform Support                       
      Spatial Reuse Prot :   1.01.00 : Platform Support                       
      mtr                :   1.00.01 : Multi-Topology Routing(MTR)            
      EVN/vNets          :   1.00.00 : Easy Virtual Network (EVN/vNets)       
      ipv4-af            :   2.01.01 : Routing Protocol Support               
      ipv4-sf            :   1.02.00 : Service Distribution Support           
      ipv6-af            :   2.01.01 : Routing Protocol Support               
      ipv6-sf            :   2.01.00 : Service Distribution Support           
      vNets-parse        :   1.00.00 : EIGRP vNets Parse Support              
      snmp-agent         :   1.01.01 : SNMP/SNMPv2 Agent Support              
  Core_IDC3850#
  My 3850 OS ver 
  Switch Ports Model              SW Version        SW Image              Mode  
  *    1 32    WS-C3850-24T       03.03.01SE        cat3k_caa-universalk9 INSTALL
  Br
  Horace

  As per the Cisco Feature Navigator output, this switch model does not support  BFD.
  Herewith attached the supported feature of this switch model 3.3.1 software version.
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Linux ntp server with cisco 3850

  hi all
  i'm trying to make sync with linux ntp with cisco 3850  here is the what i did
  linux centos 6.5 (on the ucs virtual machin) . this is a ntp server
  ip 10.1.1.251
  ===================================================
  For more information about this file, see the man pages
  # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
  driftfile /var/lib/ntp/drift
  # Permit time synchronization with our time source, but do not
  # permit the source to query or modify the service on this system.
  restrict default kod nomodify notrap nopeer noquery
  restrict -6 default kod nomodify notrap nopeer noquery
  # Permit all access over the loopback interface.  This could
  # be tightened as well, but to do so would effect some of
  # the administrative functions.
  restrict 127.0.0.1
  restrict -6 ::1
  # Hosts on local network are less restricted.
  restrict 10.1.1.0 mask 255.255.255.0 nomodify notrap
  # Use public servers from the pool.ntp.org project.
  # Please consider joining the pool (http://www.pool.ntp.org/join.html)
  #server 1.centos.pool.ntp.org iburs
  #server 2.centos.pool.ntp.org iburst
  #server 3.centos.pool.ntp.org iburst
  server 127.127.1.0
  fudge 127.127.1.0 stratum 2
  #broadcast 192.168.1.255 autokey        # broadcast server
  #broadcastclient                        # broadcast client
  #broadcast 224.0.1.1 autokey            # multicast server
  #multicastclient 224.0.1.1              # multicast client
  #manycastserver 239.255.254.254         # manycast server
  #manycastclient 239.255.254.254 autokey # manycast client
  # Enable public key cryptography.
  #crypto
  includefile /etc/ntp/crypto/pw
  # Key file containing the keys and key identifiers used when operating
  # with symmetric key cryptography.
  keys /etc/ntp/keys
  # Specify the key identifiers which are trusted.
  #trustedkey 4 8 42
  # Specify the key identifier to use with the ntpdc utility.
  #requestkey 8
  # Specify the key identifier to use with the ntpq utility.
  #controlkey 8
  # Enable writing of statistics records.
  #statistics clockstats cryptostats loopstats peerstats
  and cisco 3850  configured this one
  ntp server 10.1.1.241
  and
  show ntp status
  clock is unsynchronized, stratum 16, reference is null
  why...didn't work.. somebody help me..

  Is there a typo in your post or configuration? You show the NTP server IP address as 10.1.1.251, but the router configured to use 10.1.1.241.
  Regards

• 2602 AP and cisco 3850

  Hi,
  i would like to know if i could use the cisco 3850 as a pass through to register with cisco 5508 (flex connect) at our main site. at the moment i can see the AP registering to cisco 3850 and not 5508. if i plug in the ap to a cisco 2960 will connect to 5508 ?
  also which mode should it be if the above is possbile (Moblity controller mode or Mobility agent mode)
  Thanks

  Hi Raskia,
  Thanks for your reply. so if i go for option 1 can i still use mobility tunnel and mobility anchor feature. I need to for form a mobility tunnel to 5508 on the inside network and another tunnel to 4400 controller in the dmz (i know it has problems with tunnel to 4404 controller due to ios problems but if i can do to 5508 it will be fine)
  its a shame if i cant do the above i will have to remove the wireless feature and use it as l2 switch. when i do no wireless management inter x then does it remove the router (l3) bit of the router?
  Thanks