Cisco CSS 11150 Series switch and DNS Sticky

Similar Messages

• Connecting two cisco ESW 500 series switches.

  Hi Experts,
  I have a basic knowledge of network and need some help.
  I have two cisco ESW 500 series switches and i want to connect them together.
  Q1 # Which type of cable i should use to connect these two switches CrossOver or fiber...What is the advantage of using Fiber over CrossOver. ?
  Q2 # What are the marked ports in the image used for...???

  tech spec,
  Traditionally you would use crossover to connect switches. Most modern network devices have Auto-MDIX which allows the device to connect using either crossover or straight through.
  The ports on the right can be used for uplink or as regular network ports. On the 10/100 versions the ports on the right are usually Gigabit, thus making them more suitable for uplink to another switch, etc.
  Please mark this thread as answered or reply if you have any additional questions.
  - Marty

• Ask the Expert: Different Flavors and Design with vPC on Cisco Nexus 5000 Series Switches

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco® NX-OS.
  The biggest limitation to a classic port channel communication is that the port channel operates only between two devices. To overcome this limitation, Cisco NX-OS has a technology called virtual port channel (vPC). A pair of switches acting as a vPC peer endpoint looks like a single logical entity to port channel attached devices. The two devices that act as the logical port channel endpoint are actually two separate devices. This setup has the benefits of hardware redundancy combined with the benefits offered by a port channel, for example, loop management.
  vPC technology is the main factor for success of Cisco Nexus® data center switches such as the Cisco Nexus 5000 Series, Nexus 7000 Series, and Nexus 2000 Series Switches.
  This event is focused on discussing all possible types of vPC along-with best practices, failure scenarios, Cisco Technical Assistance Center (TAC) recommendations and troubleshooting
  Vishal Mehta is a customer support engineer for the Cisco Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in TAC for the past 3 years with a primary focus on data center technologies, such as the Cisco Nexus 5000 Series Switches, Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus 1000V Switch, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching, and service provider.
  Nimit Pathak is a customer support engineer for the Cisco Data Center Server Virtualization TAC team based in San Jose, California, with primary focus on data center technologies, such as Cisco UCS, the Cisco Nexus 1000v Switch, and virtualization. Nimit holds a master's degree in electrical engineering from Bridgeport University, has CCNA® and CCNP® Nimit is also working on a Cisco data center CCIE® certification While also pursuing an MBA degree from Santa Clara University.
  Remember to use the rating system to let Vishal and Nimit know if you have received an adequate response. 
  Because of the volume expected during this event, Vishal and Nimit might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure Community, under the subcommunity LAN, Switching & Routing, shortly after the event. This event lasts through August 29, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Gustavo
  Please see my responses to your questions:
  Yes almost all routing protocols use Multicast to establish adjacencies. We are dealing with two different type of traffic –Control Plane and Data Plane.
  Control Plane: To establish Routing adjacency, the first packet (hello) is punted to CPU. So in the case of triangle routed VPC topology as specified on the Operations Guide Link, multicast for routing adjacencies will work. The hellos packets will be exchanged across all 3 routers and adjacency will be formed over VPC links
  http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_L3_w_vpc_5500platform.html#wp999181
  Now for Data Plane we have two types of traffic – Unicast and Multicast.
  The Unicast traffic will not have any forwarding issues, but because the Layer 3 ECMP and port channel run independent hash calculations there is a possibility that when the Layer 3 ECMP chooses N5k-1 as the Layer 3 next hop for a destination address while the port channel hashing chooses the physical link toward N5k-2. In this scenario,N5k-2 receives packets from R with the N5k-1 MAC as the destination MAC.
  Sending traffic over the peer-link to the correct gateway is acceptable for data forwarding, but it is suboptimal because it makes traffic cross the peer link when the traffic could be routed directly.
  For that topology, Multicast Traffic might have complete traffic loss due to the fact that when a PIM router is connected to Cisco Nexus 5500 Platform switches in a vPC topology, the PIM join messages are received only by one switch. The multicast data might be received by the other switch.
  The Loop avoidance works little different across Nexus 5000 and Nexus 7000.
  Similarity: For both products, loop avoidance is possible due to VSL bit
  The VSL bit is set in the DBUS header internal to the Nexus.
  It is not something that is set in the ethernet packet that can be identified. The VSL bit is set on the port asic for the port used for the vPC peer link, so if you have Nexus A and Nexus B configured for vPC and a packet leaves Nexus A towards Nexus B, Nexus B will set the VSL bit on the ingress port ASIC. This is not something that would traverse the peer link.
  This mechanism is used for loop prevention within the chassis.
  The idea being that if the port came in the peer link from the vPC peer, the system makes the assumption that the vPC peer would have forwarded this packet out the vPC-enabled port-channels towards the end device, so the egress vpc interface's port-asic will filter the packet on egress.
  Differences:  In Nexus 5000 when it has to do L3-to-L2 lookup for forwarding traffic, the VSL bit is cleared and so the traffic is not dropped as compared to Nexus 7000 and Nexus 3000.
  It still does loop prevention but the L3-to-L2 lookup is different in Nexus 5000 and Nexus 7000.
  For more details please see below presentation:
  https://supportforums.cisco.com/sites/default/files/session_14-_nexus.pdf
  DCI Scenario:  If 2 pairs are of Nexus 5000 then separation of L3/L2 links is not needed.
  But in most scenarios I have seen pair of Nexus 5000 with pair of Nexus 7000 over DCI or 2 pairs of Nexus 7000 over DCI. If Nexus 7000 are used then L3 and L2 links are required for sure as mentioned on above presentation link.
  Let us know if you have further questions.
  Thanks,
  Vishal

• Cisco CSS 11150 Concurrent Capacity ?

  Does anyone know what the official concurrent capacity is across the 11150 series switch?

  What do you mean by concurrent ?
  Are you looking for number of connection per seconds, active connections, packet per second or bytes/second ?
  http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_data_sheet09186a00800921b1.html
  This is the official info, and it talks only about 5.0Gbps throughput.
  For more information you should contact your local reseller or Cisco representative.
  Regards,
  Gilles.

• 4500 Series Switches and 802.1x MAB

  My organization has multiple 4500 series switches experiencing the same problem when attempting to authenticate devices via MAB.  The issue is that the "show mab interface fax/x details" shows the Client MAC in a waiting status.  The device is never sending the switch it's MAC in order to proceed with MAB authentication, so of course the port never forwards traffic.  However, if we remove authentication port-control auto the port starts forwarding and the device gains connectivity.  Below is the interface configuration command and the MAB details.  The IOS version of this current switch is 15.0(2)SG8.  Are we missing something special for a 4500 as far as configuration is concerned.
  interface FastEthernet8/16
   description USER 
   switchport access vlan 600
   switchport mode access
   switchport nonegotiate
   duplex full
   authentication host-mode multi-domain
   authentication port-control auto
   authentication periodic
   mab
   dot1x pae authenticator
   dot1x timeout tx-period 5
  end
  SWITCH-4510R#sh mab interface fa8/16 details
  MAB details for FastEthernet8/16
  Mac-Auth-Bypass           = Enabled
  MAB Client List
  Client MAC                = Waiting
  Session ID                = 841AF6D100002931AF99B827
  MAB SM state              = ACQUIRING
  Auth Status               = UNAUTHORIZED

  hello,
  in my organization we have multiple 3560/2960 series switches and some 4500 with MAB.
  the interfaces have the following config:
   authentication host-mode multi-auth
   authentication order mab dot1x
   authentication priority mab dot1x
   authentication port-control auto
   authentication periodic
   authentication timer restart 120
   authentication timer reauthenticate server
   authentication timer inactivity 600
   mab
   dot1x pae authenticator
  Good luck

• Cisco IE-3000-8TC switches and CNA

  A colleague of mine has installed a set of 3 Cisco IE-3000-8TC switches which look like they have had a minimal amount of configuration applied to them, and I have now been asked to integrate them into a CNA community. 
  I can;
  ping them and get replies
  connect to them through telnet
  connect to them with a web browser
  I can create a community and the 3 switches are detected as shown in the attached file, CreateCommunity.png
  However, when I try to connect to the newly created community CNA returns the error –1, as shown in the attached file, CommunityError.png
  It then hangs at 83% Processing discovered devices…
  Has anyone out there had experience of integrating these switches into CNA?
  What do I need to do to them?

  A colleague of mine has installed a set of 3 Cisco IE-3000-8TC switches which look like they have had a minimal amount of configuration applied to them, and I have now been asked to integrate them into a CNA community. 
  I can;
  ping them and get replies
  connect to them through telnet
  connect to them with a web browser
  I can create a community and the 3 switches are detected as shown in the attached file, CreateCommunity.png
  However, when I try to connect to the newly created community CNA returns the error –1, as shown in the attached file, CommunityError.png
  It then hangs at 83% Processing discovered devices…
  Has anyone out there had experience of integrating these switches into CNA?
  What do I need to do to them?

• How to erase all configuration in Cisco ESW 500 Series Switches

  Hi anybody,
  Anyone show me how to erase or remove  configuration file from ESW 500 Series Switches?
  Thanks
  Thuc

  Hi Thuc,
  The restart / reset function will allow for local or remote reset of the  the unit to Factory defaults, see screen capture below. ;
  Alternatively, the Switch can be reset by inserting a paper clip into the RESET opening on the friont of the switch.
  Pressing the manual reset for 0 to 10 seconds only  reboots the switch.
  Pressing the manual reset for longer than 10 seconds results in the switch being reset to factory defaults.
  does this answer your question, not exactly sure it does ?
  regards Dave

• Cisco CSS 11500 and RDP

  Dear NetPros:
  Does anyone know that does Cisco CSS 11500 Series Content Services Switch support 'Session Caching of RDP Clients? session for roaming of disconnected sessions' features?
  Thanks
  Bernard

  The Cisco CSS 11500 is a compact modular platform, specifically designed to provide robust Layer 4-7 traffic management services for e-business applications in Internet and intranet data centers.
  This URl should help you:
  http://www.cisco.com/en/US/netsol/ns340/ns394/ns50/ns254/networking_solutions_package.html

• Cisco Catalyst 3750-X or 3560-X Series Switches

  Recently, our company was deciding to buy Cisco switches, but they just tell the requirements and I finally focused on two kinds of switches, Cisco Catalyst
  3750-X or 3560-XSeries Switches? Who can tell me, tnx in advance.

   As I read a blog recently, it listed the specific differences between Cisco 3750-X and 3560-X, except for the common features of Cisco 3750-X and 3560-X, Cisco 3750-X can also offer-- Cisco StackPower technology: An innovative feature and industry first for sharing power among stack members; 
  Cisco StackWise Plus technology for ease of use and resiliency with 64 Gbps of throughput; 
  Investment protection with backward compatibility with all other models of Cisco Catalyst 3750 Series Switches. 
  And made a more detailed comparison between the two products, for ur reference.

• Needed sfp fiber module configuration in 2960 x series switch

  Hi
   I am beginner, we bought a cisco 2960 X-series switch model no WS-2960-24TS-L and we bought SFP fiber module, how can i configure the sfp module. help me with the configuration commends. when i run sh int gi1/0/25 capabilities it gives the type 1000BaseSX, but when i run sh int gi1/0/25, the gi1/0/25 is down, line protocol is down(not connected). The other end of the fiber connected with sfp fiber modules to srw2024-k9-eu switch.  

  Hi
  follow these steps :
  1- goto  Port Management > Port Settings 
  2- click the Detail button of the appropriate port  

• CiscoWorks user options "device type groups|switch and Hubs"

  Hi,
  We are using CiscoWorks software to deploy new configuration to our network devices.  Because our environnement is mixed about version of network devices we have to create a new netconfig job for each device model, because in some plate-forme configuration option, syntax maybe different of each other.
  When I create a new netconfig job with my username under "device type groups|switch and Hubs" I have a list there of all plate-forme we have in our production environnement managed by CiscoWorks software.  I know thoses group was'nt define by on of us and thoses are define by default in CiscoWorks software, but they are hiden by default per user basic.
  We have a new one in our team, I had created his user name and password, but I can find the option where I can asked to make visible to him plate-form device type group as I have in my user configuration.
  Also, is it possible to copy private define group to an other user without to make thoses as public ?
  Thanks a lot !

  Here,
  is a view of what I have with my user
  but in his profile he is only see
  Device type Groups
       + Routers
       + Switches and Hubs
       + Wireless
  if he clic on the plus sing to develop group "Switches and Hubs" he see all switches and hub managed by CiscoWorks software.  I know He did not create Cisco Catalyst 2912 XL Switch and Cisco Catalyst 2924 XL Switch group in my profile.  I know we have to modify an option in CiscoWorks per user basic to view those group, the person who where that option should be modifiy is currently in vacation, but he will need that option enable before our specialist will be back !
  Thanks a lot !

• 3750 metro series switch does not support dot1q trunking?

  Folks,
  I have a 3750 metro series switch and i am trying to use it to do inter vlan routing. I do not see an option for "encapsulation dot1q" under sub interface?? why is it not supported??
  Thanks

  Narvin,
  if you want inter-vlan routing, the interface Vlan nn itself specify vlan.I think you confuse with router subinterface where you must specify what Vlan a subinterface must use ( and encaps type ). Encaps type ( dot1q or ISL ) is used at trunk level, and whatever trunk use you can do intervlan routing using vlan interface.
  maurizio

• Ask the Expert: Cisco Nexus 2000, 5000, and 6000 Series Switches

  with Cisco Expert Vinayak Sudame
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions how to configure and troubleshoot the Cisco Nexus 2000, 5000 and 6000 Series Switches with Cisco subject matter expert Vinayak Sudame. You can ask any question on configuration, troubleshooting, features, design and Fiber Channel over Ethernet (FCoE).
  Vinayak Sudame is a Technical Lead in Data Center Switching Support Team within Cisco's Technical Services in RTP, North Carolina. His current responsibilities include but are not limited to Troubleshooting Technical support problems and Escalations in the areas of Nexus 5000, Nexus 2000, FCoE. Vinayak is also involved in developing technical content for Cisco Internal as well as external. eg, Nexus 5000 Troubleshooting Guide (CCO), Nexus 5000 portal (partners), etc. This involves cross team collaboration and working with multiple different teams within Cisco. Vinayak has also contributed to training account teams and partners in CAE (Customer Assurance Engineering) bootcamp dealing with Nexus 5000 technologies. In the past, Vinayak's responsibilities included supporting MDS platform (Fiber Channel Technologies) and work with EMC support on Escalated MDS cases. Vinayak was the Subject Matter Expert for Santap Technologies before moving to Nexus 5000 support. Vinayak holds a Masters in Electrical Engineering with Specialization in Networking from Wichita State University, Kansas. He also holds Cisco Certification CCIE (#20672) in Routing and Switching.
  Remember to use the rating system to let Vinayak know if you have received an adequate response.
  Vinayak might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the  Data Center sub-community, Other Data Center Topics discussion forum shortly after the event.
  This event last through Friday July 12, 2013. Visit the community often to view responses to youe questions of other community members.

  Hi Vinayak,
  Output of "show cfs internal ethernet-peer database"
  Switch 1
  ETH Fabric
  Switch WWN              logical-if_index
  20:00:54:7f:ee:b7:c2:80 [Local]
  20:00:54:7f:ee:b6:3f:80 16000005
  Total number of entries = 2
  Switch 2
  ETH Fabric
  Switch WWN              logical-if_index
  20:00:54:7f:ee:b6:3f:80 [Local]
  20:00:54:7f:ee:b7:c2:80 16000005
  Total number of entries = 2
  Output of "show system internal csm info trace"
  Switch 1 in which "show cfs peers" show proper output
  Mon Jul  1 05:46:19.145339  (CSM_T) csm_sp_buf_cmd_tbl_expand_range(8604): No range command in buf_cmd_tbl.
  Mon Jul  1 05:46:19.145280  (CSM_T) csm_set_sync_status(6257): Peer RT status PSSed
  Mon Jul  1 05:46:19.145188  (CSM_T) csm_sp_handle_local_verify_commit(4291):
  Mon Jul  1 05:46:19.145131  csm_continue_verify_ac[597]: peer is not reachable over CFS so continuing with local verify/commit
  Mon Jul  1 05:46:19.145071  csm_tl_lock(766): Peer information not found for IP address: '172.16.1.54'
  Mon Jul  1 05:46:19.145011  csm_tl_lock(737):
  Mon Jul  1 05:46:19.144955  (CSM_EV) csm_sp_build_tl_lock_req_n_send(941): sending lock-request for CONF_SYNC_TL_SESSION_TYPE_VERIFY subtype 0 to Peer ip = (172.16.1.54)
  Mon Jul  1 05:46:19.143819  (CSM_T) csm_copy_image_and_internal_versions(788): sw_img_ver: 5.2(1)N1(2a), int_rev: 1
  Mon Jul  1 05:46:19.143761  (CSM_T) csm_sp_get_peer_sync_rev(329): found the peer with address=172.16.1.54 and sync_rev=78
  Mon Jul  1 05:46:19.143699  (CSM_T) csm_sp_get_peer_sync_rev(315):
  Mon Jul  1 05:46:19.143641  (CSM_EV) csm_sp_build_tl_lock_req_n_send(838): Entered fn
  Mon Jul  1 05:46:19.143582  (CSM_T) csm_set_sync_status(6257): Peer RT status PSSed
  Switch 2 in which "show cfs peers" does not show proper output
  Mon Jul  1 06:13:11.885354  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport mode trunk, cmd pseq 77 seq 482
  Mon Jul  1 06:13:11.884992  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd channel-group 51 mode active, cmd pseq 357 seq 369
  Mon Jul  1 06:13:11.884932  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport trunk allowed vlan 2, 11, cmd pseq 357 seq 368
  Mon Jul  1 06:13:11.884872  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport mode trunk, cmd pseq 357 seq 367
  Mon Jul  1 06:13:11.884811  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd description process_vpc, cmd pseq 357 seq 366
  Mon Jul  1 06:13:11.884750  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd channel-group 51 mode active, cmd pseq 352 seq 365
  Mon Jul  1 06:13:11.884690  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport trunk allowed vlan 2, 11, cmd pseq 352 seq 364
  Mon Jul  1 06:13:11.884630  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd switchport mode trunk, cmd pseq 352 seq 363
  Mon Jul  1 06:13:11.884568  (CSM_ERR) csm_pss_cmd_tree_walk_cb(2057): Parent command not found for cmd description process_vpc, cmd pseq 352 seq 362
  Mon Jul  1 06:13:11.884207  (CSM_EV) csm_sp_acfg_gen_handler(3011):  Preparing config into /tmp/csm_sp_acfg_1733916569.txt
  Mon Jul  1 06:13:11.878695  csm_get_locked_ssn_ctxt[539]: Lock not yet taken.
  Mon Jul  1 06:13:11.878638  (CSM_EV) csm_sp_acfg_gen_handler(2937): Recieved sp acfg merge request for type: running cfg
  Mon Jul  1 06:12:29.527840  (CSM_T) csm_pss_del_seq_tbl(1989): Freeing seq tbl data
  Mon Jul  1 06:12:29.513255  (CSM_T) csm_sp_acfg_gen_handler(3106): Done acfg file write
  Mon Jul  1 06:12:29.513179  (CSM_EV) csm_sp_acfg_gen_handler(3011):  Preparing config into /tmp/csm_sp_acfg_1733911262.txt
  Mon Jul  1 06:12:29.508859  csm_get_locked_ssn_ctxt[539]: Lock not yet taken.
  Mon Jul  1 06:12:29.508803  (CSM_EV) csm_sp_acfg_gen_handler(2937): Recieved sp acfg merge request for type: running cfg
  Mon Jul  1 05:53:17.651236  Collecting peer info
  Mon Jul  1 05:53:17.651181  Failed to get the argumentvalue for 'ip-address'
  Mon Jul  1 05:40:59.262736  DB Unlocked Successfully
  Mon Jul  1 05:40:59.262654  Unlocking DB, Lock Owner Details:Client:1 ID:1
  Mon Jul  1 05:40:59.262570  (CSM_T) csm_sp_del_buf_cmd(1713): Deleting comand with Id = 1
  Mon Jul  1 05:40:59.262513  DB Lock Successful by Client:1 ID:1
  Mon Jul  1 05:40:59.262435  Recieved lock request by Client:1 ID:1
  Mon Jul  1 05:40:41.741224  ssnmgr_ssn_handle_create_get: Session FSM already present, ID:1
  Mon Jul  1 05:40:41.741167  ssnmgr_handle_mgmt_request: Create/Get request received for session[process_n5kprof]
  show cfs lock gives no output.
  Just to further clarify, we have 4 5548UP switches in the same management vlan. 2 switches are in one location lets say location A and they are CFS peers and are working fine.
  These two switches which are having problem are in location B. All the switches are in the same vlan. Essentially the all CFS multicast messages will be seen by all 5548 switches as they are in the same vlan. I am assuming that this might not create any problems as we specify the peers in the respective configurations. Or do we have to change the CFSoIPv4 multicast addresses in location B or may be configure a different region.
  Regards.

• Cisco Switches and Dell EqualLogic PS series integration

  Scanrio: In head office there is Dell EqualLogic PS series and in branch also same for replicaiotn from head office to branch i want to know the ios feature set of Switch and Router.

  If the Dell EqualLogic systems are using iSCSI to communicate there is no specific feature required on the Cisco gear. The Cisco gear will pass iSCSI traffic just like any other IP traffic.
  Make sense?
  Cheers,
  Brad

• CSS redundant interface and DNS server

  We're attempting to implement a pair of CSS's using redundant ASR and GSLB where the CSS's act as DNS servers.
  But I'm not sure if the 2 features are compatible. The CSS's answer DNS queries to their direct interface but not the redundant interface.
  Does anyone have any suggestions or work-arounds? We're running version 8.20.
  TIA,
  Dan

  Dan doing some research I can see that the option to configure redundant-interface to resolve dns queries is not included on CSS 11500 series, this from the documentation.
  On the document for CSS 11000 series that I provided before shows:
  Configuration Requirements and Restrictions
  The following requirements and restrictions apply to the configuration of this feature.
  •You can configure this feature only on Cisco 11000 series CSSs (not 11500)
  If I look at the redundant-interface configuration on old CSS 11000 series I see the option for dns:
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11000series/v6.10/configuration/advanced/guide/VIPRedun.html#wp1067528
  Look at this line:
  dns-server - Keyword that enables the CSS to respond to DNS queries destined for the redundant interface IP address. For more information, see the "Configuring a Redundant Virtual Interface to Respond to DNS Requests" section.
  On new CSS 11500 series this option is not available:
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20_v8.10/configuration/redundancy/guide/VIPRedun.html#wp1067528
  I am trying to find if there is any workaround but so far semms that is expected to miss this feature on CSS11500.