DHCP for VLAN on 4507; IP Conflicts too often
I have seen a few similar posts, but nothing so far that fits my scenario, I think.
I keep getting random users in this VLAN reporting IP conflicts. These desktop systems are left on 24/7. Right now, we only have one VLAN DHCP being served from this core switch.
There are only 29 computers pulling DHCP on this VLAN, but I have a large range allocated to them for growth. These are desktop systems, so they don't swap network ports, and they don't have dual NICs, nor do they have WiFi. So I am at a lose as to why we would be seeing IP conflicts with such an obvious open pool of IPs, and with MAC addresses not changing. It has been my experience that pretty much unless something happens(offline for several days, NIC replacement, etc.) to the MAC every IP renewal gives the same IP back.
Core#sho ip dhcp pool OUR-Workstations
Pool OUR-Workstations :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 254
Leased addresses : 28
Excluded addresses : 49
Pending event : none
1 subnet is currently in the pool :
Current index IP address range Leased/Excluded/Total
10.1.32.183 10.1.32.1 - 10.1.32.254 28 / 49 / 254
Core#sho ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type State Interface
Hardware address/
User name
10.1.32.50 0180.1f02.5f5e.b6 Dec 18 2013 11:34 PM Automatic Active Vlan32
10.1.32.51 01f0.4da2.2e9f.06 Dec 19 2013 07:57 AM Automatic Active Vlan32
10.1.32.54 01b8.ac6f.45b4.27 Dec 19 2013 09:54 AM Automatic Active Vlan32
10.1.32.55 0100.2564.c8bd.ea Dec 19 2013 09:33 AM Automatic Active Vlan32
10.1.32.58 01b8.ac6f.45c4.97 Dec 19 2013 04:18 AM Automatic Active Vlan32
10.1.32.61 01b8.ac6f.3693.05 Dec 19 2013 05:12 AM Automatic Active Vlan32
10.1.32.62 01b8.ac6f.35f0.eb Dec 19 2013 05:18 AM Automatic Active Vlan32
10.1.32.63 0100.2564.c8c7.ae Dec 19 2013 12:26 AM Automatic Active Vlan32
10.1.32.65 01f0.4da2.2fba.66 Dec 19 2013 01:44 AM Automatic Active Vlan32
10.1.32.66 01b8.ac6f.46eb.b8 Dec 19 2013 01:05 AM Automatic Active Vlan32
10.1.32.67 01b8.ac6f.45c9.7a Dec 18 2013 10:54 PM Automatic Active Vlan32
10.1.32.68 01b8.ac6f.45c3.dc Dec 19 2013 07:12 AM Automatic Active Vlan32
10.1.32.70 01b8.ac6f.35f1.48 Dec 19 2013 05:15 AM Automatic Active Vlan32
10.1.32.88 01b8.ac6f.37bc.3e Dec 19 2013 06:37 AM Automatic Active Vlan32
10.1.32.97 01b8.ac6f.368f.f5 Dec 19 2013 06:42 AM Automatic Active Vlan32
10.1.32.101 01b8.ac6f.45bb.9e Dec 19 2013 06:17 AM Automatic Active Vlan32
10.1.32.110 01f0.4da2.2d47.5a Dec 19 2013 06:17 AM Automatic Active Vlan32
10.1.32.118 01f0.1faf.1d37.97 Dec 19 2013 07:19 AM Automatic Active Vlan32
10.1.32.121 0100.2564.c95a.c1 Dec 19 2013 06:53 AM Automatic Active Vlan32
10.1.32.144 01b8.ac6f.1d37.34 Dec 19 2013 09:16 AM Automatic Active Vlan32
10.1.32.167 0100.2564.c94e.f0 Dec 19 2013 07:34 AM Automatic Active Vlan32
10.1.32.170 01e0.db55.e9d7.01 Dec 19 2013 07:38 AM Automatic Active Vlan32
10.1.32.171 0100.03ff.2eba.66 Dec 18 2013 01:20 PM Automatic Active Vlan32
10.1.32.178 0124.7703.f1c2.e5 Dec 18 2013 10:02 AM Automatic Selecting Vlan32
10.1.32.235 01f0.4da2.2c92.33 Dec 19 2013 09:53 AM Automatic Active Vlan32
10.1.32.238 01b8.ac6f.3649.aa Dec 19 2013 05:21 AM Automatic Active Vlan32
10.1.32.241 01b8.ac6f.1d2a.2f Dec 18 2013 10:08 PM Automatic Active Vlan32
10.1.32.247 01b8.ac6f.45b5.8f Dec 19 2013 05:15 AM Automatic Active Vlan32
Not sure what the SELECTING status is for 10.1.32.178, but I assume I caught this at a point IP renewal.
Core#sho ip dhcp server stat
Memory usage 22449
Address pools 1
Database agents 0
Automatic bindings 28
Manual bindings 0
Expired bindings 1178
Malformed messages 294
Secure arp entries 0
Renew messages 2368
Relay bindings 0
Relay bindings active 10
Relay bindings terminated 0
Relay bindings selecting 10
Message Received
BOOTREQUEST 171602
DHCPDISCOVER 2931675
DHCPREQUEST 2680462
DHCPDECLINE 271
DHCPRELEASE 26
DHCPINFORM 951950
DHCPVENDOR 0
BOOTREPLY 0
DHCPOFFER 126
DHCPACK 0
DHCPNAK 0
Message Sent
BOOTREPLY 0
DHCPOFFER 8196
DHCPACK 353198
DHCPNAK 12769
Message Forwarded
BOOTREQUEST 0
DHCPDISCOVER 0
DHCPREQUEST 0
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 0
DHCPVENDOR 0
BOOTREPLY 0
DHCPOFFER 0
DHCPACK 0
DHCPNAK 0
Hi,
Cisco IOS DHCP service doesn't reallocate the same IP to a client that is renewing its binding, it will try to offer the next IP available that is not excluded manually or that either didn't receive a DHCPDECLINE or a positive reply to an icmp echo test or ARP test.It will circle like this upto end of pool and starting at start of pool again.
Regards
Alain
Don't forget to rate helpful posts.
Similar Messages
-
hi all
Can anyone tell me how come my switch knows only to issue my dhcp pool to the relevant vlan, the vlan and dhcp pool are are the same subnet, but what if I didnt have a vlan in that subnet, would it not issue them ?Hi Carl,
I'm not entirely sure on what you mean, however I'll explain a bit on how I see your question.
Basically a PC on a subnet will send a Layer2 Broadcast requesting an IP address and various other details. Therefore, you will find that in most cases the DHCP server should be on the same subnet to receive the broadcast frame.
All your switch does is forward frames (unicast, broadcast and multicast) across the same Vlans that are configured. Generally speaking switches do not forward to different vlans unless you have configured a multilayer switch.
The exception in the dhcp case is where you use a dhcp relay agent to forward dhcp requests across different subnets to a central dhcp server.
Please let me know if this makes sense or not. I'm not quite sure what you mean if you didn't have a vlan in that subnet.
Cheers
Michael. -
Hi Guys, I have been looking at the use of Cisco ACS server for VLAN assignment. So far I have searched through a number of threads and no found what I am looking for specifically so here it goes.
1) When the RADIUS attributes have been configured in ACS (64, 65 + 81), and in my case I have them in the group configuration. For the VLANs to be assigned to the various users at their ports will every VLAN name in the RADIUS settings have to in the switches which are used for access?
2) Is there a limit to the number of VLANs that can be assigned by the RADIUS(IETF) portion of ACS or would it be better to use RADIUS(IOS/PIX)? I am thinking of about 15 VLANS.
I am using a Catalyst 4500 (IOS supervisor) and 2950s and 2970s at the closets.
Thanks for any help...
KelvinAccess Control Lists..I am thinking it is better to apply the ACLs at the closet (access) switches where I can specify the servers that should be reached by the hosts my test VLAN and deny those which they should not.
I used a named extended ACL for my tests however, it did not go well. With the ACL below applied I cannot reach anything including the server I actually want to reach. My intention was to allow the hosts in the test VLAN 172.16.12.0/24 to reach 2 particular servers and their gateway however with the list applied I cannot reach anything at all. The setup is one 2950 connected to a 4507 the 2 VLANs I am working with are trunked to the 2950 and dhcp is running. I have IP routing enable on the 4507 and it is the server for the VTP domain.
ip access-list extended guest
permit ip 172.16.12.0 255.255.255.0 host 172.16.12.1
permit ip 172.16.12.0 255.255.255.0 host 172.16.2.254
permit udp 172.16.12.0 255.255.255.0 host 172.16.2.245 eq 53
deny ip any any
Any advice on how I can restrict the hosts which will be on this VLAN from accessing the rest of the network? -
SGE2010P - DHCP Snooping - VLANs - Web GUI
Model: SGE2010P
FW: 3.0.0.18
In the web GUI:
Under DHCP Snooping ---> VLAN Settings
It does not allow you to enter a VLAN higher than 4092
I configured it to listen on VLAN 4094 via the CLI just fine.
I believe this should be fixed in the web GUI.Yeah, I don't think I want to do that because of all the little troubleshooting steps they usually make me go through.
I buy high-end equipment so I can skip the simple stuff...they usually don't understand that.
I know it's a bug because I've already done the troubleshooting, I don't feel I should have to do the same stuff again.
I only make a call when absolutely necessary because I find the phone support for this product line very un-supportative.
At this level, I think I should get to skip the simple stuff.
If you can't submit a bug report thats fine, I'll just leave it at this.
It's no big deal, I just thought I'd let some one else know. -
SG300-20 - Configure DHCP on VLAN interface
I have been reading the various related discussions on the SG300 and SG500 switches regarding setting up VLAN's and DHCP on those VLAN's. For whatever reason I have been unable to even get this simple task to work.
First thing I did was to update my firmware and boot version as follows:
SW version 1.3.7.18 ( date 12-Jan-2014 time 18:02:59 )
Boot version 1.3.5.06 ( date 21-Jul-2013 time 15:12:10 )
HW version V02
When I reloaded the SG300 after the SW/Boot updates the startup config was wiped out and I had to setup my switch from scratch. The intent is to have two VLAN's:
VLAN 1: all devices, servers, etc.
VLAN 2: basic subnet that hands out DHCP addresses
The SG300-20 is connected to an Asus RT-AC66U router on the 192.168.1.x subnet and provides internal network access and WiFi access (router IP address is 192.168.1.1 and is default gateway). All that works with no issues. So my task is simply to create VLAN 2 on 192.168.2.x subnet and use DHCP to allocate addresses. I have spent many hours on this and I still can't get it to work. When I connect a laptop to the port (GI8) assigned to VLAN 2, I end up getting some wonky 169.254.x.x address. I certainly thought something this "easy" wouldn't be that hard to setup, but apparently I was wrong.
The SG300 is running in L3 mode as shown in my running-config below.
Does anyone happen to see something that might be preventing my laptop client from recieving IP addresses from the VLAN 2 DHCP interface that are not in the 192.168.2.x subnet?
Any ideas / suggestions would be greatly appreciated!
Here's my running-config:
config-file-header
MYSTICSW1
v1.3.7.18 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
vlan database
vlan 2
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname MYSTICSW1
logging host 192.168.1.15
logging origin-id hostname
username cisco password encrypted b4a0fcf20b2cd9d80a55b06ab8f83277f9733904 privilege 15
snmp-server location Office
clock timezone " " -5
clock summer-time web recurring usa
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server 192.168.1.10 poll
interface vlan 1
ip address 192.168.1.254 255.255.255.0
no ip address dhcp
interface vlan 2
name MysticWAN
ip address 192.168.2.254 255.255.255.0
interface gigabitethernet8
switchport mode access
switchport access vlan 2
exit
ip default-gateway 192.168.1.1
Thanks in advance!
Clint LambertTom,
Thanks ... I followed the steps you outlined and it worked! The only difference being that I have an Asus RT-AC66U router and the there is no "enable multiple subnet" option. So, I just followed your instructions on creating the static routes in the RT-AC66U and everything worked. The DHCP addresses were correct and I had internet connectivity when I plugged a laptop into the gi8 port.
I did make one tweak to the Network Pools screen as follows:
My DHCP configuration for gi8 on VLAN 2 now looks like:
ip dhcp server
ip dhcp pool network InternalWAN
address low 192.168.2.1 high 192.168.2.99 255.255.255.0
lease infinite
domain-name MYSTIC
default-router 192.168.2.254
dns-server 8.8.8.8
Previously I had followed your advice in the article "Need help configuring SG300-10 switch" and had setup everything using CLI. However, I didn't think about needing the static routes. So, I think it was probably setup correctly beforehand but had no chance to work because the routes were not setup.
Thanks very much for your help!
Clint -
Configuring autonomous 1141 to do DHCP for Guest WiFi
I have an existing setup consisting of:
Windows Server - doing DHCP for private wired/wireless
Cisco 1141 Autonomous WAP with only private wireless access.
ASA 5505 (with very basic licensing)
HP switch
The customer wants to have guest WiFi.
The guest WiFi is going out to the internet via a seperate VLAN/interface on the ASA.
Can the 1141 do DHCP for the guest WiFi? Or do I need to do it via the ASA?It could but you would have to relay it from the ASA. So might as well just use the ASA for the scope.
Steve
Sent from Cisco Technical Support iPhone App -
i've got a 1700 router with subinterface fast ethernet 2 assigned to vlan 2 with dot1q trunking.i want to setup dhcp on the router.the native vlan is not used.i'm only using vlan 2.will the hosts receive ip addresses automatically for vlan 2 or do i need to setup helper addresses ?
Hi,
You can indeed set up the router to be a DHCP server, which means that you will not need to configure any helper addresses.
If a DHCPDISCOVER message comes in over your fastethernet sub-interface, the router will respond with an address.
Here's a sample config:
service dhcp
ip dhcp pool DCHPPool1
network ! network and mask you want to assign
default-router ! ip address of router
dns-server
ip dhcp excluded-address
(since you don't want it handing out addresses such as the router's address)
Hope that helps - pls rate the post if it does.
Regards,
Paresh -
HI, I'm with problem to get IP by dhcp in my network wireless on AP 1240ag.
I wish that my AP has two VLANs and each VLAN issue IP by DHCP.My DHCP server is a Windows Server 2008 for VLAN 1 and a Linux for VLAN 12.
The AP it's connected by Trunk to a Switch that has the two DHCP Server each one on port Vlan.
but my clients it isn't able get IP address by any each one DHCP server. it's work only with static IP. there is more anything to do in my configuration?1) Are you saying that clients can get a full network connectivity with a static ip on both vlan on your AP ? If that's the case then it looks like the AP is configured fine.
2) What happens if you plug a wired laptop to the switch and configure the port to be in one vlan then the other. Would the PC get an ip address ? If not, then it's a swicthing issue. -
Is there a reliable method for detecting that a query is too large?
I am writing some code (that uses OCI) to properly detect when a query string is too long for OCI and/or the Oracle database server. I can't find any specific error code information in the docs, so I just started firing off large queries to see what would happen.
The queries I am sending are >2MB in size, up to 16MB. If the queries are above ~10MB, I get the error "ORA-03113 'End-of-file on communications channel'" after a fairly short amount of time (i.e. not enough for a timeout to expire). If the queries are below ~10MB, but above ~2.5MB, it either just sits there and does not do anything (for more than 15 hours). So watching for ORA-03113 when executing large queries does not seem like a very reliable method for detecting the queries that are too large.
Does anyone know of a reliable way of detecting that a query is too large for the OCI client and/or the Oracle database server?
I am using version 10.2.0.1 for both the OCI client and the Oracle database server, but I'm getting similar errors for combinations of 10.2.0.1 and 9.2.0.7 for both the OCI client and the Oracle database server.
These large queries need to be handled properly (i.e. distinguished from some generic failure) because the server handles requests from users, which could be programs that generate SQL queries (and have constructed huge ones in the past).
Thanks for any information!The ORA-03113 means that the Oracle server process has died trying to satisfy your request. In almost all cases it is strictly correct to call that a bug, and we shouldn't easily forgive the server process when it happens. But in the case of multimegabyte statements my anger and disapointment turns to sympathy, for in my heart I can't bring myself to blame it. Can you?
-
2008 r2 pdc emulator switched to DHCP for a week
I have an issue I wanted to run by you guys. The quicker the response the better as I'm trying to figure the best course of action.
I have a 2008 r2 DC in my Data Center that holds the FSMO role of PDC emulator. An admin mistakenly swapped its network cable to another NIC card on the server that was set to DHCP so the server has been on DHCP for just short of a week.
My question is, should I switch it back now and get it back on the right IP or by doing that will that cause a USN roll back or something like that.
How are the other DC's viewing this DC right now? Are they even communicating with it or are they viewing the server with the right name but wrong IP as an mistake and not communicating with it. That's what I'm thinking right now looking at the other DCs
but since this is the PDC emulator I wanted to run by others...
Thanks
RSI have a 2008 r2 DC in my Data Center that holds the FSMO role of PDC emulator. An admin mistakenly
swapped its network cable to another NIC card on the server that was set to DHCP so the server has been on DHCP for just short of a week.
Multi-Homing a DC is not recommended. It is recommended that a DC has a single IP address and enabled NIC.
My question is, should I switch it back now and get it back on the right IP or by doing that will
that cause a USN roll back or something like that.
No USN rollback is caused by changing IP settings. Just run ipconfig /registerdns
and restart netlogon on your DC to force it to update its DNS records.
How are the other DC's viewing this DC right now? Are they even communicating with it or are they
viewing the server with the right name but wrong IP as an mistake and not communicating with it. That's what I'm thinking right now looking at the other DCs but since this is the PDC emulator I wanted to run by others...
To get a visibility of your DCs and AD replication status, you can use
dcdiag and repadmin commands.
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
i was charged for a movie that never was downloaded, i asked for it but the conection was too slow and I never was able to have the movie that i asked for...how can i get it without being charged again, who could remove the chage from my Crecit card?
You may not be able to get a refund, since the terms of sale for the iTunes Store state that all sales are final. You can contact the iTunes Store, explain the reason for your request, and ask, though:
http://www.apple.com/support/itunes/contact.html
It's possible they'll make an exception for you, particularly if the problem was on their end preventing the movie from downloading in a reasonable time.
Good luck. -
Server 2012 NPS NAP DHCP for VPN
I have setup a server with DHCP and NPS and configured NAP DHCP.
DHCP has 1 scope and the default scope options 003 router, 005 DNS server and 015 Domain Name (domain.com).
Further In DHCP i created a DHCP policy so it assigns a different 005 DNS server and 015 Domain Name (restricted.domain.com) to non-compliant clients. NPS/NAP DHCP is working (all is setup health, shv, gpo etc.. Health Validator is only checking if firewall
is runnning) so when i connect a client with firewall i get a normal IP from the scopt with the scope options and domain suffix domain.com. When i disable the firewall i get an IP from the DHCP scope, no gateway, subnet 255.255.255.255 and domain suffix restricted.domain.com
so all works well and as NAP DHCP should work.
Now i have an seperate RRAS server configured as VPN server and configured my DHCP/NPS server as an Radius Authentication Provider. Also a DHCP relay agent is configured in RRAS
On my DHCP/NPS server i configured my RRAS server as a Radius Client (nap-capable).
My questions:
Q1. can i use NAP DHCP for vpn clients, as VPN clients get IP address from my DHCP server? i know there is a NAP VPN option but i want to use NAP DHCP cause NAP DHCP and NAP VPN don;t work together and i want NAP DHCP for internal clients.
My problem:
P1. with setup above i cannot setup a VPN connection from an external client i get an error "Error 812:The connection was prevented because of a policy configured on your RAS/VPN server.specfically ,the authentication method used by the server to verify
your usename and password may not match the auithentication method configured in your connection profile .Please contact the Administrator of the RAS server and notify them of this error"
I can resolve my problem P1 by running "configure VPN for Dial-Up" with the option "Radius server for Dial-Up or VPN connections." This creates 1 Connection Request Policy and 1 Network Policy, in the policy i set authtorized to windows
group domain admins
But then I have an issue with NAP DHCP...
When i have a non-domain joined external client, where i have enabled NAP client in services.msc and DHCP Enforcement in local policy i can setup a VPN connection but from the DHCP server i get an IP addres from the subnet/scope and domain suffix domain.com,
so this is working OK. But when i disconnnect the VPN client and disable and stopthe firewall and connect the VPN again its not getting restricted running ipconfig /all shows its not restricted and also Netsh nap client show state > shows its not restricted
BUT it SHOULD be restricted as the firewall is off.
What could be wrong?Hi,
After discussed with so many people, I think this will not work.
First we need know how DHCP enforcement works.
1. The DHCP client sends a DHCP request message to the DHCP server.
If the DHCP client has an SoH, the DHCP request message includes it. The SoH contains information about the health of the client. The DHCP server passes the SoH to
the NPS server. The NPS server communicates with the policy server to determine whether the SoH is valid.
2. If the SoH is valid, the DHCP server assigns the DHCP client a complete IP address configuration. The DHCP client has unlimited access to the network, as defined
by policy.
3. If the SoH is not valid, the DHCP server limits the access of the DHCP client to the restricted network and assigns it a limited access subnet mask and static
routes, as defined by policy.
But VPN clients get IPs in a different way. It uses the IP Control Protocol (IPCP) as part of the Point-to-Point Protocol (PPP) connection setup. Everything is done
in VPN tunnel.
Hope this helps. -
HT1349 I for get security question help my too rest , send to my mail :
I send email for serves and send to my by email ling I tray eat not help my to rest my security question .
No we to send security question to my email or what I down I tray from many days
The serves send that and it,s not help : read it
Hello,
The following information for your Apple ID *********** was updated on 02/03/2013:
Phone number(s)
If these changes were made in error, or if you believe an unauthorized person accessed your account, please reset your account password immediately by going to iforgot.apple.com.
To review and update your security settings, sign in to appleid.apple.com.
This is an automated message. Please do not reply to this email. If you need additional help, visit Apple Support.
Thanks,
Apple Customer Support
Tel my what I do I need my program and my many in my account and wan I need to seal program he asking security question , what I do
I for get security question help my too rest , send to my mail : ***********
<E-mail Edited by Host>Do not post your email adress here.
Open your browser and go to iforgot.apple.com and follow the instructions there. -
No dhcp for airport with parallels
hi,
i have a macbook and installed parallels yesterday. since i rebooted the mac, my airport can not get an address from dhcp. it only has a self assigned ip address. when i first ran paralles i chose bridged network. but now it makes no difference which network option i choose in parallels. there is no ip from dhcp for airport anymore. the ethernet card still works fine. but i`m afraid that once i use it with parallels the same thing will happen to it. anyone got an idea what to do about that?
greetz,
mikeHi, Mike / James Hetfield.
I don't mean to send you somewhere else, but this is a question you need to address with Parallels Support. I presume you've reviewed the Parallels User Guide concerning DHCP.
You might also want to search the AirPort & AirPort Express Discussions in case it has been addressed there, where AirPort-related questions are answered.
Good luck!
Dr. Smoke
Author: Troubleshooting Mac® OS X -
If I have 2 core Layer 3 switches that are in an HSRP config, each of the active router vlans are setup already as the root bridge for those particular vlans, who should I designate as the root bridge for VLAN 1 ?
Root bridge and the active router in hsrp are not really related.
Root bridge selection is only used to control which paths are blocked if any. The actual path of the traffic does not have to pass via the root bridge. It will always take the most direct path between the machines.
It is much more important to see where the blocked link is if you have any.
As a example you have a distribution switch connected to your 2 core switches and the 2 core switches connected to each other. You design you spanning tree to block the link between the 2 core switches by setting the cost very high. In this case any machine on the distribution switch can directly access either core switch. Since only the core switch that is the active HSRP router for a vlan will advertise the common mac address the distribution switch will only see the mac address on one of the two links. Either core switch can be set as the root but the traffic will alway directly flow to the active HSRP device.
Of course you don't want to block the line between the switches because the HSRP keepalive message will be layer 2 routed via the distribution switch. In a very simple design it is common to have the root bridge be the HSRP active device just because its easier to configure but the concepts are not really related. Root bridge placement is more related to traffic volumes than anything else it just tends to be true that the switch has the gateway is also the highest volume of traffic
Maybe you are looking for
-
Is it possible to add multiple charts in a single visualization?
Hi All, I would like to know whether we can display multiple charts (line, column, etc) inside a single 'Visualize' screen. I am using: SAP Lumira Version: 1.15.1 Build: 879 This will help in situations where we need to compare 'month on month' value
-
Spotlight problem after Tiger to Leopard Upgrade
Since I upgraded my Macbook Pro 15" from Tiger to Leopard, Spotlight never worked. Initially I didn't mind too much but now I want to get it work. I tried all suggestions I found in this forum (see list below) to no avail. It seems Mac OS cannot inde
-
Since my music takes up a lot of space, I've moved my entire iTunes Library to an external hard drive. If I subscribe to iTunes Match, can I upload the music from my external hd or does it need to actually be in my iTunes Library?
-
How to select multiple chek in checkbox in alv
how to select multiple chek in checkbox in alv
-
Shortly after starting up my Macbook this morning Time Machine failed to backup on my Western Digital 320GB My Passport saying that I did not have permission and that it was read only. This was a surprise to me because last night it backed up just fi