DHCP VLAN and Catalyst 4500
I am working on a Catalyst 4510(R) with a Supervirsor Engine: WS-X4516, IOS version 12.2(18)EW2. According to the Cisco Doc: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/easyip2.pdf The DHCP Server is not supported on my Switch. But I am able to configure the database parameters. Where can I verify the real answer?
It is helpful to use tools like the Feature Navigator and to read release notes for the particular version of the code being used and to read other documentation on the Cisco site. But I believe that if you really want to verify the real answer what you should do is to configure the DHCP parameters and connect a PC that is configured to use DHCP. If it gets an address then the documentation and Feature Navigator need to be updated. If the PC does not get an address then it looks like the documentation was correct.
I believe that ultimately there is nothing better to help understand what works than getting gear into the field and see what it really does for various features.
HTH
Rick
Similar Messages
-
LMS 3.2 and Catalyst 4500 WS-X4648-RJ45-E module card
Hi all,
I have a rpoblem with a specific client with LMS 3.2. We are using LMS 3.2 on Windows 2008 and everything seem to be working OK. The issue is in the CiscoView with the 4500 switches. CiscoView can see the supervisors on all 4500 switches (6); but cannot see the switchcards when the switchcards are WS-X4648-RJ45-E. Find the sh inv output below:
CSR-D1#sh inventory
NAME: "Switch System", DESCR: "Cisco Systems, Inc. WS-C4507R-E 7 slot switch "
PID: WS-C4507R-E , VID: V01, SN: FOX1152GKR1
NAME: "Clock Module", DESCR: "Clock Module"
PID: WS-X4K-CLOCK-E , VID: V01, SN: JAE120354DD
NAME: "Linecard(slot 1)", DESCR: "10/100/1000BaseT (RJ45) with 48 10/100/1000 baseT "
PID: WS-X4648-RJ45-E , VID: V01, SN: JAE14410NLT
NAME: "Linecard(slot 2)", DESCR: "6 Dual media SFP or 10/100/1000BaseT (RJ45)V voice power ports (Cisco/IEEE)"
PID: WS-X4506-GB-T , VID: V05, SN: JAE120351NC
NAME: "Linecard(slot 3)", DESCR: "Supervisor 6-E 10GE (X2), 1000BaseX (SFP) with 2 10GE X2 ports"
PID: WS-X45-SUP6-E , VID: V01, SN: JAE120576HG
NAME: "TenGigabitEthernet3/1", DESCR: "10Gbase-LRM"
PID: FTLX1341E2-C1 , VID: A , SN: FNS1352175M
NAME: "TwinGig Converter 3/2", DESCR: "TwinGig Converter Module"
PID: 800-27645-01 , VID: A0 , SN: CAT1147H2WK
NAME: "Linecard(slot 4)", DESCR: "Supervisor 6-E 10GE (X2), 1000BaseX (SFP) with 2 10GE X2 ports"
PID: WS-X45-SUP6-E , VID: V07, SN: JAE14080NL2
NAME: "TwinGig Converter 4/2", DESCR: "TwinGig Converter Module"
PID: 800-27645-01 , VID: A0 , SN: CAT1147H2BV
NAME: "Linecard(slot 7)", DESCR: "10/100/1000BaseT (RJ45) with 48 10/100/1000 baseT "
PID: WS-X4648-RJ45-E , VID: V01, SN: JAE14420A2F
I have updated the s/w to 12.2(53) SG1 with no luck.
Any ideas?Hi Nicos,
I have exactly the same issue with LMS 3.2 CiscoView under Windows 2003 and catalyst switch 4506-E.
4506-E are in IOS 12.2(53)SG2.
I installed latest 4500IOS V 19.0 ciscoview device package without success.
Did you fix your problem ? -
Video conferencing, voice, VLAN and Catalyst 2950, 3500 and 6500 switches
We have a Cat6500 with MSFC in the COre/Distribution, mix of 2950 and 3524XL in the closets in the HQ. Every closet will be on one VLAN. There are 5 remote sites on a Frame with 768 CIR. There will be one Polycom VC station in the HQ per closet, one Polycom per remote site. Additionally, every PC everywhere will be using desktop NetMeeting for VC. CallManager and IP Phones will be everywhere. My questions are:
1. should I put the Polycom on the same VLAN as the PC's with COS set to 4 at layer 2 and IP Precedence set to 4 at layer3? IP Phones are already on a seperate voice VLAN .
2. Should I put Polycom on it's own VLAN and seperate from the PC VLANs? If I do it this way should I set COS and IP precedence for the PC's with NetMeeting?
3. any sample config. for the Catalyst switches?
Thanks!
ChrisChris,
Check out this IP telephony design guide. Hope it is of some help to you:
http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/network/ -
Nexus 5548 and Define static route to forward traffic to Catalyst 4500
Dear Experts,
Need your technical assistance for the Static routing in between Nexus 5548 and Catalyst 4500.
Further I connected both Nexus 5548 with Catalyst 4500 as individual trunk ports because there is HSRP on Catalyst 4500. So I just took 1 port from each nexus 5548, make it trunk with the Core Switch (Also make trunk from each Switch each port). Change the speed on Nexus to 1000 because other side on Catalyst 4500 line card is 1G RJ45.
*Here is the Config on Nexus 5548 to make port a Trunk:*
N5548-A/ N5548-B
Interface Ethernet1/3
Switchport mode trunk
Speed 1000
Added the static route on both nexus for Core HSRP IP: *ip route 0.0.0.0/0 10.10.150.39 (Virtual HSRP IP )*
But I could not able to ping from N5548 Console to core Switch IP of HSRP? Is there any further configuration to enable routing or ping?
Pleas suggestHello,
Please see attached config for both Nexus 5548. I dont have Catalyst 4500 but below is simple config what I applied:
Both Catalyst 4500
interface gig 3/48
switchport mode trunk
switchport trunk encap dot1q
On Nexus 5548 Port 1/3 is trunk
Thanks,
Jehan -
We have a 1000v switch uplinked to nexus 5K and Catalyst 4500 switches. I can see all the VEMs(ESX servers) connected to the nexus 5K uplink switch and everything seems working fine. However, I am not able to see the VEMs uplinked to Cisco Catalyst 4500 switch. The "show Module" command shows all VEMs connected to the nexus 5K uplink switches but not the Catalyst 4500 switches.The log file on the 1000V shows the following:
7 09:36:21 NX-1K-100 %VMS-5-DVS_HOSTMEMBER_INFO: A host with name=[IP ADD. OF ESX SERVER] and uuid=[34393232-3035-3255-5839-3430303
03537] is added to the dvs. The host is not found as a module in the VSM configuration.
If anyone have run into similar situation, plpease let me know how you handled it.
ThanksHi bharga,
I did all the checking....
1) all important VLANS including the control vlan are not blocked (No STP issue)
2) The Nexus 5K and the 4500 switch are in layer layer 2 ( They are not directly connected but are in layer two domain or no hop between them)
3) the ESX Server hosting the VSM is connected to the Nexus 5K
Here is some of the show commands that i run on the 4500 switch that is connects the ESX server to the rest ofd the network:-
Catalyst-4500#sh spanning-tree interface gigabitEthernet 1/38
Vlan Role Sts Cost Prio.Nbr Type
VLAN0073 Desg FWD 4 128.38 P2p Edge
VLAN0074 Desg FWD 4 128.38 P2p Edge
VLAN0151 Desg FWD 4 128.38 P2p Edge
VLAN0152 Desg FWD 4 128.38 P2p Edge
VLAN0153 Desg FWD 4 128.38 P2p Edge
VLAN0165 Desg FWD 4 128.38 P2p Edge
Catalyst-4500#sh mac address-table interface gigabitEthernet 1/38
Multicast Entries
vlan mac address type ports
-------+---------------+-------+--------------------------------------------
73 ffff.ffff.ffff system Gi1/32,Gi1/38,Gi1/42,Gi1/45
74 ffff.ffff.ffff system Gi1/38,Gi1/41,Gi1/45
151 ffff.ffff.ffff system Gi1/3,Gi1/5,Gi1/6,Gi1/7,Gi1/9,Gi1/10,Gi1/11
Gi1/12,Gi1/14,Gi1/16,Gi1/17,Gi1/18,Gi1/19
Gi1/21,Gi1/22,Gi1/23,Gi1/25,Gi1/26,Gi1/27
I still don't see the VEM connected to port 1/38 of this switch on my nexus 1000v switch. The configuration file show exactly how many VEMs I have as shown below:
Nexus-1000v# sh running-config
host vmware id 34373030-3635-3255-5830-303630344
vem 4
host vmware id 34373030-3635-3255-5830-313130313
vem 5
host vmware id 34373030-3635-3255-5830-303630344
vem 6
host vmware id 34393232-3035-3255-5839-3134303537
vem 7
host vmware id 34373030-3635-3255-5830-313130313
vem 8
host vmware id 33393138-3335-5553-4539-31314e3438
vem 9
host vmware id 34393232-3035-3255-5839-3339303646
vem 10
host vmware id 34393232-3035-3255-5839-3430303035
vem 11
host vmware id 34393232-3035-3255-5839-3339303646
But the show module command on the nexus 1000v shows only those VEMs coonected to the Nexus 5K switches and not those connected to the Catalyst 4500 switches.
the uplink por-profile confguration on the Nexus 1000 V :
vmware port-group
switchport mode trunk
switchport trunk native vlan 74
switchport trunk allowed vlan 73-74,151-153,165,180,811,813,815,817-822,824,826-831
channel-group auto mode on sub-group cdp
no shutdown
system vlan 74,180,811,819-821
state enabled
the corresponding interface on the 4500 switch :
interface GigabitEthernet1/38
switchport trunk encapsulation dot1q
switchport trunk native vlan 74
switchport trunk allowed vlan 73,74,151-153,165,180,811,813,815,817-822,824
switchport trunk allowed vlan add 826-831
switchport mode trunk
mtu 9000
spanning-tree portfast trunk
I really appreciate in finiding out why I can't see the VEM (ESX Servers) connected to the 4500 switches.
Thanks -
Hello, everybody!
I have a proyect to implement the feature VSS, with two catalyst 4500-X, it will be the layer Core/Distribution.
So, I want integrate in the catalyst 4500X, Inter vlan routing (SVI) and vtp domain, in the layer access, we´ll have SW 3750-X with PoE.
Is possible configure SVI in my catalyst 4500-X. to separate traffic across VLANs. and the routing will be in the 4500X too. ???
My customer does not have sufficient space to mount the serie 4500E in the Rack, so he prefer the 4500-X.
Help me!
Thanks!
RegardsHi,
Is possible configure SVI in my catalyst 4500-X. to separate traffic across VLANs. and the routing will be in the 4500X too. ???
Yes, there is no different between a VSS pair and non-VSS when it comes to SVI and inter-vlan routing. It works the same way as if the 4500-X ware separate.
HTH -
Catalyst 4500 Ethernet and fibre channel passthru
dear sir,
anyone have any idea / documentation showing that the belows device 1.) & 2.) can support Ethernet and fibre channel passthru ? thanks.
1.) WS-X4424-GB-RJ4 (Catalyst 4500 24-port 10/100/1000 Module (RJ45)
2.) WS-X4306-GB (Catalyst 4500 Gigabit Ethernet Module, 6-Ports (GBIC)You're welcome. Check below for the module info. And there is description about support of fibre channel passthru.
http://www.cisco.com/en/US/products/hw/switches/ps4324/products_data_sheet0900aecd802109ea.html
You can also seach Cisco web for more info.
Hope this helps. -
I am trying to configure my Aironet 1121G acess points with several vlans, got the vlans all working fine with wired devices, but the wirless devices don't get DHCP.
Basically, I have the BVI on my managment vlan and two other vlans that pass through, trying to have the public WiFi on 1 vlan and two corporate vlans with seperate wifi. can't get IPs on any of them though.
Vlnas are routed by a catlayst 3550 with helper addresses configured on all the vlan interfaces.
DHCP comes from 2 windows server 2003 boxes on a further vlan
any Ideas?Vinod,
Here is the AP config, I'm confused, so any help would be useful, got to get a wireless course under my belt.
Cheers,
Peter
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname IT_AP1121G_01
no logging console
enable secret
ip subnet-zero
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 vlan-name Corporate vlan 3
dot11 vlan-name Default vlan 1
dot11 vlan-name Managment vlan 2
dot11 ssid stosWIFI
vlan 1
authentication open
guest-mode
mbssid guest-mode
infrastructure-ssid optional
mobility network-id 1
dot11 ssid stoswaldsWIFI
vlan 3
authentication open eap eap_methods
mobility network-id 3
username admin privilege 15 secret 5 $1$.dBF$jstGCUjGPaD6OQ/JVmZEY1
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
shutdown
encryption key 1 size 128bit 7 0D1A262E215F252C7E5A2D6A6498 transmit-key
encryption mode wep mandatory
encryption vlan 1 key 1 size 128bit 7 DA303E012047F6068707FC131B4A transmit-key
encryption vlan 1 mode wep mandatory
encryption vlan 3 mode wep mandatory
ssid stosWIFI
ssid stoswaldsWIFI
mbssid
speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
channel 2412
station-role root
world-mode dot11d country GB both
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
interface Dot11Radio0.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
bridge-group 254 spanning-disabled
interface FastEthernet0.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
no bridge-group 3 source-learning
bridge-group 3
interface FastEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.2.33 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
logging trap notifications
logging
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
control-plane
bridge 1 route ip
line con 0
password
line vty 0 4
password
line vty 5 15
end -
Can I use DHCP snooping and IOS DHCP server on the same switch stack
Hello,
I am shortly going to be deploying a Cisco CallManager solution for a customer whose network comprises stacks of Catalyst 3850 switches.
There is no separate core/server farm switch so the CallManager servers, voice gateways and IP phones will all plug into the same stack and be in the same VLAN (not my choice!).
For security we want to enable DHCP snooping and were planning on using the IOS DHCP server on the Catalyst switch stack.
Will this work? - when I enable DHCP snooping in networks with separate access layer switches I set the uplinks to the core as trusted links.
I am not sure whether DHCP snooping will work in this case. Do I need to set the VLAN interface on the switch as trusted, is this even possible?
Unfortunately I do not have access to a layer 3 switch to test this at the moment.
ThanksNope. That's the issue.
They'll sync on a third device acting as a hotspot, but the device sending a signal is not "on" the network it creates so the airport is all by itself on that network. At least that is what it looks like to me. Anyone have another take on it? Seems pretty silly that an iPad can put out a wifi signal, an Airport Express can receive a wifi signal, and yet there is no simple way to get them to communicate under this particular condition. -
Trunking on Nexus 5000 to Catalyst 4500
I have 2 devices on the each end of a Point to Point. One side has a Nexus 5000 the other end a Catalyst 4500. We want a trunk port on both sides to allow a single VLAN for the moment. I have not worked with Nexus before. Could someone look at the configurations of the Ports and let me know if it looks ok?
nexus 5000
interface Ethernet1/17
description
switchport mode trunk
switchport trunk allowed vlan 141
spanning-tree guard root
spanning-tree bpdufilter enable
speed 1000
Catalyst 4500
interface GigabitEthernet3/39
description
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 141
switchport mode trunk
speed 1000
spanning-tree bpdufilter enable
spanning-tree guard rootThanks guys, we found the issue. The Catalyst is on my side and the Nexus is on the side of the hosting center. The hosting center moved his connection to a different Nexus 5000 and the connection came right up. We dropped the spanning-tree guard root.
It was working on the previous nexus when we set the native vlan for 141. So we thought it was the point to point dropping the tags.
The hosting center engineer this it might have to do with the VPC Peer-Link loop prevention on the previous Nexus.
Anyway it is working the way we need it to. -
C2950 IOS for DHCP Snooping and DAI
hi all,
anyone knows what image i would need for my 2950 to enable DHCP snooping and DAI features (just for lab purpose)?
or are these features just available on the bigger modular switches (4500 and 6500)?
>sh ver
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8a, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 28-Jul-06 15:16 by weiliu
Image text-base: 0x80010000, data-base: 0x8056A000
Switch(config)#ip dhcp snooping ?
information DHCP Snooping information
vlan DHCP Snooping vlan
<cr>
Switch(config)#ip arp ?
% Unrecognized commandHi Alain,
Thanks for this info! I've read you're CCNA Security.
Just curious, are you gonna write your CCNP Security soon?
Could you recommend a good lab switch for SECURE?
Sent from Cisco Technical Support iPad App -
i have redundant 4507 and 4503 connected by 2 gigabit in the main bulding and 4 other bukding contains 4503 , i want to make vlans "around 8 vlans" for my campus. how can i start making this vlans and which protocol i use.
and how can i use vtp in this design.
all catalyst connected to the main 4507 and 4503 by fiber optic.Hi
Assuming that you want your links from your other switches to be Layer 2.
1) You need to make the links between your other switches and your two core switches trunk links.
2) You need to make the 4507 & the 4503 switches vtp servers. You will need to setup a vtp domain name (and optionally a password)
3) Make your other switches are setup as vtp clients using the same vtp domain name. To be absolutely sure you don't mess up the network firstly put your other switches back into VTP transparent mode. Then make them vtp clients.
4) Create your vlans on one of the vtp server switches. You should then see these get propogated to the other switches.
5) Set spanning-tree root for the vlans to be one of your core 4500 switches and spanning-tree secondary to be the other switch.
6) Create Layer 3 SVI's on the 4507 & 4503 and run HSRP between them. ie. if you have created a vlan 10 and the subnet range is 192.168.1.0/24 your SVI config would look like:
4507 switch
interface vlan 10
ip address 192.168.1.2
standby 10 ip 192.168.1.1
standby 10 prio 110
standby 10 auth "add a string here"
standby 10 preempt
4503 switch
interface vlan 10
ip address 192.168.1.3
standby 10 ip 192.168.1.1
standby 10 prio 100
standby 10 auth "add a string here"
Do this for all the vlans. Do a no shut on the interfaces.
6) If all your layer 3 interfaces are on the 4507 & 4503 then you don't need to run a dynamic routing protocol. If you do want to run one i suggest EIGRP as it is easy to configure and fast to converge but as i say you don't really need one in your setup.
I have attached a link to the 4500 config guide for IOS. Your IOS may differ but most of it is pretty much the same.
HTH
Jon -
DHCP on Cisco Catalyst 2950 Switch
Hello
I need to configure my cisco catalyst 2950 series switch in order to act as DHCP server for devices connected to its ports.
Please say me, how to do that ?
Thank you
NarekPlease find the sample DHCP configuration for one of the VLANs.
Interface Vlan1
description Cisco DHCP
ip address 10.10.2.1 255.255.255.0
ip dhcp pool cisco
network 10.10.2.0 255.255.255.0
default-router 10.10.2.1
domain-name mydomain.com
dns-server 10.10.2.10
netbios-name-server 10.10.2.15
lease 7
A 24 hour lease is the default if left out and the netbios-name-server is WINS in the Windows world.
If you want to use DHCP server for other VLANs as well create similar DHCP pools and assign the DG to the corresponding VLAN interface IP.
HTH, rate if it does
Narayan -
Microsoft NLB and Cisco 4500 VSS
Hi,
I have a pair of Cisco 4507 switches in VSS mode. An server (10.4.1.166) using Microsoft NLB MAC address (03bf.0a04.01a6) is connected to VSS Node 1 on port Gi1/6/43. The following is configured on the switch.
arp 10.4.1.166 03bf.0a04.01a6 ARPA
mac address-table static 03bf.0a04.01a6 vlan 31 interface Gi1/6/43
The second command appears differently in running-config but looks good in mac-address-table:
# show running-config | inc mac address
mac address-table static 03bf.0a04.01a6 vlan 31 interface Gi6/43
# show mac address static | inc 01a6
31 03bf.0a04.01a6 static Gi1/6/43
Now, from a PC I can ping the VIP address 10.4.1.166 when connected to VSS Node 1 or any other switch connecting to VSS Node1. If the PC attachment is to VSS Node 2 directly or indirectly, then the ping times out. Doing the same for all the rest of servers not using Microsoft NLB but connected to Node 1 only, is successful from anywhere.
Why is the traffic not traversing the the VSL link i.e. PC -> VSS Node 2 -> VSL -> VSS Node1 -> Server.
Thanks,
Rick.Thanks Reza, Please find the output of the commands below. The VSS switch looks to be good and working for all other services.
#show switch virtualExecuting the command on VSS member switch role = VSS Active, id = 1Switch mode : Virtual SwitchVirtual switch domain number : 1Local switch number : 1Local switch operational role: Virtual Switch ActivePeer switch number : 2Peer switch operational role : Virtual Switch StandbyExecuting the command on VSS member switch role = VSS Standby, id = 2Switch mode : Virtual SwitchVirtual switch domain number : 1Local switch number : 2Local switch operational role: Virtual Switch StandbyPeer switch number : 1Peer switch operational role : Virtual Switch Active# show switch virtual redundancyExecuting the command on VSS member switch role = VSS Active, id = 1 My Switch Id = 1 Peer Switch Id = 2 Last switchover reason = none Configured Redundancy Mode = Stateful Switchover Operating Redundancy Mode = Stateful SwitchoverSwitch 1 Slot 3 Processor Information :----------------------------------------------- Current Software state = ACTIVE Image Version = Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 15.1(2)SG, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2012 by Cisco Systems, Inc.Compiled Wed 05-Dec-12 04:38 by prod_rel_team BOOT = bootflash:cat4500e-universalk9.SPA.03.04.00.SG.151-2.SG.bin,1; Configuration register = 0x102 Fabric State = ACTIVE Control Plane State = ACTIVESwitch 2 Slot 3 Processor Information :----------------------------------------------- Current Software state = STANDBY HOT (switchover target) Image Version = Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 15.1(2)SG, RELEASE SOFTWARE (fc3)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2012 by Cisco Systems, Inc.Compiled Wed 05-Dec-12 04:38 by pro BOOT = bootflash:cat4500e-universalk9.SPA.03.04.00.SG.151-2.SG.bin,1; Configuration register = 0x102 Fabric State = ACTIVE Control Plane State = STANDBYExecuting the command on VSS member switch role = VSS Standby, id = 2show virtual switch redundancy is not supported on the standbySKR_4507_01#show switch virtual link port-channelExecuting the command on VSS member switch role = VSS Active, id = 1Flags: D - down P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use N - not in use, no aggregation f - failed to allocate aggregator M - not in use, no aggregation due to minimum links not met m - not in use, port not aggregated due to minimum links not met u - unsuitable for bundling d - default port w - waiting to be aggregatedGroup Port-channel Protocol Ports------+-------------+-----------+-------------------15 Po15(SU) - Te1/3/1(P) Te1/4/1(P)16 Po16(SU) - Te2/3/1(P) Te2/4/1(P)Executing the command on VSS member switch role = VSS Standby, id = 2Flags: D - down P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use N - not in use, no aggregation f - failed to allocate aggregator M - not in use, no aggregation due to minimum links not met m - not in use, port not aggregated due to minimum links not met u - unsuitable for bundling d - default port w - waiting to be aggregatedGroup Port-channel Protocol Ports------+-------------+-----------+-------------------15 Po15(SU) - Te1/3/1(P) Te1/4/1(P)16 Po16(SU) - Te2/3/1(P) Te2/4/1(P)#show run int gi1/6/43interface GigabitEthernet1/6/43 switchport access vlan 31 switchport mode access spanning-tree portfast spanning-tree guard root
Regards,
Rick. -
We have a VSS based on 2x WS-C4500X-16., The VSS is used as Layer 2 Switch for diffrents Vlan in our DC.
After making the VSS as a Layer 3 gateway for our production VLAN and added 2 routes for routing purposes, we encountered a network down time with high CPU in the VSS and a huges log messages :
.May 14 12:11:25.947: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.7.22 Vlan100
.May 14 12:11:34.516: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.7.22 Vlan100
.May 14 12:11:40.072: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.1.1.254 Vlan100
.May 14 12:11:49.682: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.253 Vlan100
.May 14 12:11:55.079: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.1.1.254 Vlan100
.May 14 12:12:00.926: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.7.40 Vlan100
.May 14 12:12:06.701: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.8.32 Vlan100
.May 14 12:12:12.624: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.7.40 Vlan100
.May 14 12:12:21.627: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.7.40 Vlan100
.May 14 12:12:32.261: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.8.32 Vlan100
.May 14 12:12:41.801: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.2.105 Vlan100
.May 14 12:12:49.633: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.253 Vlan100
.May 14 12:12:54.831: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.1.1.254 Vlan100
.May 14 12:12:59.960: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.1.1.254 Vlan100
.May 14 12:13:08.745: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.253 Vlan100
.May 14 12:13:16.138: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.253 Vlan100
.May 14 12:13:22.393: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.253 Vlan100
.May 14 12:13:31.415: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.141 Vlan100
.May 14 12:13:38.944: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.2.215 Vlan100
.May 14 12:13:45.972: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.253 Vlan100
Bellow are the show version of our VSS,
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 05-Dec-12 04:38 by prod_rel_team
ROM: 15.0(1r)SG10
S_C4500X_01 uptime is 33 weeks, 1 day, 14 minutes
Uptime for this control processor is 33 weeks, 1 day, 16 minutes
System returned to ROM by power-on
System restarted at 11:59:10 UTC Tue Sep 24 2013
Running default software
Jawa Revision 2, Winter Revision 0x0.0x40
Last reload reason: power-on
License Information for 'WS-C4500X-16'
License Level: ipbase Type: Permanent
Next reboot license Level: ipbase
cisco WS-C4500X-16 (MPC8572) processor (revision 9) with 4194304K/20480K bytes of memory.
Processor board ID JAE173303CF
MPC8572 CPU at 1.5GHz, Cisco Catalyst 4500X
Last reset from PowerUp
4 Virtual Ethernet interfaces
32 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.
Configuration register is 0x2101
Can you help please,Hi,
thanks for your reply, but there is no hsrp configured, just an interface vlan. with 2 static routes and the problem was there for more than an hour before we decided to rollback.
Is there a BugId with this problem in Cisco DataBase.
here is a show ip route
S_C4500X_01# show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 10.2.1.253 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 10.2.1.253
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/8 is directly connected, Vlan100
L 10.1.1.250/32 is directly connected, Vlan100
172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.31.0.0/16 is directly connected, Vlan120
L 172.31.0.1/32 is directly connected, Vlan120
S 192.1.0.0/16 [1/0] via 10.1.1.254
and the show ip cef:
_C4500X_01# show ip cef
.May 14 12:13:57.859: %ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.2.1.158 Vlan100 f
Prefix Next Hop Interface
0.0.0.0/0 10.2.1.253 Vlan100
0.0.0.0/8 drop
0.0.0.0/32 receive
10.0.0.0/8 attached Vlan100
10.0.0.0/32 receive Vlan100
10.1.1.6/32 attached Vlan100
10.1.1.17/32 attached Vlan100
10.1.1.40/32 attached Vlan100
10.1.1.41/32 attached Vlan100
10.1.1.50/32 attached Vlan100
10.1.1.60/32 attached Vlan100
10.1.1.99/32 attached Vlan100
10.1.1.121/32 attached Vlan100
10.1.1.122/32 attached Vlan100
10.1.1.124/32 attached Vlan100
10.1.1.125/32 attached Vlan100
10.1.1.126/32 attached Vlan100
10.1.1.225/32 attached Vlan100
10.1.1.227/32 attached Vlan100
10.1.1.250/32 receive Vlan100
10.1.1.254/32 10.1.1.254 Vlan100
10.2.1.3/32 attached Vlan100
10.2.1.4/32 attached Vlan100
10.2.1.6/32 attached Vlan100
10.2.1.8/32 attached Vlan100
10.2.1.9/32 attached Vlan100
10.2.1.18/32 attached Vlan100
10.2.1.23/32 attached Vlan100
10.2.1.24/32 attached Vlan100
Prefix Next Hop Interface
10.2.1.26/32 attached Vlan100
10.2.1.28/32 attached Vlan100
10.2.1.29/32 attached Vlan100
10.2.1.31/32 attached Vlan100
10.2.1.103/32 attached Vlan100
10.2.1.108/32 attached Vlan100
10.2.1.109/32 attached Vlan100
10.2.1.124/32 attached Vlan100
10.2.1.129/32 attached Vlan100
10.2.1.137/32 attached Vlan100
10.2.1.139/32 attached Vlan100
10.2.1.143/32 attached Vlan100
10.2.1.144/32 attached Vlan100
10.2.1.159/32 attached Vlan100
10.2.1.167/32 attached Vlan100
10.2.1.174/32 attached Vlan100
10.2.1.175/32 attached Vlan100
10.2.1.176/32 attached Vlan100
10.2.1.181/32 attached Vlan100
10.2.4.38/32 attached Vlan100
10.2.4.39/32 attached Vlan100
10.2.4.43/32 attached Vlan100
10.2.4.47/32 attached Vlan100
10.2.4.51/32 attached Vlan100
10.2.4.63/32 attached Vlan100
10.2.4.65/32 attached Vlan100
10.2.4.69/32 attached Vlan100
10.2.4.71/32 attached Vlan100
10.2.4.73/32 attached Vlan100
10.2.4.102/32 attached Vlan100
10.2.4.106/32 attached Vlan100
10.2.4.107/32 attached Vlan100
10.2.4.113/32 attached Vlan100
10.2.4.116/32 attached Vlan100
10.2.4.119/32 attached Vlan100
10.2.4.120/32 attached Vlan100
10.2.4.122/32 attached Vlan100
10.2.4.141/32 attached Vlan100
10.2.4.148/32 attached Vlan100
10.2.6.7/32 attached Vlan100
Prefix Next Hop Interface
10.2.6.16/32 attached Vlan100
10.2.6.31/32 attached Vlan100
10.2.7.14/32 attached Vlan100
10.2.7.22/32 attached Vlan100
10.2.7.24/32 attached Vlan100
10.2.7.34/32 attached Vlan100
10.2.7.37/32 attached Vlan100
10.2.7.41/32 attached Vlan100
10.2.7.48/32 attached Vlan100
10.2.8.18/32 attached Vlan100
10.2.8.32/32 attached Vlan100
10.2.8.59/32 attached Vlan100
10.2.8.70/32 attached Vlan100
10.2.8.85/32 attached Vlan100
10.2.8.88/32 attached Vlan100
10.2.8.104/32 attached Vlan100
10.2.8.135/32 attached Vlan100
10.2.99.10/32 attached Vlan100
10.2.99.54/32 attached Vlan100
10.255.255.255/32 receive Vlan100
127.0.0.0/8 drop
172.31.0.0/16 attached Vlan120
172.31.0.0/32 receive Vlan120
172.31.0.1/32 receive Vlan120
172.31.0.5/32 attached Vlan120
172.31.0.29/32 attached Vlan120
172.31.255.255/32 receive Vlan120
192.1.0.0/16 10.1.1.254 Vlan100
224.0.0.0/4 drop
224.0.0.0/24 receive
Prefix Next Hop Interface
240.0.0.0/4 drop
and show ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.1.1.1 0 aa00.0400.c286 ARPA Vlan100
Internet 10.1.1.6 0 0050.5689.24b8 ARPA Vlan100
Internet 10.1.1.10 0 0050.5694.7d20 ARPA Vlan100
Internet 10.1.1.11 0 0050.5694.7d20 ARPA Vlan100
Internet 10.1.1.12 0 0050.5694.6ae7 ARPA Vlan100
Internet 10.1.1.13 0 0050.5694.6ae7 ARPA Vlan100
Internet 10.1.1.14 0 0050.568a.6321 ARPA Vlan100
Internet 10.1.1.16 0 0050.5694.0ab5 ARPA Vlan100
Internet 10.1.1.17 0 0050.5694.493d ARPA Vlan100
Internet 10.1.1.40 0 0013.19b0.9c40 ARPA Vlan100
Internet 10.1.1.41 0 1c17.d35a.c840 ARPA Vlan100
Internet 10.1.1.50 0 0002.b9b4.a5c0 ARPA Vlan100
Internet 10.1.1.60 0 000a.410f.e500 ARPA Vlan100
Internet 10.1.1.71 - 0008.e3ff.fc28 ARPA Vlan100
Internet 10.1.1.96 0 e02f.6d12.4df3 ARPA Vlan100
Internet 10.1.1.98 0 0050.5696.6d86 ARPA Vlan100
Internet 10.1.1.99 0 0050.5696.6d88 ARPA Vlan100
Internet 10.1.1.121 0 e02f.6d12.4dea ARPA Vlan100
Internet 10.1.1.122 0 e02f.6d12.4e61 ARPA Vlan100
Internet 10.1.1.123 0 e02f.6d5b.c10e ARPA Vlan100
Internet 10.1.1.124 0 e02f.6d17.c869 ARPA Vlan100
Internet 10.1.1.125 0 e02f.6d5b.c217 ARPA Vlan100
Internet 10.1.1.126 0 e02f.6d17.c8ec ARPA Vlan100
Internet 10.1.1.127 0 e02f.6d17.c876 ARPA Vlan100
Internet 10.1.1.128 0 e02f.6d5b.bef3 ARPA Vlan100
Internet 10.1.1.202 0 0000.85b7.9031 ARPA Vlan100
Internet 10.1.1.222 0 000f.f84d.2ca9 ARPA Vlan100
Internet 10.1.1.225 0 000f.f84d.3963 ARPA Vlan100
Internet 10.1.1.227 0 00c0.ee26.9367 ARPA Vlan100
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.1.1.250 - 0008.e3ff.fc28 ARPA Vlan100
Internet 10.1.1.254 0 0000.0c07.ac07 ARPA Vlan100
Internet 10.2.1.2 0 0011.4333.bcda ARPA Vlan100
Internet 10.2.1.3 0 0050.5689.5d38 ARPA Vlan100
Internet 10.2.1.4 0 0050.5689.0404 ARPA Vlan100
Internet 10.2.1.6 0 0050.5689.6d3b ARPA Vlan100
Internet 10.2.1.7 0 1cc1.def4.6940 ARPA Vlan100
Internet 10.2.1.8 0 0050.5689.330e ARPA Vlan100
Internet 10.2.1.9 0 0012.793a.3ccc ARPA Vlan100
Internet 10.2.1.10 0 0012.7990.e5d3 ARPA Vlan100
Internet 10.2.1.13 0 0050.568a.6dcf ARPA Vlan100
Internet 10.2.1.15 0 0050.568a.60ff ARPA Vlan100
Internet 10.2.1.18 0 0050.5689.091b ARPA Vlan100
Internet 10.2.1.20 0 0050.5689.451c ARPA Vlan100
Internet 10.2.1.21 0 0050.568a.0cf4 ARPA Vlan100
Internet 10.2.1.22 0 0050.5689.6c59 ARPA Vlan100
Internet 10.2.1.23 0 0050.5696.6d9e ARPA Vlan100
Internet 10.2.1.24 0 0050.5689.76c4 ARPA Vlan100
Internet 10.2.1.26 0 0050.5689.2f4e ARPA Vlan100
Internet 10.2.1.27 0 0050.5689.0632 ARPA Vlan100
Internet 10.2.1.28 0 0050.5689.1ce9 ARPA Vlan100
Internet 10.2.1.29 0 0050.5689.6aaa ARPA Vlan100
Internet 10.2.1.31 0 0050.5689.0d1a ARPA Vlan100
Internet 10.2.1.37 0 0050.5696.6d81 ARPA Vlan100
Internet 10.2.1.103 0 d4be.d9be.8eef ARPA Vlan100
Internet 10.2.1.106 0 14fe.b5e1.c595 ARPA Vlan100
Internet 10.2.1.107 0 0023.ae7d.a966 ARPA Vlan100
Internet 10.2.1.108 0 d4be.d9c8.6770 ARPA Vlan100
Internet 10.2.1.109 0 14fe.b5e9.c5b5 ARPA Vlan100
Internet 10.2.1.110 0 14fe.b5ea.5f9d ARPA Vlan100
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.2.1.111 0 001e.c959.d4f0 ARPA Vlan100
Internet 10.2.1.114 0 b8ac.6f48.4538 ARPA Vlan100
Internet 10.2.1.115 0 14fe.b5e1.ed89 ARPA Vlan100
Internet 10.2.1.116 0 7845.c409.1959 ARPA Vlan100
Thanks
Lotfi
Maybe you are looking for
-
Cells merge issue when extracting webi report in excel format
Hi Experts, We have some WEBI reports in BO XI 3.1. The reports have header where we are showing report name and some values which user selects in prompt. Now the issue is that when we save our webi report in excel format, many cells get merge. I hav
-
How can i display my iviews in anonymous page
hi experts, I have created some iviews and I have created a role for all these i views and assigned this role to anonymous user group. when i access the anonymous page,i get the info"contents not exsits or not enabled",well how can i display my ivie
-
How to configure Security services in OSB 11g..
We are integration OSB with BANK application, we will be using SSL certificate for the same. Please help how to configure security policy in OSB. I checked below link policy defination http://tim.blackamber.org.uk/?p=825 but in OSB proxy service we a
-
HFM Performance and Number of JV Line Items
How much of consolidation time and SmartView response time is tied to number of JV line items? For example, one year we had 1,200 total JVs with 164,000 line items. If we could cut this by 25% or so, would there be great benefit in performance? Thank
-
CUA user login is taking so much in child system
Hi Gurus, we have configured the CUA In solution manager, we have configured compleletly, but when i create a user in solman, and adding the user in respective systems Tab in SU01 , and i am trying to login with the user it's not allowing immediatly