Etherchannel between 2960 switches

Hello All,
I configured etherchannel between two 2960 switches.
Both the switches have SVI with subnet 192.168.2.3 and 192.168.2.4
I have another vlan3 on one of the switch.
so when i created etherchannel between two Gig ports and allowed both the vlans,it gave me an error messg,
Nov 3 12:41:07.332 KSA: %EC-5-CANNOT_BUNDLE2: Gi1/0/19 is not compatible with Gi1/0/20 and will be suspended (vlan mask is different)
Nov 3 12:41:07.339 KSA: %EC-5-CANNOT_BUNDLE2: Gi1/0/19 is not compatible with Po1 and will be suspended (vlan mask is different)
Nov 3 12:41:07.339 KSA: %EC-5-CANNOT_BUNDLE2: Gi1/0/19 is not compatible with Po1 and will be suspended (vlan mask is different)
Nov 3 12:41:07.339 KSA: %EC-5-CANNOT_BUNDLE2: Gi1/0/20 is not compatible with Po1 and will be suspended (vlan m
May i know why....
Thanks

Hello Mudasir
This will be a problem of allowed vlan mismatch. All the interfaces which are going to add in the etherchannel must have same allowed vlan on both sides.
You can check for the allowed vlan on all the interfaces as well as on Port-channel.
You can see the below forum having the same problem:
https://supportforums.cisco.com/discussion/9757346/etherchannel-prob
Regards,
Mukesh Kumar
Network Engineer
Spooster IT Services

Similar Messages

Etherchannel between stack switches[3750] and standalone switch[3560]

Hi,
I have 2*3750 switches in stack as core and 1*3560 switch in access layer. I want to enable ether channel between stack switch[3750A & 3750B] and 3560 switches.
Have connected 2 links from 3560 switch to stack switch, one link to 3750A and other link to 3750B. Will it work in this way as per my requirement?
or i should enabled stacking on 3560 switch too and configure cross-stack ether channel between 3750 stack and 3560 stack. i refered few cisco documents, but the cross stack etherchannel configuration example has 3750 at both end stacks.
Rgds...
VikramS

Hi,
This should work fine as per you set up, the 3750 stack will be acting as one switch, which means that the ether-channel configuration should be straight forward. There is no need to stack the 3560 for this to work, also the 3560 are not stackable.
Hope this helps.

EtherChannel between 6006 (catos) and Catalyst 2960 HELP

Hi All,
I want to create an etherchannel between 6006 (catos) and Catalyst 2960 to have failover and load balace.
My ports on 6006 (catos) 6/37,6/47 and on 2960 giga 0/1 and giga 0/2.
I have checked on 6006 it supports channel.
Please help to configure this.
Thanks,
AS

AS
Use this doc as a guide and if you have further questions please come back -
http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_example09186a0080094953.shtml#specialconsid
Jon

Connecting 2 3750 Switches in Stack with 2 2960 switches in full Mesh

Hi Friends,
I have attached a pics which DC design of one of our customer , as network engineer i have design this , so i am responsible for implementing it, now request you all to kindly guide me what would be technical problem i have to face in achieving this and how can i over come .Please be in detail. Waiting for your response .
Regards
Amit Kulshrestha

I have attached modified diagram , please suggest.
The major issue I see is that you have not mentioned whether the 2960's are stacked? For the design to work, they need to be stacked because you cannot create port-channels between them and the Core switches unless then 2960's are stacked.
==> You are right , surely 2960 Switch need to be in stack form.
Personally I would look at more powerful switches than the 2960's, something along the lines of the 3750x range or probably now the 3850's.
==> This is constrain of customer, not our responsibility.
The second issue I see is that your servers are connected to the WAN switches. Is there a reason for this? Usually they would be connected to the core switches.
==> For this If 1 separate 2960 series switch can be used ?.
The final point is that you only have single connections from each of your WAN connections which begs the question as to the purpose of having two WAN switches?
==> Customer is having 1900 series of router , only two ports one used for WAN and other used for LAN.
The objective of having two switches is to provide redundancy/resiliency. If you have only one connection from each WAN then why do you need two switches as there is no redundancy?
==> Customer has agreed to have manual change at the time of failure.

Aironet 1142 as supplicant to 2960 switch (NEAT/CISP/MAB)

Hello!
First, my configuration, (then the problem down below):
I have an Aironet 1142 with mulitple SSIDs [mapped to VLANs] connected to Gi1/0/2 on a 2960 switch in a user-accessible area. This switch is uplinked to another 2960 switch in a wiring closet, and the Microsoft NPS server is connected to the wiring closet 2960.
Aironet -- 2960 [user area] --- 2960 [closet] -- NPS RADIUS
I have the user-area 2960 configured as an authenticator switch for dot1x, and port Gi1/0/2 is authenticating the Aironet via MAB to RADIUS. RADIUS is sending VSA device-traffic-class=switch to the 2960. The closet-2960 has no special 802.1x configuration, nor is it an authenticator swtich; it just has a manually-configured trunk port to the user-area 2960 [for now; i'm trying to take this one step at a time!].
The user-area 2960 correctly converts port Gi1/0/1 to a trunk port when the Aironet is authenticated [via MAB]. The Aironet boots up, the port is opened, I can ping the Aironet on the native VLAN, and all is well [so it seems]. The Aironet's dot11Radio is configured for two SSIDs and mapped to VLANs, which are being spanned via STP thru the user-area 2960 and the closet-2960. STP is correct and verified on all switches.
I have DHCP snooping configured on the user-area 2960 but only for VLAN 1 [but NOT the wireless user VLANs], the trunk port to the closet 2960 is a trusted port. Hosts on the wired ports on the user-area 2960 are able to get DHCP IPs. On the Aironet, "show dot11 associations" shows hosts on the SSIDs are getting DHCP addresses. Again, I am *NOT* running dhcp snooping on wireless SSID VLANs [i read elsewhere that can cause problems as users roam between Aironets].
I do have CISP configured on the user-area 2960. I do not have CISP configured on the closet-2960 [best I can tell, that's not required at this stage, but I could be wrong].
Despite the alleged documentation, I could not get the Aironet to use a dot1x credentials profile to authenticate to NPS/RADIUS as an 802.1x supplicant, which is why I resorted to MAB for this exercise. The Aironet simply would not run dot1x [best I could tell]. The documentation and configuration didn't seem complex, so I was quite confused.
I have upgraded the Aironet to the latest 12.4(25d)JA2 software, and the 2960 is at 12.2(55)SE7 [i saw 12.2(58) has some issues, but i'm willing to be persuaded otherwise, based on sound advice].
Ok, now the problem:
Users on the guest wireless SSID (Vlan 20) say they cannot connect. Yep, classic. VLAN 20 is trunked and spanned to all the sufficient places. The Aironet shows users in the associations list for that SSID with IP addresses from the DHCP server! DHCP snooping is not configured on that VLAN.
I read another support forum post saying CISP and MAB could cause problems with "disappearing" ARP entries. I appear to have that problem. However, the user on the Staff wireless (VLAN 10) has full access. Am I running into a problem with "multi-host" authentication config? Via tcpdump on my firewall, I see nothing but broadcast and multicast traffic coming from a host on VLAN 20. What puzzles me is how I do see *SOME* traffic from a VLAN 20 host on this SSID, but no unicast traffic! Argh!
Since you're going to ask, here is my port config for this AP on the 2960 authenticator switch in the user-area, and the AAA config pieces:
#sh run br | in ip dhcp
ip dhcp snooping vlan 1
no ip dhcp snooping information option
ip dhcp snooping database flash:dhcp_snoop.txt
ip dhcp snooping
#sh ip dhcp snoop
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
DHCP snooping is operational on following VLANs:
1
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is disabled
   circuit-id default format: vlan-mod-port
   remote-id: ccd5.3947.7980 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface                  Trusted    Allow option    Rate limit (pps)
GigabitEthernet1/0/46      no         no              15
Custom circuit-ids:
GigabitEthernet1/0/48      yes        yes             unlimited
Custom circuit-ids:
GigabitEthernet1/0/52      yes        yes             unlimited
Custom circuit-ids:
#sh run br | incl aaa auth
aaa authentication login default local group rad_eap
aaa authentication dot1x default group radius
aaa authorization console
aaa authorization exec default local group rad_eap
aaa authorization network default group rad_eap local
#sh run int gi1/0/2
interface GigabitEthernet1/0/2
description Wireless Access Points
switchport mode trunk
switchport nonegotiate
srr-queue bandwidth share 1 30 35 5
srr-queue bandwidth limit 50
priority-queue out
authentication host-mode multi-host
authentication order mab dot1x
authentication port-control auto
authentication violation restrict
mab
mls qos trust cos
macro description CISCO_WIRELESS_AP_EVENT
auto qos trust
spanning-tree portfast
#sh int gi1/0/2 sw
Name: Gi1/0/2
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
#sh auth sess int gi1/0/2
            Interface: GigabitEthernet1/0/2
          MAC Address: acf2.c5f2.8e27
           IP Address: 10.100.32.42
            User-Name: acf2c5f28e27
               Status: Authz Success
               Domain: DATA
       Oper host mode: multi-host
     Oper control dir: both
        Authorized By: Authentication Server
           Vlan Group: N/A
      Session timeout: N/A
         Idle timeout: N/A
    Common Session ID: 0A64200B00000CDA41AFBEDF
      Acct Session ID: 0x00000D00
               Handle: 0xDE000CDA
Runnable methods list:
       Method   State
       mab      Authc Success
       dot1x    Not run
#sh mab int gi1/0/2
MAB details for GigabitEthernet1/0/2
Mac-Auth-Bypass           = Enabled
#sh int trunk
Port        Mode             Encapsulation Status        Native vlan
Gi1/0/1     on               802.1q         trunking      1
Gi1/0/2     on               802.1q         trunking      1
Gi1/0/48    on               802.1q         trunking      1
Gi1/0/52    on               802.1q         trunking      1
Port        Vlans allowed on trunk
Gi1/0/1     1-4094
Gi1/0/2     1-4094
Gi1/0/48    1-2,10,20
Gi1/0/52    1-2,10,20
Port        Vlans allowed and active in management domain
Gi1/0/1     1-2,10,20
Gi1/0/2     1-2,10,20
Gi1/0/48    1-2,10,20
Gi1/0/52    1-2,10,20
Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/1     1-2,10,20
Gi1/0/2     1-2,10,20
Gi1/0/48    2
Gi1/0/52    1-2,10,20
Ok, what am I missing??

The problem lies in the wired Ethernet port on the Aironet. I did not submit that configuration because I thought it was simple and unrelated. Here is what I had:
interface GigabitEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
The correct configuration should have been:
interface GigabitEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
The line "no bridge-group 20 unicast-flooding" should not be applied to the wired port. That's stupid. With that erroneous command, the wired port will forward only broadcast and multicast traffic! Unicast traffic will be dropped. Oops.
However, I do not understand why applying this to the radio interfaces has no effect there. I have yet to find any conclusive detailed answers, either. Regardless, my original problem is fixed.

Sfp interconnect between 2960 and 3560

Hi,
Can anyone tell me if the sfp interconnect cable can be used between 2960-48TC-L and a 3560-48PS-E?
Thanks
Andy

in short, YES.
the 3560-48PS-E has the 4 SFP ports.
the 2960-48TC-L has two 'dual purpose' uplinks which can support SFP or copper.
(you can only use one type at a time; not SFP and copper simultaneously)
please see the following links for more info on those two devices:
2960 -
http://www.cisco.com/en/US/products/ps6406/products_data_sheet0900aecd80322c0c.html
3560 -
http://www.cisco.com/en/US/products/hw/switches/ps5528/products_data_sheet09186a00801f3d7d.html

Configure a different DHCP pool on a 1921 Router for a VLAN 2960 switch

Hello guys,
I have a cisco 1921 router with the LAN interface connected to a Cisco 2960 switch.
My 2960 switch is configured to work in VLANs
What I would like to do is create IP pools for each VLAN in my switch.
This will allow a PC on a VLAN to get an IP in a different subnet as PCs connected in other VLANs
thanks!
Martin

i sent the wrong switch configuration
here is the right one
Current configuration : 6892 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Switch
boot-start-marker
boot-end-marker
enable secret 5 $1$VuOI$5qvm59Nk9BBuIBqYRmAJW.
no aaa new-model
clock timezone UTC -4
switch 1 provision ws-c2960s-48lps-l
authentication mac-move permit
ip subnet-zero
vtp mode transparent
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
vlan internal allocation policy ascending
vlan 2
name Administracion
vlan 3
name Micros
vlan 4
name VoIP
vlan 5
name WiFi-Publico
vlan 6
name Otros
vlan 7
name Libres
interface FastEthernet0
description Management Port
no ip address
interface GigabitEthernet1/0/1
switchport mode trunk
interface GigabitEthernet1/0/2
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/3
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/4
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/5
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/6
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/7
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/8
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/9
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/10
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/11
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/12
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/13
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/14
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/15
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/16
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/17
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/18
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/19
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/20
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/21
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/22
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/23
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/24
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/25
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/26
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/27
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/28
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/29
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/30
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/31
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/32
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/33
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/34
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/35
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/36
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/37
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/38
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/39
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/40
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/41
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/42
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/43
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/44
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/45
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/46
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/47
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/48
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/49
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/50
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/51
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/52
switchport access vlan 7
switchport mode access
interface Vlan1
no ip address
ip http server
ip http secure-server
ip sla enable reaction-alerts
line con 0
line vty 0 4
login
line vty 5 15
login
end

Fast EtherChannel between Catalyst 3750 and 2821 Router

Hi Guys
I'm trying to setup a Fast EtherChannel between a cat3750-smi and a 2821 router that consists of only 2 links.
I am following instructions per TAC, but I'm getting an error along the way;
On the cat3750:
interface port-channel 1
no switchport
Command Rejected: Not a convertable port
Can anyone help???
Also... do the IP Addresses for the EtherChannel need to be the same for both port-channels? Or do I assign the switch like 192.168.1.1 and the router 192.168.1.2 ?
Thanks!
Adam

Hi Adam,
The ip address cannot be same but it should belong to same subnet. So one side 192.168.1.1 and other side 192.168.1.2 will work fine.
Its better to convert your layer 2 port as a layer port fist so what you do the port which you want to be port channel go that that interface and convert with "switchport" command
once it is a layer 3 port configure with channel group and automatically layer 3 port channel will be created and you can sssign an ip address then.
Just give a try and update if it works.
Regards,
Ankur

Etherchannel between WS-C4506-E and stacked WS-C2960S-48LPS-L

Hello,
we are having a "suspend" issue to portchannels with 2960S switches only.
On our core switch we have the following setup:
interface Port-channel68
description EC DELEJ02SAC88
switchport
switchport trunk allowed vlan 6,7,10-12,19-21,30,63
switchport mode trunk
and the two ports are:
interface GigabitEthernet1/3/10
description SAC88
switchport trunk allowed vlan 6,7,10-12,19-21,30,63
switchport mode trunk
logging event link-status
udld port aggressive
channel-group 68 mode active
interface GigabitEthernet2/3/10
description ECM DELEJ02SAC88-D20
switchport trunk allowed vlan 6,7,10-12,19-21,30,63
switchport mode trunk
logging event link-status
udld port aggressive
channel-group 68 mode active
On the other end we have a stacked 2960s with two switches.
Ports are configured as this:
interface Port-channel1
description Uplink Core
switchport trunk allowed vlan 6,7,19,21
switchport mode trunk
and the two stack ports (one of each switch):
interface GigabitEthernet1/0/49
description Uplink Core/Chassis1
switchport trunk allowed vlan 6,7,19,21
switchport mode trunk
udld port aggressive
mls qos trust dscp
channel-group 1 mode active
and
interface GigabitEthernet2/0/49
description Uplink Core/Chassis2
switchport trunk allowed vlan 6,7,19,21
switchport mode trunk
udld port aggressive
mls qos trust dscp
channel-group 1 mode active
Same configuration we do have on our not stacked 2960 and is working fine. But here we have one port in supended state:
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi1/0/49(P) Gi2/0/49(s)
We don't have anything in the logs.
Do anybody came across with this issue or having nay idea how to fix it?
Many thanks in advance
@lex

I met similiar problem on C4500.
Try to remove etherchannel configuration by taking ports to it's defaults and also interface Port-channel68.
Then create port channel interface by first issuing :
interface GigabitEthernet1/3/10
description SAC88
channel-group 68 mode active
interface GigabitEthernet2/3/10
description ECM DELEJ02SAC88-D20
channel-group 68 mode active
Then configure all stuff around switchport under interface Port-channel68.

Difference between core switch types WS-C3750X-12S-S and N3K-C3524P-10G?

Hello All,
I am new to this domain and yet have to look after the setup of our datacenter for a new branch. Could any one of you provide difference between core switch types WS-C3750X-12S-S and N3K-C3524P-10G!
Thanks in advance!!

N3K-C3524P-10G
24 fixed 1/10-Gbps SFP+ ports; upgradeable to 48 with a valid license
Line-rate Layer 2 and Layer 3 throughput of up to 480 Gbps
Compact 1RU form factor
Dual redundant color-coded power supplies
Four redundant color-coded fans

Can not administer Catalyst 2960 switch via console

Hello,
I want to configure my switch via console cable, the switch boots up normally, and there are no configurations present on the switch. However, anything I type does not appear on the terminal client. I used several terminal clients (TeraTerm, PuTTY, HyperTerminal), all latest versions as well as different PCs. I even forced the switch to rommon mode, still, anything I type does not appear on the terminal client.
Here's the output of TeraTerm:
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: e8:40:40:06:f0:80
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash...
flashfs[0]: 542 files, 19 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 11565056
flashfs[0]: Bytes available: 20948992
flashfs[0]: flashfs fsck took 11 seconds.
...done Initializing Flash.
done.
Loading "flash:/c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin"...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File "flash:/c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin" uncompressed and installed, entry point: 0x3000
executing...
              Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Tue 28-Sep-10 13:44 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01400000
Initializing flashfs...
fsck: Disable shadow buffering due to heap fragmentation.
flashfs[1]: 542 files, 19 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 32514048
flashfs[1]: Bytes used: 11565056
flashfs[1]: Bytes available: 20948992
flashfs[1]: flashfs fsck took 2 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
Checking for Bootloader upgrade.. not needed
POST: CPU MIC register Tests : Begin
POST: CPU MIC register Tests : End, Status Passed
POST: PortASIC Memory Tests : Begin
POST: PortASIC Memory Tests : End, Status Passed
POST: CPU MIC interface Loopback Tests : Begin
POST: CPU MIC interface Loopback Tests : End, Status Passed
POST: PortASIC RingLoopback Tests : Begin
POST: PortASIC RingLoopback Tests : End, Status Passed
POST: PortASIC CAM Subsystem Tests : Begin
POST: PortASIC CAM Subsystem Tests : End, Status Passed
POST: PortASIC Port Loopback Tests : Begin
POST: PortASIC Port Loopback Tests : End, Status Passed
Waiting for Port download...Complete
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco WS-C2960-24TT-L (PowerPC405) processor (revision J0) with 65536K bytes of memory.
Processor board ID FOC1510X4ZQ
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.
64K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : E8:40:40:06:F0:80
Motherboard assembly number     : 73-12600-05
Power supply part number        : 341-0097-03
Motherboard serial number       : FOC15094MZG
Power supply serial number      : DCA150583WQ
Model revision number           : J0
Motherboard revision number     : A0
Model number                    : WS-C2960-24TT-L
System serial number            : FOC1510X4ZQ
Top Assembly Part Number        : 800-32797-01
Top Assembly Revision Number    : F0
Version ID                      : V09
CLEI Code Number                : COM3L00BRE
Hardware Board Revision Number : 0x0A
Switch Ports Model              SW Version            SW Image
*    1 26    WS-C2960-24TT-L    12.2(50)SE5           C2960-LANBASEK9-M
Press RETURN to get started!
*Mar 1 00:00:31.381: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar 1 00:00:32.556: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
*Mar 1 00:00:35.802: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to down
*Mar 1 00:00:35.861: %SYS-5-CONFIG_I: Configured from memory by console
*Mar 1 00:00:36.012: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Tue 28-Sep-10 13:44 by prod_rel_team
*Mar 1 00:00:36.037: %SSH-5-ENABLED: SSH 1.99 has been enabled
*Mar 1 00:00:37.060: %LINK-5-CHANGED: Interface FastEthernet0/6, changed state to administratively down
*Mar 1 00:00:37.094: %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to administratively down
*Mar 1 00:00:37.127: %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to administratively down
*Mar 1 00:00:37.161: %LINK-5-CHANGED: Interface FastEthernet0/9, changed state to administratively down
*Mar 1 00:00:37.195: %LINK-5-CHANGED: Interface FastEthernet0/10, changed state to administratively down
*Mar 1 00:00:37.228: %LINK-5-CHANGED: Interface FastEthernet0/11, changed state to administratively down
*Mar 1 00:00:37.262: %LINK-5-CHANGED: Interface FastEthernet0/12, changed state to administratively down
*Mar 1 00:00:37.362: %LINK-5-CHANGED: Interface FastEthernet0/13, changed state to administratively down
*Mar 1 00:00:37.362: %LINK-5-CHANGED: Interface FastEthernet0/14, changed state to administratively down
*Mar 1 00:00:37.362: %LINK-5-CHANGED: Interface FastEthernet0/15, changed state to administratively down
*Mar 1 00:00:37.404: %LINK-5-CHANGED: Interface FastEthernet0/16, changed state to administratively down
*Mar 1 00:00:37.446: %LINK-5-CHANGED: Interface FastEthernet0/17, changed state to administratively down
*Mar 1 00:00:37.488: %LINK-5-CHANGED: Interface FastEthernet0/18, changed state to administratively down
*Mar 1 00:00:37.497: %LINK-5-CHANGED: Interface FastEthernet0/19, changed state to administratively down
*Mar 1 00:00:37.539: %LINK-5-CHANGED: Interface FastEthernet0/20, changed state to administratively down
*Mar 1 00:00:37.572: %LINK-5-CHANGED: Interface FastEthernet0/21, changed state to administratively down
*Mar 1 00:00:37.606: %LINK-5-CHANGED: Interface FastEthernet0/22, changed state to administratively down
*Mar 1 00:00:37.639: %LINK-5-CHANGED: Interface FastEthernet0/23, changed state to administratively down
*Mar 1 00:00:37.673: %LINK-5-CHANGED: Interface FastEthernet0/24, changed state to administratively down
*Mar 1 00:00:37.690: %LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to administratively down
*Mar 1 00:00:37.715: %LINK-5-CHANGED: Interface GigabitEthernet0/2, changed state to administratively down
After the last line, I can not type any command at all. I encountered this on three 2960 switches that we have here in our laboratory. Can anybody help me on how I can get access to the switch via console?
Thanks in advance.

Have You Check your console Cable.
also
If u are using USB to Serial check driver are properly installed.
else
See Helpful Cisco Documentation
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008010ff7a.shtml
Do Rate Helpful Posts

Does ip source guard has any syslog or message??(on 2960 switch)

hi everyone , I got a problem that I need to config a secure feature "IP SOURECE GUARD" on 2960 switch
Everthing is ok
But, when the IP-MAC mismatch
I can't receive any SYSLOG from "show log"
Only from "show ip verify source" to know which interface be denied
L2#show ip verify source
Interface Filter-type Filter-mode IP-address       Mac-address        Vlan
Fa0/2      ip-mac       inactive-no-snooping-vlan
Fa0/3      ip-mac       active       deny-all         permit-all         10
Fa0/4      ip-mac       inactive-no-snooping-vlan
Fa0/5      ip-mac       inactive-no-snooping-vlan
Fa0/6      ip-mac       inactive-no-snooping-vlan
Fa0/7      ip-mac       inactive-no-snooping-vlan
Fa0/8      ip-mac       inactive-no-snooping-vlan
Fa0/9      ip-mac       active       192.168.10.1     permit-all         10
Fa0/10     ip-mac       inactive-no-snooping-vlan
does ip source guard has no Features to create LOG ??
or anyone can tell me what I can do that I can receive some message when the "deny-all" situation be triggered
Regards,
Lin

I have exactly the same question : is it possible to have a syslog message when an Ip source guard event occurs on a switch 2960 ?
Is anyone can help us ?

VLAN between SFE2000P switches

Dear friends,
I've connected two sites with the following configuration:
Site 1:
Stack Linksys SFE2000P - Firmware version 1.0.0.X
Port 1/g3 connected to a FO link to site 2
Oficina 2:
Stack Linksys SFE2000P - Firmware version 3.0.0.X
Port 1/g3 connected to a FO link to site1
I've tried to create a VLAN to communicate only a few ports of both sites:
4/e23 y 4/e24 of site 1
7/e23 y 7/e24 of site 2
To do this, I tried the following:
Port 1/g3 (site1) -> VLAN 50 (tagged) - Trunk
Port 1/g3 (site 2) -> VLAN 50 (tagged) - Trunk
Port 4/e23 y 4/e24 (site1) -> VLAN 50 (untagged)
Port 7/e23 y 7/e24 (site 2) -> VLAN 50 (untagged)
It doesn't work!!!. In the same stack of each site it works without problems. Could you help me??? There is some misconfiguration???
I've stablished other VLANs between Linksys and 3Com Switches, but now it doesn't work at all.
Thanks in advance!

I Did find a same article on this forum. Maybe this would help you. an article coming from GV.
* access mode: an access mode port connects to a normal device like a desktop, printer, or similar. An access mode port can be member of a single VLAN only, i.e. you have to decide to which VLAN it is supposed to belong to. In your case, you configure an access mode port for either VLAN 10 or VLAN 20.
With a single switch things are clear now: some ports are VLAN 10 and some ports are VLAN 20. VLAN 10 can talk to each other. VLAN 20 can talk to each other. No traffic passes between VLAN 10 and VLAN 20.
Of course, now you want to connect this switch to some other network devices, in particular the second SRW because you need additional ports or you have an additional location. And there is the ASA which provides internet access for these VLANs.
* trunk mode: This is where trunk mode comes in. A trunk mode port can carry multiple VLANs on a single port. This is done using 802.1q tags. 802.1q tagged ethernet frames have an additional field for the VLAN to which the frame belongs to. With this, a switch can send frames for VLAN 10 and VLAN 20 through a single port to another switch or router. Each frame sent is tagged with 10 or 20 depending on which VLAN the frame belongs to. The receiver will accept each frame and assign it to the corresponding VLAN on the receiving side. This way the receiving switch or router is able to keep those VLANs strictly separated.
So let's say you want two VLANs 10 & 20 in your network. You would create VLANs 10 & 20 on your ASA and both SRWs. (Create only means that the device knows this VLAN exists and is able to handle traffic for this VLAN). You would configure LAN port 1 of your ASA as trunk with members VLAN 10 & 20. You configure port 1 & 24 of your first SRW in trunk mode with members VLAN 10 & 20. You configure port 1 of your second SRW in trunk mode with members VLAN 10 & 20. Now you wire port 1 of your ASA to port 1 of your first SRW. Then you wire port 24 of your first SRW to port 1 of your second SRW.
This creates the VLAN trunk through your network. Traffic in both VLANs can travel through this trunk between the switches and to the ASA and from there, if properly routed, into the internet.
here is the Link
As the SFE2000P is now part of Cisco Small Business I would recommend you ask your question in the Cisco Small Business Support Community. There are a few Cisco people over there which maybe able to reproduce your problem in a lab environment and check with the developers...

How i can calculate the backplane speed & throughput of cisco 48 1G 2960S switch?

How i can calculate the backplane speed & throughput of cisco 48 1G 2960S switch?

Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Calculate? Calculate for wirespeed/line-rate? If the latter, take all the port bandwidths, and assuming they are duplex, double for necessary fabric bandwidth. I.e. 48 gig ports would need a 96 Gbps fabric. Take all your port bandwidths, and allow 1.448 Mpps per gig (for minimum size Ethernet packets), i.e. 48 gig ports would need 69.5 Mpps. Once you have required fabric bandwidth and PPS, you can compare to vendor's specs.

Can I use straight cable to connect trunk ports between 2 switches?

Hi,
Am I able to use straight instead of cross cable to connect trunk ports between 2 switches??
thanks!

Hi Devang,
When a 10/100 Fast Ethernet interface is enabled, one end of the link must perform media dependent interface (MDI) crossover (MDIX), so that the transmitter on one end of the data link is connected to the receiver on the other end of the data link (a crossover cable is typically used).
The Auto-MDIX feature eliminates the need for crossover cabling by performing an internal crossover when a straight cable is detected during the auto-negotiation phase.
HTH, if yes please rate the post.
Ankur

Etherchannel between 2960 switches

Similar Messages

Maybe you are looking for