How to search/Scan Vlan of cisco switch ports

Similar Messages

• How to search/scan the sourcecode of Function Module

  Hi,
  How to search / scan the Source code of Function module for any function modules used in it.
  Scenario :
      There is a Function module called ztestfm. In the source code of ztestfm, if it is using other fucntion module
      ( Ex : CONVERSION_EXIT_ALPHA_INPUT).
  Like scan-abap ....  is there any logic to find in the source code of Funciton module for a statement
  Scan-abap  , CODE_SCANNER is not working in this case
  Thanks

  I am able to pass data to the selection screen
     DATA : gv_string TYPE tuchk3-object.
                gv_string = 'CALL FUNCTION'.
    SUBMIT rpr_abap_source_scan USING SELECTION-SCREEN 1000
           WITH repname = zget_fm
           WITH sstring = gv_string
           WITH plusminu = '0'.
  I can see the result.
  Could you please let me know , how to get that spool file, so that i can loop it for that result
  function modules.

• Find IP address/machine connected to a cisco switch port

  hello,
  I need to know which IP/device is connecetd to a cisco Switch port.
  I can get the mac-address of that switch port using sh mac-add command, but with the mac address how can i find that which ip belongs to this mac.
  is there way i can do this, i know i can do the other way meaning with IP i can find to which port its connected ,but dont know how to find this MAC to IP with switch without the need for additional tools

  Hey Anantha ,
  Hop u r doing good,
  If u dont know ip address of devices present on specific vlan and wanted to track end device ip address please try
  follow this below
  steps 1:ping it to brodcast ip address of subnet
  for ex
  R1--SW1--SW2--(H1
                               --H2
  R1..1.1.1.1/24
  H1..1.1.1.2/24
  H2.1.1.1.3/24
  So u r brodacast ip is 1.1.1.255
  ping  1.1.1.255
  Sending 1000, 100-byte ICMP Echos to 1.1.1.255, timeout is 2 seconds:
  Reply to request 8 from 1.1.1.2, 28 ms
  Reply to request 9 from 1.1.1.3, 64 ms
  u will get reply from all host present on that segment and ur arp table will get flood with ip and respective mac on
  your L3 device...(R1 in this example)
  Step2: then u can use command
  sh ip arp ..to see ip and respective mac associate with it
  R1#sh ip arp
  Protocol  Address          Age (min)  Hardware Addr   Type   Interface
  Internet  1.1.1.1                 -   c000.2498.0000  ARPA   Vlan2
  Internet  1.1.1.2                 0   c003.2498.0000  ARPA   Vlan2
  Step3: see the mac learned from specific port
  R1#sh mac address c003.2498.0000
  Destination Address  Address Type  VLAN  Destination Port
  c003.2498.0000          Dynamic       2     FastEthernet1/1
  Step4:If  u have all cisco devices then u can use CDP
  to check wht device connect to ur interface
  R1#sh cdp ne fa1/1 detail
  Device ID: SW1.lab.local
  Follow this way, hop u will trace devices present on ur network
  Hop this informative,
  Regards,
  Ashish shirkar

• How to set up VLANs for Cisco SG500 - 28 switch

  Hi,
  First of all, this is my first post in here, I hope someone can help me, and please be patient since I am very little experienced.
  OK, so let me explain you the scenarion that I am facing and hopefully someone will be able to help me.
  We have a Cisco SG500 - 28 port gigabit switch in our workplace.
  Our goal, is to create 3 VLANs and seperate the networks between different departements.
  VLAN1 (which is the default VLAN in the switch) - will be used for IT department and the management.
  VLAN100 - will be used for business .
  VLAN200 - will be used for guests who need to connect to the internet through WiFi.
  I have created VLAN100 and VLAN200, and VLAN1 is there by default.
  I want to use port 13 for VLAN200 and to connect the Wifi access-point there.
  The uplink is in port 25.
  I would be glad if you could explain me the stuff first in a abstract more general level, and then we can look at the specific scenario that we have.
  The Cisco SG500 - 28 gets internet from a Sophos UTM 9 router.
  I will need to take care of inter-VLAN routing as well, and subnet, and DHCP
  Thanks in advance,
  Kindest regards,
  D

  Hello Desmond,
  You have two different options:
  Option 1:
  Configure Sg500 switch as a Layer 2 switch and let the Sophos firewall do all the Layer 3 routing along with internet access. If you choose this option, then, you need to configure your uplink port as a trunk port and allow all 3 vlans to pass through. Also, you need to make sure that the Sophos device supports VLANs and trunking (or at least sub interfaces and create sub interfaces for each vlan). Also, all LAN devices will have the respective sub-interface/VLAN interface IP on the Sophos as their default gateway.
  Option 2:
  Configure SG500 switch as a Layer 3 device and configure intervlan routing to manage internal network traffic locally and send just the internet traffic to Sophos device.
  You need to create Layer 3 interfaces for VLAN1, VLAN100, and VLAN200 on SG500 and then make those Layer 3 interfaces default gateway for respective VLAN.
  You can configure the uplink port as an access port in one of the VLANs.
  Make sure that the Sophos device has an IP on the same subnet as the VLAN you chose for the uplink port.
  You also need to enter static routes on the Sophos device for the remaining two subnets on the SG500 (next hop address pointing to the IP address of the VLAN that the uplink port belongs to).
  Also, on the SG500, you need to configure a default route, next hop address pointing to the Sophos interface IP address.
  Hope this helps.
  Nagaraja

• Creating a private/isolated vlan on Cisco switch

  Hello
  I have many Cisco switches 65xx, 37xx at my company with a lot of vlans already configured.  I need to create a new isolation vlan that will not be able to communicate with my other existing vlans.  We are setting up a NAC solution at my company and we want a vlan that we can send ports to if the computer or device is compromised and cannot talk or risk the existing network (other vlans).  What is the best method to make this happen?
  I have created VLANs in the past but this is my first dealing with private/isolated vlans and would be grateful for any guidance on how I should implement this.

  So are you saying I should just create a new L2 vlan and not configure the vlan interface (which is at L3) for this new vlan so I cannot communicate with any of my existing vlans therefore isolating the new vlan?
  Yes, without an SVI clients in that vlan cannot communicate with anything outside that vlan.
  The only thing that wasn't clear was whether these clients should still be able to access the internet even though they couldn't talk to any other internal vlans. If they did need the internet, or any other remote network, then you would need an SVI but it sounds as though you don't want any external communication for these clients ?
  Jon

• Configuring VLANs on Cisco switches - help on basics please!

  Hi people.
  I'm buying Cisco switches to my home lab to practice VLAN and have some doubts, would someone kindly help me?
  I'm thinking of buying two 300 series switches for the servers (VMware boxes), configure two separate VLANs for VMs and two other VLANs for desktop computers, in order to simulate a small office with a datacenter and two floors (one VLAN for each floor).
  I presume that the connection between each floor switch and the 300 series core switch will be via trunk mode on both, not access port mode, is that correct?
  Another question: for the desktop switches, the ports that are going to connect to the desktops (which runs windows with non-vlan tagging aware nic), will be configured with the correct VLAN, and the operating system will just communicate normally as if there was no VLAN tag on the frames?
  Since I need inter-vlan routing only on the core switch (the 300 series), for the desktops switches I can purchase some 200 series, right?
  And the last question: presuming that I configure a third VLAN and add a third floor switch, but this time a 100 series switch that is not VLAN capable, so connecting this switch to the 300 switch, will it work, or not?
  Thank you!

  Hi! Thanks for the rapid answers!
  I have a couple more based on the same questions:
  I presume that the connection between each floor switch and the 300 series core switch will be via trunk mode on both, not access port mode, is that correct? - Yes, trunk links are required to carry multiple vlans.
  So, I could also use multiple links with LAG/LACP carrying all vlans between switches?
  And the last question: presuming that I configure a third VLAN and add a third floor switch, but this time a 100 series switch that is not VLAN capable, so connecting this switch to the 300 switch, will it work, or not? - Yes, bit make sure that link between these two switches should be an access link, i.e must carry only third vlan.
  So, If I understand correctly, if having one vlan per floor in an office building, for economical reasons you could deploy simple non-managed and non-vlan capable switches, and in the data center, a core switch with the vlans configured for each floor?
  And viewing from a technical perspective, what would be the advantages of deploying in each floor a vlan capable switch configured with the correct vlan?
  And which method mentioned above is more common deployed for endpoint floor switches?
  Thanks!

• Two VLANs on one switch port?

  Currently we have the following
  Cat 4003 with VLAN trunking turned on to multiple switches. Each port in those exterior switches is assigned to a vlan(we have about 60 different vlans).
  What I would like to do is on those exterior switches have two vlans assigned to it.
  We'd like to create a single IP Phone VLAN(let's call it 999) that can span our entire enterprise and would have dhcp deployed on it.
  Each port is connected to an IP phone which has a 2 port switch in them. One port to the wall, one to the pc.
  The switch ports on those phones support vlan tagging
  How would setup an exterior switch to access 2 vlans that connect to 2 port switch on an IP phone?

  To facilitate ease of deployment, use VTP so that you can centrally create the vlans and propagate to each exterior switch. Now I believe you already do have a layer 3 engine or router that does routing between all these vlans. What switches are used on teh exterior ? This is to find out if voice vlan support is available.
  In cat switches, voice vlan is created using command,
  set port auxiliaryvlan vlan
  In IOS based switches,
  int fa0/1
  switchport mode trunk
  switchport trunk encap dot1q
  switchport trunk native vlan
  switchport voice vlan
  switchport priority cos extend 0
  or
  int fa0/1
  switchport mode access
  switchport access vlan
  switchport voice vlan
  I am not sure about support of voice/aux vlan in 4003. We will have check your other switch models/ software versions to determine support for this command.

• How to route two vlans on two switches that are connected only on one router?

  Suppose that any of the trunk links fails or if you want, suppose that there is no link between SW1 (G0/1) and SW2 (G0/1). How can you make computers in Vlan 10 to see computers in Vlan 20 and viceversa?. I tried creating a bridge group on the router for G0/0.10-G1/0.10 and another for G0/0.20-G1/0.20. Then define interface BVI10 and BVI20. Interfaces came up but you can not configure dot1q on them and switches can not see them. Anyways with one interface on the bridge group going down the BVI interface goes down as well so that's not an option. Router should be 10.10.10.1 and 20.20.20.1 and each computer have that as gateway respectively.

  Jody thanks very much!
  Indeed the encapsulation was done in the sub-interfaces, as posted in the OP you can not [encap dot1q X] on the BVI interface. Even though, the switches didn't established the trunk with the BVI. Anyways using bridge groups is not an acceptable solution because with the failure of any interface of the trunk links in the router, the BVI interface goes down as well.
  You said "if I want to handle it at layer 2" How will you do it at layer 3? I though something like HSRP or VRRP but that doesn't apply since it is only one router. Remember, the router must be able to route between vlan10 and vlan20 for computers on both switches in case of one of the trunk link failure.
  This is for learning purposes so I started with Packet Tracer but PT doesn't support bridge groups. Then I tried GNS3. I will try with the router in GNS3 with a switch module but I'm not clear. that will be like having a 3rd switch, right?  What I mean is that I will not be using routed interfaces between the router and the switches, right?

• Native VLAN on Cisco Switches

  I have a question regarding the default native  vlan, I have a cisco based environment and I set vlan XXX on a native on  trunk links, I also running Multiple Spanning Tree on my switches &  create instances for vlan segregation.
  My question is here could I put vlan 1 (default) in any of instance or not?
  Thanks & Regards,

  With MST, it is not running per VLAN spanning tree, it sends all BPDUs via instance 0 which is called the CIST. These frames are sent untagged via the native VLAN. Normally this is VLAN 1 but if you change it to another VLAN then the BPDUs are sent untagged on that native VLAN.
  Regarding if to use instance 0 or not, it is often recommended to create as many instances as you need to create the desired topology (usually two) and put your VLANs in those instances. It's a good pratice to map all your VLANs straight away because changing the instance to VLAN mapping makes the MST region become multi region until they all have the same instance to VLAN mapping.
  I would keep all VLANs out of instance 0 but it's definitely possible to have VLANs mapped in instance 0 as well.
  Daniel Dib
  CCIE #37149
  Please rate helpful posts.

• How to increase scan rate of NI Switch SCXI 1130

  Hi,
  I have NI PCI 4070 DMM used with NI SCXI 1130 sitch module. I have connected 10 thermocouples to 1130 module. I am scanning the channels and reading the values in the program using niSwitch and niDMM VIs. I am using software trigger in the program. I have configured Software Trigger in niDMM configur trigger and niDMM configure Multipoint. I get the correct values when i scan using chi->com0, where i goes from 0 to 9. But the problem is that the rate of scanning is very slow.
  There is niSwitch Configure scan Rate.vi, here i have given scan delay as 0 second.
  It takes one second for one channel when i run the program. why is this , is this because i used software trigger for each channel scan? how to improve the scan rate. ?

  Sorry for the confusion, I started writing a post and got interrupted and came back to it too late.  You can disregard the last post and here is my final answer:
  I would actually recommend that you use synchronous scanning if you want to maximize the speed of your scan, rather than using software triggers.  If you use synchronous scanning, the DMM will generate a digital pulse (Measurement Complete) each time it completes a measurement, allowing the switch to advance to the next entry in the scan list the instant the DMM has completed its measurement.  The DMM will then take the next meausurement after a specified harware-timed interval.  This will be much more efficient than sending software triggers back and forth to time the scanning.  To set up your application using synchronous scanning, follow these steps:
  Open the LabVIEW shipping example "niSwitch DMM Switch Synchronous Scanning.vi", found in the NI Example Finder in the folder Hardware Input and Output » Modular Instruments » NI-SWITCH (Switches).
  Physically connect the Measurement Complete output trigger from the DMM to the trigger input of the switch.  How you will do this depends on what type of chassis you are using (PXI/SCXI combo chassis or separate chassis) and what switch terminal block you're using.  If you need assistance with this please provide more details about your hardware setup and I'd be happy to help out.  The following resource may be helpful here: KnowledgeBase 3V07KP2W: Switch/DMM Hardware Configurations.
  Select valid values for all other front panel controls and run the VI.
  I hope this is helpful.  Please let me know if I have misunderstood your application, or if you would like me to go into more detail on any specific part of the solution provided above. 

• How to enable IP SLA on cisco switch

  Hi guys,
  I am trying to enable IP SLA on a Cisco 4948 switch (running 'cat4500-ipbasek9-mz.122-46.SG.bin') to test CiscoWorks IPM using this swtich as a source device. But I can't run the command "ip sla monitor" on this switch. It just has "ip sla responder". Does anyone can help me, please? Is it possible to configura IP SLA on this source switch? Or can I do it only on routers?
  Thanks,
  Regards.
  Flaviano.

  IPSLA is supported in Cisco 800, 1700,1800, 2600,2800, 3500, 3750, 3600,3700, 3800, 4500, 6500, 7200, 7500, 7600, 10000, and 12000, ASR-1K Series Routers. Future support includes CRS-1, ONS ML Card, and Cisco 7970 IP phones in 2005.
  IPSLA-VO (Video Operation) is supported on Cisco Catalyst 3560-X, 3750, 3750-E, 3750-X, 3650, and 3650-E Series switches & EtherSwitch Service Modules (SM-ES3G-16-P) which emulates a 3560 switch within the ISR's.  You can use the EtherSwitch Serv Mod in the ISR's as well and use IPSLA-VO.
  The 2900/3900 ISR's will support IPSLA-VO natively late this year.

• How to set scan rate with NI Switch scan voltages

  Hi
  I have SCXI 1130 switch and NI 4070 DMM . I have connected 3 voltage channels on the SCXI .
  When I read just one channel at one time, I get correct voltage reading. here I gave scan input as ch0->com0.
  Later , i placed a For loop in the block diagram and programmatically wired the scan channel input,
  for the switch and read the voltage output from the DMM, i do not get the correct outputs.
  That is , for my 3 channels, i gave For loop iteration count as 3 and ,'i ' is taken and appended for ch i ->com0. the DMM measurement is not proper. But if I highlight execution in the block diagram ( if i put the bulb and the probe), i can see the correct output voltages coming out. The moment, i turn off the execute high light, the program gives incorrect output. So  do I have to give a scan dealy or what time has to be set to get correct values. I am using software trigger in the bloack diagram.

  Hi Hema,
  CJC is an acronym for Cold-Junction Compensation, and this value adjusts for the change in voltage caused by the thermocouple wire to copper wire junction. 
  For example, a J-type thermocouple will have thermocouple wire consisting of iron and constantan metals.  When these iron and constantan metals meet the copper at the switch connection, a difference in voltage results.  This difference in voltage is the "cold-junction".  The difference in voltage resulting from the iron and constantan connection in the thermocouple is the "hot-junction".  When you measure temperature using a thermocouple, what you desire is the "hot-junction" change in voltage.  Unfortunately, the DMM is going to measure the sum of both the "cold" and "hot" junctions, and a CJC measurement is needed so we can adjust the measurement to remove the undesired offset.
  Once Cold-Junction Compensation is performed, converting from voltage to temperature is fairly simple.  Each thermocouple type has its own temperature to voltage conversion equation and associated coefficients.  Here's a great resource for the equations, coefficients, and specific voltage to temperature tables:
  NIST ITS-90 Thermocouple Database
  http://srdata.nist.gov/its90/main/
  Hope this helps!
  Chad Erickson
  Switch Product Support Engineer
  NI - USA

• Option 82 on Cisco switches.

  Hi!
  I have a question about how does option 82 work on cisco switches.
  From one source, i read that Cisco switches always insert option 82 in every dhcp request by default.
  From another source, i read that Cisco switches will insert option 82 information only if dhcp relay configured.
  Which statement is correct?
  Thanks!

  Paul, thanks for reply!
  Also, nice explanation from Peter Paluch here:
  https://supportforums.cisco.com/discussion/11703441/dhcp-snooping-not-working-dropping-packets
  But i still have a problem with it.
  I have tested insertion of option 82 in following configuration:
  One 2960S switch, and two notebooks connected to it in vlan 1:
  DHCP snooping and option 82 insertion are  enabled:
  DHCP snooping is configured on following VLANs:
  1
  DHCP snooping is operational on following VLANs:
  1
  PC1 is configured for DHCP. PC2 is used for wireshark to sniff traffic.
  As i understand, if dhcp snooping is not enabled, PC2 will receive dhcp request from PC1 without option 82.
  If dhcp snooping is enabled , PC2 will receive  DHCP request from PC WITH option 82.
  However, in second case i dont see option 82 in wireshark.
  But why?

• How to get info over snmp on cisco switch whether native vlan on a port is tagged or not?

  Hi!
  I want to know which oid(s) should I query to know whether native vlan on trunk port on cisco switch is tagged or not?
  I am querying the oid .1.3.6.1.4.1.9.9.46.1.6.3.0 (vlanTrunkPortsDot1qTag) on cisco 3560 (E Series) and I am getting global value. Also, this OID is showing as deprecated. So I query .1.3.6.1.4.1.9.9.246.1.6 (cltcDot1qAllTagged) and its subtree, but no value is returned.
  Switch Version is
  Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(50)SE2

  Keep in mind that DHCP is a broadcast packet to start. So the AP can only listen in the subnet that it has an IP address for.
  Now, for any other subnet you can use the AP for DHCP but you have to have an IP helper address on your L3 pointing back to the AP.
  That being said, I wouldn't use the DHCP server on the AP as it is limited. You'd be better off using a Microsoft server or some other device that is designed for DHCP.
  HTH,
  Steve

• How to disable inter-VLAN ping response from L3 switch

  Correction - This was originally posted for my SG300, but it's actually one of my SGE/2010
  I am experiencing an odd behavior from my SG300.  When pinging an IP that is in another VLAN (which requires L3 routing), my switch responds if an IP does not exist on the network.  For example, let's say I am on subnet A (192.168.0.0) and I want to ping an IP on subnet B (192.168.1.0).  If the IP does not exist on subnet B, the SG300 will respond that 'Destination host unreachable'.
  You may ask, so what's the big deal?  And for the most part I agree, however, there are some circumstances where certain searches on the network falsely identify this as a device residing at that IP.  One example is Spiceworks and another is Symantec Endpoint Protection Manager.  In both instances, the software is looking for devices to add to inventory and when it receives this 'Destination host unreachable' message from the SG300, it believes something is on that IP.
  This problem does not occur if the search is on the same subnet, but only appears when it crosses over to another subnet and routing is involved.
  My question is, how do I tell the SG300 to NOT respond with "Destination host unreachable" when an IP does not exist in another VLAN on the switch?
  Thanks in advance!

  The PC10 in vlan 10 can not ping the gateway (10.64.16.1) of vlan 20. It can only ping its own gateway 10.64.8.1
  Both hosts are running Windows 7 professional with firewall turned off.
  The same for the PC20 in vlan 20. It can only ping its own gateway (10.64.16.1) but not vlan10's gateway (10.64.8.1)
  In fact, just for testing purposes.
  I temporarily assign g0/1/2 (which was on vlan20) to vlan10 now. Changed the host (PC20) IP to 10.64.8.3.
  After this change, the 2 hosts can ping each other (in the same vlan 10)....that's expected. So, the OSes and firewalls issues on the hosts are not the issue. They can ping each other when they are in the same vlan.
  However, now that they are in the same vlan, they still can't ping out to G0/0 192.168.0.162.
  So, the problem is how to ping from the layer 2 EHWIC to the built-in G0/0 and G0/1 router ports?