MARS switch port up/down rule
There is a rule in MARS which fired when any port in the switch go down and up, every day big number of incidents happening for this rule, but it dose not show me the source IP address it show only the destination IP address.
I need to know which user connect to that port.
And why the ports go up and down.
You would need to look into the switch syslog itself. If the switch syslog messages are not showing you the reason, MARS will not show you the reason. MARS will only show you whatever the switch syslog shows, so if switch syslog does not show you the reason, MARS will not know the reason.
You would need to investigate the switch.
MARS just provides a central repository for all the syslog messages, and if there is something that you need to investigate, you would need to go physically to the switch to troubleshoot as per normal. MARS will not tell you information that the switch does not provide.
Similar Messages
-
Cisco Prime Infrastructure 2.0 Alarms (switch port down)
We have a cisco Prime Infrastructure 2.0 managing switches, routers and AP.
By default, when a port of a switch goes down, the cisco Prime Infrastructre generates a Critical Alarm for that. (this is a problem, because every phone of laptop disconnection will generate a critical alarm for me)
I found out that if we go to Administration --> Alarm Severity --> Link down, I can change the Alarm from Critical to another type of alarm.(ex: warning)
The problem is that I want to keep the Critical Alarm for my Uplinks ports and for some important switch ports, and I would like to make the alarm as warning for the normal user ports.
I know that I can create Port Groupping and add ports to each group and apply monitoring templates on those groups. But This couldn't Help me solving my alarm problem.
So I just need to know how to manage the alarms severity for each group of ports.
Thank youHi,
Same problem here.
I am using Cisco Prime Infrastructure 2.0 (evaluation version for 60 days). I want to deploy port monitoring for my trunk ports between switches and some other important ports e.g. servers. Basically I want to get alarms when these ports are down, there are errors on ports and etc.
So in Design>Port Grouping I created User Defined group with important ports. In Deploy>Monitoring Deployment I selected Interface Health (default)>Deploy selected Port Groups and when selected port group I created.
Now the rule shows Deployed: Yes and Status: Active. After that I just pulled out one port which was in monitored group, waited 5min as it is set in Interface Health (default) template, and nothing happened, and worse, alarms started to show up of other ports where regular users are connected (computers was turned off), which I do not want to see at all. I tried redeploy template, I even created my own template but still no desired result.
Any suggestions how to make port monitoring work? -
Front end and console ports are down for switch WS-C3750X-48PF-S
We have a switch WS-C3750X-48PF-S in the stack and front end and console ports stopped working and are down.
I have tried to replug power cable but this didn't help, please let me know if I could replug stack power for this switch without outage of other switches in the stack, since switches are connected into the ring
Please let me know what might be the possible root cause
#sh switch stack-ports
Switch # Port 1 Port 2
2 Down Ok
3 Ok Ok
4 Ok DownHello,
There is a problem with the stacking connection between switch 4 and 2. Can you try replacing the stacking cable between these switches? -
Layer 2 trunk ports went down due to cisco 4500 core switch !!!
Hi Everyone,
My 2 Layer 2 2960 switchTrunk Ports went down due to cisco 4500 switch. It happening everytime . I rebbot the switch 4500 . then problem disappears but after sometime facing same issue.
Please help.My 2 Layer 2 2960 switchTrunk Ports went down due to cisco 4500 switch. It happening everytime . I rebbot the switch 4500 . then problem disappears but after sometime facing same issue.
Hmmmm ... You won't be able to determine anything if you won't provide any addition information. I mean what do you mean by "went down"? Did the port go into "error disable"?
If it went into error disable, console in both switches and post the output to the command "sh interface status err". -
Query: Best practice SAN switch (network) access control rules?
Dear SAN experts,
Are there generic SAN (MDS) switch access control rules that should always be applied within the SAN environment?
I have a specific interest in network-based access control rules/CLI-commands with respect to traffic flowing through the switch rather than switch management traffic (controls for traffic flowing to the switch).
Presumably one would want to provide SAN switch demarcation between initiators and targets using VSAN, Zoning (and LUN Zoning for fine grained access control and defense in depth with storage device LUN masking), IP ACL, Read-Only Zone (or LUN).
In a LAN environment controlled by a (gateway) firewall, there are (best practice) generic firewall access control rules that should be instantiated regardless of enterprise network IP range, TCP services, topology etc.
For example, the blocking of malformed TCP flags or the blocking of inbound and outbound IP ranges outlined in RFC 3330 (and RFC 1918).
These firewall access control rules can be deployed regardless of the IP range or TCP service traffic used within the enterprise. Of course there are firewall access control rules that should also be implemented as best practice that require specific IP addresses and ports that suit the network in which they are deployed. For example, rate limiting as a DoS preventative, may require knowledge of server IP and port number of the hosted service that is being DoS protected.
So my question is, are there generic best practice SAN switch (network) access control rules that should also be instantiated?
regards,
Will.Hi William,
That's a pretty wide net you're casting there, but i'll do my best to give you some insight in the matter.
Speaking pure fibre channel, your only real way of controlling which nodes can access which other nodes is Zones.
for zones there are a few best practices:
* Default Zone: Don't use it. unless you're running Ficon.
* Single Initiator zones: One host, many storage targets. Don't put 2 initiators in one zone or they'll try logging into each other which at best will give you a performance hit, at worst will bring down your systems.
* Don't mix zoning types: You can zone on wwn, on port, and Cisco NX-OS will give you a plethora of other options, like on device alias or LUN Zoning. Don't use different types of these in one zone.
* Device alias zoning is definately recommended with Enhanced Zoning and Enhanced DA enabled, since it will make replacing hba's a heck of a lot less painful in your fabric.
* LUN zoning is being deprecated, so avoid. You can achieve the same effect on any modern array by doing lun masking.
* Read-Only exists, but again any modern array should be able to make a lun read-only.
* QoS on Zoning: Isn't really an ACL method, more of a congestion control.
VSANs are a way to separate your physical fabric into several logical fabrics. There's one huge distinction here with VLANs, that is that as a rule of thumb, you should put things that you want to talk to each other in the same VSANs. There's no such concept as a broadcast domain the way it exists in Ethernet in FC, so VSANs don't serve as isolation for that. Routing on Fibre Channel (IVR or Inter-VSAN Routing) is possible, but quickly becomes a pain if you use it a lot/structurally. Keep IVR for exceptions, use VSANs for logical units of hosts and storage that belong to each other. A good example would be to put each of 2 remote datacenters in their own VSAN, create a third VSAN for the ports on the array that provide replication between DC and use IVR to make management hosts have inband access to all arrays.
When using IVR, maintain a manual and minimal topology. IVR tends to become very complex very fast and auto topology isn't helping this.
Traditional IP acls (permit this proto to that dest on such a port and deny other combinations) are very rare on management interfaces, since they're usually connected to already separated segments. Same goes for Fibre Channel over IP links (that connect to ethernet interfaces in your storage switch).
They are quite logical to use and work just the same on an MDS as on a traditional Ethernetswitch when you want to use IP over FC (not to be confused with FC over IP). But then you'll logically use your switch as an L2/L3 device.
I'm personally not an IP guy, but here's a quite good guide to setting up IP services in a FC fabric:
http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/4_1/configuration/guides/cli_4_1/ipsvc.html
To protect your san from devices that are 'slow-draining' and can cause congestion, I highly recommend enabling slow-drain policy monitors, as described in this document:
http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/intf.html#wp1743661
That's a very brief summary of the most important access-control-related Best Practices that come to mind. If any of this isn't clear to you or you require more detail, let me know. HTH! -
Why the Fibre uplink ports are down state even after giving no shutdown command at the interface
Hi
My Predecessors brought 2 CISCO 3750 switches and implemented LACP on these core switches. Due to looping in the network the Fibre uplink ports GigabitEthernet1/1/3 and GigabitEthernet2/1/3 are down (I think these uplink ports are mirrored in the LACP concept)
Please see below from the configuration.
I logged into the core switch and went to this particular interface GigabitEthernet1/1/3 and I gave the following command and still the port is in the down state after I gave no shutdown command. Do I need to give the same no shutdown command at interface GigabitEthernet2/1/3 as well ?
Switch-Core1(config) interface GigabitEthernet1/1/3
Switch-Core1(config-if)#no shutdown
Switch-Core1(config-if)#
Please see below After no shutdown command given still these 2 Gigabit fibre uplink ports are down.
GigabitEthernet1/0/20 unassigned YES unset up up
GigabitEthernet1/0/21 unassigned YES unset down down
GigabitEthernet1/0/22 unassigned YES unset down down
GigabitEthernet1/0/23 unassigned YES unset down down
GigabitEthernet1/0/24 unassigned YES unset up up
GigabitEthernet1/1/1 unassigned YES unset up up
GigabitEthernet1/1/2 unassigned YES unset up up
GigabitEthernet1/1/3 unassigned YES unset down down
GigabitEthernet1/1/4 unassigned YES unset up up
Te1/1/1 unassigned YES unset down down
Te1/1/2 unassigned YES unset down down
GigabitEthernet2/0/1 unassigned YES unset up up
GigabitEthernet2/0/2 unassigned YES unset up up
GigabitEthernet2/0/3 unassigned YES unset up up
GigabitEthernet2/0/4 unassigned YES unset down down
GigabitEthernet2/0/5 unassigned YES unset up up
GigabitEthernet2/0/6 unassigned YES unset down down
GigabitEthernet2/0/7 unassigned YES unset down down
GigabitEthernet2/0/8 unassigned YES unset up up
GigabitEthernet2/0/9 unassigned YES unset up up
GigabitEthernet2/0/10 unassigned YES unset down down
GigabitEthernet2/0/11 unassigned YES unset down down
GigabitEthernet2/0/12 unassigned YES unset down down
GigabitEthernet2/0/13 unassigned YES unset down down
GigabitEthernet2/0/14 unassigned YES unset up up
GigabitEthernet2/0/15 unassigned YES unset up up
GigabitEthernet2/0/16 unassigned YES unset up up
GigabitEthernet2/0/17 unassigned YES unset up up
GigabitEthernet2/0/18 unassigned YES unset up up
GigabitEthernet2/0/19 unassigned YES unset down down
GigabitEthernet2/0/20 unassigned YES unset up up
GigabitEthernet2/0/21 unassigned YES unset down down
GigabitEthernet2/0/22 unassigned YES unset up up
GigabitEthernet2/0/23 unassigned YES unset down down
GigabitEthernet2/0/24 unassigned YES unset up up
GigabitEthernet2/1/1 unassigned YES unset up up
GigabitEthernet2/1/2 unassigned YES unset up up
GigabitEthernet2/1/3 unassigned YES unset down down
GigabitEthernet2/1/4 unassigned YES unset up up
Te2/1/1 unassigned YES unset down down
Te2/1/2 unassigned YES unset down down
Port-channel1 unassigned YES unset down down
Port-channel2 unassigned YES unset down down
Please let me know if I am doing something wrong .Please post me some tutorial to sort this.It is possible you are overloading that little 4215. If that is the case you should also be seeing "missed packet percentage" messages in your events.
How much traffic is your 4215 getting? Those sensors will start to drop packets for inspection at about 30 Mb/s.
- Bob -
Can't get switch ports to work
Okay so I have a basic home lab, 2600 router x2 and 2900 XL switch x 2. I've connected each router together (they "see" each other in cdp), and each router to one switch. My problem is that the interfaces that the router connects to the switch won't accept an ip address, (it says unrecognized command) and the switch lights are off). A "show status" says only the trunk port (22 on each switch) are connected. I've checked the cabling, it works, and the cables are out of the box. What am I missing/forgetting?
Sorry if i newb :\ I'm Looking forward to going over static routes xD
Thanks,
Devlin
(I looked throught the documentation, maybe I missed it? I did a config reset on the switches. I bought these used, I hope they aren't broken :\)No, they don't work, POST is fine (The switches boot normally), CABLING IS FINE, they are NOT admin down
Switch1#sho run
Building configuration...
Current configuration:
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname Switch1
ip subnet-zero
!!!!! Omitted fa ports 1-24
interface VLAN1
no ip directed-broadcast
no ip route-cache
line con 0
transport input none
stopbits 1
line vty 5 15
end
Switch1#sho int status
Says every port except the ports trunking between the two switches is "not connected"
!!!!!HERES AN EXAMPLE OF ON OF THE DOWN SWITCHPORTS!!!!!
Switch1#sho int fa0/1
FastEthernet0/1 is down, line protocol is down
Hardware is Fast Ethernet, address is 00b0.647f.6681 (bia 00b0.647f.6681)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not set Auto-duplex , Auto Speed , 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 1d23h, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1 packets input, 64 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast 0 input packets with dribble condition detected
2 packets output, 424 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out
Switch1# sh version
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5)WC8, RELEASE SOFTWAR
E (fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Thu 19-Jun-03 13:09 by antonino
Image text-base: 0x00003000, data-base: 0x0034E2F4
ROM: Bootstrap program is C2900XL boot loader
Switch1 uptime is 1 day, 23 hours, 31 minutes
System returned to ROM by power-on
System image file is "flash:c2900xl-c3h2s-mz.120-5.WC8.bin"
cisco WS-C2924M-XL (PowerPC403GA) processor (revision 0x11) with 8192K/1024K byt
es of memory.
Processor board ID FAA0402G17B, with hardware revision 0x03
Last reset from power-on
Processor is running Enterprise Edition Software
Cluster command switch capable
Cluster member switch capable
24 FastEthernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:B0:64:7F:66:80
Motherboard assembly number: 73-3425-10
Power supply part number: 34-0920-01
Motherboard serial number: FAA04019FEM
Power supply serial number: NONE
Model revision number: A0
Model number: WS-C2924M-XL-EN
System serial number: FAA0402G17B
Configuration register is 0xF
I'm really desperate here I have no idea what the problem is, and I cannot prepare for the exam without being able to assign ip addresses to the switch ports. If anyone can help me I would be EXTREMELY grateful.
Thanks
Devlin -
I need a way to list out the last mac address known to port-security per port in IOS, and EEM may be my answer.
The command "show port-security address" gets me close - it shows current mac on all up ports, like:
> AS5#show port-security address
> Secure Mac Address Table
> ------------------------------------------------------------------------
> Vlan Mac Address Type Ports Remaining Age
> (mins)
> ---- ----------- ---- ----- -------------
> 6 001d.e5ea.a1d5 SecureDynamic Gi1/0/26 < 1
> 6 0007.7d43.638b SecureDynamic Gi1/0/31 < 1
> 6 0050.6003.76ce SecureDynamic Gi1/0/40 < 1
> 1 0050.b607.c3a3 SecureDynamic Gi1/0/43 < 1
> 1 c42c.030c.05d4 SecureDynamic Gi1/0/44 < 1
> 1 0023.5e20.a48e SecureDynamic Gi1/0/45 < 1
> ------------------------------------------------------------------------
however, I also need the last mac known to the port. For example "show port-security int g7/11" has the info I need:
> DEVON-3RDFL-138-4#sh port-security int gi 7/11
> Port Security : Enabled
> Port Status : Secure-down
> Violation Mode : Restrict
> Aging Time : 1 mins
> Aging Type : Absolute
> Maximum MAC Addresses : 1
> Total MAC Addresses : 0
> Configured MAC Addresses : 0
> Sticky MAC Addresses : 0
> Last Source Address : d4be.d995.8159 <-- We are looking for > this, but we may not know which port it was last connected to...
> Last Source Address VlanId : 455
> Security Violation Count : 0
However, enumerating all ports on a switch to find which one has a specific mac address is painful.
So, my intent is to wrte an EEM script that will enumerate all ports on a switch and hold that in an array that I can then sequentially run commands again.
Surely someone has already written a script to enumerate all switch interfaces. Anyone know where to find it?
Thanks,
NevilleThanks Joseph!
With your code I got my script working! I'm attaching it here.
Some notes of mine.
1) I sure like PERL *a lot* more than TCL. I find TCL weird where I don't do a ; at the end of lines, don't declare my variables with $ and not having a conecpt of an @array is killing me!
2) I changed the 1st part of the script from port-security ports to all Ethernet interfaces. If a port is down it does not show in "show port-security adresses", where it will show with "show interface summary | inc Ethernet".
3) I added Catalyst switches output port-security info two ways: either "Last Source Address : aa.bb.cc.dd.ee.ff" (older code) or "Last Source Address:Vlan : aa.bb.cc.dd.ee.ff:1" (newer code). I added logic to deal with either output.
4) The script seems to run pretty slow. It takes ~15 seconds for a switch with 24 interfaces on it. In a stack I'd run into MAXRUN time issues for sure.
Again thanks Joseph! - Finished Script below:
::cisco::eem::event_register_none
# Written 2012 by Neville Aga ([email protected])
# Make an alias to trigger this script, such as
# "alias exec show-last-macs event manager run show_last_macs.tcl"
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*
# Open the CLI
if [catch {cli_open} result] {
error $result $errorInfo
} else {
array set cli1 $result
# Go into enable mode
if [catch {cli_exec $cli1(fd) "en"} result] {
error $result $errorInfo
# Enumerate switch ethernet interfaces and put them into array..
# er list. TCL doesnt do arrays
# Enumerate all ports here
set output [cli_run [list "show interfaces summary | inc Ethernet"]]
set ports [list]
foreach line [split $output "\n"] {
regsub {\*} $line "" line
set line [string trim $line]
regsub -all {\s+} $line " " line
#puts "line is $line\n"
lappend ports [lindex $line 0]
puts "Last MAC associated with all port-security switch ports:"
puts "by Neville Aga ([email protected]). Follow me on twitter @nevilleaga"
foreach port $ports {
set output [cli_run [list "sh port-security int $port"]]
if { [regexp {Port Security\s+:\s(Enabled)} $output -> enabled] } {
if { [regexp {Port Status\s+:\s+(\S+)} $output -> portstatus] } {}
# This will get output returned like "Last Source Address : aa.bb.cc.dd.ee.ff" - 6500 typical
if { [regexp {Last Source Address\s+:\s+([a-fA-F0-9\.]+)} $output -> mac] } {
puts "Last MAC for $port is $mac -- $portstatus "
# This will get output returned like "Last Source Address:Vlan : aa.bb.cc.dd.ee.ff:1" - 3560 12.2.53
if { [regexp {Last Source Address:Vlan\s+:\s+([a-fA-F0-9\.]+)} $output -> mac] } {
puts "Last MAC for $port is $mac -- $portstatus"
# Close the CLI
if [catch {cli_close $cli1(fd) $cli1(tty_id)} result] {
error $result $errorInfo -
LMS 4.2 - How do I find switch ports that are configured as trunks.
I've been tasked with finding all switch ports that are configured as Trunks. We plan to use LMS 4.2 to push (via Netconfig) new interface level commands to all user (non-trunked) ports. From my experience, this poses a problem because we do not know which ports are configured as trunks -vs- user ports.
Using Netconfig is not going to be easy since there is no way to script this. It would be great if I could run a show command on a switch and then have CWSI peform a change based upon the output.
In other words, we need a way to run a job based upon the output of a command.
Is there a section of LMS that I could use for help with this?
Thanks,You need to go to Monitoring>Dashboard. Here Just click the switch in the Llisted device and then click the interface you will find the all the down and Up interface with type of configuration (i.e. Trunk or Access.)
-
Template(best practice) for Switch ports
Hi,
Looking for best practice advice on switchport config for client facing ports.
We recently had an incident where an access port turned into a trunk(trunk mode desirable), which we obviously do not want to happen again!
For Access Ports(First two should stop DTP I'm hoping?):
switchport mode access
switchport nonegotiate
storm-control broadcast level 20.00
storm-control action trap
no cdp enable
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree guard root
switchport port-security maximum 10
switchport port-security
switchport port-security aging time 10
And for trunk ports to clients:
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan xxx,xxx
switchport nonegotiate
storm-control broadcast level 20.00
storm-control action trap
no cdp enable
spanning-tree bpdufilter enable
spanning-tree guard root
Thanks in advance.Look here: http://www.cisco.com/en/US/docs/solutions/Enterprise/Branch/E_B_SDC1.html#wp68930
That's Cisco's branch design doc from Design Zone.
For those that want a fast answer:
For VoIP phones and PC:
interface GigabitEthernet1/0/6 - interface GigabitEthernet1/0/23
description phone with PC connected to phone
switchport access vlan 102
switchport mode access
switchport voice vlan 101
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
ip arp inspection limit rate 100
load-interval 30
srr-queue bandwidth share 1 70 25 5
srr-queue bandwidth shape 3 0 0 0
priority-queue out
mls qos trust device cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
ip verify source
ip dhcp snooping limit rate 100
For data only:
interface GigabitEthernet1/0/24- interface GigabitEthernet1/0/28
description DATA only ports
switchport access vlan 102
switchport mode access
switchport port-security maximum 3
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
ip arp inspection limit rate 100
load-interval 30
srr-queue bandwidth share 1 70 25 5
srr-queue bandwidth shape 3 0 0 0
priority-queue out
spanning-tree portfast
spanning-tree bpduguard enable
ip verify source
ip dhcp snooping limit rate 100
That's Cisco's recommendation.
And just my opinion is that I'd much rather shut a port down that receives a BPDU than just filter it. Reason being that you can't trust users not to do something stupid, like hook two switch ports to the same switch they're using at their desk in an effort to "make the network faster". For two, if someone malicious plugs in a switch into your environment, shut the port down. . .that makes it hard for them to do anything malicious. -
Discovering MAC addresses for Switch ports
Hello and thanks for looking at my question,
My company has inherited a network which has some very poor documentation. We really have no clue, nor does the customer, what machines are connected to what switch ports.
My co-worker and I were discussing the best way to find this out with the least amount of effort, but can't agree on a single solution. Any recommendations would be greatly appreciated.
Thanks.
Sincerely,
BrentBrent,
After you do the 'sho arp' and now have MAC to IP translation, do a 'sho mac-address table' to show MAC to port translation. Save both tables to an Excel spreadsheet and tie them together. You should be able to come up with a good cross reference table (depending upon your Excel skills).
This also gives you a switch-by-switch breakout. It's also a very helpful troubleshooting method to find rouge devices and shut down a port (for instance).
Hope this is helpful.
Jim -
Cisco Prime Infrastructure - Is there a report of unused switch ports?
Hello,
Is there a report in Cisco Prime Infrastructure 1.4 showing the unused switch ports?
There used to be one in Cisco Prime LMS (Reclaim Unused Up/Down Ports Report).
Thank you,
LukeHello,
I now have Cisco Prime Infrastructure 2.0 running, and I don't see a report like the "Reclaim Unused Up/Down Ports" report that existed in LMS.
I found one called "Interface Capacity", but it only shows the number of ports that are "connected", "notconnect" or "disabled".
Does anyone know if a report of Unused ports exists in Prime Infrastructure 2.0 or if it will be available later on?
Thank you,
Luke -
Hello everyone,
Quick questions about Switch port status logging.
Cisco Switches usually log port status (UP/DOWN) at notification log level.
Does anyone know at which log level it reports its negotiations ? If port degraded from Gig/Full to 100/Full, will it report it to syslog, if yes then at what log level
Switch is :
WS-C3750X-48T-E
15.0(2)SE4
Any hint / reply highly appreciated.
Thank you,
MuhammadI am facing some issues with port-security in my network environment. The issue comes when we try to move users(PC/Phone) from one place to another in the same floor off course they belong to the same access switch.
The PC and phone does not connect even after we reset the port/clear the ARP/Mac-Address-Table.
also if try to manually bind the mac-address to the switch port it says : duplicate address" address already there message.
can any one share why this type of behavior and how to over come this problem. -
Jabber and Meida Interface Service - Switch port
Hi All,
here is from Cisco:
Before Cisco Jabber for Windows sends audio media or video media, it checks for Cisco Media Services Interface .
• If the service exists on the computer , Cisco Jabber for Windows provides flow information to Cisco Media Services Interface . The service then signals the network so that routers classify the flow and provide priority to the Cisco Jabber for Windows traffic.
• If the service does not exist, Cisco Jabber for Windows does not use it and sends audio media and video media as normal.
My Question is : what does normal means?
1- we can identify ports for Jabber in CUCM, then create ACL and apply QoS.in that Case what " Normal Traffic " means?
2- for MSI, do we need to configure anything on the switch port to work peoperly?
3- How switch knows which Qos to apply based on what MSI saying? still needs an ACL, if yes, what s apoint of using MSI dfor Qos?
Thanks,
HamedThis would be EF for voice, AF41 for video/voice, and CS3 for SIP signal. Two things typically cause this to get treated as best effort:
The Windows PC is not allowing the application to set DSCP markings. Group or local security policy can be used to allow this
The switch is not trusting the data VLAN. Most SRND material suggests using a policer to limit the amount of EF/AF41/CS3 traffic from the data VLAN and to remark the violation traffic to best effort.
You'll want to start with the MediaNet Deployment Guide. There is a lot going on to make this work.
The MSI tells the switch what application and ports are being used. The switch then sets the DSCP marking on that traffic.
Please remember to rate helpful responses and identify helpful or correct answers. -
Currently we have the following
Cat 4003 with VLAN trunking turned on to multiple switches. Each port in those exterior switches is assigned to a vlan(we have about 60 different vlans).
What I would like to do is on those exterior switches have two vlans assigned to it.
We'd like to create a single IP Phone VLAN(let's call it 999) that can span our entire enterprise and would have dhcp deployed on it.
Each port is connected to an IP phone which has a 2 port switch in them. One port to the wall, one to the pc.
The switch ports on those phones support vlan tagging
How would setup an exterior switch to access 2 vlans that connect to 2 port switch on an IP phone?To facilitate ease of deployment, use VTP so that you can centrally create the vlans and propagate to each exterior switch. Now I believe you already do have a layer 3 engine or router that does routing between all these vlans. What switches are used on teh exterior ? This is to find out if voice vlan support is available.
In cat switches, voice vlan is created using command,
set port auxiliaryvlan vlan
In IOS based switches,
int fa0/1
switchport mode trunk
switchport trunk encap dot1q
switchport trunk native vlan
switchport voice vlan
switchport priority cos extend 0
or
int fa0/1
switchport mode access
switchport access vlan
switchport voice vlan
I am not sure about support of voice/aux vlan in 4003. We will have check your other switch models/ software versions to determine support for this command.
Maybe you are looking for
-
System fan error on g62-352ca on startup. are there two fans ie a cpu fan and a system fan?
I get a system fan error on power up? Are there two fans in the G52-352CA? Ie a general system fan and a CPU cooling fan or just the one CPU/heatsink fan? If it is the CPU/heatsink fan then there are 4 part numbers for different options. Is t
-
How do I setup multiple IP addresses?, How do I setup multiple IP addresses?
Just bought a new Mac Mini and Lion Server to replace my company's three 15-year-old 8500s. Ooof. They were running mail, web and filemaker servers, respectively. We have AT&T DSL Small Business, and five static IP addresses. Lion Server claims t
-
HP Pavilion DV6750er Laptop no longer go into passive cooling
After flashing BIOS version F.58A laptop stopped completely disable the cooler cooling, although the laptop cool and clean heatsink (tested). Can I get an older version of firmware, when the notebook works better for power. Laptop has less to operate
-
FCE HD Output to Sony Trintron Monitor Problems
I am trying to output my Program Canvas to my Sony monitor, via a Hollywood Dazzle Firewire converter. When the Dazzle is trying to output to monitor, I get a very pixelated image and distorted audio. All the settings under view appear to be correct,
-
How to call a sql stored procedure in java...... HELP
Hi I am making an application for taking backup in sql automatically so i have created a dts package which is called by a stored procedure. Now the problem is that how to call that stored procedure in a Java program so that after running my java prog