Multicast blocking in layer 2 switch

Similar Messages

• Blocking Multicast on Layer 2 switch

  Cisco 2960, layer 2.
  trying to block inbound multicast from a single switchport.  My CUCM to be exact.
  IGMP will not do what I need as I have phones trying to listen to Multicast MOH from the server, and Im trying to block it.  Phones and server are on the same subnet.  I do not want the MC packets to hit the phones as they need to listen to something else on the same IP
  ACL on the port didnt work, neither did switch block multi as I think it doesn't block packets with a correct source mac.
  Storm-control multi level 0 didnt work, neither does storm-control broad level 0
  Any other options?  Or are one of these options actually working and I just dont know it (my multicast isn't setup right lets say).  I see my multicast counters on the port go up when I turn on multicast from the server so I know its being sent.

  Hi ,
  You can block layer 2 Multicast traffic with following commands
  Step 3 
  switchport block multicast
  Block unknown multicast forwarding out of the port.
  Note Only pure Layer 2 multicast traffic is blocked. Multicast packets that contain IPv4 or IPv6 information in the header are not blocked.
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swtrafc.html
  HTH
  Sandy

• Block external webaddress from layer 2 switch

  Dear all,
  I am trying to permit a website address 130.x.x.x from layer 2 switch, all other traffic should be denied.
  I am trying this by:
  access-list 15 permit host 130.x.x.x
  access-list 15 deny any
  and then applying it to interface fa0/5 in
  this results in blocking all the traffic and don't permit the required address.
  Layer 2 switch doesn't support ACL to be applied on OUT interface.
  Please advise.

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Another way to accomplish this, is to place the necessary commands into a file placed on the device's local flash.  Then you just copy the file from flash to the running config.
  Like Peter's posting, I too would recommend a timed reload.  (I also normally use a five minute time.)
  This technique, or Peter's, can also be used to even change the attributes of the interface being used for remote connectivity.

• Cisco Asa 5505 and Layer 3 Switch With Remote VPN Access

  i got today a new CISCO LAYER 3 Switch .. so here is my scenrio
  Cisco Asa 5505
  I
  Outside  == 155.155.155.x
  Inside  =      192.168.7.1
  VPN POOL Address =   10.10.10.1   -   10.10.10.20
  Layer 3 Switch Config
  Vlan 2
  interface ip address =  192.168.1.1
  Vlan 2
  interface ip address =  192.168.2.1
  Vlan 2
  interface ip address =  192.168.3.1
  Vlan 2
  interface ip address =  192.168.4.1
  Vlan 2
  interface ip address =  192.168.5.1
  ip Routing
  So i want My Remote Access VPN clients to access all this Networks. So Please can you give me a helpfull trick or Link to configure the rest of my routing
  Thank You all

  When My Remote VPN is Connected , it reaches 192.168.7.2 of the Layer 3 VLan that's Connected to The ASA 5505 ,
  But i can't reach the rest of the VLAN - example
  192.168.1.1
  192.168.1.2
  192.168.1.3
  192.168.1.4
  192.168.1.5
  But i can reach the Connected Interface Vlan to My ASA ..
  So here i think iam miss configuration to my Route
  Any Help Please this is urgent

• Multi-layer/layer3 switch VS. Router

  Multi-Layer Switch or Layer3 switch vs. router; How they are different?
  1.7

  In a router the route calculation and packet processing take place in the software on layer 3. This means that packets need to be moved from the layer 2 hardware interface to layer three and so it takes some time. In a layer 3 Switch Routing calculations takes place at layer 3 in hardware or software, while the actual packet processing takes place at layer 2. The speed gain is accomplished by reducing the amount of features supported and moving as much logic as possible into hardware.

• RAC 10.2.0.4, event gc cr block busy & log file switch

  hello everybody,
  i would like to know if there is any dependencies between gc cr block busy and log switch in the one node of the rac cluster.
  i had a select and its completion time lasted 12 secs instead of 1, the start time of the select is the start time of the log switch on the node.
  But when i looked into the active session history the session which was standing for that select had been waiting gc cr block busy instead log file switch completion.
  While looking to the Google resources i ve noticed that "The gc current block busy and gc cr block busy wait events indicate that the
  remote instance received the block after a remote instance processing delay.
  In most cases, this is due to a log flush".
  I would be really greatfull if anybody would be able to locate the initial dependancy i ve mantioned and explain the cause of the issue as i can not quite get why the selection took so long.
  Thank you in advance!

  Did you told "log file switch"?
  you mean log file switch (checkpoint incomplete) or log file switch (archiving needed) or log file switch/archive or log file switch (clearing log file) or log file switch completion or log switch/archive
  however a instance can wait ... if you find high values about waiting, you may tune your database.
  please show us
  - Top 5 Wait Events
  SQL> alter session set nls_date_format='YYYY/MM/DD HH24:MI:SS';
  SQL> select name, completion_time from V$ARCHIVED_LOG order by completion_time ;
  Check How often do you switch logfile to archive log? ... Every switch log file... you may find "log file switch" waiting
  I see... you no high DML activitiy.
  But Please check High segment + object and query on AWR report... (example: Segments by Physical Writes )
  just investigate
  Good Luck

• How do you take information from one layer and switch it to another?

  I am trying to figure out how to take pictures and text that I have already placed on one layer and switch it to another layer. I have like 50 pages worth of information and I am trying to look for the easiest way to do this. In illustrator and Photoshop, its pretty easy. Wanting to know if it is the same because I have been trying but it is not there. Just in case it matters, Im using CS5 on a pc. Help is greatly appreciated.

  Hi Martin,
  Please follow the below steps.
  Step 1
  Create the separate layer. Select the content you want to move.
  Step 2
  Go to check layer panel, near the pen symbol icon, the below box drag to move up to the image layer, see sample
  Step 3
  This option use spread wise content, it will complete the task with fast. If more faster, please raise as question to Scripting Forum, they can suggest the tool.

• Dynamic VLAN assignment and Layer 3 switching on 300 series

  I have a SG300-28P switch. I just read in the Administration Guide that, when in Layer 3 mode, the switch doesn't support MAC-based VLAN or Dynamic VLAN Assignment.
  So, in order to assign a client to a VLAN based on their MAC or based on the response of a RADIUS server, we have to disable layer 3 features. Without layer 3 switching, the switch is unable to act as a default gateway and forward packets between VLANs. As a result, the VLANs can't communicate in any way, or access the internet, unless a separate router is connected to every VLAN. Right?
  I'm new to VLAN configuration and layer 3 switching so I wanted to check my understanding. Doesn't this limitation significantly reduce the usefulness of the DVA feature?
  I may well be confused and missing something regarding how this is typically used..

  Hello Glenn,
  Your concept about packet forwarding is correct. With a layer 2 switch, there must be something directing traffic with multiple subnets for intervlan communication or something that provides an IP route to give the request a path back for the request.
  The usefulness for the DVA feature, is not particularly limited to the switch as the switch will correctly assign the VLAN for you, as VS the L3 switch mode, you're dealing with IP addresses. In any scenario, you're going to require a router to get to the internet since the switch does not support NAT.
  Additionally, if you're router does not support VLAN, the L3 switch feature would still be the solution since you should be able to make a static route pointing back to the switch to allow any subnet to traverse the single media. It would still beg the question, how to assign VLAN dynamically.
  The answer, although (in my opinion is terrible) would be GVRP.  But, this application would require ALL of your network cards to be GVRP Enable / Capable which most likely is not the scenario for you (or most anyone else for that matter).

• Multiple VLANs through to layer 2 switch

  So long as each switch supports VLANing (which most manageable switches do), then yes. Some model numbers on the switches would help here though to be sure.
  Also, keep in mind that assigning VLANs is a layer 2 function, not layer 3. So long as you tag the VLANs you need to pass between the switches on the feed ports between them, you should be able to have them running without issue.
  Could you provide a little more detail as to what you're trying to accomplish so that we can better advise you how to proceed?

  Hello,
  Is it possible to send multiple vlans across a layer 3 dell powerconnect to a Meraki layer 2 switch and configure the ports to access the different vlans? 
  Is it also multiple vlans across a layer 3 dell powerconnect to a layer 2 dell powerconnect switch and configure the ports to access the different vlans? 
  I've been playing aound with this and I can't seem to get it done.
  Thanks for any help in advance.
  This topic first appeared in the Spiceworks Community

• Layer 2 switch

  required a layer 2 switch with following requirement below
  24 or 48 ports
  ppoE supported
  Redudant power supply
  Stackable.
  Please suggest a switch model with all the above features

  However if you mean poe-
  The 3750-X meets your requirements.
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps6406/data_sheet_c78-584733.html

• Broadcast storms applicable on layer 3 switches?

  Dear all,
  Me and my collegue were wondering about the following on a cisco 3750 x layer 3 switch.
  Lets assume we configure the 3750 without vlans so we create several networks on the 3750. For example fa 0/1 has as network 10.10.10.0/24 with 10.10.10.1 as it being the default gateway. Fa 0/2 has as network 10.10.11.0/24 with 10.10.11.1 as it being the default gateway.
  The question is if a broadcast storm rages on network 10.10.10.0/24, would 10.10.10.0/24 only be affected by the broadcast storm or will network 10.10.11.0/24 also be affected due the broadcast?
  If we assume the same settings but we would utilize vlans then anetwork is definitely not being affected by a broadcast storm happening on an other network right?
  Thanks in advance for your help.
  kind regards

  Hi,
  When you configure an L3 port on your 3750
  int f0/1
  no switchport
  ip add 10.10.10.1 255.255.255.0
  no shut
  int f0/2
  no switchport
  ip add 10.10.11.1 255.255.255.0
  no shut
  The key is NO SWITCHPORT
  This takes the port out of L2 configuration therefore
  it does not belong to any VLAN and does not operate like an L2 port
  with regards to broadcast etc.
  Have a look at this link from a 3750 config guide
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swint.html#wpmkr2208885
  Hope this helps
  Regards
  Alex

• Layer 3 switches vpn

  I have a question, it is possible to use a layer 3 switches to set up VPN tunnels?

  Actually, it is only posible on Catalyst 6500 Switches with an special line card for VPN hardware-encryption.
  DL.

• Need ASA 9.x Etherchannel example w/ layer 2 switch config

  Hello there:
  Could anyone please point me to example configurations of Etherchannel on an ASA 9.x, connecting to a layer 2 switch?  I need to see how the switch is configured as well.
  Thank you.

  Hi,
  I have configured Port channel with Cisco 2960S switch. Here is the below configuration example. If the answer is correct please Comments.
  fw-01# sho port-channel summary
  Flags: D - down P - bundled in port-channel
  I - stand-alone s - suspended
  H - Hot-standby (LACP only)
  U - in use N - not in use, no aggregation/nameif
  M - not in use, no aggregation due to minimum links not met
  w - waiting to be aggregated
  Number of channel-groups in use: 1
  Group Port-channel Protocol Span-cluster Ports
  ------+-------------+---------+------------+------------------------------------
  11 Po11(U) LACP No Gi0/1(P) Gi0/0(P)
  interface GigabitEthernet0/0
  description *** Connected to CORE-SW-01 ***
  channel-group 11 mode passive
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/1
  description *** Connected to CORE-SW-01 ***
  channel-group 11 mode passive
  no nameif
  no security-level
  no ip address
  interface Port-channel11
  description *** Connected to CORE-SW ***
  nameif outside
  security-level 100
  ip address 10.98.8.90 255.255.255.248 standby 10.98.8.91
  ================Switch====================
  interface Port-channel12
  description *** Port-Channel Used for DC-INSIDE-FW-1-IPS***
  switchport access vlan 912
  interface GigabitEthernet1/0/21
  description **** inside Firewall 01 ***
  switchport access vlan 912
  channel-protocol lacp
  channel-group 12 mode active
  Please let me know your topology.

• HSRP with layer 2 switching

  I configure HSRP on two layer 3 switches (Switch A-Switch B), Sw A is connected to Router A, Sw B is connected to Router B
  But I want to use also the Layer two features of my switch
  - is it possible to use these switches also for LAN ?
  lets say there is a simple LAN with 1 VLAN and 10 PCs. PCs have two ethernet ports, they are directly connected to L3 switches redundantly.
  thanks for helping

  thanks Martin
  I want all of my PCs (total ten) in the same subnet
  so what should I do is:
  1. configure 10 ports of the L3 switch as switchport under VLAN 1 (these ports will conect ten PCs on the same subnet)
  One port of Switch A will be connected to router A (2610),
  One port of Switch B will be connected to router B (2610). So;
  2. Configure one port of the each L3 switches as 'no switch port' and assign IP addresses. Since they are not switchports, I shouldnt create VLAN for them.
  3. Configure HSRP
  4. Configure EIGRP or OSPF
  AFTER ALL: there is one VLAN that connects all PCs,there is one Layer 3 port on each Switches. And systems work :-)
  Could you please confirm If I properly understand your post?
  thank you very much for helping

• IPV6 with Cisco layer 2 switches.

  I know IPV6 affects only layer 3 switches, but I heard that it also could affect layer 2 switches with VLANs. Is this true? I have Cisco 3500 / 2900 layer 2 switches. Please advise. Thanks

  Thanks again but I have this layer 3 switch (4948) and it appears to have all the commands to configure ipv6 tunnel.
  If it does not support tunnel, what does Cisco 4948 layer 3 switch provide under IPv6?
  This is a link which shows tunneling under a 6500 switches with encapsulation/decapsulation. This is why I thought I could do the same with 4948 switch but apparently not...
  http://www.cenic.org/events/archives/cenic2004/csmith.pdf
  -Al-