NTP Issue on cisco 3560 switch
Hi all
Here is my ntp configuration
clock timezone GMT 4
clock summer-time UAE recurring
ntp server 192.168.10.254 version 2 prefer
end
sh ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 119.2092 Hz, actual freq is 119.2092 Hz, precision is 2**17
reference time is 00000000.00000000 (04:00:00.000 GMT Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec
-SW1#sh ntp associations
address ref clock st when poll reach delay offset disp
~192.168.10.254 0.0.0.0 16 - 64 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
-SW1#
Please help me what i have did wrong
regards
raja
You are still not answering the question.
Is the appliance, with IP Address 192.168.10.254, synchronized with a valid SNTP/NTP address or not.
Even if you enable NTP Master (which I personally don't recommend) and your appliance is NOT synchronized to a valid NTP source, then the appliance 192.168.10.254 can potentially broadcast the WRONG time to all the appliance. Since you've forced all downstream appliances to synchronize with a source that has the wrong NTP data (using the command "ntp master") all your network equipment will be sporting the wrong time.
Similar Messages
-
MTU Size Issue on Cisco 3560 Switch
Could anybody tell me how to change MTU Size on a Cisco 3560 Switch.i mean to say whether it is to be changed on FastEthernet Interfaces or on VLAN 1 or on Global Configuration Mode and with which Command to change it.
I am using MPLS on my Routers and the MTU size i have set on my Router Interfaces is 1524.
When i do a normal ping from Customer's one site to another (where my Traffic has to pass through this Switch VLAN)i get a reply , but when a Ping with a Byte Size of 1500 or more the Packets get completely dropped.
I think due to MTU Mistach bet. Switch and Router the Packets r getting droped,that is why i was trying to change it.
could the Packets get dropped because of this reason.Please suggest. -
Embeded Event Manager on cisco 3560 switch
Can someone help me please? I have EEM configured on cisco 3560 switch. The configuration is below. I want that switch inform me through email when device with particilular IP address become unavailable. For some reason this configuration is not good and I can't tell why. I already try to debug this with debug event manager action mail but didn't see any output .
ip sla 11
icmp-echo ip address
frequency 20
ip sla schedule 11 life forever start-time now
event manager applet device-TEST
event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.11 get-type exact entry-op lt entry-val "2" poll-interval 20
trigger occurs 5 period 120
action 02.0 mail server "ip address" to "[email protected]" from "[email protected]" subject "device is down"The mail part looks good, I'm not sure you are hitting the trigger right.
Why not do a track on the ip sla instead of the snmp stuff?
Here's a good example of that.
https://learningnetwork.cisco.com/blogs/network-sheriff/2009/06/19/writing-your-first-eem-applet -
Ipv6 HSRP gloabl unicast address on cisco 3560 switch
Dear Team,
We are using cisco 3560 switch. Now we are going to implement ipv6 in our network. But we are not disturbing to existing ipv4. my question is 1) Can we confiure the global unicast ipv6 address in ipv6 HSRP and 2) can cisco 3560 switch will support ipv4 and ipv6 standby group on same SVI ?YES
-
DHCP and voice vlan on Cisco 3560 switch
Greetings,
I'm setting up a Cisco 3560 switch for voice and data comms. I'm looking for documentation with best practice guidelines for the following requirements.
1. Using the Cisco 3560 as a DHCP server - Config examples. Do I need to use different subnets for the voice and data vlans?
2. Layer 2 CoS QoS - I'm connecting Aastra phones as well as notebooks - I've been told that Aastra also makes use of the voice vlan config through LLDP and that Aastra phones supports CDP.
Your assistance will be appreciated.Hi ,
Cisco recommends that you have a separate vlan for voice and data with different ip subnets for voice and data. You will need to configure the dhcp pool accordingly.
Here is the config guide for setting up IOS DHCP server:
http://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/Easyip2.html
Here is the LAN qos recommendations:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/netstruc.html#wp1044009 -
Multilayer Cisco 3560 Switched network
Hi,
I have a multilayer Cisco 3560 network. All sites are connected to each other using RIP V2. The area marked in red is what we are having an issue with.
1. We have remote sites connected by microwave links using Cisco 3560.
2. In the attached image "Site-1" inherits all the configuration from the Headoffice. They also get their internet connection from the Headoffice over the " 256Kbps DSL-DATALINK".
3. The area marked in red are the 2 sites, they were connected to each other using a data link.
4. The 100 Mbps microwave links were commissioned lately so we want to use these links for our Internet + Data connections.
5. HEAD OFFICE switch is running the VTP Domain.
Question
1. I have rip version 2 running how do I get "SITE-1" to share the internet connection from Headoffice over the Wireless Links
2. Site-1 should get the IP address from the HeadOffice DHCP server over the wireless links.
3. The "DSL-DATALINK" should work as a backup/redundant link. If my 100 Mbps link is down it should automatically switch to the DSL link.
Kindly give me your expert comments/suggestions in how do I go about achieving the above.
Regards
SarfarazRIP works on hop-count and it will prefer the DSL connection over the Wireless link (1 hop vs 4 hops).
You can alter this behavior by creating an offset list on routes incoming the data link.
router rip
version 2
offset-list 0 in 5 [data link interface]
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hirp_r/rte_rih.htm#wp999452
You need to this on both routers (site1 and HQ). -
Dot1x Issue on Cisco 2950 Switch
Hi,
I have a Cisco 2950 switch running with c2950-i6q4l2-mz.121-22.EA6.bin image.When i configure a Dot1x Port Control Auto on each interface the utilization on the Cisco 2950 goes high.The moment i remove Dot1x Port Control Auto command on every interface utilization comes to normal.
Please let me know if any idea on this why the switch is behavior like this....
Thanks & Regds,
LalitMost likely you are hitting a bug although I did not find anything in the bug toolkit that could resemblance this.
What process is stealing all your cpu? Please do a `show proc cpu` for me. I would start by grabbing the EA13 release and try the same with that to see if you experience the same issues. -
Cisco 3560 switch| mls qos trust dscp question
Hi everybody
Hi everybody .
Please consider the following example:
3560 sw f1/1--------trunk---SW2
3560 sw
f1/1
mls qos trust dscp
3560 is using default cos-dscp map, assume a 3560 receives a frame carrying IP packet on f1/1 with COS 4, what will 3560 switch do?
1) will it use its default cos --dscp map ( cos 4--.dscp 32) and rewrite 32 in dscp field of the packet in the frame and provide PHB for dscp 32 ?
Much appreciated!!
Have a great weekend.Hi
No it will not trust the cos value, because You have configured to trust dcsp. So, the switch will trust the dcsp value in the incoming frame.
/Mikael -
Physical position of backup Cisco 3560 switch in relation to other produciton switches
We currently have three 3560 switches connected to each other using SPF interconnect cables. I have a backup switch ready in the event one of the three switches fails. I'd like to keep the backup switch configured and in the rack connected to the three switches. If a switch fails, do the interconnect cables have to be routed in the same way they're currently setup or can they be connected in any order. In other words, if I have the replacement switch in the rack at the bottom with the other three switches and the top switch fails, after loading the config of the top switch onto the replacement switch, can I keep the cables from the second switch connected to the third switch and run the interconnect cables from the failed switch, now switch 1, to the third switch, which is situated in the rack just above the replacement switch?
Thanks in advance.Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
For 3560s, what SPF ports you use doesn't really matter.
If the backup will be a cold spare, you may need to worry about port configurations, before you connect it.
If the backup will be warm spare, again, you can interconnect the SPF ports however you like. If, though, you create any L2 loops, you need something to break the loop, e.g. STP, FlexLink.
If you want intentional redundancy, the simplest configuration would be a ring, and assuming the backup is just a warm spare, a root switch defined with the other two non-backup switches connected to it (on the ring). (The backup would connect to the two non-root switches.)
Besides a ring topology for redundancy, you might setup a dual star topology, or as you only have four switches, even a full mesh. -
Configuring rcp on ciscoworks LMS 2.5 and cisco 3560 switch
Dear All,
i am having LMS 2.5 and nearly 50 cisco 3560 in my network. And I want to configure rcp. How can I do it. Kindly help
regards,
RAHIL KHANHave a look at this link for the server:
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_resource_manager_essentials/4.0/user/guide/swmgt.html#wp1328314
For the device you'll need something like:
username cwuser password 7 000C1C0A05
ip rcmd rcp-enable
ip rcmd remote-host cwuser 172.17.246.221 cwuser enable
ip rcmd remote-username cwuser -
Can cisco 3560 switch act as wireless controlrer
wireless issue
Not 3560, but 3650 can do that
http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3650-series-switches/data_sheet_c78-729449.html
If you have 3650 model & having some issue, then refer below post that may help you. Even though it refer 3850 configuration should be very similar on 3650
http://mrncciew.com/2013/09/29/getting-started-with-3850/
HTH
Rasika
**** Pls rate all useful respones **** -
Service-policy output not working in Cisco 3560 switch
We got some Cisco catalyst 3560 that we want to control the bandwidth
on the ports. Can this be done, and how do i do it?
Ive got 3550s that can do policy-map with the interface command;
service-policy output(and input) <policyname>
But 3560 only seems to handle service-policy input.
If i try to configure output, it says the following:
SW(config-if)#service-policy output 4mbit-out
police command is not supported for this interface
Configuration failed!
Warning: Assigning a policy map to the output side of an interface not
supported
Any workarounds or new ways to accomplish bandwith-control on a 3560 ?
regards,
RajibThe 3560 & 3750 (& 2960) don't support egress policy-maps. They do however support queueing so it is possible to achieve similar results by applying an ingress policer to your user ports to classify (& police?) the traffic, at the egress port you can then queue the traffic based on it's DSCP or CoS value that it was classified with (same as 3550).
It is also possible to restrict the bandwidth in use at an egress port with the interface command 'srr-queue bandwidth limit <10-90>' where 10-90 represents a percentage of the links bandwidth. For example if you want to restrict a 100Mbps port to 10Mbps you would use the command 'srr-queue bandwidth limit 10'
HTH
Andy -
TCP reset packet issue on Cisco 6509 switch
Hi,
We are connecting a malware prevention appliance to a SPAN port on cisco switch 6509 which uses IOS firmware.
When the Malware appliance send TCP RST packet to the switch, it does not accept it.
Please help with what additional config to be done on the switch or the span sport so that the packet is received by the switch.Hello, Wasim.
No sure if 6500 supports the feature, but 3750 does:
monitor session destination int f0/1 ingress vlan 100
This last part allows SPAN port to send traffic into VLAN 100 (more details here -
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_52_se/configuration/guide/3750scg/swspan.html#wp1260596) -
Communication problem between Cisco 3560 and Cisco SG300.
Dear Support,
I have a Cisco SG300 and Cisco 3560 switches.
3560 is my Core Switch and SG300 is access switch.
From 3560 VLAN information is not passed to SG300.
3560 Configuration:
interface GigabitEthernet0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,10,11
switchport mode trunk
SG300 Configuration:
interface gigabitethernet49
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 2,10-11 tagged
macro description switch
Please suggest how this issue is resolve.
Regards,
JItesh Mahajan.Dear Aleksandra,
Below Configuration is right or wrong for 3560 and SG300.
3560 Configuration:
interface GigabitEthernet0/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan remove VLAN 1
switchport native vlan 1
switchport trunk allowed vlan 1,2,10,11
switchport mode trunk
SG300 Configuration:
interface gigabitethernet49
spanning-tree link-type point-to-point
switchport mode general
switchport general allowed vlan add 2,10-11 tagged
macro description switch
Regards,
JItesh Mahajan. -
MAC Addressess not showing on my new 3560 switch
I have a Cisco 3560 (Switch B) switch I just introduced into my network. The gigabit ports are trunked from another switch (Switch A) to a Cisco 6509 WS (Main Switch).
crpf4bsw3#show cdp neighbors
Device ID Local Intrfce Holdtme Capability Platform Port ID
crpf4bsw2.mdch.com
Gig 0/1 124 S I WS-C3560-4Gig 0/4
crpcorsw1.mdch.com
Gig 0/4 127 R S I WS-C6509-EGig 2/8
interface GigabitEthernet0/4
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,19,124,150,160,164,168,224
switchport mode trunk
mls qos trust dscp
spanning-tree link-type point-to-point
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,19,124,150,160,164,168,224
switchport mode trunk
mls qos trust dscp
spanning-tree link-type point-to-point
The trunk ports are working just fine. I have configured all necessary remote management with no issues. However, my access ports are not working. I have set them up exactly the same as the adjacent switch A and it works just fine, but the same configuration on the new switch has not been able to pull IP information. I have provided information as to how the switch access ports are configured on both Switch A (working) and Switch B (not working). I should note that I tried this with a Cisco 7940 phone and it got stuck on "configuring IP" then I tried it with my laptop and it pulled a 169 IP address. Both were direct connections into switch B. When I run a show mac-address-table, neither device shows up in the table. Only the gig port MACs. Any thoughts? Please let me know if you need any more information.
interface FastEthernet0/3
switchport access vlan 124
switchport mode access
switchport voice vlan 224
switchport port-security maximum 3
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enableHi Mike,
It looks like you're guiding me in the right direction. I did a "show port security interface fa0/2" on the new switch and nothing was out of the ordinary with the exception of the 0 MAC addresses learned. But then I did a "show spanning tree vlan 224" Here's what I found:
Switch A (existing switch):
crpf4bsw2#show spanning-tree vlan 224
VLAN0224
Spanning tree enabled protocol rstp
Root ID Priority 4096
Address 0012.44cc.68e0
Cost 8
Port 1 (GigabitEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32992 (priority 32768 sys-id-ext 224)
Address 0013.60aa.7400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
Gi0/1 Root FWD 4 128.1 P2p
Fa0/1 Desg FWD 19 128.3 Edge P2p
Fa0/2 Desg FWD 19 128.4 Edge P2p
Fa0/3 Desg FWD 19 128.5 Edge P2p
Fa0/4 Desg FWD 19 128.6 Edge P2p
Fa0/5 Desg FWD 19 128.7 Edge P2p
Fa0/6 Desg FWD 19 128.8 P2p Peer(STP)
Interface Role Sts Cost Prio.Nbr Type
Fa0/7 Desg FWD 19 128.9 Edge P2p
Fa0/8 Desg FWD 19 128.10 Edge P2p
Fa0/9 Desg FWD 19 128.11 Edge P2p
Fa0/10 Desg FWD 19 128.12 Edge P2p
Fa0/11 Desg FWD 19 128.13 Edge P2p
Fa0/12 Desg FWD 19 128.14 Edge P2p
Fa0/13 Desg FWD 19 128.15 Edge P2p
Fa0/15 Desg FWD 19 128.17 Edge P2p
Fa0/19 Desg FWD 19 128.21 Edge P2p
Fa0/20 Desg FWD 19 128.22 Edge P2p
Gi0/4 Desg FWD 4 128.28 P2p
Fa0/29 Desg FWD 19 128.33 Edge P2p
Fa0/30 Desg FWD 19 128.34 Edge P2p
Fa0/31 Desg FWD 19 128.35 Edge P2p
Fa0/32 Desg FWD 19 128.36 Edge P2p
Fa0/33 Desg FWD 19 128.37 Edge P2p
Fa0/34 Desg FWD 19 128.38 Edge P2p
Fa0/35 Desg FWD 19 128.39 Edge P2p
Fa0/37 Desg FWD 19 128.41 Edge P2p
Fa0/38 Desg FWD 19 128.42 Edge P2p
Fa0/39 Desg FWD 19 128.43 Edge P2p
Fa0/40 Desg FWD 19 128.44 Edge P2p
Fa0/41 Desg FWD 19 128.45 Edge P2p
Interface Role Sts Cost Prio.Nbr Type
Fa0/42 Desg FWD 19 128.46 Edge P2p
Fa0/43 Desg FWD 19 128.47 Edge P2p
Fa0/44 Desg FWD 19 128.48 Edge P2p
Fa0/45 Desg FWD 19 128.49 Edge P2p
Fa0/46 Desg FWD 19 128.50 Edge P2p
Switch B (new switch):
Spanning tree instance(s) for vlan 224 does not exist.
So with this new information, and with my trunk configurations above, what did you mean by a disconnect on the trunk?
Maybe you are looking for
-
Reading from graph to text file in labview 7.0
Hi Guys! I am doing a project which reads analog values from a microprocessor board and I am using the Labview example Cont Acq&Graph Voltage-Int Clk.vi. I am getting an analogue graph using this VI. is there any way I can convert the values on the g
-
Trigger Workflow using Output types
Hi, How can we trigger a workflow using Output types ? We have a Z-output type configured through NACE, which will be generated on shipment document creation, and then we should trigger our Z- workflow. Please let me know how to achieve this fuctiona
-
How can I access advanced settings during initial email account setup?
Having just bought an iPad Air, I've tried to setup my email account (with John Lewis) on it during the initial startup process and repeatedly failed, both with SSL on and off. I imagine that I need to change the port settings or some other advanced
-
ERROR: document is corrupt or damaged
RE: iPad Adobe Reader app 10.3 version. I highlighted sections of a phone bill (original bill format is PDF) and when I try to reopen it after closing it, error mesg "This document cannot be opened because it is corrupted or damaged.", pops up. How
-
Printers: Samsung ML 1670 with Snow Leopard & Lion
HI all, For the past 3 years I've been using a HP 1022 mono laser printer on my iMac. Great printer, worked perfectly. I decide to upgrade to Snow Leopard and now its useless; memory full, prints odd # pages. Despite all the advice I've seen on the w