Solaris 10 X2100 VLAN config
What are my options for configuring a virtual interface on an x2100 server with Sol10 Because the interface shows up as the type " nge0" I am assuming
that the hardware does not support it per the info below. Is there another alternative or a software workaround ?
-john
The Solaris OS now supports VLANs on the following interface types:
ce
bge
xge
e1000g
Looks like I just had the wrong VLAN config syntax.. and miss read the documentation. this works !
bash-3.00# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
nge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 128.111.207.230 netmask ffffff00 broadcast 128.111.207.255
ether 0:e0:81:5c:d3:6
nge829000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 4
inet 10.0.0.62 netmask ffffff00 broadcast 10.0.0.255
ether 0:e0:81:5c:d3:6
Similar Messages
-
Config view for VLAN config is not supported
Hi folks,
I have the following error when I try to view the VLAN config from RME->ConfigManagement->Version Tree.
"Config view for VLAN config is not supported"
I didn't found any information over the RME and Campus documentation.
Anybody know what kind of error I'm issuing
Thanks and Regards.
LeonardoHi Pablo,
The VLAN.dat file cannot be used to be deployed via CiscoWorks, but it can be done manually:
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_resource_manager_essentials/4.3/user/guide/config.html#wp1311740
The problem with viewing the VLAN.dat contents in the config viewer or change audit reports is also mentioned in the link below:
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_resource_manager_essentials/4.3/user/guide/chgaud.html#wp1060886
Look for the "Details" row and there you will see the following:
VLAN configurations cannot be compared because they are in binary format. In this case, the Details link will not be available and will be shown as NA.
Hope this helps! -
I am trying to configure VLANs on my 1250 autonomous AP. I have the sub-interfaces setup but still cannot connect to the LAN. I use 432 for my native vlan and then want to assign clients to vlan 543. Being a security guy, I do not use vlan 1, nor do I trunk vlan 1. Here's a snippet of my config, so tell me what I am missing. All interfaces are showing up-up.
Thanks.
int d0
no ip add
int d0.432
encap dot1q 432 native
bridge-group 1
int d0.543
encap dot1q 543
bridge-group 2
int g0
no ip add
int g0.432
encap dot1q 432 native
bridge-group 1
int g0.543
encap dot1q 543
bridge-group 2I'd prefer to not post the entire config as it would take a lot of editing. :-)
Both statements are there, and there is no issue with the SSID config. I'm just trying to get a connection to my RADIUS server, which the AP cannot connect to. I am not able to ping the server from the AP, so it has something to do with the vlan config, but I don't know where. The switch where the AP is connected is trunking and allows all vlans (at this point) except for 1.
This is a head scratcher. :-) -
I have a question regarding private Vlan config. I have a DMZ switch where I need to be able for a particuilar server to communicate to the reset of the servers on port 8686 and deny the rest of the communications between them. I have this server on a poremiscuios mode and the other servers on isolated ports.For security reason how can apply this access list? on which vlan? I am running IOS on the switch connecting these servers. Thanks for your help
the port is that the server(10.3.1.50. 255.255.0.0) that need to talk to all server is attached to:
interface GigabitEthernet1/0/18
description DZ1WEBSD001
switchport private-vlan host-association 50 51
switchport mode private-vlan promiscuous
speed 100
duplex full
no mdix auto
The subnet is 10.3.1.0 255.255.0.0
Basically the 10.3.1.50 need to talk to all servers on this subnet on port 8686 and deny evrything else
Thanks -
Vlan database vs vlan config, rpr-plus...
We have Catalysts 6500's that we are migrating to native ios mode, and have noticed in the docs (http://www.cisco.com/en/US/customer/products/hw/switches/ps708/products_configuration_guide_chapter09186a00800da705.html#wp1095579) that vlan configurations made from the vlan database mode are NOT replicated throught rpr-plus.
While configuration of vlans through the global config mode isn't really a problem for future configs, we haven't found a way to easiliy convert vlan database configs to vlan-config...
Is there such a way besides clearing vlan.dat and starting over?
Also, after doing a clean config of vlans through vlan-config, there doesn't seem to be much (any?) diffrence either in the global config or the presence of the vlan.dat. Is the config supposed to look any diffrent when issued as vlan-config?
TIAcheck out the following link on configuring vlans :
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007e711.html#wp1020848 -
New VLAN config on Cisco router
We are in the process of rolling out VOIP with new Cisco router
configurations. When the VLAN config is changed on the router it can no
longer ping the server. The router config is setup with secondary IP info
so that we don't have to go thru the process of changing IP config on the
NW 6.5 SP 6 servers.
Has anyone seen this issue? Do I need to bind new VLAN ti IP NICs? Any
other thoughts?
Thanks for any help received,
Todd W CarterOn 6/5/2007 Todd W Carter wrote:
> We are in the process of rolling out VOIP with new Cisco router
> configurations. When the VLAN config is changed on the router it can no
> longer ping the server. The router config is setup with secondary IP info so
> that we don't have to go thru the process of changing IP config on the NW 6.5
> SP 6 servers.
>
> Has anyone seen this issue? Do I need to bind new VLAN ti IP NICs? Any other
> thoughts?
When pinging from the router, the packets will be source from its primary
ip address. If the server's subnet is part of the secondary IP address on the
router, you must use an extended ping in the router for it to work.
However, I recommend implementing router-in-a-stick instead of secondary IP
addressing when creating multiple VLANs.
On the router, you can create sub-interfaces under the LAN interface and deploy
dot1q trunking. At the switch-port, configure dot1q trunking as well and the
router
will route between VLANs while providing a better design.
This is outside of the scope of this forum so I recommend posting in the Cisco
forums at http://forum.cisco.com/eforum/servlet/NetProf?page=main
Thanks !
Edison Ortiz
(Routing & Switching, CCIE # 17943) -
LMS 4: VLAN config fetch failing for all devices
LMS 4.0.1, standalone on W2K8 R2, new install
Vlan config fetch is failing for all devices. If I attempt to put a vlan.dat file in tftpboot and then manually copy a vlan.dat file from a device, the following is returned:
TFTP: error code 2 received - 16739
%Error opening tftp://server_name/vlan.dat (Permission denied)
The Windows application logs ont the server log this:
Log Name: Application
Source: CRMtftp
Date: 6/15/2011 2:07:49 PM
Event ID: 3
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server_name
Description:
GetEffectiveRightsFromAcl failed: Overlapped I/O operation is in progress.
(997)
I tried restarting crmtftp, but no luck. Any ideas what may be causing this?
-JeffI have the same issue with a freshly installed 4.2 version now:
Log Name: Application
Source: CRMtftp
Date: 2/24/2012 12:30:50 PM
Event ID: 3
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: srvwienlms.nts.local
Description:
GetNamedSecurityInfo failed failed: The operation completed successfully.
(0)
I will also open a TAC case, lets see if we still have to stick with a3.x TFTP binary...
br.herwig -
I have a 6509 with a vlan 105 configure. I have also added a vlan 100. vlan 100 and 105 work for internal routing. vlan 105 workstation can get to the internet. however any vlan 100 workstation can not access the internet. A tracert from a workstation on vlan 100 stops at the 6509. attached is the 6509 config, i have included IP just because they already have changed.
any ideas? Does the port connecting to my firewall have to allow all vlan traffic? if so how do i do this.
thanks,Hi,
Please provide more information on setup( other devices, connectivity diagram) to have a clear idea, so that we can help you.
From the config provided, i could see the following default route
ip route 0.0.0.0 0.0.0.0 10.175.105.3
What is 10.175.105.3 ? Is this your firewall / WAN router??
Also what is the need for this static route.?
ip route 10.175.100.0 255.255.255.0 10.175.105.3
10.175.100.0/24 is the subnet for vlan 100, which a directly connected network on this switch. Hence you dont need that route. Remove that route.
Finally whatever device is 10.175.105.3, please add a route in that device for vlan 100 so that traffic can reach vlan 100.
The route that you should add in 10.175.105.3 is
ip route 10.175.100.0 255.255.255.0 10.175.105.1.
Hope this helps.
-VJ -
SF300-24P VLAN CONFIG QUESTION
Hi please excuse my ignorance and lack of knowledge in this field as I am a complete newbie when it comes to Cisco switches and VLANS etc. but trying to learn.
I have a Cisco 300-24P and need to create two separate networks (private and public) ports 1 - 10 for Private and ports 11 - 20 for Public. I then to need ports 21 - 24 for access points and that can access both private and public.
I am assuming that would need to create two vlans (e.g. VLAN100 for private and VLAN200 for public). After reading a little I think I need to set ports 1- 20 to "access" and ports 21- G4 to "trunk".
I have attempted this but don't think I have things quite right. Would it be possible for someone to either point me in the right direction or even send me a saved config that I could load and examine.
Many thanks in advance for your help.Hello,
I think I can clarify a few things for you:
1- The ports that are going to connect directly to end stations will need to be configured as access ports with the respective VLAN as untagged.
2- The ports that are going to be connected to the AP's will need to be configured as trunks with VLAN 100 un-tagged and 200 tagged. The AP should be able to understand VLAN's, they should be configured with and IP address on VLAN 100.
3- By default, the un-tagged VLAN is the same PVID.
Notes:
A few things to keep in mind:
1- I see you already have a router on the network, this is the one that will determine if the VLAN's can talk to each other based on the Inter VLAN configuration. In general terms, if inter VLAN is enabled on the router then Public and Private will be able to share traffic, otherwise they wont.
2- When creating VLAN's on the SG300 make sure that you are not assigning IP addresses to any other VLAN than your management VLAN, otherwise you could have issues with the routing.
3- To make sure the connectivity between the VLANs is working as you expect, make sure to do all the testing from the hardwired PC's first, that way you will know if the issue is on the router or the switch.
I hope this was helpful. -
Modifying Solaris 10 perl Config.pm values
Numerous perl packages won't
build on my Solaris 10 systems
because the Solaris 10 perl's
Config.pm packages identifies
$Config{'cc'} as "cc" and not
"gcc".
I'd like to just update Config.pm
to just point to gcc and not cc.
Is there a better way to
do this with the Config module,
other than just editing Config.pm?
Thanks --wwsanders wrote:
I'd like to just update Config.pm
to just point to gcc and not cc.
Is there a better way to
do this with the Config module,
other than just editing Config.pm?If you don't want to download studio and get a 'cc' compiler, and you don't just want to compile your own perl (that's the way I usually go, so I can leave the system perl alone), then just use perlgcc.
/usr/perl5/bin/perlgcc -MCPAN -e shell
(blah blah blah...)
This will set things so that for that invocation of perl, it will prefer to use 'gcc' and gcc appropriate flags. If you look at what it does, it just uses an alternate 'Config.pm' and sticks it in the perl environment ahead of the default one.
Darren -
How setup VLAN on Solaris 10. Server have hme0 interface. When i make new file hostname.ce123000 for vlan 123 and plumb this interface, ifconfig say no such interface. How right setup vlans on this machine?
How setup VLAN on Solaris 10. Server have hme0 interface. When i make new file hostname.ce123000 for vlan 123 and plumb this interface, ifconfig say no such interface. How right setup vlans on this machine?It looks like you're slightly confused regarding the naming convention for the hostname.* files. You say that your system has hme0, but your hostname.* file is using a ce (Cassini Ethernet) interface. That's why it's not working and returning the "no such interface" message. Do you have any CE NICs in that system? The way you have the hostname.ce123000 file configured suggests you're trying to configure ce0 on VLAN ID 123.
The HME NIC is a very old interface and the driver doesn't support VLANs so you may need to update to a GLDv3 driver and NIC, something like CE, BGE, e1000g, etc. I believe in Solaris 11 the driver was updated to support GLDv3 so it may work.
What kernel rev are you running? Please provide "uname -a". If you can also provide a "prtdiag -v" we should be able to see what other NICs you have installed in the system (if any).
If you're running Solaris 10 3/05 and above refer to http://download.oracle.com/docs/cd/E19253-01/816-4554/fpjve/index.html
If you're running Solaris 10 3/05 and earlier, refer to http://download.oracle.com/docs/cd/E19253-01/816-4554/bbjfdeij/index.html
Regards,
Steve -
I need to configure our Cisco Aironet 1200's for multiple VLANs. VLAN101 is for public use & VLAN2 is for employees only. Existing config is attached.
I need:
1. To disable the broadcast of VLAN2's SSID so that only VLAN101 shows up in the SSID list for visitors. Right now both are showing up.
2. To ensure the WEP key is setup correctly for VLAN2
Thanks in advance for your help!So are you saying both SSID's are currently broadcasting?
I would delete and re-create your client configurations. I don't think it's on the AP side. -
Moving VLAN config from catalyst 2960 to SG300
Dear all,
my existing catalyst 2960 config for vlans:
interface FastEthernet0/2
description 3Com Switch
switchport access vlan 10
switchport mode access
interface FastEthernet0/5
description to Cyberoam
switchport mode trunk
interface FastEthernet0/18
switchport access vlan 40
switchport mode access
interface FastEthernet0/19
interface FastEthernet0/20
switchport access vlan 20
switchport mode access
interface FastEthernet0/21
interface FastEthernet0/22
interface Vlan1
no ip address
no ip route-cache
interface Vlan10
ip address 192.168.0.51 255.255.255.0
no ip route-cache
Inside trunk there are VLAN10 (native), VLAN20,30,40
now, when I try to configure the same on SG300 I get trunk issues - no VLAN10 (native) inside trunk.
Regards
GNHi Mlechte, I cheated on your question a bit. I have used two SG300-52 switches. I am able to accomplish what you're asking with these models.
On my master switch the configuration fundamental is simple. For argument sake, I disabled all CDP. I create vlan 100 for voice. Assigned my voice vlan 100. I enabled LLDP on every port. I enabled every optional TLV on every individual port.
I then connected a 100% factory default SG300-52 to the 'master switch'. After about 3 minutes the VSDP created the voice vlan, the link between switches became 1u, 100t. The vlan database populated the vlan 100 and everything just worked nicely.
So, to answer your inquiry, if your 2960 supports the same TLVs it should work okay.
I do recommend you use the SX300 series, it is a much more robust switch, supports full CLI and has a lot better feature set. A SG300-08 (srw2008-k9-na) is around $250. The SG200-08 is about a $100 cheaper. The difference between models is astronomical and a much better investment.
Please review
console_log_master <--This is the switch that will advertise to the downstream
console_log_receive <-- This is a default switch that received the LLDP information
-Tom
Please rate helpful posts -
Hi
need help with Vlan's config on a SF300, i have created 5 vlans, the switch is dhcp enabled, created network pools, i assigned one port for testing to vlan 20, but cant get an ip address, dont know if i'm missing something (switch is in layer 2)
basically what i am trying to achieve is that each vlan can obtain an ip address via dhcp and have access to the Internet
any help much appreciated, current config below
switch0ec151#sh run
config-file-header
switch0ec151
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode switch
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
vlan database
vlan 10,20,30,40,50
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp server
ip dhcp excluded-address 192.168.168.200 192.168.168.254
ip dhcp excluded-address 192.168.168.24 192.168.168.24
ip dhcp pool network DATA
address low 192.168.168.10 high 192.168.168.252 255.255.255.0
lease infinite
domain-name 192.168.168.254
default-router 192.168.168.254
dns-server 192.168.168.254
exit
ip dhcp pool network Offce B
address low 192.168.170.1 high 192.168.170.254 255.255.255.0
lease infinite
domain-name 192.168.170.254
default-router 192.168.170.254
exit
ip dhcp pool network Office A
address low 192.168.169.1 high 192.168.169.254 255.255.255.0
lease infinite
exit
hostname switch0ec151
no passwords complexity enable
username cisco password encrypted 55c2f525a1900b76e8c633c118ffc2ea8a012277 privilege 15
snmp-server server
ip name-server 192.168.168.254
ip telnet server
interface vlan 1
ip address 192.168.168.253 255.255.255.0
interface vlan 10
name DATA
interface vlan 20
name "Office A"
interface vlan 30
name "Office B"
interface vlan 40
name "Office C"
interface vlan 50
name "Office D"
interface fastethernet11
switchport trunk native vlan 20
exit
switch0ec151#
switch0ec151#Hi Tom
thanks, i will change it to layer 3, if i configure the switch to give out dhcp, just on one range (192.168.168.x) can i assign dhcp pools to each vlan for example
vlan1 192.168.168.2 - 50
vlan2 192.168.168.51 - 70
vlan3 192.168.168.71 - 100
vlan4 192.168.168.100 - 200
or does each vlan have to have a seperate range and does i have to create a static route for each vlan to my router (draytek 2830n)?
thanks -
We have a flat network of 6 3750g poe switches in a stack. default vlan1 for data.......we are getting ready to go to voip and am need some general guidance in setting up voice vlan. It seems some say the ports should be in trunk mode, others say no. Just looking for simple config examples for the setup. thank you
Hi Mark,
Welcome to the world of VoIP. This is a great question!My background is primarily voice so it is hard for me to describe why this is a Cisco "best practice". I do know that it is unnecessary to configure the switchport in Trunk mode because when you use the Voice VLAN (with a native vlan) command a "special" dot1q trunk is automatically setup. The reasons I have seen to support this setup are many and vary from minimizing Trunking overhead to ease of configuration and everything in between :) On the older 3500XL Switches the Trunk method was the only way to go, but on all newer versions the need for Sitchport mode Trunk is not necessary. Here is one of the better threads I have ever read on this issue (with some Tac links as well). There are some great answers from Mahesh,Paolo Sankar and others here.
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Telephony&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1ddd5905/14#selected_message
Hope this helps!
Rob
Maybe you are looking for
-
Failed attempt to move log and database paths
Hi. Can anyone offer any advice on what might have caused an attempt to move Exchange 2010 (SP3) mailbox database and log folder paths to fail? I can't diagnose it, and would appreciate any advice. We have two databases in a two-node DAG, one mounted
-
How do you get the apple remote to STOP always launching iTunes????
After upgrading to Snow Leopard, I have discovered a few annoyances. The biggest one is that the Apple remote is always launching iTunes when I use it. Even when the Finder is not the target app. I have my entire Star Trek collection on a firewire dr
-
I have a unique problem. I have an application built on swing f/w with xml used for design and maven used for build. I have an applet that is independent of this application. Now i dont have a clue how to embed that applet into a jpanel or into that
-
Configuring Semaphores for OEL 5.2 and ASM Instance
Under Document ID 15654.1, the 'processes' parameters of database instances are used to determine the proper sizing of Kernel parameters specific to semaphores. Do we include ASM instance 'processes' in the sizing?
-
Mapping problem, int4[]
Hi I've have a table with column with int4[] as data type. I have a problem with setting the type of corresponding entity bean field. I still have a message about not proper datatypes - byte array instead of integer. Can anyone help? I'm using postgr