Static unicast MAC entry in multiple ports Cat6500VSS

Similar Messages

• How to setup a static multicast ARP entry with Cisco SF300-08?

  We're running a cluster in multicast mode as a  loadbalancer.
  We have Cisco SF300-08 and when we adding a static ARP entry results in an error message telling the user that the hardware address needs to be a valid  unicast MAC address.
  So how to setup a static multicast in Cisco SF300 or maybe someone know other solution to setup multicastes mode in Cisco SF300.

  Hi, Tom!
  We have two watchguard xtm505(cluster active-active) in our network. Watchguard interfaces have one ip and one mac adresses. IP 192.168.111.1(Unicast) and MAC 01:00:5e:02:02:03(multicast).  Cisco SF300 is router to outside networks(to internet). Cisco IP adresss is 192.168.111.254. There are another some hosts in this network.
  Ping from hosts to 192.168.111.254 works well. Ping from hosts to 192.168.111.1 works well too.  But there is no ping from watchguard cluster(192.168.111.1) to Cisco(192.168.111.254). And there is no routing to internet
  This is well-known situation. We need to do following(example for cisco 3750):
  1.    Start the Cisco 3750 command line interface.
  2.    Add a static ARP entry for the multicast MAC address of the FireCluster interface.
  Type this command:
  arp arpa
  For this example, type:
  arp 192.168.111.1 01:00:5e:02:02:03 arpa
  3.    Add an entry to the MAC address table.
  Type this command:
  mac-address-table static vlan interface <#>
  For this example, type:
  mac-address-table static 01:00:5e:02:02:03 vlan 1 interface gi1/0/11
  But we can't add arp entry on Cisco SF300. CLI tells us "MAC address illegal"!
  We tried enable igmp snooping, but is not helps.
  Could you tell more detailed about MAC groups?

• Multiple Port Mapping

  Hey all, I've bounced around here and the knowledge base a bit and couldnt find my answer.
  I have a range of 120 ports that I need to forward to my computer. I've already got everything with static IP and a couple ports working like a top.
  Basiclly I'm wondering if its possible to forward a range of ports instead of having to 120 seperate entries.
  I'm aware of the dmz option but would rather not have it wide open.
  Thanks all!

  You're correct in your analysis and this would have worked. Turns out the telephone adapter, TA, is a router (although ATT Callvantage said it was not). I brought in a local apple dealer's network sensei and he first changed the IP address of the TA to 10.1.1.201, just outside the range that my APE assigned to my computers and APE's. But, the TA needed multiple ports forwarded, including the range of 10,000 to 11,000. This killed that approach. What was done is that the TA was connected between the APE and the DSL modem. This seems to be working very well.
  The network tech saidn that the lack of ability of the APE to both forward more than 20 ports and no ability to forward a range of ports is a huge drawback. The tech said that he uses a Linksys router for his own personal network.
  I f I didn't use wireless printing and the APE with my iTunes, I'd betempted to can the APE. I am very disappointed in Apple.
  Regards, Axxel

• Extended acl - multiple ports on same acl line

  hello
  i'm working on a (long) acl and have started looking at putting multiple ports on the same line
  e.g.
  instead of:
  ip access-list extended test3
  permit tcp any host 10.10.10.1 eq 80
  permit tcp any host 10.10.10.1 eq 443
  i'd use:
  ip access-list extended test3
  permit tcp any host 10.10.10.1 eq 80 443
  its shortening the acl considerably but the question is:
  does this method reduce the TCAM resources required (compared to writing the acl in long hand)?
  what are the maximum number of ports that can be included on the same line - is it platform/ios dependant?
  thanks
  andy

  Hello
  No. I went ahead with the acl with multiple ports in each ACE and it worked fine. It was deployed on an old WS-C3750G-24PS-E and worked pretty well. When I checked the tcam on the switch I got the following output:
  Cisco3750#show platform tcam utilization
  CAM Utilization for ASIC# 0                      Max            Used
                                                           Masks/Values    Masks/values
  IPv4 security aces:                          1024/1024         33/33
  Note: Allocation of TCAM entries per feature uses
  a complex algorithm. The above information is meant
  to provide an abstract view of the current TCAM utilization
  As there were other ACLs on the switch it was difficult to gauge if the multiple ports per ACE approach to ACLs actually saved any TCAM resources. If you find anything out post back - I'd be interested to hear.
  thanks
  Andy

• Can you use Windows 7 to partition a Boot Camp created drive (not just a PC partition on a Mac drive) into multiple PC partitions?

  Can you use Windows 7 to partition a Boot Camp created dedicated PC drive (not just a PC partition on a Mac drive) into multiple PC partitions?

  Can you download this utility, it is a close equivalent of the gpt command, but has more features? (It is more than likely that Windows took over and converted this to an MBR disk).
  http://sourceforge.net/projects/gptfdisk/
  Once you have it installed you run it as follows. You can execute using either /dev/disk1 or /dev/rdisk1 as the parameter.
  type gdisk
  gdisk is /usr/sbin/gdisk
  sudo gdisk /dev/disk0
  Password:
  GPT fdisk (gdisk) version 0.8.9
  Warning: Devices opened with shared lock will not have their
  partition table automatically reloaded!
  Partition table scan:
    MBR: hybrid
    BSD: not present
    APM: not present
    GPT: present
  Found valid GPT with hybrid MBR; using GPT.
  Command (? for help): p
  Disk /dev/disk0: 1954210120 sectors, 931.8 GiB
  Logical sector size: 512 bytes
  Disk identifier (GUID): 6ED0C429-00D1-4759-B50E-04B6FB80D0E3
  Partition table holds up to 128 entries
  First usable sector is 34, last usable sector is 1954210086
  Partitions will be aligned on 8-sector boundaries
  Total free space is 1293 sectors (646.5 KiB)
  Number  Start (sector)    End (sector)  Size       Code  Name
     1              40          409639   200.0 MiB   EF00  EFI System Partition
     2          409640      1452940543   692.6 GiB   AF00  Customer
     3      1452940544      1454210079   619.9 MiB   AB00  Recovery HD
     4      1454211072      1954209791   238.4 GiB   0700  BOOTCAMP
  Command (? for help): q

• Packet drops caused by flapping FabricPath SSID's in MAC entries on N5K.

  Hi there,
  I have a strange issue in flapping MAC entries caused by ARP replies from the OTV AED for the HSRP vip address. Our Datacenter Infrastructure is build with N7K in the core with 2 VDC's, one for OTV and one for Fabricpath and vPC's. The access layer is build with N5K with Fabricpath between N7K and N5K. Routing occurs in the N7K with HSRP in both datacenters with vlan stretching and FHRP filtering in OTV, so active routers in both datacenters. The N7K is in a vPC domain and the N5K in another vPC domain. The OTV layer is connected via vPC uplinks.Traffic forwarding (when routed) from host connected to N5K is based on MAC entries in N5K for the HSRP vip address. In the sample below you see a fabricpath destination for HSRP vip entries. These entries are build based on ARP replies from the active HSRP router. The entry with SSID=12 is based on a ARP reply from the OTV AED, caused by the proxy-arp nature from OTV. These entries are changing continously for all vlans. Most of the time the SSID =0, but sometimes there changing. When i set up a ping to a host behind the N5K, there are time-outs occuring. At that moment the reply from the host is seen on the uplink to the OTV AED.
  bornsw244_005#  sh mac address-table  | i 0000.0c9f.
  * 105      0000.0c9f.f069    dynamic   0          F    F  1001.0.65535
  * 102      0000.0c9f.f066    dynamic   0          F    F  1001.0.65535
  * 101      0000.0c9f.f065    dynamic   0          F    F  1001.12.65535
  * 100      0000.0c9f.f064    dynamic   0          F    F  1001.0.65535
  I did not found any familiair problems on forums. I want to block the ARP replies on the uplink to the OTV AED, but don't know if there's already a solution for this? So please help!
  This is the (hopefully) solution i intend to apply:
  mac access-list HSRP_VMAC
    10 deny   0000.0c07.ac00 0000.0000.00ff any 0x806
    20 deny   0000.0c9f.f000 0000.0000.0fff any 0x806
    30 permit any any
  interface port-channel 3
     mac port access-group HSRP_VMAC
  interface port-channel 4
     mac port access-group HSRP_VMAC
  Regards,
  Frans Bragonje

  Hi,
  if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
  it should remain like this:
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption vlan 1 mode ciphers aes-ccm tkip
  ssid WLAN_Corporate
  ssid WLAN_HartKitGuest
  HTH,
  Tiago
  If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

• Opening multiple ports on Airport Extreme

  I need to open multiple ports on an Airport Extreme to allow for ftps service (about 500 ports). In port forwarding, it appears that I would have to enter 500 entries to do that (e.g. port 4001, 4002, 4003 etc.) Sounds wacky. In other routers (or linux sortware), multiple entries can be entered like "400, 4000-4500". Apple docs don't address this (from what I could find). Is there a syntax for multiple port forwarding?

  Are you using the round 802.11b/g AirPort Extreme base station (AEBS) or the square 802.11b/g/n AEBS?
  The round AEBS does not allow you to enter ranges. The only solution for a great number of ports is to use the default host option and send ALL the ports to the designated computer.
  I believe that the square AEBS allows you to enter ranges.

• Traceroute mac : Error: Mac found on multiple vlans

  That 6500 is our campus backbone. It routes between our vlans. It runs 12.2(18)SXF8. show catalyst6000 will list 000f.35ef.c400 as first mac address. I'm trying to L2 traceroute another mac address.
  Error is : Error: Mac found on multiple vlans.
  What mac address (of this 6500) should be specified as source to avoid this error message ?
  Thank you.

  The ethernet (MAC) addresses of other machines in the same layer two ethernet segment. but traffic for these hosts is
  broadcast to the local network, and as such I don?t think there would be any practical way to ascertain what layer two equipment was in between a pair of hosts other than by physically looking at it, or manually/automatically logging into equipment (say, via SNMP) in order to view MAC/CAM tables and port assignments.
  If you want to know more Please refer for complete syntax and usage information for the commands used in this chapter, refer to the Catalyst 6500 Series Switch Cisco IOS Command Reference, Release 12.2SX at this URL:
  :http://www.cisco.com/en/US/customer/products/hw/switches/ps708/products_command_reference_book09186a0080160cd0.html

• How many mac-addresses a single port can store ?

  How many mac-addresses a single port can store ?
  And also what is the max limit for mac-addresses on a switch ?
  Regards,
  Chandu

  Hi,
  I don't think there is a limit per port.
  The limit is the max number of entries in the CAM table so if for example the CAM table limit is 8000 and you already got 7200 entries you can have the 800 enties on different ports or on one port.
  Regards
  Alain
  Don't forget to rate helpful posts.

• I want to Connect my Mac Mini as a Slave to a Mac pro Server while at the same time using the Mac mini's thunderbolt ports peripherals ( ie monitor, Sound Card, Hard drives) Creating a poor man's new mac Pro. Can this be Done?

  I want to Connect my Mac Mini as a Slave to a Mac pro Server while at the same time using the Mac mini's thunderbolt ports peripherals ( ie monitor, Sound Card, Hard drives) Creating a poor man's new mac Pro. Can this be Done?

  Well, I really would love the new unreleased mac pro however , I'm not sure of the expected cost , Everyone speculates from $3,000 to $8,000, in which I may have to wait a while to purchase.
  To the point .... I want fully functional thunderbolt ports to be on the current mac pro's .... wonder if anyone had workarounds yet?...  or could I chain the the current mac pro to a mac mini to make that happen?

• Multiple ports on single node cannot communicate

  I am a Sr. Tech Architect from SBC that it evaluating your product for utilization in our enterprise online order application in combination with the Solarmetric Kodo product.
  I was able to install and utilize your application and line command, sample applications no problem on a single jvm utilizing multiple ports and all the members were being recognized no problem. Suddenly, they are no longer being picked up. I am using the packaged configuration xml files as is, just running multiple dos windows on a Win 2k box and launching the line command application. The only other development work I have been doing on the box is test deploys to Apache of the product along with the integration of the Kodo product in a WSAD 5.1 environment, however, I have both those applications shut down and rebooted the machine with no success. I tried running the multicast test just for kicks and got no response back. Scratching my head as to what my be the problem all of a sudden.
  Thanks,
  Scott

  Scott,
  Did you, by any chance, install and enable "Microsoft Loopback Adapter"? If so, you'd need to disable it. If not, could you please e-mail me the command line and some output of the multicast test.
  Thanks,
  Gene
  [email protected]

• Scan multiple ports on multiple computers

  Hey guys,
  I wrote the following batch script to use along with portqry tool which is availabe from microsoft download center.
  The tool can scan multiple ports on a single computer, but it is not capable of scanning multiple ports on multiple computers in one attempt. Also it gives a big output which is a bit tough if you are trying to prepare a report.
  Here is the batch file which takes input from server.txt where all the computer names present and scans for the below ports on each computer and gives you output in a beautiful way.
  TCP: 135, 445, 1433, 1434, 1024, 1040
  UDP: 1433, 1434
  Copy and paste the below code in a batch file and use it along with portqry.exe.
  echo off
  for /f "tokens=* delims= " %%a in (server.txt) do call :vk %%a
  :vk
  portqry -n %1 -e 1434 -q -p udp
  if errorlevel = 2 goto filtered_1434
  if errorlevel = 1 goto failed_1434
  if errorlevel = 0 goto success_1434
  goto 135
  :filtered_1434
  Echo %1 udp Port 1434 is listening or filtered
  goto 135
  :failed_1434
  Echo %1 udp Port 1434 is not listening
  Goto 135
  :success_1434
  Echo %1 udp Port 1434 is listening
  goto 135
  :135
  portqry -n %1 -e 135 -q -p tcp
  if errorlevel = 2 goto filtered_135
  if errorlevel = 1 goto failed_135
  if errorlevel = 0 goto success_135
  goto 445
  :filtered_135
  Echo %1 tcp Port 135 is listening or filtered
  goto 445
  :failed_135
  Echo %1 tcp Port 135 is not listening
  Goto 445
  :success_135
  Echo %1 tcp Port 135 is listening
  goto 445
  :445
  portqry -n %1 -e 445 -q -p tcp
  if errorlevel = 2 goto filtered_445
  if errorlevel = 1 goto failed_445
  if errorlevel = 0 goto success_445
  goto 1433_tcp
  :filtered_445
  Echo %1 tcp Port 445 is listening or filtered
  goto 1433_tcp
  :failed_445
  Echo %1 tcp Port 445 is not listening
  Goto 1433_tcp
  :success_445
  Echo %1 tcp Port 445 is listening
  goto 1433_tcp
  :1433_tcp
  portqry -n %1 -e 1433 -q -p tcp
  if errorlevel = 2 goto filtered_1433_tcp
  if errorlevel = 1 goto failed_1433_tcp
  if errorlevel = 0 goto success_1433_tcp
  goto 1434_tcp
  :filtered_1433_tcp
  Echo %1 tcp Port 1433 is listening or filtered
  goto 1434_tcp
  :failed_1433_tcp
  Echo %1 tcp Port 1433 is not listening
  Goto 1434_tcp
  :success_1433_tcp
  Echo %1 tcp Port 1433 is listening
  goto 1434_tcp
  :1434_tcp
  portqry -n %1 -e 1434 -q -p tcp
  if errorlevel = 2 goto filtered_1434_tcp
  if errorlevel = 1 goto failed_1434_tcp
  if errorlevel = 0 goto success_1434_tcp
  goto 1024
  :filtered_1434_tcp
  Echo %1 tcp Port 1434 is listening or filtered
  goto 1024
  :failed_1434_tcp
  Echo %1 tcp Port 1434 is not listening
  Goto 1024
  :success_1434_tcp
  Echo %1 tcp Port 1434 is listening
  goto 1024
  :1024
  portqry -n %1 -e 1024 -q -p tcp
  if errorlevel = 2 goto filtered_1024
  if errorlevel = 1 goto failed_1024
  if errorlevel = 0 goto success_1024
  goto 1040
  :filtered_1024
  Echo %1 tcp Port 1024 is listening or filtered
  goto 1040
  :failed_1024
  Echo %1 tcp Port 1024 is not listening
  Goto 1040
  :success_1024
  Echo %1 tcp Port 1024 is listening
  goto 1040
  :1040
  portqry -n %1 -e 1040 -q -p tcp
  if errorlevel = 2 goto filtered_1040
  if errorlevel = 1 goto failed_1040
  if errorlevel = 0 goto success_1040
  goto 1433
  :filtered_1040
  Echo %1 tcp Port 1040 is listening or filtered
  goto 1433
  :failed_1040
  Echo %1 tcp Port 1040 is not listening
  Goto 1433
  :success_1040
  Echo %1 tcp Port 1040 is listening
  goto 1433
  :1433
  portqry -n %1 -e 1433 -q -p udp
  if errorlevel = 2 goto filtered_1433
  if errorlevel = 1 goto failed_1433
  if errorlevel = 0 goto success_1433
  goto end
  :filtered_1433
  Echo %1 udp Port 1433 is listening or filtered
  goto end
  :failed_1433
  Echo %1 udp Port 1433 is not listening
  Goto end
  :success_1433
  Echo %1 udp Port 1433 is listening
  goto end
  :End

  For what it's worth, I wrote a PowerShell script that does something like this a while back.
  http://gallery.technet.microsoft.com/scriptcenter/97119ed6-6fb2-446d-98d8-32d823867131

• I have moved from a G5 Powermac to an Intel Mac Pro and am porting over Items from a Backup HDD. How can I access and use drawings and documents created on the PC computer on the Intel computer ?

  I have moved from a G5 Powermac to an Intel Mac Pro and selectively porting over items from a backup hard drive.
  How can I access and use documents and drawings created on the PC based computer ?

  Clarisworks, you need Appleworks, which will only work with Mac OS X10.6.8 or earlier.  See this tip if you must go newer.  Mac Pros with newer hardware configuration than July 20, 2011 can't use Mac OS X 10.6.8 or earlier without this tip and then it would be Mac OS X Server.  I'm not sure if the new black Mac Pro supports that configuration or not.
  iPhoto, there is an iPhoto for all versions of Mac OS X.
  iTunes, there is an iTunes for all versions of Mac OS X.  Note with iTunes versions 11 and later, which are needed for syncing with iOS 7 or or later, you will lose coverflow, if you liked that feature.  Sadly you can't run an older version of iTunes from within Mac OS X 10.9 or later.
  Sketchup: http://help.sketchup.com/en/article/60107 shows the versions that will work with intermediate Mac OS X versions, and this shows the latest version: http://help.sketchup.com/en/article/36208 be sure to click on the operating system you choose to use.
  GIF - Viewing GIFs Apple's Preview can do that.  Editing them, I like http://www.lemkesoft.com/ Graphicconverter.
  DMG is able to be opened by all versions of Mac OS X.  This are just "disk images" which store programs on a virtual disk that will open when double clicked.    Frequently you'll find the installer of the said program inside.  To find out if the program itself is compatible with 10.7 through 10.9, see http://www.roaringapps.com/
  Otherwise see the resources on:
  https://discussions.apple.com/docs/DOC-2455
  If you end up deciding to stick with Snow Leopard.

• HT3014 my mac has the VGA port and I need a newer monitor for it. what do I use that will connect it. I had a new dell monitor and none of the things that dell said worked. so I am going to get a mac monitor for a second unit.

  my mac has the VGA port and I need a newer monitor for it. what do I use that will connect it. I had a new dell monitor and none of the things that dell said worked. so I am going to get a mac monitor for a second unit.
  my laptop is a 2008 model

  Hmmm... 2008 MBP has...
  Video (Monitor):     1 (DVI)
  Details:     Supports external display in dual display and mirroring modes. VGA output provided by included Apple DVI-to-VGA adapter, S-video output provided by optional adapter (sold separately).
  http://www.everymac.com/systems/apple/macbook_pro/specs/macbook-pro-core-2-duo-2 .5-15-early-2008-penryn-specs.html

• ISE 1.2 and ACL's with multiple ports

  When creating a DACL for my groups I used the Syntax " permit tcp any 192.168.20.0 0.0.0.255 eq 22 443" for one of my acl's inside the DACL and the syntax check validated it. When I pushed it to my groups it also worked but I have heard that this type of multiple port ACL in ISE is not supported. Does anyone know if this is accurate?

  Thanks for the response but it's wrong. Cisco supports stacked ports in 1.2 for wired users. They carried over 1.1documentation to 1.2 and never updated it. We have it in writing from Cisco tac.