Subnets on a switch

Similar Messages

• Subnets on single switch problem

  Hi i recently completed a CCENT and am now moving onto to CCNA. I came across a network recently shown in the attachment that had a problem and i have a few questions and am trying to debug it. Any suggestions would be appreicated.
  Device a sends info to device b every second over tcp/ip (few packets of info). If the link to Switch 1 is not connected the 192.168.1 network works fine and device a and device b function as normal.
  When the link from switch 3 is plugged into switch 1 after approx 2 hours device b stops working as it does not receive infomation from device a.
  This is repeatable plugging into switch 1 always causes an issue on device b.
  All the switches are unmanaged switches.
  The server needs to communicate with the 10.0.1.x and to the 192.168.1.x network but the other deices on the 10 network and 192 network do not have to communicate with each other. The server runs monitoring software and needs to "see" all devices. The server has one NIC with an alternate IP set up and can ping the devices on the 192,.168.1.x network and the 10.0.1.x network.
  I was wondering is there a potential issue with the two subnets on the switch or is there possibly an issue with broadcast traffic?
  The devices are not PC but industrial communication devices so im am unsure how to debug the issue.Also cannot view any logs on the switches as they are unmanaged.
  One though i had was to put a cisco 3550 switch i have for testing in there and connect device a,device b on the cisco switch, then create a SPAN port and connect wireshark/dumcap to the SPAN port to monitor the traffic being sent between the two.
  If anyone has any suggestions please let me know thanks

  One characteristic that is generally true of unmanaged switches is that they have no concept of VLANs and that all of their ports are all in the same VLAN (same broadcast domain). So although you may have some devices configured as part of 192.168.1 network and other devices configured as part of 10.0.1 network the reality is that all of the devices are part of one big flat network.
  If you put a Layer 3 switch into the network then you create the opportunity to actually separate these networks. You could configure vlan 10 and assign some ports on the layer 3 switch as access ports in vlan 10. If you connect switches 2 and 3 to ports that are access ports in vlan 10 then all the ports in switches 2 and 3 will be in vlan 10. You could configure vlan 20 on the layer 3 switch and make vlan 20 have subnet 10.0.1.
  You could connect switch 4 to an access port in whatever vlan you choose. You suggest that it might go into vlan 10 which is certainly possible. But you then suggest setting the IP of the server as part of 10.0. But in the preceding paragraph you suggested that 10.0 would be associated with vlan 20. You need to be clear and consistent about the relationship between vlan and subnet.
  If you associate 10.0 subnet with vlan 20 then any device in vlan 20 should have an IP address in 10.0. And all devices in the vlan and subnet would easily communicate with each other.
  I am somewhat unclear about the server. At some places you seem to indicate that it needs to communicate with devices in network 10.0 and in some places it seems that it should communicate with 192. If it really needs to communicate with both then you will need some layer 3 device that allows routing between the subnets.
  HTH
  Rick

• Subnet config and switch layout for windows 2012 ISCSI server

  I would like to ask about subnet design and switch layout in regards to using a Windows 2012 ISCSI solution. When you guys design subnets for ISCSI configurations do you use one subnet or multiple subnets?  Also do you link the switches together when
  designing your ISCSI layouts? These types of things are normally discussed in vendor deployment guides.  However, I have not come across a best practices guide for deploying Server 2012 ISCSI.

  I would like to ask about subnet design and switch layout in regards to using a Windows 2012 ISCSI solution. When you guys design subnets for ISCSI configurations do you use one subnet or multiple subnets?  Also do you link the switches together
  when designing your ISCSI layouts? These types of things are normally discussed in vendor deployment guides.  However, I have not come across a best practices guide for deploying Server 2012 ISCSI.
  For iSCSI you typically create a separate subnets around physical NICs you use for iSCSI traffic (assuming they are used by iSCSI target for MPIO of course). Here are few guides on how to do that (some for Windows Server 2008 R2 but you can ignore that fact
  as target itself did not change much and concepts are still the same). See:
  Configure iSCSI MPIO on Windows (full)
  http://blogs.technet.com/b/migreene/archive/2009/08/29/3277914.aspx
  (make sure you have at leas one connection before you try to enable MPIO)
  Setting up a Target and Initiator
  http://www.server-log.com/blog/2011/7/26/setting-up-an-microsoft-iscsi-target-and-initiator-using-mpi.html
  You need however be aware of a couple of facts... 
  1) MSFT does not see much future in iSCSI and is replacing it with SMB3 where it can. So if you want to use iSCSI to provide shared storage to your guest VMs you need to use shared VHDX hosted on SMB3 share, see:
  Shared VHDX for guest VM Cluster
  http://technet.microsoft.com/en-us/library/dn265980.aspx
  If you plan to use iSCSI to host CSV and VM images there you again can use SMB3 share, see:
  Hyper-V over SMB
  http://technet.microsoft.com/en-us/library/jj134187.aspx
  That's both simpler to manage (you don't configure anything except teaming for NICs to enable SMB Multichannel and create a shared folder in a few clicks) and faster: MSFT iSCSI target is not cached @ server side while (OK, Hyper-V ovens VMs in a pass-thru
  mode but other users typically don't do that). SQL Server is the same as Hyper-V in terms of SMB3 support, Windows clusters support SMB3 share as a witness and so on.
  2) That's a single point of failure. Think about using SoFS instead of a single SMB3 share and think about clustering your target (you'll need a separate fault tolerant back end of that) to increase uptime. See:
  MSFT iSCSI Target Failover Cluster
  http://techontip.wordpress.com/2011/05/03/microsoft-iscsi-target-cluster-building-walkthrough/
  Good luck! :)
  StarWind VSAN [Virtual SAN] clusters Hyper-V without SAS, Fibre Channel, SMB 3.0 or iSCSI, uses Ethernet to mirror internally mounted SATA disks between hosts.

• Adding subnet IP range to VLAN in SGE2000P switch

  hi,
  I am unable to add subnet IP range to VLAN in SGE2000P switch. Can anyone help me to configure same. Thanks in advance
  I want to configure 3 VLAN in my SGE2000P switch. as a router I am using my Fortigate firewall 50b. I have done all required configuration in switch but till I am unable to assign subnet range to switch. 

  i am using ios version v1.2.7.7 (latest)
  i tried the following CLI commands
  switch(config)# vlan 2
  switch(config)# interface vlan 2
  switch(config-if)# name project2
  switch(config-if)# ip address 192.168.10.2 255.255.255.0
  so as and when i press ENTER on the ip address line , the switch stopes responding. i tried changing vlan number and name but no luck.
  it already has vlan 1 , with default ip address 192.168.1.254 , i cannot ping this IP after this.
  pls suggest...

• Role of Distribution Switch

  Hello all,
  Can any one explain me what is the role of distribution switch in netwok environment? How the network should be designed proper having it.
  My confusion is, having distribution switch in network, should we configure layer3 interfaces on distribution or on core ? how the connected users at access layer switch should communicate with other vlans ? does intervlan routing should be enabled on distribution switch or at core ? what should be the gateway configured for access layer switches or for end users ?
  Regards,

  As the others have said the core is generally used to simply interconnect your distribution switches, usually using L3 routed links ie. no need for vlans between distro and core.
  That said you seem to be talking about a building rather than a campus setup. In a campus set you can have multiple buildings with access switches per floor connecting to a distro pair that do inter vlan routing for the buildings vlans and then each distro pair is connected to core set of switches that route between buildings. This is a standard Cisco 3 tier design but within a single building it might not be the best approach.
  In a single building design, as Reza mentioned, a more common design is a collapsed distribution/core where the same pair of switches do both. Each floor really doesn't need a distribution switch unless there is an abnormally high amount of traffic between vlans on the same floor which is generally not the case.
  So your access switches on each floor connect back to core/disto pair of switches which handle all the inter vlan routing. As devils advocate mentioned. you can extend L3 back to the access layer but there are limitations with this and with the advent of VSS/MEC on the 6500s and MEC on the 3750s a lot of the advtantage of running L3 to the access layer has gone, and you still get the flexibility that L2 can give you ie. the ability to have a vlan on multiple access switches.
  Ideally you do not want servers connecting directly into the core/distro pair (and certainly not the core if you had a dedicated core pair of switches). You would want a separate pair of switches for the servers that then connect back to the core/distro pair. But this often comes down to cost and you often see servers connected to the core/distro pair.
  If it is one building i would use the 6500s as a core/distro pair and run MEC from the switches on each floor back to the 6500s. Inter vlan routing would be done on the 6500s, again with the proviso that most of the traffic is between clients on the floors and servers and not between clients and other clients on the same floor.
  There is no need to have distribution switches per floor. If you do then be aware that is in effect a L3 routed access layer and the major restriction is that if you have vlan/IP subnet on one switch you cannot then have the same vlan/IP siubnet on another switch on a different floor.
  Jon

• Appropriate addressing (subnet separation) for Unified Wireless Infrastructure components.

  Good day all,
  I am looking for some advice on appropriate IP subnet separation of the various Cisco Unified Wireless Infrastructure components.  For example, would all components go on their own firewall secured IP subnets?  Can some of the components be grouped together, would there be a performance advantage to that vs a security risk? Just so I am clear, the components I am referring to are WLC, ISE, MSE, and PRIME Infrastructure.
  The environment for context is Unified environment, all components are centralized in a single DC (datacenter) but soon to be two DCs. 5508 controllers, 2504 controllers, 3495 security appliances, and 3300 series MSEs.  The deployment model for now is (from the BYOD CVD) Basic Guest with two SSIDs (corporate and guest) and using a guest anchor in a internet DMZ.

  It really varies, but it comes down to the basic.... security policy for the devices.  I usually keep the AP's in it own subnet, the WLC in the same subnet as the switches and the MSE and PI in the server subnet.  Wireless will always be on its own subnet and guest, like you have, will be tunneled into its own subnet in the DMZ.  Internal wireless should be separate subnet from your wired side.
  Scott

• WLAN AP & Client subnet sizing

  Does anyone know of any recommendations regarding sizing of:
  - AP subnets
  - Client subnets
  when designing Cisco wireless networks?
  I've checked out the design guides and various FAQ's etc., but haven't come across anything obvious.
  In the case of AP subnets, I wonder if there is a recommended point at which the number of APs in a subnet becomes too high. There must be a break-point where the level of broadcast traffic starts to have negative impact on performance for all APs in the subnet. I often use an AP subnet range per switch stack or per floor, which seems to work fine, but may not be best use of limited IP address space. But, would it really be advisable to create a 24 bit AP range and then put 250 APs into it?
  The same question applies to client subnets. Again, if I have 500 users, I wouldn't usually create a single 23 bit subnet to accomodate them and then allow that single range to be assigned to a single SSID to cover a campus. Generally, I would use a number of ranges and use AP groups on an SSID to keep the broadcast domains down to reasonable sizes on the client side. Again, what is a 'reasonable' size (in terms of numbers of clients on a subnet)?
  I'm guessing there are a lot of variables in here (for instance the levels & types of traffic). But, I would be interested to hear of any tried & tested (or Cisco recommended) rules of thumb.
  Thanks in advance.
  Nigel.

  Just to add in another consideration to this discussion, I'd like to throw in multicasting.
  The main argument that underpins the sizing considerations discussed above is the fact that the WLC does not forward broadcasts to client, allowing large subnets to be used with no issues.
  However, with the growth of BYOD etc. recently, there is a growing demand for multicasting due to the services provided by Bonjour for Apple devices (e.g. Apple TV, Air Print etc.).
  I'd be interested to hear if anyone has any views on how the potential growth in multicast traffic for Bonjour services is going to impact client subnet sizing (if at all..?).
  There is a great guide about Bonjour deployment from Cisco at: http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0080bb1d7c.shtml
  I'm guessing that IGMP snooping should ensure that only clients that need to receive a multicast stream will get it. But, even so, I'm guessing this will have some detrimental impact as many clients on the same subnet may receive the same stream?
  Anyone any useful input on this?
  Nigel.

• No icmp reply from my catalyst 2950 switch

  My switches is still operating but when i ping the switch, there isn't any reply. Expert please advice.

  David
  There are several things that might produce the symptoms that you describe. Without some more details it is difficult to know which one it might be. Some of the possibilities include:
  - the switches may not have an IP address assigned. The switch will still do an excellent job of forwarding frames at layer 2, but without an IP address it can not respond to ping.
  - the switch may have an IP address but there is some error in configuration of the address (perhaps a misconfigured mask, or a keying error in the address). This would not impact the switch ability to function at layer 2 but would not allow it to respond to ping etc.
  - the switch may not be configured with a default gateway (or configured with an error about the default gateway). This would allow the switch to respond at layer 3 within its own subnet but not able to respond to anything outside its subnet.
  - the switch may have its IP address assigned for management purposes, but the address may be associated with a VLAN which has no active ports and therefore is inactive and can not respond.
  - there might be an access list assigned somewhere that is not permitting the ping.
  There could be some other things. If you can provide some more details, like what kind of switches are we talking about, and some details of how the switches are configured we may be able to find better answers.
  HTH
  Rick

• Problems in connecting to windows domain from a L3 switch

  Hello,
  I have a Cisco L3 switch with two subnets on that switch. I dont have vlan for each subnet, all i did is confiugred two IP's for the single vlan, meaning the switch will have a IP in the server subnet and a secondary IP in the client subnet range. For the client subnet, the secondary IP will be the gateway and for the servers, the primary ip will be the gateway.
  The issue is the Domain controller is in one subnet and the clients are in another subnet.
  Because of this they are not able to see each other and the clients cant join the domain. Also the DHCP is not working,meaning clients are not getting an IP from the DHCP server. The scope is set to the range of Client IP range.
  The only way to fix this, i have given dual IP's to this DC and then the systems clients started joing the domain.
  I dont want to have the server with dual IP's.
  What is the best way i can ensure that my Domain is in the server subnet and the clients who are in client subnet can join them over the Cisco L3 switch as both the server subnet switch and the client switch connected to the L3 which acts as the core switch at the site.

  hello,
  Thanks for your reply.
  Sorry that i didnt tell earlier that every thing works fine except the DHCP/Domain issue. This shows routing is ok.
  Also i have complaints saying that when i have a user setup with a client ip, the performance is very slow, the moment i change that to a server IP range, the performance is very good.
  The pity here is both for the client ip range and the Server IP range, the gateway is the L3 as i have configured dual IP's for that vlan in the L3, one for the Client IP range and the other for the server IP range.
  The DHCP server will start issuing IP's to the client when the moment i change the IP of the DHCP server to the same range as that of the scope, i mean when i assign an IP to the DHCP server in the client IP range.
  Both the DHCP and domain are the same machine and hence i have both problems ie DHCP not working and clients not able to join the domain.
  think it should be some kind of broadcast issue here since both the DHCP and the Domain uses broadcasts.
  I have tried using ip-helper address as well and still no luck :(

• Windows 2012 Nodes - Slow CSV Performance - Need help to resolve my iSCSI issue configuration

  I spent weeks going over the forums and the net for any publications and advice on how to optimize iSCSI connections and i'm about to give up.  I really need some help in determining if its something i'm not configuring right or maybe its an equipment
  issue. 
  Hardware:
  2x Windows 2012 Hosts with 10 Nics (same NIC configuration) in a Failover Cluster sharing a CSV LUN. 
  3x NICs Teamed for Host/Live Migration (192.168.0.x)
  2x NICS teamed for Hyper-V Switch 1 (192.168.0.x)
  1x NIC teamed for Hyper-V Switch 2 (192.168.10.x)
  4x NICs for iSCSI traffic (192.168.0.x, 192.168.10.x, 192.168.20.x 192.168.30.x)
  Jumbo frames and flow control turned on all the NICs on the host.  IpV6 disabled.  Client for Microsoft Network, File/Printing Sharing Disabled on iSCSI NICs. 
  MPIO Least Queue selected.  Round Robin gives me an error message saying "The parameter is incorrect.  The round robin policy attempts to evenly distribute incoming requests to all processing paths. "
  Netgear ReadyNas 3200
  4x NICs for iSCSI traffic ((192.168.0.x, 192.168.10.x, 192.168.20.x 192.168.30.x)
  Network Hardware:
  Cisco 2960S managed switch - Flow control on, Spanning Tree on, Jumbo Frames at 9k - this is for the .0 subnet
  Netgear unmanaged switch - Flow control on, Jumbo Frames at 9k - this is for .10 subnet
  Netgear unmanaged switch - Flow control on, Jumbo Frames at 9k - this is for .20 subnet
  Netgear unmanaged switch - Flow control on, Jumbo Frames at 9k - this is for .30 subnet
  Host Configuration (things I tried turning on and off):
  Autotuning 
  RSS
  Chimney Offload
  I have 8 VMs stored in the CSV.  When try to load all 8 up at the same time, they bog down.  Each VM loads very slowly and when they eventually come up, most of the important services did not start.  I have to load
  them up 1 or 2 at a time.  Even then the performance is nothing like if they were loading up on the Host itself (VHD stored on the host's hdd).  This is what prompted me to add in more iSCSI connections to see if I can improve the VM's
  performance.  Even with 4 iSCSI connections, I feel nothing has changed.  The VMs still start up slowly and services do not load right.  If I distribute the load with 4 VMs on Host 1 and 4 VMs on Host 2, the load up
  times do not change. 
  As a manual test for file copy speed, I moved the cluster resources to Host 1 and copied a VM from the CSV and onto the Host.   The speed would start out around 250megs/sec and then eventually drop down to about 50/60 megs/sec.  If I turn
  off all iSCSI connections except one, it get the same speed.  I can verify from the Windows Performance Tab under Task Manager that all the NICS are distributing traffic evenly, but something is just limiting the flow.  Like what I stated on top,
  I played around with autotuning, RSS and chimney offload and none of it makes a difference. 
  The VMs have been converted to VHDx and to fixed size.  That did not help.   
  Is there something I'm not doing right?   I am working with Netgear support and they are puzzled as well.  The ReadyNas device should easily be able to handle it. 
  Please help!  I pulled my hair out over this for the past two months and I'm about to give up and just ditch clustering all together and just run the VMs off the hosts themselves. 
  George

  A few things...
  For starters, I recommend opening a case with Microsoft support.  They will be able to dig in and help you...
  Turn on the CSV Cache, it will boost your performance 
  http://blogs.msdn.com/b/clustering/archive/2012/03/22/10286676.aspx
  A file copy has no resemblance of the unbuffered I/O a VM does... so don't use that as a comparison, as you are comparing apples to oranges.
  Do you see any I/O performance difference between the coordinator node and the non-coordinator nodes?  Basically, see which node owns the cluster Physical Disk resource... measure the performance.  Then move the Physical Disk resource for the
  CSV volume to another node, and repeat the same measure of performance... then compare them.
  Your IP addressing seems odd...  you show multiple networks on 192.168.0.x and also on 192.168.10.x.   Remember that clustering only recognizes and uses 1 logical interface per IP subnet.  I would triple check all your IP schemes...
  to ensure they are all different logical networks.
  Check you binding order
  Make sure you NIC drivers and NIC firmware are updated
  Make sure you don't have IPsec enabled, that will significantly impact your network performance
  For the iSCSI Software Initiator, when you did your connection... make sure you didn't do a 'Quick Connect'... that will do a wildcard and connect over any network.  You want to specify your dedicated iSCSI network
  No idea what the performance capabilities of the ReadyNas is...  this could all likely be associated with the shared storage.
  What speed NIC's are you using?   I hope at least 10 GB...
  Hope that helps...
  Elden
  Hi Elden,
  2. CSV is turned on, I have 4GB dedicated from each host to it.  With IOmeter running within the VMs, I do see the read speed jumped up 4-5x fold but the write speed stays the same (which according to the doc it should).  But even with the read
  speed that high, the VMs are not starting up quickly.  
  4. I do not see any difference with IO with coordinator and non coordinator nodes.  
  5.  I'm not 100% sure what your saying about my IPs.  Maybe if I list it out, you can help explain further.  
  Host 1 - 192.168.0.241 (Host/LM IP), Undefined IP on the 192.168.0.x network (Hyper-V Port 1), Undefined IP on the 192.168.10.x network (Hyper- V port 2), 192.168.0.220 (iSCSI 1), 192.168.10.10 (iSCSI2), 192.168.20.10(iSCSI 3), 192.168.30.10 (iSCSI 4)
  The Hyper-V ports are undefined because the VMs themselves have static ips.  
  0.220 host NIC connects with the .231 NIC of the NAS
  10.10 host NIC connects with the 10.100 NIC of the NAS
  20.10 host NIC connects with the 20.100 NIC of the NAS
  30.10 host NIC connects with the 30.100 NIC of the NAS
  Host 2 - 192.168.0.245 (Host/LM IP), Undefined IP on the 192.168.0.x network (Hyper-V Port 1), Undefined IP on the 192.168.10.x network (Hyper- V port 2), 192.168.0.221 (iSCSI 1), 192.168.10.20 (iSCSI2), 192.168.20.20(iSCSI 3), 192.168.30.20 (iSCSI 4)
  The Hyper-V ports are undefined because the VMs themselves have static ips.  
  0.221 host NIC connects with the .231 NIC of the NAS
  10.20 host NIC connects with the 10.100 NIC of the NAS
  20.20 host NIC connects with the 20.100 NIC of the NAS
  30.20 host NIC connects with the 30.100 NIC of the NAS
  6. Binding orders are all correct.
  7. Nic drivers are all updated.  Didn't check the firmware.
  8. I do not know about IPSec...let me look into it.  
  9. I did not do quick connect, each iscsi connection is defined using a specific source ip and specific target ip.  
  These are all 1gigabit nics, which is the reason why I have so many NICs...otherwise there would be no reason for me to have 4 iscsi connections.  

• How do I Set up a LAN with no access to the Internet?

  I have a Solaris 10 (08/07) [No longer can acess the internet]
  full install on one system, and Solaris 10 Developer Edition (09/07) on another system. Each has been auto-configured upon installation, and have reached the Internet, and registered at Sun Microsystems, from behind a router and cable modem.
  I want to create a Local Area Network, using a 4 port Netgear Ethernet Hub, model EN104tp, Each of the Solaris 10 systems, a Windows XP Pro system, and a Windows Media Edition LapTop. +(Which I want to have additional admin control, and access to the Server, from!)+
  My problem is this!
  1) Do I have to change any files to eliminate, the access to the internet from the two Solaris machines via router and cable modem? If so which, and, how do I? +(I intend for the LAN to be isolated from the internet)+
  2) What are the step by step, to set up a LAN?
  I can't seem to find that info anywhere. Maybe I am looking in all the wrong places...
  I appreciate and Thank You in advance for any help...

  The only difference between LAN and Internet is the size.
  Depends on how you define LAN -- it may be multiple subnets glued with routers or just one big or small subnet with bridges, switches and/or hubs or simply a crossed UTP-cable..
  If you don't have routers then you won't need a /etc/defaultrouter (rm -f /etc/defaultrouter; /usr/sbin/route -fn)
  You should use RFC-1918 addresses; i.e. chunks with a suitable mask of your choice as parts or whole of 10./8 (10.0.0.0 - 10.255.255.255), 172.16/12 (172.16.0.0 - 172.31.255.255) and/or 192.168/16 (192.168.0.0 - 192.168.255.255). Example 10.0.0.0/255.255.255.0 for a (256-2=)254-node subnet; 10.20.30.40/255.255.255.252 would suite a crossed-cable subnet perfectly.
  A DHCP-server would be nice for PC's. Solaris can do that (/usr/sadm/admin/bin/dhcpmgr).

• Cisco ip phone 9971 registration failed with CME 8.6 on WAN

  Dear  Sir
  Subject: Cisco ip
  phone  9971 registration failed
  with CME 8.6 on WAN
  I have a WAN  simulation with one Cisco2811 router one Cisco1841 router (connected with fast  Ethernet interface) plus one layer 2  switch.
  I upgraded the 2811 IOS to 15.4M and installed CME8.6, when we tried  to add 9971 sip phone If the traffic goes throw LAN (Same subnet- directly from  switch to 2811) everything is fine and the SIP phone (9971) added with no  problem but when I change the subnet and traffic goes throw WAN
  ( from 1841  routed to 2811 with default route) my phone didn't register.
  It will be great  if anybody could help!!
  If you can solve my problem, I will be happy to  compensate.

  Try binding SIP to an interface on which Phone can reach (Use "voice service voip" "sip" and then bind)
  Udit

• VLAN trunking on Hyper-V from SCVMM 2012 R2

  hi All, 
  I have a multiple Hyper-V host, each hyper-V host have 2 physical NIC, 1 Physical NIC connected to Management Network, and the other 1 Physical NIC connected to Production LAN.
  We have 5 VLAN ID in Production LAN,
  based on my experience we can set VLANID's on Network Adapter in VM level, and also we can set VLAINID's on Virtual Switch but only for single VLAN not multiple VLAN.
  The question are as following:
  1. Can we set Trunk on Virtual Switch from SCVMM 2012 R2 console? On this article http://technet.microsoft.com/en-us/library/hh848475.aspx, we can set Trunk for VM by using Set-VMNetworkAdapterVlan, not for virtual switch.
  2. In SCVMM, we can create Logical Network put the VLAN and subnet, create Logical Switch, port profile, port classification,  and associate the Logical Switch to Logical Network. Then we need to add the Logical Network to Hyper-V host. is it means
  that the logical switch become Trunk mode?
  Regards,
  Endrik
  Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

  Hi Lopez, 
  Ya, just create vswitch without vlanid, then add vlan id on VM network adapter, and config the switch port behind the server. It's just work.
  thanks
  Endrik
  Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• Solaris 10 LDAP Clients Intermittently Fail

  I'm working on a rather puzzling issue with some of our Solaris 10 systems authenticating against DSEE 6.3. These clients previously worked without issue but starting last week SSH connections would hang for a few minutes and then start working again. This never happened on more than one system at a time.
  I found the following messages in /var/adm/messages during the time we have these problems:
  Apr 27 08:04:57 hostname nscd[20634]: [ID 293258 user.warning] libsldap: Status: 7 Mesg: LDAP ERROR (85): Timed out.
  Apr 27 08:05:47 hostname nscd[20634]: [ID 293258 user.warning] libsldap: Status: 7 Mesg: LDAP ERROR (85): Timed out.
  ... many of these
  Apr 27 08:10:07 hostname nscd[20634]: [ID 293258 user.warning] libsldap: Status: 7 Mesg: LDAP ERROR (85): Timed out.
  Apr 27 08:10:17 hostname nscd[20634]: [ID 293258 user.warning] libsldap: Status: 7 Mesg: LDAP ERROR (85): Timed out.
  Apr 27 08:10:31 hostname nscd[20634]: [ID 293258 user.warning] libsldap: Status: 7 Mesg: LDAP ERROR (81): Can't contact LDAP server.
  To test connectivity to the LDAP server I have a ldapsearch running every 15 seconds an logging the time it took and checking for correct results. during the time that I see the libsldap messages and ssh connections are hanging, the ldapsearch command continues to run fine without slowing down.
  A final note is that all three of the problem systems are on the same subnet and systems outside of this subnet aren't having any problems with the same configuration. My first thought was the firewall but ldapsearch continues to work.
  Does anyone know if nscd tries to keep the LDAP connection open. Looking at the logged messages it appears as though it gives up after 5 minutes or so, throws the LDAP ERROR (81) and then starts to work again.
  Any ideas would be appreciated. This one is making me crazy (crazier).
  Thanks.

  rukbat wrote:
  Has anything changed in that time frame?
  Any physical changes such as office-moves? new hires? lay-offs?
  Could there have been any modifications to the networking hardware such as lengthening the cabling? Is it possible to re-route the subnet to different switches or to different posts on the switches? You might consider snooping the traffic to watch how it traverses the paths to the LDAP server.
  If there are other systems on the subnet, do they experience any sort of timeouts ( even if it is to unrelated tasks such as database access or surfing to the Intranet/Internet ) ?
  ... just random thoughts from a hardware perspective.Given that this started after a maintenance night I'm sure you are correct and something changed. However there are no changes in the maintenance plan that could cause this and nobody will own up to any additional changes. This leaves it to me to try to find what is causing the failure so I can get it corrected.
  These are the only three Unix systems on that subnet and they are all experiencing the problem so I don't have anything that is working to compare them to except for the other systems that aren't on that subnet. The other systems are working fine with the same configuration. That's why I'm thinking that it is something external to the problem systems.
  Given that all other services on these systems are working, I'm not currently exploring a hardware type failure.
  I've been running pfiles on nscd and it appears that it is indeed holding a connection to the LDAP server open (if I'm reading it correctly). The inode assocated with #8 hasn't changed. So my current theory is that maybe the firewall is killing off long connections after a while. This appears to be consistent with the log entries where I get many ERROR (85) and then a final (81). I'm thinking that after the ERROR 81, it re-opens the connection. Just guesses though.
  8: S_IFSOCK mode:0666 dev:329,0 ino:3753 uid:0 gid:0 size:0
  O_RDWR|O_NONBLOCK
  SOCK_STREAM
  SO_SNDBUF(49152),SO_RCVBUF(49680),IP_NEXTHOP(0.0.194.16)
  sockname: AF_INET6 ::ffff:10.1.50.50 port: 42758
  peername: AF_INET6 ::ffff:10.1.52.25 port: *636*

• Single WLC - best way to change controller IP?

  Hi,
  I have a single 5508 WLC and wish to move it to another subnet. Today the WLC is configured with the management and the Dynamic AP Management on the same interface/ip address.
  We use DHCP with option 43 to direct Ap's to their controller.
  I guess I could set the controller-ip-to-be in DHCP, and then clear all config on all AP's, put the WLC in its new subnet, and the AP's will find it, but is there a good way to move the WLC whithout clearing all the AP's in the process?

  Ok, you have several options to do this.  Here's one way of doing things: 
  1.  Let us presume that the Management VLAN is 123; 
  2.  Let us presume that you want to change the Management IP subnet from 1.1.1.0/24 to 2.2.2.0/24; and
  3.  You have "control" of the switch that is controlling the Management subnet and the WLC. 
  Here is the process: 
  1.  Go to the switch hosting the default gateway of the Management subnet and make the current subnet a "secondary" subnet and add the new subnet in.  The command steps are: 
  config t
  interface vlan 123
  ip address 1.1.1.1 255.255.255.0 secondary
  ip address 2.2.2.1 255.255.255.0
  2.  Next, go to the WLC in CLI and put an "escape".  This means that if you s_crew up, the WLC will reboot to the old config (without saving).  The command is:  
  reset system in 0:10:0 image no-swap reset-aps
  NOTE:  Above command means reset in 10 minutes and the config will NOT be saved.  
  3.  Using the same CLI, change the Management IP Address of your WLC:  
  config interface address dynamic-interface <DYNAMIC INTERFACE NAME> <NEW IP address> <Subnet Mask> <Default Gateway>
  NOTE:  Once you've entered this line, you will loose contact with the WLC (obviously) so you will need to try to telnet/SSH using the new IP address.
  4.  Once you've verified that you can reach the WLC's new IP address, you MUST disable the reload command:  
  reset system cancel 
  5.  You can also remove the "secondary" IP subnet from the switch:  
  config t
  interface vlan 123
  no ip address 1.1.1.1 255.255.255.0
  end
  wr
  Don't be daunted by the length of this post.   I've done this several times and I've yet to see my process fail.  This holds true when I do a type-o and enter the wrong subnet mask or IP address.  The process is sound but you need to ensure you're entering the right details.  
  Hope this helps.