Wccp catalyst 4506

Similar Messages

• Catalyst 4506 and Modules in Pwr Over state

  Hello,
  First of all, my excuses for my bad english.
  I am experiencing a problem with a Cisco Catalyst 4506.
  The switch is filled with 48 port PoE blades (WS-X4248-RJ45V).
  The error we receive is:
  Sept 5 15:40:12: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sept 5 16:37:04: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sept 5 16:37:04: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  According to the Cisco website:
  Explanation
  This message indicates that the measured PoE is at least 50 w higher than the configured value. The switch has either misconfigured PoE or an unauthorized powered device that is connected to the switch and is drawing a lot of PoE.
  Out put for the commands sh power details and sh module all are attached.
  The switch has no PoE devices on the specific blade.
  Atleast not that we know.
  Does any one know some other solution?
  Thanks in advance.
  Martijn Groenleer

  Well, blade six went offline on the first row of the log i posted earlier.
  The problem is, the log doesn't mention in the message which module went offline.
  About the 'efficiency' i noticed this also, what could be causing this? Power supplies are already replaced. PoE is on default settings currently.
  A full log related to these power over warnings:
  Aug 30 23:27:00: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Aug 30 23:39:34: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Aug 30 23:39:34: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 3 08:45:46: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 3 08:57:49: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 3 08:57:49: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 4 01:53:04: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 4 02:23:16: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 4 02:23:16: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 4 16:10:58: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 4 17:20:23: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 4 17:20:23: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 4 17:58:14: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 4 18:09:37: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 4 18:09:37: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 4 19:13:15: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 4 19:56:11: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 4 19:56:11: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 5 09:02:16: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 5 09:10:46: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 5 09:10:46: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online
  Sep 5 15:40:12: %C4K_IOSMODPORTMAN-4-INLINEPOWEROVERWARNING: Inline power exceeds threshold: Module status changed to 'Pwr Over'
  Sep 5 16:37:04: %C4K_IOSMODPORTMAN-6-INLINEPOWEROK: Inline power within limits: Module status changed to 'Ok'
  Sep 5 16:37:04: %C4K_IOSMODPORTMAN-6-MODULEONLINE: Module 6 (WS-X4248-RJ45V S/N: JAB080609GN Hw: 2.0) is online

• Trying to interconnect Catalyst 4506 (IOS) & Catalyst 6509 (CatOS) using FS

  Hey all,
  I'm currently having a problem interconnecting a Catalyst 4506 using IOS and a Catalyst 6509 using CatOS via FSO. The FSO is all setup and they show that they are talking but when we plug the fiber optic cables into the switches, we get a notconnect status on the switches. The link lights on both switches don't light up either. I have configured both sides as follows
  6509 (the Gigabit Port is 2/6):
  set port negotiation 2/6 disable
  set trunk 2/6 nonegotiate dot1q 1-1005,1025-4094
  4506 (the Gigabit Port is 1/1):
  interface GigabitEthernet 1/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  switchport nonegotiate
  speed nonegotiate
  We were told by the FSO company that both ends must turn off negotiation in order for it to work. On the end with the Catalyst 6509, I have tried plugging another known working fiber optic line into the 2/6 port and the link light lights up so we know that the port isn't broken. Any ideas? I am lost.
  Background:
  We currently have a T1 line that serves as a point to point between the two buildings. We were trying to get rid of it and go with Free Space Optics (FSO) to increase bandwidth between the two buildings. We have 5 VLANs on each side (on the 4506 side, Vlans 110, 120, 132, 140, & 104 and on the 6509 side, Vlan 10, 20, 32, 40, 4) and the point to point is on the 200 network to interconnect the switches.

  Hie David,
  Just to start with are we sure that Rx of one switch terminates on Tx of other and vice versa. The fiber cable which is plugged in the trnasmitter of one switch must go to the receiver of another switch. You can just try swapping the TX and RX points at one switch.
  I doubt this because as you have said even the link light is not coming up.

• Monitoring Cisco Catalyst 4506

  Hello
  I am looking Cisco SNMP MIB or some Nagios plugin that allow to monitoring PoE status on Cisco Catalyst 4506 modules and check Led indicator status  simmilar I can do it by coomand "show enviroment "
  Module 2 Status Led Color : Green    PoE Led Color: Orange
  Module 3 Status Led Color : Green    PoE Led Color : Green
  Thank you very much

  Hi jon.marshall,
  Thanks for you reply. I'll explain how the traffic flows:
  1. Client boot up workstation
  2. After booting up, client obtain IP addressing through DHCP service from a remote DHCP server using gateway of VLAN210 (172.18.212.1)
  3. IP addressing issued to client (for e.g 172.18.212.128) and open web browser (HTTP) using a proxy (proxy.skynet.gov) with a DNS setting of skynet.gov.
  4. Next hop is a Juniper Enforcer (a.k.a firewall) with IP address 172.18.221.234 (Enforcer 1 - Master) and 172.18.221.235 (Enforcer 2 - Backup) which have a policy rule stating that the client range of 172.18.212.0 to 172.18.212.255 wanting to contact the proxy (proxy.skynet.gov), the next hop would be the Juniper UAC Host checker (with IP address of 172.18.223.254).
  Note: There are 2x physical Junpier Enforcer and only 1x Juniper Host Checker
  5. Juniper UAC Host Checker checks client workstation to ensure that minimum requirements are met before allowing client to go to internet
  6. Once clients pass the Juniper UAC Host Checker, traffic to the internet is then allowed.
  7. Clients surf the internet.
  8. End
  To answer your questions:
  i. The UAC is not on the same subnet however, all routing is done on the Cisco Catalyst 4506 and the UAC and VLAN are all on the 4506 too.
  ii. I'm not sure if the Juniper UAC is the one that makes all Http request of VLAN210 (172.18.212.0 to 172.18.212.255) or it will let the client make its on Http request after it passes the host checker.
  iii. Yes. I have 2x Cisco Catalyst 4506 and they are connected to each other through HSRP
  iv. The proxy (proxy.skynet.gov) is configured on the clients browser.
  Note: Is the DNS name of the proxy server, NOT the IP address of the proxy server.
  I hope the above provided information is sufficient for you reference to provide me the actual syntax for my requirement. Thanks.
  Cheers!!!

• Catalyst 4506 12.2(25)EWA2 issue's

  We have a customer who has updated the IOS on a pair of 4506's from 12.2(20)EWA TO 12.2(25)EWA2. He is experiencing intermittant connectivity issue's which require a reboot to resolve. I cannot find any issue's in the Software Advisor Has anyone experienced issues with this upgrade.

  I have variuos show tech outputs from the switch's, but i am having problems using the output interpreter at this time. Can i send them to you ?

• CiscoView 5.3 and Catalyst 4506 issues.

  Hi,
  I cannot display on CiscoView 5.3 the Cat4506 device.
  So, when i m trying to access to this equipement by IP address, i've got a warning message "Device package not installed"
  I was checking in the device package installed in my CiscoWorks 6.1 and i found that it is already installed.
  Any comments ??
  Can you tell me which device package i need to display this device on CiscoView 5.3
  Thanks for your response.

  I have the same message with this package Cat4000IOS-14.0 , it seems that one should be updated;
  But if the version 50 has the same message, it seems to be something else.

• Cisco catalyst 4506-e boot error

  Rommon signature verification PASSED for golden image
  Rommon signature verification PASSED for primary image
  FPGA signature verification PASSED for primary image
   * Welcome to Rom Monitor for   WS-X45-SUP7-E System.       *
   * Copyright (c) 2008-2011 by Cisco Systems, Inc.           *
   * All rights reserved.                                     *
   Primary Rom Monitor Version 15.0(1r)SG5
   CPU Rev: 2.2, Board Rev: 10, Board Type: 101, CPLD Moka Rev: 7.0x3718.0xb565
   Chassis: WS-C4506-E
  Got Mac Address: c0:67:af:40:24:c2
   MAC Address  : c0-67-af-40-24-c2
   IP Address   : 14.18.2.234
   Netmask      : 255.255.255.0
   Gateway      : 14.18.2.21
   TftpServer   : Not set.
   Peer supervisor not detected or is not running IOS
   Supervisor uplinks and all linecards have been reset
   ***** The system will autoboot in 5 seconds *****
   Type control-C to prevent autobooting.
   ******** The system will autoboot now ********
   config-register = 0x2101
   Autobooting using the first file from bootflash.....
  loading image
  Checking digital signature
  bootflash:/cat4500e-universal.SPA.03.05.02.E.152-1.E2.bin: Digitally Signed Release Software with key version A
  Rommon reg: 0x00004F80
  Reset2Reg: 0x00000F00
  Image load status: 0x00000000
  Snowtrooper 155 controller 0x044DDBD2..0x04688FA7 Size:0x0041DCD4 Program Done!
  [   57.324367] pci 0000:00:00.0: ignoring class b20 (doesn't match header type 01)
  Starting System Services
  Calculating module dependencies ...
  Loading rtc-ds1307
  RTNETLINK answers: Invalid argument
  No Mountpoints DefinedNov 13 09:35:24 %IOSXE-3-PLATFORM: process sshd[4211]: error: Bind to port 22 on :: failed: Address already in use.
  diagsk10-post version 5.1.4.0
  prod: WS-X45-SUP7-E part: 73-14393-02 serial: CAT1837L75P
  Power-on-self-test for Module 1: WS-X45-SUP7-E
  CPU Subsystem Tests ...
   seeprom: Pass
  Traffic: L3 Loopback ...
   Test Results: Pass
  Traffic: L2 Loopback ...
  post timeout
  A Critical job [post] exited abnormally! Reloading the supervisor
  Killed by signal [TERM]
  Loading virtuclock as vuclock
  Loading gsbu64atomic as gdb64atomic
  Loading isp1362_hcd_k10
  /dev/fd/13: line 273: /sys/devices/system/edac/mc/edac_mc_log_ce: No such file or directory
  Starting IOS Services
  AIPC Module Loaded...
  cat4k-watchdog[6250]: Watchdog daemon initialized on 2 CPU(s)
  cat4k-watchdog[6250]: Watchdog daemon started.
  Dumping all the logs to /root/reload.20141113..Please be patient
  All logs dumped
  sysmgr: <<%SYSMGR-2-SERVICE_CRASHED>> Service "System Manager (parser)" (PID 6820) hasn't caught signal 15 (no core).
  /bin/kill: 8178: No such process
  /bin/kill: 8179: No such process
  /bin/kill: 8197: No such process
  /bin/kill: 8198: No such process
  /etc/rc6.d/S01reboot: line 198: umount_cisco_filesystems: command not found
  Please stand by while rebooting the system...
  [  266.041680] Restarting system.
  Rommon signature verification PASSED for golden image
  Rommon signature verification PASSED for primary image
  FPGA signature verification PASSED for primary image
   * Welcome to Rom Monitor for   WS-X45-SUP7-E System.       *
   * Copyright (c) 2008-2011 by Cisco Systems, Inc.           *
   * All rights reserved.                                     *
   Primary Rom Monitor Version 15.0(1r)SG5
   CPU Rev: 2.2, Board Rev: 10, Board Type: 101, CPLD Moka Rev: 7.0x3718.0xb565
   Chassis: WS-C4506-E
  Got Mac Address: c0:67:af:40:24:c2
   MAC Address  : c0-67-af-40-24-c2
   IP Address   : 14.18.2.234
   Netmask      : 255.255.255.0
   Gateway      : 14.18.2.21
   TftpServer   : Not set.
   Peer supervisor not detected or is not running IOS
   Supervisor uplinks and all linecards have been reset
   ***** The system will autoboot in 5 seconds *****
   Type control-C to prevent autobooting.
   ******** The system will autoboot now ********
   config-register = 0x2101
   Autobooting using the first file from bootflash.....
  loading image
  Version: cat4500e-universal.SPA.03.05.02.E.152-1.E2.bin
  Any help PLZ

  config-register = 0x2101
  Autobooting using the first file from bootflash.....
  You need to provide more information.  What are you trying to do?  How many IOS file(s) do you have in the bootflash? 
  sysmgr: <<%SYSMGR-2-SERVICE_CRASHED>> Service "System Manager (parser)" (PID 6820) hasn't caught signal 15 (no core).
  Break into the auto-boot process and post the output to the command "dir bootflash:".

• TCP delay on catalyst switch

  i experienced a TCP delay on catalyst 4506, avoid the problem when i replaced 4506's with dummy unmanaged switches.
  i used two PCs(PC 1 and PC 2) and two 4506 switches (S1 and S2)
  PC 1 is connected to S1 (fast ethernet port)
  PC 2 is connected to S2 (fast ethernet port)
  S1 is connected to S2 (SFP gigabit ethernet port)
  -I started continuous UDP,TCP,MULTICAST and PING from PC1 to PC2
  -I unplugged link between Switch 1 and Switch 2
  all communication stopped.
  -I plugged link between Switch 1 and Switch 2
  -UDP,MULTICAST and PING started immediately but TCP started with approximately 15 seconds delay. :-(
  I repeated same procedure with unmanaged dummy switches instead of 4506, there wasnt 15 seconds delay. TCP showed up in 1 second.
  How can I avoid TCP delay on catalyst switches? Probably some tuning with configuration would do the job?
  tx for helping

  hi gp and thank you very much for responding to this unusual problem.
  - switch ports to the PCs are configured as portfast.
  - switch ports between two catalyst switches are not configured (default)
  - i didnt use the 'switchport access' command since they are default layer 2 interfaces. would 'switchport access vlan 1' command make any difference?
  - i looked at the port status and confirmed connection is 100 mbps full duplex.
  unusual issue is; ping, udp, multicast shows up in a very short time after I re-plug the uplink. that proves all ports are in forwarding state. only TCP shows up with delay, which doesnt occur on 200 $ unmanaged switch??
  thanks in advance for any suggestions

• Help with 4506 802.1x Port Based Authentication (Wired)

  Hi all,
  I'm trying to configure wired 802.1x security on a Catalyst 4506 IOS 12.1.19(EW), using Microsoft IAS (Microsoft's RADIUS), and Windows 2000 SP4 clients.
  I've followed the procedures in the 4506 Software configuration guide and they seem to be straight forward.
  I then turn 802.1x Debugging on the switch to monitor the 802.1x traffic, but there is none. If I bring the configured interface down and then back up, I do get some status change, but it seems like the switch is not sending or receiving EAPOL frames.
  I then execute the dot1x "initialize" and also tried the "re-authenticate" commands, but I get an error saying that FastEthernet 2/2 is not a valid dot1x interface. The line card model number is WS-X4148-RJ21. Is the card not 802.1x compatible?
  The switch does not throw any errors when I configure FastEthernet 2/2 as a 802.1x port by executing
  dot1x port-control auto
  i've also configured the interface to be a plain L2 access port by executing
  switchport mode access
  any help will be appreciated!

  I am currently trying to get 802.1x port authentication working on a Cat3550 against Win2003 IAS but the IAS log shows a invalid message-authenticator error. The 3550 just shows failed. When I authenticate against Cisco ACS (by simply changing the radius-server) it works perfectly.
  However, I am successfully using IAS to authenticate WPA users on AP1210s so RADIUS appears to be OK working OK.
  Are there special attributes that need to be configured on the switch or IAS?

• GE module in Catalyst 4500 family

  I want to connect 18 GBIC in my Edge switch to one Catalyst 4506 in Distribution Layer. can I use 18 port Gigabit Ethernet Module, server switching (WS-X4418-GB) or I have to use 3x 6port Gigabit Ethernet Module (WS-X4306-GB).
  Thanks for your help.

  In a WS-X4418-GB the first 2 ports are wirespeed and have no oversubscription.
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/hw_doc/mod_inst/03instal.htm#wp1037570
  You will be better off using these 2 ports to connect to your 4506.

• WS-X4306-GB - Catalyst 4500 6-port GBIC Module & FC Tape Libraries

  WS-X4306-GB - Catalyst 4500 6-port GBIC Module & FC Tape Libraries
  I have several Tape Autoloader Libraries from Dell which have Fibre Channel interfaces. I have loop switches that these connect to today. I also have a Catalyst 4506 with a WS-X4306-GB - 6-port GBIC Module. I would like to use the X4306 as a loop switch. Some of the libraries can also connect via point-to-point FC.
  Can this be done? If yes, how do I start in making this happen?
  Thank You.

  Sorry but the Catalyst 4500 does not support Fibre Channel connections on the WS-X4306-GB (or on any card). It's strictly an Ethernet switch. Reference
  To mix and match Ethernet and FC interfaces, you'd have to be on a new platform like the Nexus 5k series - specifically the UP (Unified Port) variants.

• C3560E-12D and X2-10GB-T does not work

  Hello I have problem similar to this one https://supportforums.cisco.com/thread/2014060
  Detail: I have WS-C3560E-12D & try to install Xetnpack to BASE-T X2-10GB-T. In the port status I see err-disabled.
  I try to c3560e-universalk9-mz.150-2.SE4 & c3560e-universalk9-mz.122-58.SE2 but no luck.
  X2-10GB-T installed in the 0/10, I'm attached output from:  sh idprom interface te 0/10
  This Xenpack works just fine in the Catalyst 4506 with SUP WS-X4516-10GE. Sup running at cat4500-entservicesk9-mz.150-2.SG7.bin.
  Can some one help me?

  Hi Alex
  did you ever got the answer to this ? /got resolved ?
  I am having problem getting  X2-10GB-T to work on the same SW WS-C3560E-12DS
  Mar 30 01:30:13.675: %PM-4-ERR_DISABLE: gbic-invalid error detected on Te0/1, putting Te0/1 in err-disable state
  Mar 30 01:30:16.259: %PM-4-ERR_DISABLE: gbic-invalid error detected on Te0/2, putting Te0/2 in err-disable state
  Switch#show inventory
  NAME: "TenGigabitEthernet0/1", DESCR: "unknown"
  PID: X2-10GB-T         , VID: V01  , SN: DTY16030001
  NAME: "TenGigabitEthernet0/2", DESCR: "unknown"
  PID: X2-10GB-T         , VID: V01  , SN: DTY155200AU
  Even upgraded to latest 15.0
  Switch#show ver
  Cisco IOS Software, C3560E Software (C3560E-IPBASEK9-M), Version 15.0(2)SE5, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport

• 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple SSIDs...

  Hello,
  I am attempting to set up three Cisco 1242AG Wireless Access Points with multiple SSID's. I used the web interface and directions online to set up the two networks I want and at least one of the networks work wirelessly.
  However, I have two problems:
  The first, which is the most important, is that the "management" interface, BVI1, doesn't get an ip address from our DHCP server. I set the VLAN 60 (which you'll see in the documenation below) to be the native VLAN on the device as well as on the switch that the device is connected to as well as other settings in the configeration file below. Because of this, I can only manage the device via the console port which would be a huge pain once all of the devices are mounted.
  The second problem is that I am not sure how to get both wireless networks broadcasting their SSID's. I have to manually type in the SSID for the second wireless network I have which I would prefer I don't have to. Anyway I can enable broadcasting on all of the SSID's?
  Thank you for your time.
  Regards,
  Christopher Koeber
  Using 7916 out of 32768 bytes
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname AP-18.wesleysem.edu
  enable secret {Number Here} {Encrypted Password Here}
  enable password {Number Here} {Encrypted Password Here}
  aaa new-model
  aaa session-id common
  dot11 syslog
  dot11 vlan-name Kresge vlan 20
  dot11 vlan-name Library vlan 30
  dot11 vlan-name Public vlan 60
  dot11 vlan-name Secure_Public vlan 70
  dot11 vlan-name Secure_Seminary vlan 80
  dot11 vlan-name Server_Room vlan 1
  dot11 vlan-name Straughn vlan 40
  dot11 vlan-name Trott vlan 10
  dot11 vlan-name Web_Room vlan 50
  dot11 ssid (Secure) Wesley Campus
  vlan 80
  authentication open
  authentication key-management wpa version 2
  wpa-psk ascii {Number Here} {WPA Key Here}
  dot11 ssid Public
  vlan 60
  authentication open
  mobility network-id 60
  username Cisco password {Number Here} {Encrypted Password Here}
  username admin privilege 15 secret {Number Here} {Encrypted Password Here}!
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption vlan 80 mode ciphers aes-ccm
  ssid (Secure) Campus
  ssid Public
  mbssid
  station-role root
  interface Dot11Radio0.1
  encapsulation dot1Q 1
  no ip route-cache
  bridge-group 254
  bridge-group 254 block-unknown-source
  no bridge-group 254 source-learning
  no bridge-group 254 unicast-flooding
  bridge-group 254 spanning-disabled
  interface Dot11Radio0.10
  encapsulation dot1Q 10
  no ip route-cache
  bridge-group 10
  bridge-group 10 subscriber-loop-control
  bridge-group 10 block-unknown-source
  no bridge-group 10 source-learning
  no bridge-group 10 unicast-flooding
  bridge-group 10 spanning-disabled
  interface Dot11Radio0.20
  encapsulation dot1Q 20
  no ip route-cache
  bridge-group 20
  bridge-group 20 subscriber-loop-control
  bridge-group 20 block-unknown-source
  no bridge-group 20 source-learning
  no bridge-group 20 unicast-flooding
  bridge-group 20 spanning-disabled
  interface Dot11Radio0.30
  encapsulation dot1Q 30
  no ip route-cache
  bridge-group 30
  bridge-group 30 subscriber-loop-control
  bridge-group 30 block-unknown-source
  no bridge-group 30 source-learning
  no bridge-group 30 unicast-flooding
  bridge-group 30 spanning-disabled
  interface Dot11Radio0.40
  encapsulation dot1Q 40
  no ip route-cache
  bridge-group 40
  bridge-group 40 subscriber-loop-control
  bridge-group 40 block-unknown-source
  no bridge-group 40 source-learning
  no bridge-group 40 unicast-flooding
  bridge-group 40 spanning-disabled
  interface Dot11Radio0.50
  encapsulation dot1Q 50
  no ip route-cache
  bridge-group 50
  bridge-group 50 subscriber-loop-control
  bridge-group 50 block-unknown-source
  no bridge-group 50 source-learning
  no bridge-group 50 unicast-flooding
  bridge-group 50 spanning-disabled
  interface Dot11Radio0.60
  encapsulation dot1Q 60 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio0.70
  encapsulation dot1Q 70
  no ip route-cache
  bridge-group 70
  bridge-group 70 subscriber-loop-control
  bridge-group 70 block-unknown-source
  no bridge-group 70 source-learning
  no bridge-group 70 unicast-flooding
  bridge-group 70 spanning-disabled
  interface Dot11Radio0.80
  encapsulation dot1Q 80
  no ip route-cache
  bridge-group 80
  bridge-group 80 subscriber-loop-control
  bridge-group 80 block-unknown-source
  no bridge-group 80 source-learning
  no bridge-group 80 unicast-flooding
  bridge-group 80 spanning-disabled
  interface Dot11Radio1
  no ip address
  no ip route-cache
  shutdown
  encryption vlan 80 mode ciphers aes-ccm
  dfs band 3 block
  channel dfs
  station-role root
  interface Dot11Radio1.1
  encapsulation dot1Q 1
  no ip route-cache
  bridge-group 254
  bridge-group 254 block-unknown-source
  no bridge-group 254 source-learning
  no bridge-group 254 unicast-flooding
  bridge-group 254 spanning-disabled
  interface Dot11Radio1.10
  encapsulation dot1Q 10
  no ip route-cache
  bridge-group 10
  bridge-group 10 subscriber-loop-control
  bridge-group 10 block-unknown-source
  no bridge-group 10 source-learning
  no bridge-group 10 unicast-flooding
  bridge-group 10 spanning-disabled
  interface Dot11Radio1.20
  encapsulation dot1Q 20
  no ip route-cache
  bridge-group 20
  bridge-group 20 subscriber-loop-control
  bridge-group 20 block-unknown-source
  no bridge-group 20 source-learning
  no bridge-group 20 unicast-flooding
  bridge-group 20 spanning-disabled
  interface Dot11Radio1.30
  encapsulation dot1Q 30
  no ip route-cache
  bridge-group 30
  bridge-group 30 subscriber-loop-control
  bridge-group 30 block-unknown-source
  no bridge-group 30 source-learning
  no bridge-group 30 unicast-flooding
  bridge-group 30 spanning-disabled
  interface Dot11Radio1.40
  encapsulation dot1Q 40
  no ip route-cache
  bridge-group 40
  bridge-group 40 subscriber-loop-control
  bridge-group 40 block-unknown-source
  no bridge-group 40 source-learning
  no bridge-group 40 unicast-flooding
  bridge-group 40 spanning-disabled
  interface Dot11Radio1.50
  encapsulation dot1Q 50
  no ip route-cache
  bridge-group 50
  bridge-group 50 subscriber-loop-control
  bridge-group 50 block-unknown-source
  no bridge-group 50 source-learning
  no bridge-group 50 unicast-flooding
  bridge-group 50 spanning-disabled
  interface Dot11Radio1.60
  encapsulation dot1Q 60 native
  no ip route-cache
  bridge-group 1
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface Dot11Radio1.70
  encapsulation dot1Q 70
  no ip route-cache
  bridge-group 70
  bridge-group 70 subscriber-loop-control
  bridge-group 70 block-unknown-source
  no bridge-group 70 source-learning
  no bridge-group 70 unicast-flooding
  bridge-group 70 spanning-disabled
  interface Dot11Radio1.80
  encapsulation dot1Q 80
  no ip route-cache
  bridge-group 80
  bridge-group 80 subscriber-loop-control
  bridge-group 80 block-unknown-source
  no bridge-group 80 source-learning
  no bridge-group 80 unicast-flooding
  bridge-group 80 spanning-disabled
  interface FastEthernet0
  ip dhcp client update dns
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  interface FastEthernet0.1
  encapsulation dot1Q 1
  no ip route-cache
  bridge-group 254
  no bridge-group 254 source-learning
  bridge-group 254 spanning-disabled
  interface FastEthernet0.10
  encapsulation dot1Q 10
  no ip route-cache
  bridge-group 10
  no bridge-group 10 source-learning
  bridge-group 10 spanning-disabled
  interface FastEthernet0.20
  encapsulation dot1Q 20
  no ip route-cache
  bridge-group 20
  no bridge-group 20 source-learning
  bridge-group 20 spanning-disabled
  interface FastEthernet0.30
  encapsulation dot1Q 30
  no ip route-cache
  bridge-group 30
  no bridge-group 30 source-learning
  bridge-group 30 spanning-disabled
  interface FastEthernet0.40
  encapsulation dot1Q 40
  no ip route-cache
  bridge-group 40
  no bridge-group 40 source-learning
  bridge-group 40 spanning-disabled
  interface FastEthernet0.50
  encapsulation dot1Q 50
  no ip route-cache
  bridge-group 50
  no bridge-group 50 source-learning
  bridge-group 50 spanning-disabled
  interface FastEthernet0.60
  encapsulation dot1Q 60 native
  no ip route-cache
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface FastEthernet0.70
  encapsulation dot1Q 70
  no ip route-cache
  bridge-group 70
  no bridge-group 70 source-learning
  bridge-group 70 spanning-disabled
  interface FastEthernet0.80
  encapsulation dot1Q 80
  no ip route-cache
  bridge-group 80
  no bridge-group 80 source-learning
  bridge-group 80 spanning-disabled
  interface BVI1
  ip address dhcp client-id FastEthernet0
  no ip route-cache
  ip http server
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  bridge 1 route ip
  line con 0
  line vty 0 4
  end

  I am using a third party DHCP server which is our Windows Domain Controller. I have the ip helper-address set for the native vlan of the Access Point through a layer 3 distribution switch (a Catalyst 4506) that the current switch connects to.
  I didn't see any event on the logs for the AP.
  Let me know if I need to do something else.
  Thanks.

• LACP/Load Balancing Question

  This past weekend we replaced our Catalyst 4506 switches with a combination of Catalyst 4500-X switches (provides fiber and 10 GB connections to our closet switches and our UCS) and 2960-X switches (all other servers and printers are connected here). Our backup server has two NICs teamed into a NIC Team (port 35 and 36 on the 2960-X switch). The NIC team was set to the following:
  Team Type Selection: 802.3ad Dynamic with Fault Tolerance
  Transmit Load Balancing: Dest IP Address
  Since we switched to the new switches we are seeing a high number of discards from our backup server on one of the ports in the NIC team. I verified the port-channel configuration on the switches and set the "port-channel load-balance" to src-dst-ip. When running the test etherchannel command from one of my servers to the backup server it responds that it would choose port 36. When I run a backup from this same source server to my backup server it chooses port 35 for everything. I would expect this if the data is coming from the same source ip to the backup server. To confirm this I added another test job from a different source IP. It still only chooses port 35.
  If I "show lacp 3 counters" here's what I see:
               LACPDUs         Marker      Marker Response    LACPDUs
  Port       Sent   Recv     Sent   Recv     Sent   Recv      Pkts Err
  Channel group: 3
  Gi2/0/35    14616  12368    0      0        0      0         0
  Gi2/0/36    14628  12368    0      0        0      0         0
  From this it appears the switch is pretty evenly distributing data across both channels. Am I correct? If that is true then is it a fair assumption that something on the backup server is rejecting the data on port 36 and thus causing the discards?
  Just need an opinion on what might be going on to help convince people as to where the problem lies.
  Thanks.

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  4500-X says:
  Port Buffers
  32-MB Shared Memory
  2960X says:
  Feature
  2960-XR
  2960-X
  2960-S
  2960
  Egress buffers
  4 MB
  4 MB
  2 MB
  2 MB

• Error in EEM script mail

  Hi,
  I'm trying to email an alert by eem script when a catalyst 6807 rises a syslog message for an environment alarm (ex: power down). I use the attached script but when i want to add the syslog message in body email (line 83) something is wrong and i can't fixed the error : catalyst try to execute the syslog message (see email).
  Same error for a catalyst 4507 4506 Sup 6L-E 10GE IOS 15.2(1)E but the same script works for a catalyst 4506 Sup 6L-E 10GE IOS 15.0(2)SG.
  Any ideas ?
  Thanks

  Hi,
  I found my mystake. In the script, I commented the command "enable" and thus show commands were not recognized by cli. The script has always worked well, "Invalid input" was the result of show command. For ios 15.2, i need to gain enable level.
  So I suspect a different behavior between versions 15.0 and 15.2 for running level of tcl script.