WS-X6066-SLB-K9-S Redundancy

Similar Messages

• Difference between WS-X6066-SLB-S and WS-X6066-SLB-APC

  Dear all
  I have two 6509 chassis with Sup720 and MSFC3.
  Additionally I have one module
  "CSM with SSL"   WS-X6066-SLB-S-K9  Hw. 1.2, Sw. 2.2(1)
  and one module
  "SLB Application Processor Complex"  WS-X6066-SLB-APC Hw. 1.6, Sw. 4.3(1)
  I am searching the Cisco site up and down and cannot really tell the difference between these modules.
  So what's the difference?
  And would it be possible to run the same software on both CSM modules?
  As far as I see 4.3(5) is the latest release for the WS-X6066-SLB-APC, but what about the WS-X6066-SLB-S-K9?
  Thanks for any hints,
  Grischa

  grischast wrote:Dear allI have two 6509 chassis with Sup720 and MSFC3.Additionally I have one module "CSM with SSL"   WS-X6066-SLB-S-K9  Hw. 1.2, Sw. 2.2(1)and one module"SLB Application Processor Complex"  WS-X6066-SLB-APC Hw. 1.6, Sw. 4.3(1)I am searching the Cisco site up and down and cannot really tell the difference between these modules.So what's the difference?And would it be possible to run the same software on both CSM modules?As far as I see 4.3(5) is the latest release for the WS-X6066-SLB-APC, but what about the WS-X6066-SLB-S-K9?Thanks for any hints,Grischa
  Grischa
  They are both load-balancing modules but the WS-X6066-SLB-S-K9 is capable of load-balancing SSL as it has a inbuilt SSL daughter card which the WS-X6066-SLB-APC does not.
  No the same software is not run on both modules, the latest version of the CSM-SSL module (WS-X6066-SLB-S-K9) is 2.2(5).
  Jon

• Connections Failed on SLB

  Hi,
  I have a sup720 with SLB module:
  6 2 Supervisor Engine 720 (Active) WS-SUP720-3BXL
  7 4 SLB Application Processor Complex WS-X6066-SLB-APC
  and I have Connections Failed:
  #sh module contentSwitchingModule 7 stats
  Connections Created: 3866
  Connections Destroyed: 3157
  Connections Current: 709
  Connections Timed-Out: 0
  Connections Failed: 154
  I have only smtp, ftp and web:
  #sh module contentSwitchingModule 7 vservers
  vserver type prot virtual vlan state conns
  XXX_WWW SLB TCP ZZZ/32:80 ALL OPERATIONAL 692
  XXX_FTP SLB TCP ZZZ/32:21 ALL OPERATIONAL 8
  XXX_SMTP SLB TCP ZZZ/32:25 ALL OPERATIONAL 1
  Any idea why some connexion failed ?
  Thanks in advance
  Oles

  Gilles,
  Now I have no more '0', but still connection failed.
  I think now it is not a problem with SYN
  but RESET. Maybe ECN problem (I have no
  ECN on my servers but maybe Cisco crashs
  connexion when ECN packet arrives ?
  Oles
  #sh mod csm 7 stats
  Connections Created: 389212
  Connections Destroyed: 388467
  Connections Current: 745
  Connections Timed-Out: 0
  Connections Failed: 7782
  #sh mod csm 7 vservers name WWW detail
  WWW, type = SLB, state = OPERATIONAL, v_index = 15
  virtual = XXX/32:80 bidir, TCP, service = NONE, advertise = FALSE
  idle = 3600, replicate csrp = none, vlan = ALL, pending = 30, layer 4
  max parse len = 2000, persist rebalance = TRUE
  ssl sticky offset = 0, length = 32
  conns = 776, total conns = 382103
  Policy Tot matches Client pkts Server pkts
  LOCAL 5049 40452 43679
  SLOW 153 1337 1453
  FAST 376901 9044263 12593053
  (default) 0 0 0
  #sh mod csm 7 vservers name FTP detail
  FTP, type = SLB, state = OPERATIONAL, v_index = 16
  virtual = XXX/32:21 bidir, TCP, service = ftp, advertise = FALSE
  idle = 3600, replicate csrp = none, vlan = ALL, pending = 30, layer 4
  max parse len = 2000, persist rebalance = TRUE
  ssl sticky offset = 0, length = 32
  conns = 10, total conns = 5305
  Default policy:
  server farm = FTP, backup =
  sticky: timer = 0, subnet = 0.0.0.0, group id = 0
  Policy Tot matches Client pkts Server pkts
  (default) 5305 163681 183205
  #sh mod csm 7 vservers name SMTP detail
  SMTP, type = SLB, state = OPERATIONAL, v_index = 17
  virtual = XXX/32:25 bidir, TCP, service = NONE, advertise = FALSE
  idle = 3600, replicate csrp = none, vlan = ALL, pending = 30, layer 4
  max parse len = 2000, persist rebalance = TRUE
  ssl sticky offset = 0, length = 32
  conns = 0, total conns = 882
  Default policy:
  server farm = SMTP, backup =
  sticky: timer = 0, subnet = 0.0.0.0, group id = 0
  Policy Tot matches Client pkts Server pkts
  (default) 882 6852 8435

• CSM map/policy type dns not supported

  When I configure dns maps or dns policies on my CSMs (WS-X6066-SLB-APC, HW 1.7, SW 3.2(2)) they say
  "Map type DNS not supported by card, config accepted." and
  "Policy type DNS not supported by card, config accepted."
  What's the reason for that restriction? Will there be a software release that supports it? Didn't find anything about that in the release notes.
  Many thanks in advance
  Uli

  I too have received this message in the past. I found that it was because I had not entered the GSLB license key into the CSM configuration (GSLB *is* an optional software license).
  You enter your license key via a CSM variable. This configuration would work (substitute your own license key):
  conf t
  mod csm X <- where X is the slot # of your CSM
  variable GSLB_LICENSE_KEY xxxxxxxxxxxxxxxxxxxxx
  Substitute your license key for the row of 'x's. Then you will need to reboot the CSM. If you are running redundant CSM's you will need a license key for each.

• How to use debug on CSM SSL module?

  I'm installing a new CSM with SSL module (WS-X6066-SLB-S-K9) and can't get the debugs to work. Acutally, I enabled debugging (to troubleshoot SSL Handshake problems) but nothing shows up on the screen or in the log. Any ideas?
  mcbconmrk105d1z2-ssl#show debugging
  STE Mgr:
  STE SSL Pkt debugging is on
  STE SSL Handshake events debugging is on
  STE SSL Alert events debugging is on
  STE SSL detailed debugging is on
  STE SSL error events debugging is on
  SSL Subsystem:
  SSL Handshake Message debugging is on
  SSL Traffic debugging is on
  SSL Error debugging is on
  SSL Event debugging is on
  mcbconmrk105d1z2-ssl#show log
  Syslog logging: enabled (0 messages dropped, 31 messages rate-limited, 0 flushes, 0 overruns, xml disabled)
  Console logging: level debugging, 254 messages logged, xml disabled
  Monitor logging: level debugging, 241 messages logged, xml disabled
  Logging to: vty4(0)
  Buffer logging: level debugging, 284 messages logged, xml disabled
  Logging Exception size (8192 bytes)
  Count and timestamp logging messages: disabled
  Trap logging: level informational, 324 message lines logged
  mcbconmrk105d1z2-ssl#
  Thanks in advance,
  Daniel

  the debug messages are displayed on a different console. The console is different depending on the type of debug.
  telnet 2001 ? FDU cpu
  telnet 2002 ? TCP cpu
  telnet 2003 ? SSL cpu
  Gilles.

• CSM ret-code time-frame

  A company I work for has a number of CSM modules (WS-X6066-SLB-APC) installed in 6513 chasis switches. The CSM modules are running version
  4.2(14)
  These CSM modules are configured to load-balance a number of vservers via serverfarms, each serverfarm containing multiple real servers.
  Here is some example configuration:
  vserver SITE
    virtual 10.1.2.3 tcp www
    serverfarm SERVERFARM
    persistent rebalance
    inservice
  serverfarm SERVERFARM
    nat server
    no nat client
    predictor leastconns
    failaction reassign
    retcode-map RETCODE-MAP
    real 10.2.3.4
     inservice
    real 10.2.3.5
     inservice
  map RETCODE-MAP retcode
    match protocol http retcode 503 503 action remove 5 reset 300
  The company is facing a problem with what seems to be related to return code checking. Every once in a while a server will suddenly not receive any traffic for 5 minutes. This always occurs right after the server has sent a HTTP 503 return code. However we cannot see in the CSM logs that the CSM module has actually disabled the real server. For other serverfarms which are running regular HTTP and/or ICMP health checks to real servers we can clearly see in the CSM logs when a real server has been temporarily disabled due to health check failures.
  The return code checking is set to disable a real server for 300 seconds after the CSM has received five HTTP 503 responses from the real server. If we check the real server log however we cannot find more than that single 503 return code right before the server stops seeing any incoming traffic unless we move back at least hours in time.
  I have tried to figure out what time frame those 5 return codes must be received within for them to count towards the maximum allowed return codes, but nowhere in no documentation can I find any information about this time frame.
  For all I know the CSM could keep track of every incoming 503 forever, until the maximum of five 503's is reached, and then the server is disabled for 300 seconds.
  Does anyone have any information about the time frame within which those return codes must be received by the CSM to count toward the maximum configured number of return codes before the configured action is taken?

  Hi Christopher
  EDIT: It might actually be me who misunderstood your reply. You probably gave me the correct answer already, that there is no time limit at all to the counter, and the counter will increase until it reaches 5 even if those 503's are spread out over several months time. Could you please confirm that this is what you meant? I'll leave my original reply down below for you to look at.
  ORIGINAL MESSAGE:
  Thanks for your reply, but I think you might have misunderstood my question, and I don't exactly blame you because I had some difficulty explaining what I meant.
  I know what each and every key word in the following line mean, and I understand the command.
  match protocol http retcode 503 503 action remove 5 reset 300
  We match the protocol http, and look for when/if the server sends a return code 503 back to a client. Each time a 503 return code is returned from the real server a counter is increased by one. When the counter reaches 5 we take the action to remove (disable) the server. 300 seconds after the server was disabled it will be enabled again, and the counter will also be reset to zero at this point.
  But I'm asking about the time frame for the counter, or rather if there is a default timer that resets the counter back to zero after a certain amount of time. Let me give you an example.
  I enable return code checking for HTTP 503 and configure it to disable a server after five HTTP 503's have been seen by the CSM
  1 minute later the server sends three HTTP 503 messages to a client. Now the return code check counter is at 3. This is where the "time frame" that I speak of begins.
  Another 6 minutes later the server sends one HTTP 503 message to a client. The time frame within wich the CSM has seen HTTP 503's is now 6 minutes, so the CSM has seen four different HTTP 503's within 6 minutes. The counter would now be at 4.
  5 months later the server sends a fifth HTTP 503 message to a client. The time frame is now five months and six minutes. Will this fifth HTTP 503 message increase the return code check counter to 5? If it does, then the server will be disabled for 300 seconds, even though it was 5 months since the previous four 503's were seen by the CSM.
  What I'm wondering is basically if there is a limited time frame (like a sliding window) after which the return code check counter is reset back to zero? I cannot find any information about this, and as far as I can see there is no command I can use to see what the return code counter is currently at either, so I cannot manually verify this.
  It would have made sense if the feature worked like this instead, and I'm still hoping that someone can provide documentation that says this is the way it is supposed to work (because if the above example is true, then the feature is broken and useless)
  I enable return code checking for HTTP 503 and configure it to disable a server after five HTTP 503's have been seen by the CSM
  1 minute later the server sends three HTTP 503 messages to a client.  Now the return code check counter is at 3. This is where the "time  frame" that I speak of begins.
  5 minutes later the counter is reset to zero, because no 503's have been seen for over five minutes.
  2 months later the server sends a HTTP 503 message to a  client. This increases the counter to one. The server is never disabled. After another 5 minutes the counter is reset back to zero again.
  I hope that the above examples make it a bit clearer what I meant with my original question.

• Load Balancing FTP Server thru CSM using a single Client IP

  Hello,
  We have a need to load balance 3 FTP servers. These servers are reached only from a single client IP which is a database server. The FTP method that is being used is currently passive. Our configuration is currently unidirectional, ie, the FTP client (the one database server) sends to the VIP and the FTP Servers then talk directly back to the FTP client and the traffic does not go back through the CSM. The problem is that because FTP negotiates another port to talk on, we have to use sticky so that the connection is sent back to the original FTP server that sent the FTP data port to talk on. But, since we only have a single client IP that is ever used we are not load balancing appropriately across the FTP servers.
  Traffic flow goes something like this, tcp port followed after colon as an example
  1. FTP Client ----> VIP:21
  2. CSM ---------> FTP Server:21
  3. FTP Server --------> FTP Client(FTP server says come talk to me on port 1700)
  4. FTP Client ---------> VIP:1700
  5. CSM ---------> FTP Server:1700
  6. FTP Server:1700 ---------> FTP Client
  repeat steps 4 thru 6
  Here's our hardware and software:
  WS-X6066-SLB-APC running 4.2(2)
  Config is as follows
  module ContentSwitchingModule 9
  ft group 101 vlan 9
  priority 10
  vlan 216 client
  ip address 10.209.16.31 255.255.252.0
  gateway 10.209.16.1
  vlan 20 server
  ip address 10.209.0.31 255.255.252.0
  alias 10.209.0.11 255.255.252.0
  probe ICMP1 icmp
  interval 3
  failed 3
  receive 3
  serverfarm FHEPRT
  no nat server
  no nat client
  real 10.209.0.72
  inservice
  real 10.209.0.73
  inservice
  real 10.209.0.71
  inservice
  probe ICMP1
  sticky 106 netmask 255.255.255.255 address source timeout 3
  policy FHEPRT_POL1
  sticky-group 106
  serverfarm FHEPRT
  vserver FHEPRT1
  virtual 10.209.16.71 any
  vlan 216
  unidirectional
  serverfarm FHEPRT
  replicate csrp connection
  no persistent rebalance
  slb-policy FHEPRT_POL1
  inservice

  You are missing "service ftp" config in the Vip definition. Try the following
  vserver FHEPRT1
  virtual 10.209.16.71 tcp ftp service ftp
  Syed Iftekhar Ahmed

• Cisco CSM: Duplication of udp packets possible instead of load balancing?

  Hi all,
  Does anybody know if it's possible to use the csm (WS-X6066-SLB-APC, OS 4.3.1) to duplicate udp packets to several real servers instead of balancing them.
  In our special case we want to test duplicating snmp traps to several network management systems whereas on the snmp clients only one target address (the vserver address) is configured.
  Many thanks in advance,
  Thorsten

  Hi Thorsten,
  I'm afraid this is not possible. With the CSM you can only load-balance.
  Regards
  Daniel

• IPv6 log error messages

  I recently did an upgrade with pacman (the updates included a new kernel so I'm guessing that has something to do with my issue). Since then I've had this error appear at least 43759 times in my /var/log/errors.log files:
  localhost NetworkManager[809]: <error> [1322431974.973396] [nm-system.c:1061] nm_system_replace_default_ip6_route(): (eth0): failed to set IPv6 default route: -1
  Has anyone else been getting this error? It's filled all my log rotations and I suspect it's causing some other issues as well.
  Thanks,
  Jon

  Please see show mod below. The only thing similar is the CSM card in slot 8
  show module
  Mod Ports Card Type Model Serial No.
  1 2 Catalyst 6000 supervisor 2 (Active) WS-X6K-SUP2-2GE SAL0652AXRJ
  3 16 SFM-capable 16 port 1000mb GBIC WS-X6516-GBIC SAL0652ALHJ
  4 16 SFM-capable 16 port 1000mb GBIC WS-X6516-GBIC SAL0652AJZT
  6 16 SFM-capable 16 port 1000mb GBIC WS-X6516-GBIC SAL0723EMDG
  8 0 SLB Application Processor Complex WS-X6066-SLB-APC SAD075004W3
  10 6 Firewall Module WS-SVC-FWM-1 SAD080801A7
  11 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX SAD0750060X
  12 16 SFM-capable 16 port 10/100/1000mb RJ45 WS-X6516-GE-TX SAL0717CD2U
  13 16 SFM-capable 16 port 10/100/1000mb RJ45 WS-X6516-GE-TX SAL0716C3LN
  Mod MAC addresses Hw Fw Sw Status
  1 0009.1245.3010 to 0009.1245.3011 3.11 7.1(1) 12.2(17d)SXB Ok
  3 0009.11f1.c200 to 0009.11f1.c20f 5.3 6.3(1) 8.3(0.110)BO Ok
  4 0005.7487.6458 to 0005.7487.6467 5.3 6.3(1) 8.3(0.110)BO Ok
  6 000d.2907.9a20 to 000d.2907.9a2f 5.5 6.3(1) 8.3(0.110)BO Ok
  8 0002.fcc1.813c to 0002.fcc1.8143 1.7 4.1(2) Ok
  10 000e.847f.a1a0 to 000e.847f.a1a7 3.0 7.2(1) 2.2(1) Ok
  11 000e.83cf.70c0 to 000e.83cf.70ef 7.0 7.2(1) 8.3(0.110)BO Ok
  12 000c.ce3e.81e8 to 000c.ce3e.81f7 2.5 6.3(1) 8.3(0.110)BO Ok
  13 000b.5ff9.afd8 to 000b.5ff9.afe7 2.5 6.3(1) 8.3(0.110)BO Ok
  Mod Sub-Module Model Serial Hw Status
  1 Policy Feature Card 2 WS-F6K-PFC2 SAL0652ASZD 3.3 Ok
  1 Cat6k MSFC 2 daughterboard WS-F6K-MSFC2 SAL06499JMP 2.5 Ok
  11 Cisco Voice Daughter Card WS-F6K-VPWR-GE SAD074801PV 1.0 Ok

• CSM - Is it advisable to upgrade to latest version 4.2.(4)?

  Hi Sir,
  I have a pair of Cisco Catalyst 6513 switches; each contains a CSM (WS-X6066-SLB-APC). Both CSMs are configured in a fault tolerant group. Both running software version 4.2.(3).
  Below is latest Field Notice for CSM (DDTS = CSCsd27478):
  http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_field_notice09186a00806b056a.shtml
  Cisco recommends software upgrade to version 4.2.(3a). I have checked; the latest version is 4.2.(4). Is it advisable to upgrade to 4.2.(4)?
  Please advise.
  Thank you.
  B.Rgds,
  Lim TS

  If you are running 4.2.3 it is definitely recommended to upgrade to 4.2.4
  Gilles.

• ACE / CSM: how does predictor staticload work?

  Hello,
  I tested to implement the new ACE feature "staticload" .
  It seems to be that the connections are not distributed according to my settings.
  Does anyone have an idea how this feature works?
  Our SW versions are:
  ===================
  core1#show module 9
  Mod Ports Card Type Model Serial No.
  9 4 SLB Application Processor Complex WS-X6066-SLB-APC SAD101803W7
  Mod MAC addresses Hw Fw Sw Status
  9 0017.0ee1.bddc to 0017.0ee1.bde3 1.9 4.3(1) Ok
  Mod Online Diag Status
  9 Pass
  ===================
  ===================
  core1#sh ver
  Cisco Internetwork Operating System Software
  IOS (tm) s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(18)SXF12, RELEASE SOFTWARE (fc2)
  ===================
  If you need further information feel free to contact me.
  Best Regards,
  Thorsten

  Thorsten,
  sorry to say this, but if you do not understand the description, this probably means you don't need this feature.
  It was developped for one customer with a very specific requirement.
  the Load MUST be updated on the CSM by a script running on the server.
  The CSM will send ALL traffic to the server with the lowest load.
  If you do not update the load via a script, you end up with all traffic going to one server.
  Very few people have scripts running on the server updating the csm config.
  If you want to have some servers handling more traffic than others, you need to configure weight.
  This is describe here :
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/csm/4.1.x/4.1.1/command/reference/m_r.html#wp1057123
  This works with predictor roundrobin or leastconn.
  Gilles.

• CSM: Is it possible to access IPv4 server farms via IPv6 vIP?

  Dear all
  Before we start a more extensive testing programme I would like to ask the experts whether or not it should be possible to access already existing server farms (with IPv4 vIP) via an additional IPv6 vIP configured on the load balancer.
  The system in question is 6509 with Sup720 and CSM WS-X6066-SLB-APC.
  The idea is simple: Take an existing server farm (running completely on v4) and add an additional v6 vIP on the load balancer without the need to change the actual v4 networking behind the load balancer.
  Might this work (at least for some protocols like http, ftp, etc.)?
  Any "yes" or "no" or "maybe" or "with restrictions" appreciated.;)
  Thanks in advance,
  Grischa

  Fairly sure this isn't possible.  Unless I've missed something, the CSM doesn't support IPv6 at all.  Even if it did, I don't think a v6 VIP to a v4 real would work.  The only place I've seen this work was on a NetScaler, because the NetScaler holds independent connections open to the client and to the servers as a HTTP proxy, passing the request between the two.  I forget how the ACE operates; it may be able to act as a proxy, but don't think it supports v6 either.
  v6 support on CSMs would be totally awesome, but I'm not holding my breath.

• Combination bridged mode routed mode CSM

  We run an active/standby pair of
  CSM with SSL WS-X6066-SLB-S-K9
  currently we have our real servers in 2 vlans: 116 and 117. our VIPS are mostly in the client vlan 119. load balancing works fine.
  We now want to load balance between real servers in the 116 vlan. So far we have been unsuccessfull to get it owrking. I suspect because we essentially require a configuration that combines routed with bridged mode.
  has any one been able to configure such a setup? Is it possible at all?

  This type of topology is not 'bridged mode'.
  When you has source and destination of load-balancing process in the same subnet (in your topology vlan116) you need use source NAT (client nat in CSM terminology).
  Let me explain it:
  1. client (srcIP-vlan116) sedn request to VIP (VIP-vlan116).
  2. CSM process (modified) request and send it to dstIP-vlan116 (src IP is srcIP-vlan116) (*)
  3. server receive request. It will resopnse to srcIP-vlan116 and response is not delivered through CSM, but direct. TCP communication is not possible, because client's request is modified on the CSM.
  * when CSM modify source IP for example to one of IP addresses of CSM, response from server is send always to CSM and not direct.
  Martin

• CSM sticky timeout value - is this an idle timeout value?

  We have sticky groups configured in our CSM, with an timeout value of 60 minutes. My question is does the timeout value reference an 'idle' value, such as a user disconnected from the session, and now that timer is counting down from the 60 minutes to 0, to remove the stale session out of CSM?
  Or is this some other kind of value? If so, what does the value actually represent?
  Group  CurrConns Timeout  Type
  17     290       60       src-ip netmask 255.255.255.255
  Also, from this info below, is "this" timeout value in seconds, or should this show in minutes? Or is this a bug that I need to resolve by updating the CSM version? We're still on v2.2(1).
  CSM with SSL  WS-X6066-SLB-S-K9
  Thanks, Tony
  switch#sho mod csm 1 sticky group 17
  group   sticky-data              real              timeout
  17      ip 10.x.x.x            10.x.x.x            3469
  17      ip 10.x.x.x            10.x.x.x            3275
  17      ip 10.x.x.x            10.x.x.x            3016
  17      ip 10.x.x.x            10.x.x.x            2791
  17      ip 10.x.x.x            10.x.x.x            879

  Hi Ajay, thank you for the response. From your reply, "It appears that you have configured the sticky timeout value higher then the default value. So the sticky timeout value is in minutes," we set each group to have a 60 minute timeout value. I had read from another string that the timeout values I'm seeing in this table were incorrectly displayed, due to an upgraded needed on the CSM. We're running 2.2(1), and I thought I remember reading 4.2.2 was required to correct this bug?
  switch#sho mod csm 1 sticky group 17
  group   sticky-data              real              timeout
  17      ip 10.x.x.x            10.x.x.x            3469
  17      ip 10.x.x.x            10.x.x.x            3275
  17      ip 10.x.x.x            10.x.x.x            3016
  17      ip 10.x.x.x            10.x.x.x            2791
  17      ip 10.x.x.x            10.x.x.x            879

• Module ContrentSwitch 3 command takes more than a minute to respond

  I have two CAT 6509 switches with a CSM module in slot 3 in SW1 and a CSM module in slot 8 in SW2.
  From the router config when I type - module ContentSwitch 3 on MSFC in SW1 - it takes more than a minute to get the CSM config prompt.
  Then every command I type - eg, vlan 46 client - takes about a minute to respond.
  This happens only on CAT 6509 SW1. On the other CAT 6500 - SW2 - which has the CSM in slot 8 - when I say - at router config prompt - module ContentSwitch 8 - I get an immediate response with the csm config prompt and every command I type I get immediate response.
  One CAT 6500 number Sw1, I did a reset 3 at the CatOS prompt and tried again. Same problem, Could it be a H/W problem on this CSM in this CAT6509. The CSM versions of the two CSMs in the two CAT6509 are 4.1(3) and the MSFCs in the two CAT6509 are 12.1(2)E.
  It can't be version problem because the two CSMs and the two MSFCs in the two CAT 6509 have the same versions. Tomorrow I will replace the CSM in the problem CAT6509 and try again.
  I have configured one CSM and I need to configure this other CSM whick takes more than a minute to respond to commands and so I gave up after I typed 3 or 4 commands.
  Any suggestions please?

  I meant to type 12.1(22)E2. Please see below for the version and it is the same on the MSFC of both CAt6509 switches.
  IOS (tm) MSFC2 Software (C6MSFC2-JK2SV-M), Version 12.1(22)E2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
  CSM is 4.1(3) - see below:
  HTCUITS1> (enable) show mod
  Mod Slot Ports Module-Type Model Sub Status
  1 1 2 1000BaseX Supervisor WS-X6K-SUP2-2GE yes standby
  15 1 1 Multilayer Switch Feature WS-F6K-MSFC2 no standby
  2 2 2 1000BaseX Supervisor WS-X6K-SUP2-2GE yes ok
  16 2 1 Multilayer Switch Feature WS-F6K-MSFC2 no ok
  3 3 4 Content Switching Module WS-X6066-SLB-APC no ok
  4 4 8 Intrusion Detection Mod WS-SVC-IDSM-2 yes ok
  5 5 8 1000BaseX Ethernet WS-X6408A-GBIC no ok
  6 6 48 10/100/1000BaseT Ethernet WS-X6548-GE-TX no ok
  7 7 48 10/100BaseTX Ethernet WS-X6348-RJ-45 no ok
  Mod Module-Name Serial-Num
  1 SAD051905VW
  15 SAD0518057D
  2 SAL085286E3
  16 SAL09020C29
  3 SAD0825082B
  4 SAD091208RC
  5 SAL06110XWG
  6 SAL091389PP
  7 SAL05052SZ5
  --More--
  Mod MAC-Address(es) Hw Fw Sw
  1 00-01-64-76-08-3e to 00-01-64-76-08-3f 2.2 7.1(1) 8.3(7)
  00-01-64-76-08-3c to 00-01-64-76-08-3d
  15 00-06-28-75-f1-00 to 00-06-28-75-f1-3f 1.2 12.1(22)E2 12.1(22)E2
  2 00-09-12-58-2d-ce to 00-09-12-58-2d-cf 5.1 7.1(1) 8.3(7)
  00-09-12-58-2d-cc to 00-09-12-58-2d-cd
  00-d0-04-e0-6c-00 to 00-d0-04-e0-6f-ff
  16 00-13-19-34-f6-80 to 00-13-19-34-f6-bf 2.8 12.1(22)E2 12.1(22)E2
  3 00-11-5c-eb-5f-ca to 00-11-5c-eb-5f-d1 1.7 4.1(3)
  4 00-12-80-f1-31-26 to 00-12-80-f1-31-2d 5.0 7.2(1) 4.1(4)S91
  5 00-09-12-60-d4-44 to 00-09-12-60-d4-4b 2.1 5.4(2) 8.3(7)
  6 00-13-7f-4d-ae-c0 to 00-13-7f-4d-ae-ef 10.1 7.2(1) 8.3(7)
  7 00-03-6c-1c-f1-70 to 00-03-6c-1c-f1-9f 1.5 5.4(2) 8.3(7)