Cisco :: C2900 SNMP How To Get Number Of Learned MAC Addresses On Switch
Aug 29, 2012
There is nice c2900PortNumberOfLearnedAddresses table in C2900-MIB, but it's outdated and not supported by modern switches.Is there similar table for modern switches? Most interested in Catalyst 2960 and 3750.
I am seeing SNMP coldstart traps that either are delayed by many hours or are false (e.g. right after receiving the coldstart trap a query to sysUptime shows the nodes been up for days).I seen this twice this week in a new network environment for me for two different C2900s running C2900-UNIVERSALK9-M Version 15.0(1)M3 Assuming the coldstart traps are coming from the actual source nodes, I am curious what could be going on here.
1) One guess I have is possibly the system clock changed could cause the SNMP agent to send a false cold start trap. Then my guess is in the device log I should see a system time change syslog message.
2) I recall hearing once that syslog and possible traps messages are held in configurable buffer who default value is 1 and if not sent are held and then suffer a delayed sent. Is it true for both traps and syslog ? In the past I assumed this was simply the logging history buffer and applicable to syslog traps only. My assumption in the past was that last trap or last syslog message is sometimes held on reload and sent immediately after restart regardless of device connectivity to the management target.
I always assumed coldstart traps are never delayed for any reason and that they were pretty accurate substitutes for system reload syslog messages. Does anyknow know any reason for false or delayed coldstart traps on a C2900 with IOS 15.0(1) ?
Any OID to determine the number of registered AP's on a WLC (specifically the AIR-CT2504).
I've got both of the Airespace MIBs and have browsed through them but I can't seem to find the correct location. I can find a list of all of the AP's registered but our monitoring software doesn't have the ability to 'count' that index. As such, I'm looking for a count/summation of the total number of registered AP's via SNMP.
I need to know the maximum number of MAC addresses that can be entered in to the MAC security filter list on the AP541N.I know it has a maximum number of 200 concurrent users, however the documentation does not specifiy whether this also applies to the MAC filter.
I have used wireless acces points in the past that allow hundreds of users but only allow 64 MAC addresses, so this is very important.
A small network and uses the Linksys Router BEFSR81 as dhcp.the default Number of addresses is 50 and starts 10.0.0.100 to 10.0.0.149.A new Cisco IP Phone just introduced requires ip addresses and have noticed running out of addreses.Can I increase the number to 120 so that the address range would start from 10.0.0.100 to 10.0.0.219, also, I have a VPN device which automatically configures itself for 10.0.0.199 address and this is /24 network configuration.
I'm developing a project where I use the SNMP protocol to discover the network. By discovering the network I mean go through all the routers and switches and retrieve the IP routing table from routers and the forwarding table from switches. With the routers I have no problem. For the switches I need to know for each port the MAC addresses and the Vlans. Basically it's use SNMP to find a port number from a MAC address. To do that i followed this tutorial: [URL]
The problem is that I'm using a Cisco 3725 Router with IOS 12.4 (21) and a NM-16ESW module to work as a Switch and when I use the OID .22.214.171.124.2.1.17 corresponding to the BRIDGE-MIB as it follows:
From this I guess there's no information on the router about Vlans or anything. Other thing is that when I use community string indexing it returns a timeout. My theory is that this version doesn't support indexing but I don't know.
how can I get the Port Number from a MAC address from this "switch" (it's a router working as a switch) using SNMP?
I have a very basic setup here but strange the router is learning RIP routes advertised by the switch but the switch is learning anyRIP routes. Debug shows the switch is sending updates but not receiving any. There is also these error: %MRIB_API-3-ASYNC_ERR: Asynchronous error: failed to register to the MRIB. errno 0xE
I can ping across the gig 0/2 (switch) and GIg 0/2/0 (router)
I have a situation where my Internet edge routers learn 0.0 from ATT (AS 7018) my provider. I then wish to advertise these learned routes via WAN. However my WAN MPLS provider is also ATT and they use AS 7018 for that as well. When I try to push 0.0 to my other WAN sites 0.0 is suppressed to avoid loops.What's the best way to tell the WAN routers to advertise 0.0 back to the same AS originally learned from?
how to switch between my 5 new static IP addresses that I purchased (on a monthly basis now) from my ISP. I need them for my business so that I can send out more than the 1,000 emails per day from the one IP address to all of my customers which total a little over 1,500 now. Unfortunately I'm quite computer iliterate when it comes to understanding even the basics of computer terminology, etc. My ISP explained to me that if I purchased the bundle of 5 static IPs, then I could in essence send out 5,000 emails per day, which is plenty.
I'm trying to disable/enable ports via snmp v2 on a Cisco SG500-52P-K9-V01 switch. The communties are setup properly and I even have successful snmpset commands which when queried display that the action was complete. The issue is that when I disable the port via snmp the device on that port does not drop offline. This is a PoE port with a device powered over PoE so I'd expect the port to disable but also the PoE to turn the device off - neither happens.
Any experience with port management on this device? I also noticed the interface IDs (for port 1 for discussion) are 1, 101, 201 etc. I've tried setting on 1 and 101 only but the results have been the same and what were mentioned above.
My university provides one Ethernet port per student in dorm rooms. They assign IP addresses based on which port you connect to and forbid multiple computers connected to the one port using a hub or switch.DHCP leases are 24 hours long, but you can switch out 10 different devices with different MAC addresses and keep getting the same IP. How does this work? Do they just figure that if you're using a hub connecting multiple stations to the one port that they don't care if there's a conflict?
I have been reading the postings on this site trying to retrieve the MAC address for the client devices (computers, printers) attached to our switches. We have approximately 500 switches and I need to map the mac address to the switch. It appears the OID information is for SNMP v2. We are restricted to using only SNMP v3. I have tried using the Cisco SNMP Object Navigator without any success.
I currently have a the following configuration and am unable to get more than 2 DHCP addresses for the devices connected to the Cisco new SG 100-16 Switch.The AP have no trouble handing out DHCP to the wireless clients, but we are unable to get the SG 100-16 to be able to do the same thing to wired clients. It is currently connected to the 2960-8 in port 1. We can get 2 devices connected without a problem, but the 3rd machine and beyond do not work. Also, setting up a static IP does not work. Using a static will not even allow us to ping or tracer back to any devices beyond the SG 100-16.
We currently have a stack of 5 x 3750 switches and i want to remove switch number 3 (it has the least number of things plugged in). What will happen to switch 4 and 5 will they be renumbered 3 and 4, and will the config automatically update this if it does?
I have a 6509-E chassis that was prevoius in a VSS configuration. Due to some VSL failures I had to cobvert it to a standalone chassis but would like to bring it back to a virtual system.
Whenever I try to convert it by using the command "switch convert mode virtual" I get the msg %Please configure local switch number first". After doing so by entering the CLI cmd "switch set switch_num 1 local" I still get the same message.
i want use CACTI for monitor my bandwidth so i have a question how can i enable snmp for a switch port ? or i shoudl just enable snmp from configuratiopn terminal and then in CACTI i will choose which port will be monitor? can i do something that CACTI connect to my switch with a encryption key ? i have cisco 2960 48 port switch
I have a Catalyst Switch 6000. Inoticed that after the execution of the job inventory in LMS, and after the snmp queries reached the equipement, the cpu value reached 98-99 % due to the process : PDU DISPATCHER (what’s it ?)
I have also a script running in the switch to observe the differents logs. For exemple, when high cpu is obtained, the message bellow appear :
« %SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input
« %SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input
« %SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input
We want to permit certain mac addresses on the cat 4506 switch wherein only those mac addresses will get access to network.
Configuration Planned: For testing purpose we have created mac access list on cat 4506 and deny laptop mac address in this access list. The mac access group is applied to the port where the laptop is connected to cat 4506.Even after applying the mac access group on the port, the laptop is able to ping the vlan ip of cat 4506 [code]
laptop with ip address 192.168.10.2/24 connected to port 2/1 is able to ping 192.168.10.1 even after applying the mac access-group
Note-we have tested same configuration on cat 3560 and its working fine. We apply the mac access-group command on interface and clear the arp-cache and we are not able to ping vlan interface ip. The moment we remove the mac access-group,ping starts again.
We have a vpn L2L with an ASA and C2900 and always stopping to ping each other but the vpn still UP and can each the others devices behind the peers.
Everytime we have to issue on router "clear cry isa peer" or on asa "clear ipsec peer" to start to ping each other but after seconds it's stopping to ping again.Is there something to fix it permanently? We did some debug crypto on asa but no information was logged.
1) current switch have below mentioned switch stack details . switch#sh switchSwitch/Stack Mac Address : fcfb.xyz.8b80H/W CurrentSwitch# Role Mac Address Priority Version State----------------------------------------------------------*1 Master fcfb.xyz.8b80 10 0 Ready3 Member 2893.xyz.3180 1 0 Ready
2) I am in process of changing switch member number from 3 to 2 , I executed the command on the global config mode " switch 3 renumber 2 "but I yet to reload the switch .
here I have I doubt . as currently the ports module are fas 1/0/1-48 and fas 3/0/1-48 under respective vlan . once I reload the switch is the switch port module number will get change to fastethernt 3/0/1-48 to fastethenet 2/0/1-48 ??? . if it happens the vlan configuation which configured on the fas 3/0/1-48 module also get configured automatically or I need to configure manually
3) as i said i have execuated the command : "switch 3 renumber 2 " , how to remove this or revert the change , as i checked in the running config this command not exist .
switch ( config) # switch 3 renumber 2WARNING: Changing the switch number may result in aconfiguration change for that switch.The interface configuration associated with the old switchnumber will remain as a provisioned configuration.Do you want to continue?[confirm]Changing Switch Number 3 to Switch Number 2New Switch Number will be effective after next reboot
I am having a lab switch. Recently I am getting "%SCHED-3-SEMLOCKED: SNMP ENGINE attempted to lock a semaphore, already locked by itself" message and the switch has started to hang a little bit. I just want to know what this log means and how to trouble shoot.
I am trying to setup my 3550 layer 3 switch to do hand out dhcp addresses for different vlans. It is connected to my router address 192.168.1.1. I setup a new vlan 3 and the dhcp pool.. The client gets a 192.168.3.2 address but am not able to ping the router and other clients and get out to the internet.
Here is the config that I have. I deleted the other ports because I am not using them. The vlan 3 client is on port fast Ethernet 0/17 and the router is connected to the fastethernet 0/1.
version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption
Previously posted as C2900 - inward NAT partial success...
Running C2900-UNIVERSALK8-M, Version 15.0(1)M3 RELEASE SOFTWARE (fc2)
I have several sets of inward NAT defined (51001-51007, 52001-52007. 53001-53007),all to various internal addresses. When I attempted to add another set, the new onesdo not work and get a "timeout" error.
When I tried port 51008, it gets a timeout. When I changed 51008 to 51010, the 51010 now gets a timeout, and 51008 now gets "connection refused" (which I expect).The original sets all work, the new ones (added at the end of the lists) do not.When I am on any of the internal machines, the target (192.168.1.21) works fine.When I am "in the router", I can connect via the ssh command, so I know that therouter can talk to 192.168.1.21 on port 22 as expected.
I have 1 x C2900 router with 3 x ADSL WIC and UC500. I setup 3 x ADSL to access internet and UC500 is connected with 3 telephone lines (plugged into FXO ports). I have 2 x GE on my 2900. 1st GE is connected to switch and 2nd GE is connected to UC500.
I want to setup that traffic from UC500 (SIP) is going through 1 dedicated ADSL line and data (from computers & servers) is going through remaining 2 interfaces only. How I can set it up.
I would also like to know how I can load balance internet connection going through 2 dedicated data ADSL lines.
We are facing a strange issue with GRE tunnel. We are using this tunnel from a branch office to Hub office. All other tunnels terminated on Hub router are working fine. Issue with this tunnel is that whenever WAN connection goes down Line protocol on tunnel interface some times comes up and sometimes not (therefore we have to reset the tunnel interface and it comes up). IOS used on this router : c2900-universalk9-mz.SPA.152-1.T2
I have a mixed WAN environment with both eBGP and EIGRP routes. The BGP routes should always take precedence, when they exist. If no BGP routes exist I want the router to fail over to using the EIGRP routes. So far, this works fine.
The problem is, when the BGP route again becomes available (and the associated entry appears in the "sh ip bgp ... received-routes" output) the router is NOT relinquishing the EIGRP route. It remains in effect, showing as a "D" route int the route table even though there is a better ("B") route available. If I bounce EIGRP or the interface associated with it, the EIGRP route disappears and the BGP route reasserts itself, and everything will run correctly until the next time the BGP route disappears due to maintenance, line failure, etc.
My router is (C2900-UNIVERSALK9-M), Version 15.3(1)T
Here's the associated config interface Tunnel101 description VPN backup WAN interface bandwidth 7168 ip address 192.168.75.1 255.255.255.0 [code].....
Imagine I am designing a small network with a C2900 router running OSPF and in the future BGP with service provider. Please see attached diagram.The router is connected to (2) C3750 Layer 3 distribution switches. Then one C3560 layer 2 switch to serve future IP phone users and desktops.
a)If I connect the router interface to the (2) 3750 switches, if I make the router interface fa0/0 and fa0/1 as a trunk to accomodate VLAN 200 and other future VLANs, don't I have a problem with overlapping networks between router interface fa0/0 and fa0/1?
b)Alternatively, I could make the Router1 fa0/0 and fa0/1 configured with IP addresses and advertised in OSPF. Then the SW1 fa0/24 and and SW2 fa0/24 I could make as 'no switchport and create a routed interface port' with IP addresses, also running OSPF. Question is, from a scalable design perspectie, would you create 2 management networks and use those when assigning the IP addresses for Router1 fa0/1 and fa0/2? Because again Router1 fa0/1 and fa0/2 obviously need to be placed on different networks to avoid overlapping. So my question is more about proper network planning design to make this scalable to accomodate future VLANs in the future.Using trunks between the Router1 and SW1 option:
Router1 int fa0/0 description connection to SW1 no ip add int fa0/0.200