Cisco :: Can QoS Be Retained From Layer 2 To 3 Without VLANs
Feb 9, 2013
I have a question about QoS and how, or if, it functions between a layer 2 switch and a router. My question is, can a frame's COS sent from a layer 2 switch to a router be recognized and converted (mapped) to a DSCP setting without the use of a vlan (not the native vlan1), and can the reverse be done from a router to a layer 2 switch? Can QoS be preserved as it passes through the different devices? I know, pretty basic, but I have to start somewhere.
I'm setting up a Cisco 3750 layer 3 switch with several vlans. I thought enabling routing would route between the vlans, but no such luck.What I want is to share the internet access of vlan 100 with the other vlans/ip-nets.How can I do that?
just a simple question. Is it possible to use a nexus 5548 UP switch as a layer 3 router between different vlans on the switch without the layer 3 card ? Or is there no 5548 as a router with the layer 3 card ?
I am trying to setup my 3550 layer 3 switch to do hand out dhcp addresses for different vlans. It is connected to my router address 192.168.1.1. I setup a new vlan 3 and the dhcp pool.. The client gets a 192.168.3.2 address but am not able to ping the router and other clients and get out to the internet.
Here is the config that I have. I deleted the other ports because I am not using them. The vlan 3 client is on port fast Ethernet 0/17 and the router is connected to the fastethernet 0/1.
version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption
i need to know that how can i make vlans in Linksys SRW224G4 Layer 2 manageable switch , because i have 100 users network having lots of users using more then 1 ip to connect 4 different servers having different ip class pools, what i need is, i want to use only single ip pool with Class B Address like 172.16.6.0 for all network users which all connect to far end servers through layer 2 Linksys SRW224G4 manageable switch controlling to allow different IP pools ? like 172.16.1.0 / 172.16.55.0 / 172.16.99.0 and 192.168.1.0
.If the fex is physically disconnected from 5K, Should the fex config be retained or lost?I have a 2148t fex which was single homed to a 5K.The Fex was physically disconnected from 5K, but its logical configuration is still present on port channel and physical interface.when I do show fex XXX , it says not found and no fex information is available I have not tried connecting the fex back to 5K to see if the fex config is retained.
WE have to deploy ASA5585 in between User vlans & server vlans. we have to find all the ports that needs to be opened on firewall. any tools to do same.
I am taking an introduction class to CCNA and we are focusing on the Application Layer,and I'm having some difficulty in understanding what is an Application Layer Service. Is the Application Layer Service the same as Application Layer Software?
SM-ES3-16-P works as a layer 3 module which means that the uplink which connects to router ( Internally ) is a layer 3 interface . Is there a way we can use it as a layer 2 switch and connect the uplink as a trunk port ?
I need a ≥ 8 port layer 3 managed switch. What would be the cheapest solution for this?I've been looking at some stuff like Cisco 4908G, but that only supports 1000base-X. I need something that supports the standard 1000base-T. I've also looked at a Cisco WS-C3508G-XL-EN, but correct me if I'm wrong, this is only layer 2?
i am trying to do EoMPLS using microwave as my Layer 1. i am doing the same thing using Fiber as my layer 1 and it is working. the minute i use microwave its not working. the EVC will be showing as up, but no traffic will be moving. i am using 2 3750Metro series swicthes. i have tries to tweek the MTU to be above 1500 and below 1500 but nothing is working. LDP is establishing, OSPF is working, but the EVC is just not forwadign traffic from end to end.
N5K will be running on Layer 2 mode. vPC configured between N5K and N2K Servers are part of Vlan 10, 20, 30 and Juniper SRX firewall is the gateway for all the servers. SRK firewall is Active/Standby mode.
Questions are
1) Is there any non-vPC link required between N5K in this scenario?
2) N5K will pass in/out traffic to juniper SRX firewall durining SRX failover as well as normal operation
- these subnets are connected to an IP backbone via wirelles acces points
I would like to physically connect these subnets together so the networks devices in S1 could directly communicate with the devices in S2 and vice versa without going through the backbone.
The obvious solution seems to interconnect these subnets with a router or a switch L3. But I would like to connect these subnets and stay at layer 2.
So, is it possible to connect S1 and S2 with a switch L2 ? If I do that, what is going to happen? Can I create just one subnet S3 from this two subnets when I connect them together and have my two separate subnets back as soon as I disconnect them?
I know I can bring up a tunnel up-and-up without any layer 3 address, without any ipv4 or ipv6 address (apart from tunnel source/destination of course). And I don't have to use "ip unnumbered <interface>" either. But what good is a tunnel interface with no address? Can you bridge them or something?
I have two MLS conected by 2 fast ethernet links f0/11 and f0/12 on both sides.I am trying to set up a layer 3 etherchannel using these two links . But when i see etherchannel summary, they dont show up as layer 3. Instead they show as layer 2.
With most of my Layer2/Layer3 switches, I'm accustom to giving them a SVI on my management VLAN, and calling it a day. I can't find in the Cisco Nexus guides how to do something similar; everything points to the mgmt0 physical interface, which seems like I need to uplink it to an access port on another switch. Can somebody point me in the right direction for how to do give the Nexus an IP that I can ssh/snmp into it across a trunk for management? I must just be missing the keyword.. NX-OS is still quite a different beast.I see in the manual it says: "SSH has the following prerequisites: You have configured IP on a Layer 3 interface, out-of-band on the mgmt 0 interface or inband on an Ethernet interface." Cisco Nexus 5000 Series Switch CLI Software Configuration Guide page 284, How do I configure an IP on a Layer 3 interface on a Nexus?
I have a WLC 3750 with 41 APs. We use Web Authentication with the combination of a layer 2 security feature (WPA/WPA2 with PSK). With this combination some clients have the problem that they get deauthenticated and have to authenticate again while being in an active session. For testing I disabled the layer 2 security feature i.e. I set it to "none" but I left the Web Authentication enabled. With these settings none of the clients has any more problems with getting deauthenticated. They stay online for the entire session.
I have the following scenario. Connected to a Cisco 3560 switch (fa0/9) is another Cisco switch (that is operating at layer 2). On the other side of that second switch is a firewall. I want to send traffic from my Cisco 3560 switch to a network behind the firewall. [code] However, when I try to add the ip address to int fa0/9, I get an error. Right now, the 3560 is operating at layer 2. I think that I need to issue the command: "ip routing" to put it in layer 3, then put the ip address on port fa0/9. However, I am concerned that I will mess up my production environment. Is there any other way of doing this? The "ip route 0.0.0.0 0.0.0.0" statement sends traffic out the gateway to the Internet. I just want to send packets to 209.52.62.16/28 out int fa0/9.
I have a situation where I have ethernet traffic from two separate networks/ip subnets (Subnet A and Subnet B) on a single ethernet connection. I have the need to separate the traffic into two separate networks and two isolated broadcast domains. I thought this could easily be accomplished with a Cisco 300 Layer 3 switch, but I can't get it to work correctly. I have the switch set to IP routing mode. I have three VLANs configured. VLAN 1 sees the combined Layer 2 & 3 ethernet traffic for both subnet A and subnet B. VLAN 10 has an IP address assigned from subnet A and is the gateway for devices within that subnet. VLAN 20 has an IP address assigned from subnet B and is the gateway for devices within that subnet. IP proxy arp is on by default and should be active.Devices in VLAN 10 can ping devices in VLAN 20 and devices in VLAN 20 can ping devices in VLAN 10. This appears to be working only because the switch is the default gateway for those components.
No devices or servers in VLAN 1 can ping VLAN 10 or VLAN 20 components, and VLAN 10 and VLAN 20 components can not ping VLAN 1. I analyzed the ARP traffic on VLAN 1 and the switch is not responding with its own MAC address for requests for IPs for active devices connected to VLAN 10 or VLAN 20. The Cisco documentation says that the device should be responding and acting as a router.I can not physically connect everthing on VLAN 1 directly to the switch, I can not make the switch the default gaeway for all devices on VLAN 1, and I can not create static routes directly to the VLAN 1 switch IP address for all devices that are part of VLAN 1, so I am stuck. I need the switch to let VLAN 1 components automatically know what is connected to VLAN 10 and VLAN 20.
I am willing to scrap this approach entirely if there is an easier way to do this. Put simply, I have a few devices in Subnet A that need to be isolated from Layer 2 & 3 traffic destined for a few devices in Subnet B, but I can't reconfigure my entire network to create these isolated broadcast domains.
We have a potential new customer who is wanting to deploy a guest WLAN. I am happy doing this via a VLAN on the WAP4410N series AP’s. I would then create the relevant VLAN’s on the switch. Can each VLAN be assigned an IP address and allowing me to be able to add a static route on the router pointing the traffic for the Guest VLAN back to the switch?
I am currently working on my first ASA5510 configuration and am running into some issues. The ASA is running 8.2(5). The network setup is as follows:Layer 3 switch with 4 VLANs with ip routing enabled.All systems are pointing to the 3560 as their default gateway. ip route 0.0.0.0 0.0.0.0 10.20.100.30 (asa)The ASA is directly connected to the L3 switch on one of the VLANs. The other VLANs are not established on the ASA, but static routes have been created for them on the ASA.I am able to ping the ASA from the switches, etc.I am able to ping the switches from the ASA When connected to VPN Client to ASA, I am unable to reach anything behind it. When at the office, I am unable to reach the internet from the ASA.The following NAT configuration is in place on the ASA;
I found that when I enabled layer 2 auto QoS in 3560 switch, I need to wait so much time to open a file in network drive. Howerver, when I disable the Qos. It can improve a lot. I have used a sniffer to capture the packet to see. Those default packet is in DSCP 0. Therefore, I think majority packet will drop to queue 4. How can I increase the buffer and threshold in order to improve queue 4 performance.
I recently was asked to turn a routed link between our HQ and our DR Site into a trunked link to allow us to span our main Server VLAN up to the DR Site.I was informed by the ISP that owns the 100Mb Leased Line between the sites that the link was configured to pass dot1q traffic and I should just have to configure my links at either end as trunks to get the link to come up.
There is a Cisco 3560 at either end with Layer 3 routing enabled (obviously as this was a routed link previously).So, I scheduled an outage and configured either end as a trunk links as follows and repointed any routes from the /30 routed addresses to the management addresses of the switches on either side:
***For info VLAN 15 is the DR Site and VLAN 11 is the Server range at our HQ and was available on the connected switch***
We have 2 sites that are actually connected through a 10 Mbps cooper link.
In site A we have a 3750G- SW in site B we have a 2960Poe SW This link has in each end a ISP's router (allied Tele sis)
This link is working fine. Now we contracted with the ISP a new link, 30 Mbps fiber, and we need to replace de "old" one... in this case the IPS only gave us a transceiver so we have UTP instead fiber, no routers. the 10Mbps and 30Mbps links in were hired to be layer 2 only.
Is possible to create a config in site B SW to make it work? I was searching and see this IOS command: spanning-tree link-type point-to-point. could this do the rick? Or is absolutely necessary to use a router?
P.S: Actual config of the port in use is: Site A: interface GigabitEthernet1/0/5 description description NEW LINK Fiber - UPLINK TO SW4
Site B: interface GigabitEthernet0/1 description NEW - Fiber - UPLINK TO SW1 [code]...
We have a situation where we need to encrypt the traffic on a Layer 2 V LAN. We have a Cisco Switch on each side but the fiber it runs over is leased and encryption (AES256 minimum) is required on a leased line. We have 2 ASA5505s that we could use on each side. Not sure what would be the best setup for this scenario (Site to Site). Or is there something better than using 2 ASAs on each side?
Data link-ARP,RARP, presentation-SSL,TSL,ASCII,JPG, Session layer-ASP(apple talk session protocol),SCP are these correct?can your provide 2 new protocols for each with the long name?
which OSI layer is responsible for error correction nd which method is use for it..as far i have studied i thnk data link layer perform both error detection and correction..?
I managed to narrow down my question to this.SOCKS5 proxy is able to handle both TCP and UDP transport protocols.If I have IPinIP encapsulated tunnel, will this work? in other words, does SOCKS5 expect Layer 4 header immediately after Layer 3 header or not?
