Cisco Switches :: Trunk On SG300 Constantly Removing Ports And Adding Back
Mar 19, 2012
I have a Cisco SG300 switch on which trunks are configured. I have a server which sits on the switch via a trunk link of four network cables (4 Gbps total)on which LACP is enabled. I'm having trouble connecting to the server using VNC from a computer on the network. It doesn't happen all the time though, it's just random.
On looking at the logs of the switch, I saw something unusual. The trunk that connects the switch to the server is constantly removing all the member ports and adding them back again after a few minutes interval. That causes the trunk link to flip on and off all the time. What could be the reason that's causing it to happen? I know it could be the network cable but I'm using brand new cables and the server also is brand new.
I have trunk etherchannel ports 47,48 which both have Vlans allowed on trunk 70,71. Everything works pretty fine. Now I am trying to add a new VLAN 72 to these ports.
Our company currently have a 3com 2816 connected to a 3com 4800G through a trunk. The 4800G connects to the PBX and to the ip phones/computers. We are currently using vlan1 (192.168.100.n) for data and vlan 3 (192.168.101.n) for voice , Ip addresses are being issued by a DHCP server. Each user has an assigned IP phone and it has an ethernet port that connects to each computer. This setup has been working properly until I purchased an SG300 and replaced the 3com 2816.
The ip phone is showing a bad gateway and the PC are getting an ip address of 192.168.101 (which is for voice). Theoretically it should work, but what is weird is, it seems the SG300 trunking with the 3com 4800G is not working. Is it possible that it is on ISL mode rather than dot1q?I also saw its running RSTP, should I changed it to classic STP?How do I fix this or what troubleshooting should i do?
The SG300 is configured as a layer 2 switch. Configuration for the trunk below:
My problem is that the switch all of the sudden doesn't boot up anymore. The System LED constantly flashes, after probably 40-50 seconds or so it constantly lights for a second, afterwards all the lights on the ethernet ports light up for a second and the process starts all over again! The console messages:
Device configuration:Slot 1 - SG300-10PDevice 0: GT_98DX3033B (AlleyCat2) -------------------------------------- Unit Standalone -------------------------------------- Tapi Version: v1.9.5Core Version: v1.9.519-Jul-2012 17:55:03 %INIT-I-InitCompleted:
I have a 3750 as a core and have a series of HP Procurve switches that are daisy chained using one port. I have two vlans on the port now (6 &9) and everything works fine, all switches communicate and end devices on the switches are also talking. There is a requirement to add a device towards the end of the chain which requires it to connect using Vlan1. Once I add Vlan1 to the port onthe 3750 I lose connectivity to all the HP switches.
How does the ESW 500 or SF300 line guarantee QoS of voice traffic when trunking switch to switch? I have (2) ESW 500 series switches in series. The phone on switch 1 have no audio issues, but the phones on switch 2 (the last in the series) have intermittent voice quality issues when dialing across a WAN circuit to another office. The phone on switch 1 do not have that issue though they traverse the same circuit. They are all using the same VLAN 100.
I just received a new Cisco SG300-10 and am configuring it in Layer 3 mode. I am trying to setup multiple routed VLANs going back to a FiOS Actiontec router. My configuration is as follows.
Fios Router: 192.168.1.1 Assigning DHCP 192.168.1.2 through 100. SG300-10 has VLan 1 ip 192.168.1.5 used for Mgmt. VLAN2 is 10.0.2.1 VLAN3 is 10.0.3.1.
I have a static route set on the fios router for both subnets setup as follows.
I have a laptop connected to Gi8 on the Cisco (Vlan 3) and statically assigned 10.0.3.3, with a gateway of 10.0.3.1. DNS set to the fios router (192.168.1.1).
Everything pretty much works EXCEPT, I cannot get out to the internet from either vlan. Traffic routes between vlans/and the default subnet on the fios without issue.
When I ping out, DNS resolves, but will not go past the fios router. Am I missing a setting somewhere?
I've got an SG300-10P switch and am trying to use it to create a testing environment for a Fiber Test set. What I would like to do is get two hosts, A & B, plugged into ports 1 and 3 on the switch, to talk to each other, but forcing the traffic to be routed through the two Combo ports 9 & 10. Please see the attached diagram.I've attempted to configure two VLAN's, 10 and 20. Vlan 10 is used for traffic between Ports 1 and 9, Vlan 20 is used for traffic between Ports 3 and 10.I don't really care whether the traffic is tagged or untagged as it passes between ports 9 and 10.
I've tried various combinations of tagged/untagged ports, PVID's, etc. As a first test I've bypassed the Fiber Test set and simply created a direct connection between ports 9 and 10. I am unable to get the traffic from Host A to Host B to get routed through ports 9 and 10 (I ping each host from the other and get no response).
I just recently purchased an SG300 10 port switch. After reading through many of the threads here, I was finally able to get the different VLANs to route properly. However, I'm having a unique issue that I'm not sure if it's related to the switch or not. I currently have 2 VLANs configured on the switch.ports 1-4 are native vlan 1 (192.168.1.X) ports 5-7 are VLAN 10 192.168.10.X (Trunk Port with VLAN 1 tagged and VLAN 10 untagged)I have a Hyper-V server connected to both of these networks. The VMs are running on both VLANs on port 5. I have the following problem:When I have a domain controller VM on VLAN 10, I notice that many of the DC communications failed. I took a network trace and noticed that many of the RPC port ranges were failing. I am able to ping all of the hosts on VLAN1 and vice versa. My question is as follows:Does this switch have some type of security option that blocks high range ports? I can't seem to find the menu option indicating that this is the case. I have already set-up a NETBIOS UDP proxy, but this hasn't worked much. I still have problems connecting to machines on this VLAN range.
So, I spent some time this weekend troubleshooting the issues I've had with the new SG300-28P switch and POE to many of my devices in the office. As a recap, I cannot utilize all of the 24 POE ports on the switch for POE purposes. Really only every other port [with a few odd combinations thrown in between]. In addition, the SG300-28P switch, on occasion, is sending POE to non-POE devices [e.g. my Ruckus Zone Director 1106].
Here are my POE devices [all 802.3 af-compliant]: 3 Ruckus 7982 access points1 Pakedge access point2 home-automation controllers2 Polycom voip phones I called Cisco support several times in regards to this problem, and they figured it was a hardware issue - a faulty switch. So, Cisco sent me a replacement SG300-28P, which I hooked up today. The exact problem still occurs. Default configuration [fresh out of the box]. No way I can land, for example, the 3 Ruckus 7982 AP's on ports 1, 2, and 3 [or ports 1,13, and 2]. I have to put them on ports 1, 3, and 5 in order for them to power up. In addition, I can't plug any other POE devices on the ports either between or below them. I had to skip another port bay. This is very odd behavior!! Two Cisco SG300-28P's in a row with the same problem.
However, I also had one of the new Cisco SG300-10P switches in my possession for a recent project of ours. I decided to hook up the same POE devices to this switch. ALL POE devices were recognized and worked! No need to skip a port. And it didn't matter what device was plugged in first or not. I am now convinced that it is either a hardware issue [bad power supply/transformer?] inside all of the SG300-28P switches, or a firmware issue.
Both of the SG300-28P switches were running firmware 1.1.2 [the latest on Cisco's website]. So, I decided to install an older firmware version on the SG300-28P switch that I'm returning [installed 1.1.1.8]. Here's what I found out. I could then plug 2 POE devices [e.g. two Ruckus AP's] in adjacent horizontal ports, but not three in a row. In addition, not all adjacent ports. It's funky. For example, I could plug an access point in ports 20 and 21, but not in 21 and 22. No rhyme or reason in how it worked. And I still couldn't plug an access point in adjacent vertical ports [e.g. ports 1 and 13]. BUT...
It's interesting that the same exact switch that would not initially allow 2 horizontally-adjacent POE ports to be utilized WOULD allow 2 horizontally-adjacent POE ports to be utilized when running a different firmware version. It's also interesting to note that when plugged into a "non-working" POE port, the SG300-28P would actually make a small whining noise. Very subtle noise; I could hear it when approx. 1ft away from the switch. The noise was not noticeable when ports were skipped [and POE actually worked]. Therefore, I believe that Cisco has some SG300-28P firmware bugs [at least in the last two versions of firmware] that is not truly allowing all 24 ports to utilize POE correctly. This problem does not exist with the SG300-10P switch.
In addition, I'd like to know when they think a solution could be created if it's firmware-related. If hardware-related, I don't think I'll be recommending any 28P switches in our projects. Perhaps just the regular SG300-28 with a separate SG300-10P. It's a shame because the SG300-28P is more of a bargain when compared to the two separate components.
I currently have 1 cat 5 jack at my tv/entertainment area and will be needing additional jacks to add gaming consoles,streaming video player and internet ready tv at the same location.The current jack installed at that location is coming from a D-Link 8 port Gigabit switch installed in a different room.The switch is at capacity,all ports are full,so no additional availability there.My question is how to expand port availability at the entertainment area.Is it possible to put another switch or hub at that connection?Would there be a conflict with cascading a switch from one to another? I have a 25 meg fiber optic incoming service,so there is plenty of speed and bandwith available to handle these componets.
Essentially, not all ports on our brand new SG300-28P switches provide Inline Power to our older 7900 series phones. I can connect the phone a couple ports down and it usually powers up, but not always. Often I can also connect an 802.3af device to one of the troublesome ports and it will received power, however I am noticing there are some ports that now refuse to supply PoE at all?
This is equipment that has been running perfectly fine for several years now, on C3524 PWR XL switches. I can also tell you that this is not isolated to one switch, but all 5 of our SG300 access switches. And, yes, the firmware has been updated to 1.1.2.0.
I recently purchased an SG300-10 switch. Is it possible to change the TCP port numbers for the administrative services on this device? For example, if I wanted to change the web admin port from being availble on port 80 to port 8080, or move the SSH port from 22 to 2022, how would I do this?
I've looked over the web admin interface, and the Security > TCP/UDP services option looks like what I want, but I see no way to change a service's listening port. Is this possible?
We had a number of Linksys SRW2048 / SRW2024 switches that had the "bloated capacitor issue" or "bad capacitor issue".These units would basically disconnect/connect their ports.Applications would sometimes crash on workstations.These were all located at different client sites.These were replaced under warranty with the SG300-52 units.When we implemented the SG300-52 units at several sites we noticed the the logs showed disconnect/ connects.We were not seeing apps crash.Support advised they were not aware of any issues.We did a firmware update that was available that made no difference. (1.1.0.73)6 months have now passed.
We noticed at our site very poor throughput one night doing a very heavy file copy data transfer between two computers.It actually ground all other computers on the network to a halt.We inspected the switch.It had "all lights flashing".We thought this strange and shutdown the whole system. Problem still existed.Power cycled the switch. Problem still existed.Noticed their was a new firmware update. (1.1.2.0)We implemented this.The lights on the switch stopped "all lights flashing".Throughput was back to normal. (ie didnt grind all other computers to a halt)
We then had a second site complain of similar issues.Heavy throughput between two computers bought all other computers to a grinding halt.Lights were "all flashing" on switch.Workstation would disconnect/connect in a loop during heavy file copy.We implemented the firmware update thinking this would solve the issue.It now still has the issue of disconnect/connect however and apps sometime crash.We have now replaced the switch with a HP 2510-48G.This is working properly.I have now since been to other sites that also have these SG300 switches and notice the "all flashing lights".
adding/removing/re-adding a workstation to a domain and Active Directory. We use DHCP at work for our addressing scheme. The problem I had when naming a new workstation the same as the one I am replacing on the domain was that I noticed the new pc with that same computer name as the previous pc was still trying to use the IP address that was assigned to the workstation before by dhcp, so the new workstation was not showing it assigned an IP address. I would try pinging the computer name but there was no reply because it was still showing the ip address of the computer disconnected that had the same name.
- remove the faulty workstation from the domain to workgroup, then restart
- then from Active Directory do I need to reset the Computer name
- then do a ipconfig /release on faulty workstation that has been removed from the domain to release the leased ip address in dhcp
- then disconnect the faulty PC and connect the PC I am using to replace the previous PC
- Name this workstation the same as the one I just disconnected and removed from the domain
we have 2xNexus model 7010 (let's call them Nexus1 and Nexus2) connected via VPC to a couple of catalyst 6509 switch.Trunking has been enabled on the port-channel defined on both Nexus allowing some vlans.Below the config applied on both port-channel interfaces on both Nexus which are members of the same VPC number: [code]
supposing I'd need to remove some vlans from that trunk (e.g. vlan 100,200 and 300) using command "switchport trunk allowed vlan remove 100,200,300" and that I'll run that command on Nexus at a time (that means there'll be a condition for a short period of time where Nexus1 has removed vlan 100,200 and 300 from the trunk, while Nexus2 is still carrying those 3 vlans on its port-channel which is a VPC member) , could it cause any VPC inconsistency condition suspending VPC interfaces and therefore affecting the service for all remaining Vlans or only Vlan 100, 200 and 300 will be suspended when that condition will be detected?
I have a frustrating issue with a dynamic VPN head end running IOS 15.2 on 2900's. I have existing keyrings, and isakmp profiles (both main and agressive) running. When I add in a new peer, by adding in a keyring prechared statement and a match identity in the isakmp profile, phase 1 biulds but phase 2 only gets right to the end and the Cisco side resets the connection because it did not get back a response to it's Phase 2 proposal.I have tried a number of soft clear commands to remedy this (I do have 16 other production tunnels I do not want to take down) and no avail. This is very consistent. We had this happen last week in the same manner, and the TAC finally said I must reboot the system. So I removed the cmap from the interface, and reapplied it (using notepad to do it all at once). All the tunnels dropped, and after a few manual restarts on the far end for thos etunnels that are tempermental, all tunnels came back up, including my new add.I have a pair of 3900's running 15.1 code in the US that terminate the same tunnels, and I can add and remove PEERS all day long without resetting anything. Could there be a more polite way of resetting what ever it is that removing the CMAP does to allow my new peer to get the full treatment here?
Is there really any reason why you wouldn't use spanning-tree portfast on a trunk port other than a trunk between two switches? We have it enabled on all ports except for the fiber trunk between two non-stacked switches and the trunk ports connected to our Astaro firewall.I'd like to enable it on the ports to the firewall unless that would cause issues.
I am a bit confused by the output of 'show run' and 'show run switch-profile' that pertains to a port-channel interface configured in a switch-profile. My main gaol is to find out how can I add/remove the allowed vlans the port-channel (configured as trunk) carries. The setup is like this. I have 2 N5k in vPC domain and Etherner1/11 on both switches is configured as trunk vPC that connects to a core switch. When I issue ‘show run’ for the port-channel and physical interface I get the following output. [code] From above it seems the switch-profile configuration is missing the 'switchport trunk allowed vlan' in the port-channel interface. If want I to remove vlan 30 from the allowed vlan, should I go under the switch-profile mode and remove vlan 30 from the allowed list even though the switch-profile configuration seems to be missing this.
I have a 2600 with a PRI card, when I try to do an isdn test call int s1/0:23 ######### the debug constantly comes back with "Cause i = 0x83E020 - Mandatory information element missing" Vendor states he doesn't see the SDN 'flag' coming through. I have both the isdn nsf-service, and the dialer map configured to use a class with the outgoing sdn command.
A client of ours has installed an SG300-24P switch and would like to setup a LAG between the SG300 and the 3560 switch we manage for them. They would like the LAG to also pass the voice and two data VLANs currently in use; 5, 10, and 100 respectively. I configured the two ports as an Etherchannel with trunking on the logical port, but no luck. I reconfigured as follows:
interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 1 mode active end
[code]....
I see no output when I do show lacp nei. At this point the client is looking to use for the configurations to use as he does not know how to setup the SG300 and it is a switch I have never dealt with. I have found some configurations that I believe would allow a single VLAN across, but nothing I believe will allow the LAG to pass all the VLAN's.
These are our first switches and seems like GUI is lot different than the online. Out intervlan routing is o not working. I am absolutely sure that I setup the switch in L3 mode since it allows me to create mutiple interfaces. I am hoping that this GUI issue is related to interVLAN routing.
Below is the blog I started for InterVlan issue [URL]
This is the link for online simulator and what I see in its IP tab. I know this switch is not SG300. [URL]
This is what I see on our switch.
Our switch version switchd64684#show version SW version 1.1.0.73 ( date 19-Jun-2011 time 18:10:49 ) Boot version 1.0.0.4 ( date 08-Apr-2010 time 16:37:57 ) HW version V01
I need adding a vlan to the trunks bundled in port channel. I know how to add v lans to a port channel with Cisco IOS but with CAT OS.
I have 2 ports bundled to form ether channel in switch which is running CAT OS. There are already few v lans allowed in the trunk of each interface. now I need to add one more v lan.
For Example:- v lan 135 needs to be added in addition to the existing v lans.
clear trunk1/2 1-112,115,117-134,136-4094 set trunk 1/2 on dot1q 113-114,116,135
and similarly on the 2nd interface
so if I add vlan135 to the trunk one after another will it cause any service disruption?
I have SG300-28P that I am using as layer-3 switch. Recently I ran in to SG300-52 switch and even though loading same firmware doesn't give me option to do layer-3 switching. For SG-300 I see options in GUI to create vlan interfaces under IP information section, while SG300-52 has IP information option only under the management section.let me know if these are 2 different hardware types and L3 is not possible on SG300-52. If its possible to enable L3 switching on SG300-52?
I had a working active/passive pair of ASA5510's, and then I had to do a rush firmware upgrade, but didn't have time to do it on the secondary at the same time. Now I have made config changes and upgraded the secondary firmware to be the same, and wish to know if I plug it back in if it will think the secondary has the "correct" config or if it will know that the primary is newer. I disconnected the failover cable because it was complaining about version mismatches constantly.
Is it safe to add the secondary back in or is it possible it will be declared newer and overwrite the config?
I have a test switch (Cisco 3550) that I want to set up with 6 Vlans and 2 trunk ports. I want to be able to access a virtual server conected to the trunk ports from the switch ports. Ports Fa0/1 to 8 are in a vlan port fa0/9 to 16 another vlan etc. Ports Fa0/47 and 48 are the trunk ports. This is a lab environment so the the switch is the only device being used.
I've previously used trunkports and vlans between my ASA and accesspoints, connected directly. Now I want to put a 2960S-24PS-L bewteen. Where should i define the vlans (in the switch or in th ASA?) and what ports to put in trunk mode? (the ones on the switch or the one between the switch and the ASA?)
