Cisco Switching/Routing :: 2960S QoS Configuration Not Work
Dec 20, 2012
Recently I'm working with my client to setup their network and he want me to limit user access internet bandwidth to 2 Mbps and the topology show below.Users ---> Switch ---> NAT Router ---> (int gi1/0/24 - qos apply) Edge Switch ---> INTERNET ROUTER (12Mbps) --->> INTERNET,This is my configuration, but it doesn't work, the end user still able to get more than 2Mbps internet speed.Access-list 100 permit ip any any dscp default,class-map match-all QoS_Floor_Limit, match access-group 100.
I have recently split the voice vlan (10) from the data network (1), and am wondering why my catalysts and router do not require an interface Vlan10 statement. In the past I used OpenBSD boxes to do the routing, and I first needed to configure vlan 10 on the interface before I could get inter-vlan communication to work. With these Cisco devices it works, and I am wondering if it is because of VTP, for the fact that the ports maybe just pass all traffic, or is there some other explanation? Below is the setup, and firmware is up-to-date on all of the devices.
When I plug a phone into the POE SGE, the phone turns on, obtains an address on the proper subnet, and conversations are clear (whereas without the ip nat inside on the new subnet the calls had a lot of static). Possibly the reason that it works is because the phones properly create the tcp/ip packet, and it hops over the trunks and creates the states so that traffic routes back properly. I will install wireshark to see exactly what is going on, but is there a simple explanation that I am overlooking?
Just I have upgraded some 2960S to IOS 15.0(2)SE from a IOS 15.0(1)SE3 and the catalyst don't switch any IPv6 traffic. Don't work any RA and also don't work any unicast IPv6 traffic from any interface. I can see some references to IPv6 changes in the FHS (First Hop Security) in the Release Notes, but no any reference to changes in the configuration.
The switches don't have any IPv6 specific configuration and the sdm is the default templata. Returning to 15.0(1)SE3 everything work ok.
On Catalyst 2960, and 3560E this IOS version seem to work fine with IPv6.
make a couple of SF300 switches to work properly with a C2960S-48TS-L that acts as core switch/basic router. I can't seem to figure out how to assign VLANs correctly in trunk and access mode on the SF300. The 2960S are a no brainer with IOS commands but the webgui in the SF300 is a pain.
I've configured the 2960S with 3 VLANs and I would like to have the SF300 switches connect to the C2960S-48TS-L through VLAN trunk and then configure the ports on the SF300 switches to belong to the assigned VLANs of my choosing. I would also like to have all the SF300 switches management interface in VLAN 50.
2. Both switches have VLAN 20 and VLAN 1 on their database and both are active. BTW, after I figure out how to properly configure interVLAN routing the native VLAN 1 will not be used anymore. This is just an initial test.
3. VLAN 20 SVI interface (IP 192.168.20.200) on 3750 is up and can be pinged from catalyst 2960.
4. VLAN 1 SVI interface (IP 192.168.170.200) on 3750 is up and also can be pinged from Catalyst 2960.
5. Catalyst 3670 can ping a client computer (IP 192.168.20.10) connected to Catalyst 2960.
6. IP route enabled on 3750
7. Trunking is enabled on etherchannel connecting both 3750 and 2960
8. Client computer in VLAN 20 (connected to 2960) can ping VLAN 20 SVI interface 192.168.20.200 on switch 3560.But, the client computer in VLAN 20 can not reach any computer in VLAN 1 and vice versa. Strangely, the switches which these computers are connected to can ping each other or any connected client copmuters without any problem as described above.
we've been using IOS for a long time, but are relatively new to NX-OS. We've got a central syslog server that all our devices log to. No matter what we do, we can't get our Nexus switches to log there. Here's my current attempt:
Nexus 7009, NX-OS 6.0(1)
# sh logging server Logging server: enabled {redacted} server severity: debugging server facility: local7 server VRF: default
[code].....
The default VRF is working. I see log entries in the logfile, but nothing arrives at the syslog server. It's not a config issue on the server, because tcpdump shows that no packets arrive from the IP for loopback 0.
Why the below configuration does not work? BGP exchanges routes without a problem all the time the distribute list is removed from the config. When I apply the distribute list it blocks all routes, not just those intended in the prefix list.
i have new project in hospital with the bellow product :
20 X WS-C2960-24TC-S
2 X WS-C3750X-48T-S
2 X WS-C2960S-24TS-S
i need to configure this switch in order to work first the 2 core switch for redundancy then each catalyst switch 2960 connected to the core with 2 uplink each uplink for each core switch that way i have rendundancy in the connection then i need one vlan ?i need to configure this switch to work perfectly with each other in best redundancy mode?
I have C2960S-48FPS-L and C2960S-24TS-S both of them are using C2960S-UNVERSALK9-M image with version 15.0(2)SE on both I run "mls qos"
and on 48FPS-L I run "mls qos map cos-dscp..."on 24TS-S I cannot run it. there is no such command. there is just "mls qos rewrite..." and "mls qos srr-queue..." variants.
I thought that one image give the same set of commands...?
while i am configuring a port on switch .The switch reloads.After reload the show version says,System returned to ROM by bus error at PC 0x458F6C, address 0x0,show version from the effected switch is,Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 12.2(58)SE2, RELEASE SOFTWARE (fc1).
I am currently having an issue with connecting a Catalyst 2960-S switch to a Small Business SG300 switch. When I connect them they are unable to form a link. When I do a show spanning-tree it says the mst link is in dispute.
I read some papers about QoS. The thing is that I have to implement 30 switches with QoS to connect to a lot of Cisco IP phones. The switches are Cisco 2960S with code image "C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(55)SE3". Should I use autoQoS feature or manually configure them?. How should I treat uplinks between access switchs and core/distribution? I have a lot of doubts regarding queueing, because all the info I had read its for another model/image.
I'm looking at the WS-C2960S-48TD-L and have a question about the uplink ports. Is it possible to mix 10G on one uplink and 1G on the other? The datasheet says 2x10G SFP+, 2x1G SFP so I am thinking mixing is not possible.
just got new hardware and decided to try the newer USB port for IOS upgrades. I could not get the switch to recognize my 2gig flash drive. Do I need a proprietary stick or special format?
I also noticed when I removed it the switches crash dump and rebooted?
When using dynamic configuration tools, if I choose 2960 (not 2960s), I have the option to choose RPS2300 as redundant power, but when I choose 2960s, I cannot choose RPS2300. However, in a document describe both 2960 and 2960s, it said that RPS2300 can be used. Does RPS2300 support 2960S?
I would like to enable port security to hardcode the MAC address on the ethernet switch. There are 5 ethernet ports in the same ethernet switch to be assigned for one person (one note book), e.g. port 5, 6, 15, 16 and 23. The model of ethernet switch is cisco 2960S and one MAC address is configured on 2960S.
1. Does 2960S support this requirement to allow input the same MAC address to 5 different port?
2. If yes, can ethernet switch "smart" enough to forward the packages to "active" ethernet port which is connected to notebook and the rest of four ports are inactive.
3. if no, any solution or any work around to achieve this requirement
We are designing a LAN Network for ourselves.The proposed design is as follows:
4 x 2960S switches in a Stack Access-Stack-I 4 x 2960S-PoE switches in a second Stack Access-Stack-II
2 x 3750X switches in a Stack Core-Stack
Now I would like to connect it in the following manner ?First,I would like to use EtherChannel using the 10Gig LinksSecondly, I would like to use Cross-Stack EtherChanel too.I have given a graphical illustration of the connectivity Now my Qs: a) Will the 2960S supports EtherChannel using the 10G links and the 3750X too... b) Does the proposed solution will work... or It will have any problems.
I have two switches (2960S's) both with IP Phones on VLAN100..We need to monitor voice traffic via a monitor port on SW1 of all VLAN100 traffic on both switches.The following is what we have configured, but we cannot see VLAN100 traffic on SW1
According to Cisco doco you cannot have a SPAN and RSPAN on the same session, however since these are two sessions on SW1, I would have thought it to be OK.
I have a running setup having 2 Cisco 2960s 24 TS switch with Stack configuration. Now I want to add one more same Cisco switch. My questions are:-
1) How can I do this...(Should follow the same process as I did before.
2) Could I do this without impacting the service. i.e. without rebooting the switch.
3) What should be the connection archiecture as of now since there is two switch so it is connected 1 -1 and 2-2. but for 3 switch should we require to change the connectivity.
i did on cisco 2960S switch at user ingress interface. but the marking is not showing in show policy-map interface gig 1/0/10 interface and ACL is not showing any match.
I also had a config reference from 2960S cisco guide.
access-list 103 permit tcp any any eq 80 access-list 104 permit tcp any any eq 23 access-list 105 permit icmp host 172.24.68.4 any
We have seen high CPU utilization on some Cisco switches of type 2960S. Also we got info, that applications are running with poor performance or with interruption.Following IOS is loaded: C2960s-universalk9-mz.122.55.SE
They have a /28 wan adress coming from ISP, that gives out 100Mbps, going to a Cisco 2960S switch (ver. 12.2) the switch is only holding 1 vlan. Connected to the 2960 are 3 firewalls/routers from other manifactors, each creating their own network. The customer wishes for a solution where each final FW/router gets minimum 33% and maximum 100% of the bandwidth, depending on how much each final Fw/router are in use.
I use the Switch 2960S support PoE and 10 access points cisco.I have one more question:
-- If all 10 access points cisco use copper cable to connect to 2960S, 5 access points use power adapter and 5 access points use power from Switch. How Switch 2960S will provide power for 10 AP or switch 2960S will understand and only provide power for 5 APs?
I have 4 switchs 2960s in stack, but this not full ring. [code]the interface stack 1 for switch 1 is down and interface stack 2 for switch 4 is down.I do insert this command "switch 1 stack port 1 enabled" but interface are not up.
We have a Cat2960-S Series PoE+ currently running 12.2(55) SE5 ios with SW image C2960S-UNIVERSALK9-M.We want to upgrade the ios to the lastest version but found there are 2 version: 12.2(53) SE2 and 15.0(1) SE.Which is the best & suitable for upgrade?
We have a 2960S using a single SFP-10GBase-SR to our Core switch. We are planning connecting the 2960S to a pair of Nexus 5k switches using Copper SFPs. We are already doing this on another 2960S so I didn't expect any surprises.
When I removed the unused SFP-10GBase-SR from te1/0/2, the interface was removed from the config and a gi1/0/50 was created in its place. Once I inserted the SFP-H10GB-CU3M, I expected that it would create a new te1/0/2 interface, but it didn't. I got the following errors: %GBIC_SECURITY_CRYPT-4-VN_DATA_CRC_ERROR: GBIC in port Gi1/0/50 has bad crc %PM-4-ERR_DISABLE: gbic-invalid error detected on Gi1/0/50, putting Gi1/0/50 in err-disable state
I didn't personally order the cables, but there is no Cisco label on them, so I'm assuming it is a 3rd party SFP. After looking at other posts related to unsupported SFPs, I ran the following commands: no errdisable detect cause gbic-invalid service unsupported-transceiver
After reconnecting the SFP, it didn't go into err-disable, but I still received the following error: %GBIC_SECURITY_CRYPT-4-VN_DATA_CRC_ERROR: GBIC in port Gi1/0/50 has bad crc
My other working 2960S appears to be using 3rd party SFP as well, but I can't see the brand. Is there anything else worth trying or should I just suck it up and order Cisco SFPs?
I'm connecting the two devices above and I need an LC to SC fiber cable. It should be pretty simple but I've seen two different types of LC/SC cables - one is 8.3/125 and one is 62.5/125. I believe the 62.5 is an older cable type but when looking at the detail sheets for each of the SFPs I see that both of these support a 62.5 or 50 micron core size.
