Recently I'm working with my client to setup their network and he want me to limit user access internet bandwidth to 2 Mbps and the topology show below.Users ---> Switch ---> NAT Router ---> (int gi1/0/24 - qos apply) Edge Switch ---> INTERNET ROUTER (12Mbps) --->> INTERNET,This is my configuration, but it doesn't work, the end user still able to get more than 2Mbps internet speed.Access-list 100 permit ip any any dscp default,class-map match-all QoS_Floor_Limit, match access-group 100.
we've been using IOS for a long time, but are relatively new to NX-OS. We've got a central syslog server that all our devices log to. No matter what we do, we can't get our Nexus switches to log there. Here's my current attempt:
Nexus 7009, NX-OS 6.0(1)
# sh logging server Logging server: enabled {redacted} server severity: debugging server facility: local7 server VRF: default
[code].....
The default VRF is working. I see log entries in the logfile, but nothing arrives at the syslog server. It's not a config issue on the server, because tcpdump shows that no packets arrive from the IP for loopback 0.
I have recently split the voice vlan (10) from the data network (1), and am wondering why my catalysts and router do not require an interface Vlan10 statement. In the past I used OpenBSD boxes to do the routing, and I first needed to configure vlan 10 on the interface before I could get inter-vlan communication to work. With these Cisco devices it works, and I am wondering if it is because of VTP, for the fact that the ports maybe just pass all traffic, or is there some other explanation? Below is the setup, and firmware is up-to-date on all of the devices.
When I plug a phone into the POE SGE, the phone turns on, obtains an address on the proper subnet, and conversations are clear (whereas without the ip nat inside on the new subnet the calls had a lot of static). Possibly the reason that it works is because the phones properly create the tcp/ip packet, and it hops over the trunks and creates the states so that traffic routes back properly. I will install wireshark to see exactly what is going on, but is there a simple explanation that I am overlooking?
Just I have upgraded some 2960S to IOS 15.0(2)SE from a IOS 15.0(1)SE3 and the catalyst don't switch any IPv6 traffic. Don't work any RA and also don't work any unicast IPv6 traffic from any interface. I can see some references to IPv6 changes in the FHS (First Hop Security) in the Release Notes, but no any reference to changes in the configuration.
The switches don't have any IPv6 specific configuration and the sdm is the default templata. Returning to 15.0(1)SE3 everything work ok.
On Catalyst 2960, and 3560E this IOS version seem to work fine with IPv6.
make a couple of SF300 switches to work properly with a C2960S-48TS-L that acts as core switch/basic router. I can't seem to figure out how to assign VLANs correctly in trunk and access mode on the SF300. The 2960S are a no brainer with IOS commands but the webgui in the SF300 is a pain.
I've configured the 2960S with 3 VLANs and I would like to have the SF300 switches connect to the C2960S-48TS-L through VLAN trunk and then configure the ports on the SF300 switches to belong to the assigned VLANs of my choosing. I would also like to have all the SF300 switches management interface in VLAN 50.
2. Both switches have VLAN 20 and VLAN 1 on their database and both are active. BTW, after I figure out how to properly configure interVLAN routing the native VLAN 1 will not be used anymore. This is just an initial test.
3. VLAN 20 SVI interface (IP 192.168.20.200) on 3750 is up and can be pinged from catalyst 2960.
4. VLAN 1 SVI interface (IP 192.168.170.200) on 3750 is up and also can be pinged from Catalyst 2960.
5. Catalyst 3670 can ping a client computer (IP 192.168.20.10) connected to Catalyst 2960.
6. IP route enabled on 3750
7. Trunking is enabled on etherchannel connecting both 3750 and 2960
8. Client computer in VLAN 20 (connected to 2960) can ping VLAN 20 SVI interface 192.168.20.200 on switch 3560.But, the client computer in VLAN 20 can not reach any computer in VLAN 1 and vice versa. Strangely, the switches which these computers are connected to can ping each other or any connected client copmuters without any problem as described above.
I have PC_A and PC_B connected to the same switch, and are put in the same vlan. PC_A is the master (source) and PC_B is the destination (client). IGMP Snooping is enabled by default.
Is there any reason why this should fail? There is no RP or any interface with PIM enabled. Its a flat network with a source and client in the same vlan...
IH-3750-LOADTEST-101#show ip igmp snooping vlan 724 Global IGMP Snooping configuration: ------------------------------------------- IGMP snooping : Enabled
I'm trying to connect a Cisco 2811 using an octal cable to a Juniper MX480 console port.Since the distance between Cisco 2811 and router is 20ft, im using couplers and a straight-through cable for the lack of slack. This wiring doesnt work, however in another city it works going straight from the Cisco 2811 octal cable to the router since they are in the same rack.
We have a Cisco Catalyst 4506 running: "Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9K91S-M), Version 12.2(25)EWA14, RELEASE SOFTWARE (fc1)" I have configured the default gateway as: ip default-gateway X.Y.116.65, However, when I do, "show ip route", it only shows the 3 connected networks and states "Gateway of last resort is not set". The Command "ip classless" is not set. I read on some blogs that this might explain the issue. However, when I go into config mode (config t), I get the following output.
I am trying to configerate static switchports on our nexus 5548 (nx-os 5.1(3)N1(1)) over snmp.The support-list url... states that the CISCO- VLAN- MEMBERSHIP- MIB is supported.I can read the information, but if i try to set vmVlan or vmVlanType i get the message: "SET failed. ("ip-address"). Information: Not Writable."I can use set_request in general (e.g. CISCO-CONFIG-COPY-MIB). how to set the vlan and vlan-type over snmp?
I've got a 3560-X that passes POST according to console, but there are issues nonetheless...USB console doesn't work. RJ45 works just fine. No status lights turn on at any point (e.g. syst, xps...). 10g network module is installed with a 10g LRM SFP. All lights on the module are amber. However, it passes according to POST. Switch passes traffic, obeys config, etc. Link lights on RJ45 ports work fine. This was brand new out of the box. Thinking about trying IOS reload..
I have a pair of OLD Cat6500's running CatOS: WS-C6509 Software, Version NmpSW: 7.6(16) Copyright (c) 1995-2005 by Cisco Systems NMP S/W compiled on Dec 22 2005, 16:37:19 System Bootstrap Version: 7.1(1) System Boot Image File is 'bootflash:cat6000-sup2k8.7-6-16.bin' System Configuration register is 0x2
I know these are no longer supported, but I have to ready them for migration. Recently a problem began with these switches. What happens is that when I telnet to them, I cannot authenitcate via TACACS. This works fine for all our other IOS equipment, just not for these 2 switches. The error is:" % Error in authentication" and then I get kicked back to the login prompt.
The odd thing is that when I connect to the switch via the console port, I can authenticate fine with TACACS. CMS> /c 14
Why the below configuration does not work? BGP exchanges routes without a problem all the time the distribute list is removed from the config. When I apply the distribute list it blocks all routes, not just those intended in the prefix list.
i have new project in hospital with the bellow product :
20 X WS-C2960-24TC-S
2 X WS-C3750X-48T-S
2 X WS-C2960S-24TS-S
i need to configure this switch in order to work first the 2 core switch for redundancy then each catalyst switch 2960 connected to the core with 2 uplink each uplink for each core switch that way i have rendundancy in the connection then i need one vlan ?i need to configure this switch to work perfectly with each other in best redundancy mode?
I have a 871W router that works fine.I have 5 static ip addres's and use 2 in a nat pool. One i have mapped staticlly here is the configuration and it works fine:
! No configuration change since last restart version 15.1 no service pad service tcp-keepalives-in
A month ago my ISP was routing half my subnet (129-254) over DSL. I just moved and routing no longer works without NAT. The issue is probably with the new DSL 'modem,' a zhone 1611-A1, but I am not sure how it should be configured.The 1611 is connected to a WRT610N, which works in NAT mode with the following settings:[code] With the previous settings, networking doesn't work from a workstation, though I can traceroute from the 610. I would like all workstations on the "LAN" to have fully addressable internet addresses like the previous configuration.There is an admin interface on the 1611, but the cursory settings I've tried don't work and I'm not a routing expert. The ISP is kindly routing my network, but they don't provide much support.
I have C2960S-48FPS-L and C2960S-24TS-S both of them are using C2960S-UNVERSALK9-M image with version 15.0(2)SE on both I run "mls qos"
and on 48FPS-L I run "mls qos map cos-dscp..."on 24TS-S I cannot run it. there is no such command. there is just "mls qos rewrite..." and "mls qos srr-queue..." variants.
I thought that one image give the same set of commands...?
while i am configuring a port on switch .The switch reloads.After reload the show version says,System returned to ROM by bus error at PC 0x458F6C, address 0x0,show version from the effected switch is,Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 12.2(58)SE2, RELEASE SOFTWARE (fc1).
I am currently having an issue with connecting a Catalyst 2960-S switch to a Small Business SG300 switch. When I connect them they are unable to form a link. When I do a show spanning-tree it says the mst link is in dispute.
I read some papers about QoS. The thing is that I have to implement 30 switches with QoS to connect to a lot of Cisco IP phones. The switches are Cisco 2960S with code image "C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(55)SE3". Should I use autoQoS feature or manually configure them?. How should I treat uplinks between access switchs and core/distribution? I have a lot of doubts regarding queueing, because all the info I had read its for another model/image.
I'm looking at the WS-C2960S-48TD-L and have a question about the uplink ports. Is it possible to mix 10G on one uplink and 1G on the other? The datasheet says 2x10G SFP+, 2x1G SFP so I am thinking mixing is not possible.
just got new hardware and decided to try the newer USB port for IOS upgrades. I could not get the switch to recognize my 2gig flash drive. Do I need a proprietary stick or special format?
I also noticed when I removed it the switches crash dump and rebooted?
When using dynamic configuration tools, if I choose 2960 (not 2960s), I have the option to choose RPS2300 as redundant power, but when I choose 2960s, I cannot choose RPS2300. However, in a document describe both 2960 and 2960s, it said that RPS2300 can be used. Does RPS2300 support 2960S?
I would like to enable port security to hardcode the MAC address on the ethernet switch. There are 5 ethernet ports in the same ethernet switch to be assigned for one person (one note book), e.g. port 5, 6, 15, 16 and 23. The model of ethernet switch is cisco 2960S and one MAC address is configured on 2960S.
1. Does 2960S support this requirement to allow input the same MAC address to 5 different port?
2. If yes, can ethernet switch "smart" enough to forward the packages to "active" ethernet port which is connected to notebook and the rest of four ports are inactive.
3. if no, any solution or any work around to achieve this requirement
We are designing a LAN Network for ourselves.The proposed design is as follows:
4 x 2960S switches in a Stack Access-Stack-I 4 x 2960S-PoE switches in a second Stack Access-Stack-II
2 x 3750X switches in a Stack Core-Stack
Now I would like to connect it in the following manner ?First,I would like to use EtherChannel using the 10Gig LinksSecondly, I would like to use Cross-Stack EtherChanel too.I have given a graphical illustration of the connectivity Now my Qs: a) Will the 2960S supports EtherChannel using the 10G links and the 3750X too... b) Does the proposed solution will work... or It will have any problems.
