Cisco Switching/Routing :: 3560CG Shows 0 Traffic In Class-map?
Apr 10, 2012
I tried to put QoS in a WS-C3560CG-8TC-S version 12.2(55)EX2.It shows 0 traffic in class-map. Here is the config My question is why I can not see the traffic via class-map?it should in the default Q if incorrect mark.I erased the config and config with the autoQoS, shows the same result.
class-map match-any VoIP description Voice IP Phone RTPmatch access-group 157
class-map match-any WEB description Internal Web, SSL Web, DNS query, Pinnaclematch access-group 153
!
policy-map QOSMARK
class VoIP set dscp ef
class WEB set dscp cs3
class class-default set dscp default
[code].....
View 3 Replies
ADVERTISEMENT
Sep 4, 2012
I got some specs here that I can't seem to match with any existing switch - unless the 350CG-8PC-S can be powered by PoE.Let me quickly put down the important specs.
8x Gigabit ports
2x 1G Copper or 1G SFP Uplinks (It'll be a 1x Copper and 1x SFP setup)
support for PoE passthrough ( so just capable of it, provided it's 2x Copper Uplinks )
Does that match the 350CG-8PC-S ?
View 1 Replies
View Related
Oct 11, 2011
When will Cisco release the IOS release 15 for Catalyst 3560CG? We need it because of the critical voice feature (authentication event server dead action authorize voice) for 802.1x.
Actually only release 12.2(55)EX3 is available for the 3560CG-8PC-S models. The funny part is that for older 3560-12PC-S models there is release 15 already available.
View 1 Replies
View Related
Mar 30, 2013
I have a number of 3560CG-8PC-S switches. My intention for them is to act as kind of gateway L3 switches - one for each satellite site. My thinking was simply to have an L3 device at the gateway to each of those sites so that any inter-vlan traffic within each site can stay within the site rather than having to traverse the relatively slow radio links to get back to the 3750X stack in the core. They are also, however, going to be directly serving client devices
My issue is that for some reason, when connecting a new device (laptop etc) to one of the access ports on the 3560's, the port behaves as if it's being blocked. No DHCP addresses go through, the indicator remains orange, and the clients have no connectivity. However, if I wipe the config, I get a VLAN 1 IP address for my client no problems at all. And to make matters more confusing, only two out of my four 3560's are doing this. The other two have exactly the same config, but work perfectly.To that end, I'm loading the config below. I've followed that by the show running-config output, and show ip interface brief outputs.
configure terminal
hostname ASW34
!
enable secret *RuT1l3&
service password-encryption
username xxxx password xxxx
[code].....
View 17 Replies
View Related
Feb 4, 2013
I am facing with Cisco 3560CG Switch. We have a Cisco WS-C3560CG-8PC-S (Cisco Catalyst 3560-C Switch, 8 GE PoE, 2 dual-purpose uplinks, IP Base image) switch which will be a core switch and the internet link from the ISP is terminated on a Modem. The ISP configured the internet modem and provided the details such as Gateway IP, Subnet Mask, DNS IP address, Usable IP Address Block, to configure the switch, where ew have connacted the Modem. When, I verified the details, there were only 4 IP addresses available under Usable IP address block. Spoke with the ISP and they confirmed that they cannot increase the IP Addresses (some limitation on the Modem) in the pool and we have to do NATing at the switching (Which we can't do, because of IP Base image limitation). About the network, it will be a flat network with only one VLAN which is used for Wireless Guest Access.
View 1 Replies
View Related
Sep 9, 2012
Uhg. I deployed a 3560G a week ago and it was crashing... so I replaced it Sep 7 around 16:00 and now this one is crashing. Different logs.
Version 12.2(55)EX3
Sep 6 18:06:08: %PLATFORM-1-CRASHED: Debug Exception (Could be NULL pointer dereference) Exception (0x2000)!
Sep 6 21:05:18: %PLATFORM-1-CRASHED: Data TLB Miss Exception (0x1100)!
Sep 7 04:12:43: %PLATFORM-1-CRASHED: Debug Exception (Could be NULL pointer dereference) Exception (0x2000)!
Sep 7 05:35:09: %PLATFORM-1-CRASHED: Debug Exception (Could be NULL pointer dereference) Exception (0x2000)!
Sep 7 08:21:37: %PLATFORM-1-CRASHED: Data TLB Miss Exception (0x1100)!
Sep 7 11:13:18: %PLATFORM-1-CRASHED: Data TLB Miss Exception (0x1100)!
Replacement Version 12.2(55)EX2
Sep 7 16:34:48: %PLATFORM-1-CRASHED: Debug Exception (Could be NULL pointer dereference) Exception (0x2000)!
Sep 8 03:39:38: %PLATFORM-1-CRASHED: Data TLB Miss Exception (0x1100)!
Sep 8 18:26:06: %PLATFORM-1-CRASHED: Data TLB Miss Exception (0x1100)!
Sep 9 18:14:38: %PLATFORM-1-CRASHED: Debug Exception (Could be NULL pointer dereference) Exception (0x2000)!
More detailed syslogs are in the attaced 'crash-logs.txt' file.
The device is running OSPF (it is in an NSSA). I have several other devices configured almost the same running the same IOS in my network and they are working fine.This does make the third out-of-box 3560C Cisco that has failed on me within a few days.
View 3 Replies
View Related
Aug 28, 2012
Connecting Avaya 9611G IEEE class 1 devices to a Cat2960s. How ever some of the phone are registering as class 3 devices no matter what interface the phone is connected to. Typical port config is as follows:
interface GigabitEthernet1/0/2
switchport access vlan 25
switchport mode access
switchport nonegotiate
switchport voice vlan 22
srr-queue bandwidth share 1 30 35 5
[code]....
View 4 Replies
View Related
Apr 5, 2012
I was looking at a problem where a traffic from certain sites have a restricted bandwidth, an ongoing problem for a year or so, apparently this throughput never exceeds around 25Mbps. My customer describes a situation where the end to end utilisation rises, eventually flat-lining at around 25Mbps. how many extra systems come on line, this traffic never exceeds this rate, and end users complain of poor responses.
During my investigation I found that one of the switches (Cat 6509) in the traffic path has a policer configured on a vlan interface, the policer has 3 sections for different traffic based on DSCP markers, and a default (unconfigured) class-default. Various people have had a poke about with this config over the years, with the result that all the traffic has the CoS and DSCP tags set to 0. All this traffic is hitting the class-default in the policer.The link that this traffic hits the Cat 6509 on is a 100Mbps link.
If I was designing this from scratch I'd probably configure a rate for the class-default.my question is, in the case where no specific configuration has been entered for the class-default, how much bandwidth is allocated to this class?
View 1 Replies
View Related
Oct 29, 2011
I make qos on VPN Tunnel, but i make command service-policy output name, it show the error below Traffic Shaping feature is not supported in user defined class of parent level policy.My cisco router 1921, IOS : c1900-universalk9-mz.SPA.150-1.M5.bin
View 1 Replies
View Related
May 23, 2013
We have a Nx5548up pair connected to FI6248 via a vPC. We had to reboot a FI (in order to configure more FC ports) ; following that reboot, we meet many issues.The first log shows the vPC down showing the FI rebbot.2013 May 23 12:31:45 sw-n5kup-fr-eqx-01 %ETH_PORT_CHANNEL-5 PORT_INDIVIDUAL_DOWN: individual port Ethernet1/2 is down
View 1 Replies
View Related
May 20, 2012
I have installed a WS-X4448-GB-RJ45 on a 4503 chasis. I could not get input or output rate, just shows 0 bit/seg wether or not is forwarding traffic. I would like to know if I have to make any configuration or workaround. The IOS version is 12.2(37)SG1.
View 1 Replies
View Related
Jan 22, 2012
2901 router that I just installed. I replaced a 1760 router with a new 2901 router and all seems to be working but for some reason the txload on interface g0/0 and interface multilink1 show 255/255 even though there is no traffic going over to this router. I have dual routers at this location and at the moment I have all traffic going over to my other router a 2821.
reliability 255/255, txload 255/255, rxload 1/255
View 7 Replies
View Related
Oct 12, 2012
cisco 2651XM router with WIC1 adsl card and NM-16ESW switch
IOS: c2600-ipbasek9-mz.124-23.bin
I use the following config to export traffic from the adsl card to a fasterthernet port so I can look at the adsl traffic in wireshark on a pc:router(config)#ip traffic-export profile my_rite router(conf-rite)#int FastEthernet 0/0 router(conf-rite)#bidirectional router(conf-rite)#mac-address abcd.efgh.ijkl (mac address of PC) router(conf-rite)#exit router(config)#int dialer0 router(config-if)#ip traffic-export apply my_rite this config works and I can see stuff going on in wireshark but it's only one way. This config only shows traffic going out from my adsl card, but no incoming. There is defintely traffic going both ways because everything about my adsl connection is working perfectly. I've tried using a different fastethernet port, even tried exporting to a different pc but all I see is outgoing ie: source is my public ip address but never as destination . I have bidirectional in the config but it still only shows outgoing. I even tried a different IOS (c2600-adventerprisek9-mz.124-15.T8.bin) but still it doesn't show incoming traffic. Could it be my ISP in some way hiding incoming traffic from view?
View 3 Replies
View Related
Mar 7, 2012
I am using a Thrid party NetFlow tool, Enabled NetFlow on the Cisco 6500 as per recommendations and getting only half amout of traffic passing thorugh the interfaces. I have verified with 3 different NetFlow based tools, everything showing the same value. Is there any bug in my Cisco 6500.
View 2 Replies
View Related
Jul 30, 2012
I am configuring a Cat 2960 port for connecting a VOIP phone, authenticated by MAB. On connecting the phone, I get the port authenticated and assigned to the correct VLAN, with LLDP-MED advertising the correct voice vlan. However, I then see no traffic from the phone on the switch. I can see the MAC address of the phone is learned in the right VLANs, but the mac address is showing as "Drop", which normally means the address is statically configured to be blocked. There is no static mac address table blocking configured on the switch.
Switch Version
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 50 WS-C2960-48TC-L 15.0(1)SE3 C2960-LANBASEK9-M
Port configuration
interface FastEthernet0/1
description "Standard user port"
[code].....
View 1 Replies
View Related
May 14, 2012
I upgraded IOS-XE on 4500E (SUP7L-E) to cat4500e-universalk9.SPA.03.03.00.SG.151-1. I encounter the log when i try to issue write mem commad
% VRF table-id 0 not activeCompressed configuration from 8947 bytes to 2140 bytes[OK].
View 3 Replies
View Related
Sep 10, 2012
My 2960-24TC-L switch is startet up and shows up: switch.Have tried to upload new image with xmodem without success.There must be a procedure to upload the new image, I have looking for hours and can not find the procedure.
View 3 Replies
View Related
Apr 16, 2012
i have one of my switch modules that shows PwrDown when i issue the command show mod.
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 9 Supervisor Engine 32 8GE (Active) WS-SUP32-GE-3B SAD09120263
2 48 48 port 10/100/1000mb EtherModule WS-X6148-GE-TX SAL1029VWZ5
[Code]....
i tried disabling the diagnostic monitor for the module, did a power enable module command and then reset it but it still fails. this is the third blade that i am replacing in a few weeks and i still get the same error. i am persuded that it is not a hardware since it is the third blade in a matter of weeks. after the module reset, i receive this error % module 3 is operationally off (FRU-power failed)
could an ios upgrade solve this issue? are there any ios related bugs?
View 10 Replies
View Related
Feb 28, 2013
I've got two two 3560s switchs, (WS-C3560G-48TS-S) that I'm trying to connect to each other using the GB ports over Fibre. We purchased the following GBICs, SFP 1000SX Transceiver and when we put them in the port it shows (err-disabled). Below is some information I pulled from one of the ports, but doesn't matter what port I use they all say the same thing.
ProdSwitchSW1#show run int g0/51
Building configuration...
Current configuration : 37 bytes
!
interface GigabitEthernet0/51
end
[code]....
Configuration register is 0xF
View 3 Replies
View Related
Sep 8, 2012
I have a Cisco 2800 series and it doesn't boot, only shows this message in the CLI>
Bad RAM at location 0xA0000304: wrote 0xA0000304, read 0xA0000004
What means this? I have to change the RAM?
View 2 Replies
View Related
Feb 17, 2013
I've got a Cisco 4510 which shows a system uptime in excess of 56 years. [code]
View 11 Replies
View Related
Aug 6, 2012
We just installed a Cisco ME-3400EG switch at one of our sites. A Cisco C3750X switch is connected to the 3400. When we run the command CDP NEIGHBORS, the 3400 shows no devices. We can access the 3750 via the 3400. Also, when we run CDP NEIGHBORS on the 3750 we do not see the 3400 (but other devices are displayed). How can we get CDP to display the devices on the 3400? We have already tryed CDP RUN.
View 5 Replies
View Related
Dec 10, 2012
I have Nexus 7K installations in 2 locations. Both of them have multiple VDCs. In default VDC there are continous tacacs error message though tacacs is not configured. The requests are from various public IPs where thsi VDC is not exposed to Internet at all. What would be t he cause of it?
%AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user root from 195.2.219.2
2012 Dec 11 16:25:28 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226
- sshd[25797]
2012 Dec 11 16:25:34 IDC-FBDTB-AMR2-CN7K-01 %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user nagios from 67.78.206.226
- sshd[25799]
[code]....
View 1 Replies
View Related
Feb 27, 2012
On a 4500 switch having a single sup engine, another sup engine was installed to act as redundant one.the redundancy mode was changed to sso, thereafter the secondary sup was prompted to be reset.
After it came back up again, the redundancy status still shows as RPR in operation mode.
View 9 Replies
View Related
Oct 30, 2012
After rebooting a pair of 6504's configured for vss, both switches show active on the sup modules. A show switch virtual redundancy however shows the pair working in an active/standby mode. We have 6509's in vss pairs and they show active on switch1 and standby on switch2 led's. For the 6504's switch 1 was booted first and then the second switch about 30 seconds later. Is there something different with the 6504's? [code]
View 4 Replies
View Related
Apr 16, 2013
I have installed a switch (3560) that was from another site and changed all it's config and hostname etc and it is now live, however the syslog messages still see the old hostname, what could be causing this?
View 3 Replies
View Related
Apr 5, 2011
I am monitoring my WRVS4400N with SNMP and create graphs by MRTG. Problem is that data about traffic are strange, very low. I have 50 MB line but max traffic shown on graphs is about 8000 bits per second. Also the "shape" of graph does not correspond with real traffic.
View 1 Replies
View Related
Oct 14, 2012
show cdp neighbors command shows two devices connected through the same local port?I have a Cisco 3560 that when I issue the "show cdp neighbors" command I get the following results: [code]
the question is why is this showing that Gig0/3 is being used twice to connect to two different devices. I have verified there is no hub connected to this port and in fact Switch3 is not connected to Switch1 at all yet it still shows up in the CDP table.
I have cleared the CDP table on every device at this location and still get the same results.
View 4 Replies
View Related
Jun 2, 2013
I am using 10Gig link to connect distribution and access switches. Since we are terminating the cables at multiple locations, we are also doing the link budgeting. The CISCO SFP 10G-LR module data sheet shows two values for the transmit power one of which is maximum power .5dBm and another is minimum power -8.2 dBm. Which value should I choose for the link budgeting.
View 1 Replies
View Related
Nov 10, 2011
I have a cable modem internet connection and my cable modem is connected to an ASA 5505. The inside interface of the ASA has an IP address of 192.168.2.2 and is connected to a Linksys router's internet port which has an IP address of 192.168.2.1. The Linksys router then has a local area network of 192.168.1.0 and all my clients are on that network. Everything is working fine except in my ASA logs all the traffic shows up as the router's external address which is 192.168.2.1. I would like to see the 192.168.1.x address of the clients in the ASA firewall. I've tried making some changes to the Linksys router but that hasn't resolved it. Is there any changes I can make on the ASA to get this to work?
View 6 Replies
View Related
Sep 25, 2012
I am carving up an internet Class C for customer. This class C is used by 3 distinct QA, Corporate and Production firewalls. I want to carve up IP space so there is a /26 for each environment. The issue I have is the firewalls may need communication with each other via the public IP space. Currently I don’t have any L3 switches in between the firewalls and the edge internet router. So with subnetting, it would seem I need to push everything through the internet router for the intra-firewall communication.I would rather not push this traffic through the edge router, so I came up with an idea to allocate all firewall outside interface IP’s in the 4th (last remaining) /26. That way, I can allow firewalls to communicate over the primary interface IP’s, which will all be in the same subnet – without going through a routing “engine”/device.
For the actual environment subnets (NAT's on respective firewalls), I create a static route on the edge router pointing to each of the firewall’s primary IP’s for the respective environment routes (the first 3 - /26’s).This is still a beta design, but I have done this before on small scale when ISP gave me 2 subnets for example, assuming I was going to put a router in between the customer firewall and ISP. I would use the “routed subnet” on the ASA interface, and then pull the NAT’s from the other subnet. The ISP would have to add a static route directing the NAT subnet to the “routed subnet” correct IP - which would be the firewall outside interface primary IP.I recently found out that with ASA OS 8.4.3 and up, ASA will not proxy arp for IP’s not in its local interface subnet. This means the ISP/router will have to assign static ARP entries on the edge router. This can get messy after the first few NAT entries. So I am debating the design now. I think this kind of stuff going forward won’t be worthwhile with newer ASA 8.4.3 code.
How to communicate between different ASA’s, while still carving up the Class C into usable smaller subnets? The primary reason for doing this in the first place is to support routing on the edge router. I am thinking it might be time to ask for another Class C to do the routing functions, and keep the firewalls all at Layer 2 in one /24 - Class C?
View 4 Replies
View Related
Nov 7, 2012
I have an ASA 5510, with Ethernet0 connected to Internet via a T1 line, Ethernet1 connected to LAN1, and Ethernet2 connected to LAN2. LAN1 & LAN2 are independant, but share the Internet connection, via the T1 line. On LAN2, I have another router that connects to the Internet, via a Comcast line. I wish to route some of the traffic on LAN2 (10.38.77.0) to the other Router, on LAN2 (10.38.77.12) (connected to the Comcast line). I have entered the following lines:
route inside2 10.11.0.0 255.255.0.0 10.38.77.12 1
route inside2 10.252.0.0 255.255.0.0 10.38.77.12 1
route inside2 172.22.6.0 255.255.255.0 10.38.77.12 1
I can trace the routes from the ASA 5510 (1st hop is to 10.38.77.12), but not from anything else on LAN2.
View 7 Replies
View Related
Apr 2, 2012
We're in the process of swapping in a new pair of ASA5520s and Catalyst 3750s to support two separate business units. We want Firewall A and Switch A to handle traffic for Org A (VLAN 100). Similarly, firewall B and Switch B should handle traffic for Org B (VLAN200). But we want to be able to fail traffic over in case of firewall or switch failure. Traffic between the two Orgs is being routed at the switch level. [code]
The uplink interface on each switch is currently a routed port with a static address on the uplink subnet. This works fine in a normal state. However, when we fail over one of the firewall contexts to the other chassis, this results in the inability to route internal traffic because the internal interface is now physically connected to a different switch with a different IP port address (obvious in hindsight). The question is, rather than a routed port, what would be the proper way to handle traffic between the switches and firewalls in a failover scenario? If I make the uplink ports into trunks, won't this cause all packets destined for either firewall to hit both both? Seems like that's not the way to go either? [code]
View 0 Replies
View Related
