Cisco Switching/Routing :: 3560G Random Spike In CPU On Switch
Jan 12, 2013
We have a Catalyst 3560G 24 port POE switch. It's been running fine for 1+ years. A few weeks ago we enabled SPAN on it to capture packets. Today, we had a random spike in CPU on the switch. Seems hardware swithing continued to work fine, but software based processes choked and effectively took down EIGRP, HSRP, etc. We collect syslogs from the router and we saw 2 crashes/reboots. Both showed the exact same error both times, with the same hex values. I **believe** the CPU usage dropped when a tech disconneted the SPAN port and it's state changed to down, but I'm not 100% sure.Could this indicate an IOS bug (I'm hoping it's not a hardware failure)? And, how to track this down to see if this could be related to SPAN? I've disabled SPAN for now.
View 3 Replies
ADVERTISEMENT
Sep 2, 2012
I am having a cisco 7609-S router with the image sup-bootdisk:c7600rsp72043-ADVIPSERVICESK9-mz.122-33.SRD7.bin. Im getting above 95% cpu spike for 10 mins in every 2hrs of interval, after it has been integrated with Ciscoworks LMS version 3.2.1 and added this to HUM. In LMS the HUM polling has been configured for every 1hr to monitor the cpu and memory utilization.
I have gone through the below cisco document and I have configured all of the snmp-server view commands as illustrated in the below website.[URL] After configuring the same, now we are observing the cpu spike every 4 hrs or i would say 5 hrs... I have checked all the settings of ciscoworks LMS and there is absolutely no other jobs are running in the day time... The spike comes every 4 hrs.
View 3 Replies
View Related
Aug 13, 2012
i facing problem with my switch cisco 3560G, when it power on only System light is green and noting happen. i check with serial cable ( Console) but noting happen no booting.
View 2 Replies
View Related
Jan 22, 2012
I've a 7206VXR (NPE-G1) router. I would like to purchase a PA-GE port adaptor where I've to use a GBIC connector.
1. Is it possible to have a connection between PA-GE and a 3560G switch (4 SFP ports)? If yes, what type of cables & connectors are to be used?
2. Is there any GigabitEthernet port adaptors / modules for 7206vxr where I can connect RJ45 (cat 5) or SFP modules?
View 4 Replies
View Related
Feb 21, 2012
We have two 3560G-TS-E running 12.2(35)se2, configured as HSRP. Both are running ntp config "ntp peer 210.72.145.44" and it's pretty well that they get the correct time. Yesterday I upgraded the second device to IOS 12.2(58)se2 and ntp doesn't work now. I checked doc that 12.2(58)se2 runs ntp default version 4 so I change to "ntp peer 210.72.145.44 version 3" but still not work. I put here "show ntp" result for different IOS.
IOS 12.2(35)
SW01>show ntp status
Clock is synchronized, stratum 2, reference is 210.72.145.44
nominal freq is 119.2092 Hz, actual freq is 119.2022 Hz, precision is 2**18
reference time is D2EF12A5.2EB2DCB2 (15:07:17.182 GMT Wed Feb 22 2012)
clock offset is -4.6616 msec, root delay is 57.50 msec
[code]...
View 10 Replies
View Related
Apr 12, 2013
Configuring OSPF on a catalyst 3560G Switch to connect to our building next door by way of fiber. The other two switches in the other building are running OSPF, I am trying to connect to the other building and access a server which is on a switch running OSPF. I am trying to configure the switch here to run OSPF and be able to see the neighbor, but currently can't although I've identified the networks. Maybe I'm missing something, I've followed the instructions but something is not right.
View 15 Replies
View Related
Apr 15, 2010
I have two 3560G 24 port switches. Each of them connects to some 3560G or 2950 switches. Trunks between 3560G are set as 1000/full. Trunks between 3560G and 2950 are set as 100/full. show int status also shows the interface negotiation is 100/full for trunks between 3560G and 2950. The issue is I keep getting outdiscard errors in trunks between 3560G and 2950. At 2950 switches, I see Recv-errors too. I checked all the trunks traffic. They are totally not high. Only serveal mbps. Most time even lower than 1mbps.
I googled this kind of issue online. I see it could be possibly caused by high volume traffic higher than the capacity. But it appears the traffic there is not high enough to cause this kind of issue. Is there any possiblity that could cause this problem?
The below is 3560G trunk configuration for 2950 switch
interface GigabitEthernet0/10 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1-122,124-4094 switchport mode trunk speed 100 duplex full srr-queue bandwidth share 10 10 60 20 queue-set 2 priority-queue out mls qos trust cos auto qos voip trust
the trunk configuration at 2950 switch: interface FastEthernet0/24 switchport trunk allowed vlan 1-122,124-4094 speed 100 duplex full
View 16 Replies
View Related
Feb 21, 2012
cant assign cisco switch 3560G port g0/1to access vlan 10
main-switch(config-if)#switchport access vlan 10 Command rejected: Gi0/1 not a switching port.
View 5 Replies
View Related
Dec 5, 2012
I have been working on some Catalyst 3750's running 12.2(55)SE6 and hit an issue with CEF load-balancing over multiple equal-cost paths. Anyway this issue is now solved but it introduced me to the command 'show platform forward' - this shows you how the forwarding of a packet would be done via hardware cef (as opposed to the command 'sho ip cef exact-route' command that only shows the software cef path). Anyway I tried the command on a 3560G running 15.0(2)SE and it crashes the switch. I tried it a couple of times and verified that the MAC & IP addresses were exactly right in the command and each time the switch crashes. I have extracted the relevant bits from the crashinfo and attached them.
View 3 Replies
View Related
Aug 2, 2012
I have the network described below, on which I am running PIM.
(network) ---- Embedded Linux Router --(vlan 5)-- CAT 3560G --(vlan 5)-- Cisco 1811 Router ---- Multicast Listener
The Linux Router and the 1811 have formed a PIM neighbor relationship. The multicast listener sends an IGMP Join and I can see the PIM join leave the 1811 router (via "debug ip pim"). Using tcpdump on my linux router I never see the Join come in, but I can see the PIM Hellos (which is why the neighbor relationship formed).
View 2 Replies
View Related
Jul 24, 2012
Since two weeks I have a problem with the VLANs who I started to configure. I hope together we find the way.I have 5 VLANS configured in a CISCO 3560G switch. In my windows server 2003 I configured DHCP scope for each VLAN.One of the requirement to connect vlans each other is to put the IP of each vlan as gateway in the clients.So, how can I do to access to internet?. The ip of my Firewall are in one of the VLAN´s.When the configuration of the LAN only had one DHCP scope the gateway was the ip of my firewall. But now i don´t know how to configure the DHCP server, or the firewall, or the switch, or all of them To get access to internet.
View 2 Replies
View Related
May 14, 2013
I'm trying to set up per vlan routing on a 3560G switch but it's not performing as I would expect. I've got a server on the 109 vlan with a 10.1.9.100 address and a default gateway of 10.1.9.1 this address is an HSRP gateway and currently resides on 10.1.9.7. When I traceroute through to my user PC on the internal network it receives a response from 10.1.9.7 However, it is then denied by an ACL on the internal firewall which has been applied to interface Eth0/0. It should arrive at the firewall on Eth0/2.109 as it has the 10.1.9.4 address.
My goal here is to route traffic on the 101 vlan to a seperate interface on the internal firewall from 109 vlan traffic. I'm either doing something wrong or these routing commands aren't designed to work in the way I'm expecting (I couldn't find any documentation on the ip route command where it is followed by different gateways for different vlans)
interface GigabitEthernet0/12
description Internal-FW Eth0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 109
switchport mode trunk(Code )
View 1 Replies
View Related
Feb 2, 2012
I have a 3560G switch with c3560-advipservicesk9-mz.122-46.SE and 2 routers. The switch has vlans defined. I want to route all traffic on vlan 25 out of one of the routers exclusively. Here is what I have attempted:
-Set the SDM template to routing & reload
-Define an access-list for the v lan traffic
-Define the route-map
-Apply the route-map to the vlan interface
When I attempt the last step I receive the following syslog error:
%PLATFORM_PBR-3-UNSUPPORTED_RMAP: Route-map RM_IMDGuest not supported for Policy-Based Routing
Also, the route-map is removed from the vlan interface after this error is thrown. Im 99% confident that PBR is supported on this switch (am I wrong?). Here is the relevant show output:...
access-list 125 permit ip 192.168.25.0 0.0.0.255 any
route-map RM_IMDGuest permit 10
match ip address 125
set ip next-hop 192.168.5.3
[code]....
View 2 Replies
View Related
Jan 24, 2013
I was assigned a task to connect two locations through a L2 VPN, The infrastructure which i have are...
Fortigate 80 C firewall at Location A
CISCO 3560G at Location A
CISCO 3750G at Location B
2 MBPS Leased Line connecting two locations.
T1 line at Location A.
The requirements are as follows..
Both locations should be in the same ip range (ex 10.80.71.1/24) Internet for Location B should be from Location A, both locations should talk to each other.
View 6 Replies
View Related
Oct 2, 2012
We have 2 catalyst 3560g-48-PoE protected by a 1000Va 800Watt tripp-lite and I was cheking to see if that is really sufficient. Looking at the charts from Cisco suppport I would think I should have more, but have not had any issues with a few power outages
View 1 Replies
View Related
Apr 18, 2013
I have 3560g with 15.0(2)SE2 version. I try to give different default gateways for different interfaces.I've already changed the sdm, run "ip routing" and made interest interfaces in "no switchport" with ip addresses.
my route-map is "
route-map ABC permit 10
set ip next-hop 192.168.77.3"
and it is applied on the interface with "ip policy route-map ABC" but when I try to apply it says "%PLATFORM_PBR-3-UNSUPPORTED_RMAP: Route-map ABC not supported for Policy-Based Routing" everything is fine if I change from "set ip default next-hop" to "set ip next-hop" but it is not I need in the guide of the version it is said this statement is not in unsupported list of route-map commands.[URL]
View 4 Replies
View Related
Feb 20, 2013
I have a WS-C3560G-24TS-S running 12.2(50)SE5 with IPBASE. I have been told that the functionality i seek (multicasting) is only available in the IPSERVICES version of the software. I was reading up on upgrading and saw that i needed to do a show license and get the UID and Serial number and get a license that is tied to my box. But the show license command doesnt work wtih my box. i then found something that said that the 3560's were special in that way. Im not sure how to get this box upgraded. I have a different 3560 running the IPSERVICES elsewhere in my organization. Can i take the IOS Version and update my switch to that?
View 3 Replies
View Related
Aug 13, 2012
We currently have two 5548UP and two 2232PP switches running on 5.1(3)N2(1a) and the plan is to connect our old 3560G switches to 2232 PP using enhanced Vpc.
I enabled spanning tree bpdufilter on the 2232 PP ports so that we can connect switches to them but VTP is not working on those ports. Is there anything that needs to be done on the HIFs for VTP to work.Does VTP depends on BPDUs? Does enabling Bpdufilter affects VTP?
View 2 Replies
View Related
Nov 27, 2012
We have a problem with the throughput over etherchannel in LACP with 2 or 4 ports. It is iSCSI traffic (vmware esxi 4.1 U3) is going from 2 separate NICs (ports) to the etherchannel (with 2 or 4 ports) that has a SAN connected (Nexenta).
The SAN is configured in passive LACP and the switch is in active LACP. Actually it does not matter if we do LACP or just MODE ON, still same result: ~1GBit/s throughtput in either direction. Like already mentioned, 2 or 4 ports in the etherchannel make no difference, or the configuration of the etherchannel.
I will post some config data below, but here is the question: Why can't we see traffic beyond 1GBit/s? Source and destination are capable of doing much more than that (vmware esxi RAID 5 of 1TB SATA; SAN 16 x 1TB NL-SAS). If we look with CNA, we can see that the traffic is balanced equally over the etherchannel ports. With or without QOS or flowcontrol, no difference. This whole traffic happenes on this switch.
!
port-channel load-balance src-dst-ip
!
interface Port-channel5
[Code]....
View 13 Replies
View Related
Nov 19, 2012
We have recently started as Internet service provider in an open metropolitan.
We use a Cisco 3560G Layer 3 switch, where we have all our vlan where we have konfiguerat ex. Switch (config) # interface vlan 150, an interface for each VLAN capabilities such as int vlan 1 - 10/10 int vlan 2 to 30/10, int vlan 3 100/10 and so on.
Our int vlan is configured as follows:
dhcp relay information trusted
ip address <x.x.x.x> <x.x.x.x>
ip helper-address <x.x.x.x>
Ports (ex. int Gigabit Ethernet 0/1) are configured as follows:
description Uplink
switchport access vlan x
[Code].....
Now the problem; we have a customer in ex. vlan 3 who needs to access a server provided by another customer in the same vlan (vlan 3), and access to each other in the same vlan is not possible. You can access the server from any other vlan, but when it comes to access to another host in the same vlan, you will not reach it.
We suspect that the energy company has configured with pvlan isolated. If we use the command ip local-proxy-arp on each vlan, it works to reach each other, but it seems that our 3560 becomes overloaded when ip local-proxy-arp is enabled and it streaming and use IP telephony it doesn't work. The response time at ping is longer and the loss of packets increase with ip local-proxy-arp enabled. The other operators in the metropolitan also uses Cisco 3560G so the hardware should be sufficient.
We have also tried to add no split-horizon, but it made no difference. How do we get around this without negative consequences? Probably need something that makes you allow to send out the same interface that it came from, because it works as long as you are in another vlan.
View 1 Replies
View Related
May 19, 2013
I currently have a 3560G switch running c3560-ipservicesk9-mz.122-58.SE2 I have a spare 3560 V2 switch I want to configure and have ready in case of a failure. This spare switch is running c3560-ipbasek9-mz.122-55.SE5 My plan was to pull the IOS image from the current switch and upload it to the spare that way I have an "idnetical" switch. From what I have read, there are some feature differences between "ipbase" and "ipservices". However, when I run the show license command on the production switch, I get an unrecongnized command error. So that throws into my confusion as if its running an ipservices image, shouldn't it have a license file?
View 4 Replies
View Related
Mar 2, 2012
on IOS versions higher than 12.2(50) on Cisco 3560G-48TS I get this error/traceback, when I reach a certain number of Access-lists group'ed to "interface vlan", and the ACL inserted in the TCAM reaches acl label #128 (can be seen with : Show platform acl label 128)I can see errors in the TCAM if I issue the command
View 21 Replies
View Related
Feb 11, 2013
How do i enable InterVLAN MultiCasting. I have a WS-C3560G-24TS as my core switch and it does InterVLAN Routing. I have a Server VLAN (70) and Workstation VLAN (71). I have a server that i have set up to deploy images to computers. Up to this point i have only done one computer at a time, so unicasting was ok. I would like to be able to Multicast to multiple computers, but am unsure what i need to do on the switch (if anything) to enable this.
View 2 Replies
View Related
Oct 8, 2012
We are seeing some high output drops on our 3560G's and I'm wondering if there is anything I can do to solve this, or should I just be looking at an upgrade.I do not have qos enabled:
do-rs-ah-3560g#show mls qos
QoS is disabled
QoS ip packet dscp rewrite is enabled
I don't have anything special configured apart from some trunk ports, otherwise its mostly defaults.Should I enable qos and tweak the buffering?
View 9 Replies
View Related
Jan 2, 2013
getting CPU utilization around 62%
CPU utilization for five seconds: 54%/6%; one minute: 61%; five minutes: 61%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
35 82081 9642 8512 0.31% 0.21% 0.18% 0 Compute load avg
[Code]....
View 1 Replies
View Related
Oct 30, 2012
My question is wrt policy-based routing on my network. Our switch is a 3560G 24PS running Adv Ip Services image. It is connected to an 1841 and an 1811 each with a dual-wan connection . The 3560 defines 6 vlans and we are using PBR to route some vlans via the 1841 and some vlans via the 1811.
From a client on one vlan a traceroute to a client on another vlan goes through the 1811 before being routed back to the 3560. Is it possible to use PBR to detect traffic that is destined for another vlan on the same switch and then route it directly?
View 2 Replies
View Related
Nov 13, 2012
Not sure if this is a problem with the switch or the wireless AP connected to the switch, but I have a couple of 3560's, one is a 3560G and the other is a 3560, both have phones and wireless ap's connected to them. The ap's on both of these switches continue to loose there ip address and thus disconnect from the controller. This happens about once a week, but the odd thing is that the phones never loose there ip address. All of my other 3560s and 3560g's that have AP's and phones connected are working fine.
View 2 Replies
View Related
Apr 11, 2012
to resolve a problem with L2 etherchannel -when I add VLAN on Portchannel, this VLAN does not appear in config Members of this Po, so after reboot Portchannel does not work: "...and will be suspended (vlan mask is different)"
I try to simulate it on test switch in office, but problem does not appear! Both switch are Catalyst3560G with same IOS.
1. SW in real network segment:
Model revision number : D0
Motherboard revision number : B0
[Code]...
View 6 Replies
View Related
Oct 27, 2011
We had some problems with 3560G-48PS-S switches and PoE for our phones. IOS is 12.2(50)SE3. There were some problems after power outage. The switches didn't reboot because we have two eletric circuits. But after the problems we had no PoE on all ports.
The switches logged to following syslog message:
%ILPOWER-3-CONTROLLER_PORT_ERR: Controller port error, Interface Gi0/17: Power Controller reports power supply VDD under voltage
I can't find any informations in the error message decoder for that. But there was another thread here with quiet the same message, but another problem regarding RPS2300.
After reloading the device all works fine again. The workaround with the commands "power inline never" and "power inline auto" I didn't know till today.
Some information about that syslog message?
My guess is that there was a voltage swing and the switch powered down its supply? Is that possible?
View 5 Replies
View Related
Mar 11, 2013
I have an odd situation where I cannot get a device connected to a built in switchport with out input and crc errors. When connecting to a GLC-T sfp it works fine.Here is my test layout
Outdoor wireless AP --- 10' of cat6 cable --- Gigabit POE injector --- 10' Cat6 cable --- 3560G port 48. (input and crc errors)
When I do this there are input and crc errors on the switch port. This has been confirmed on three different switches and three different outdoor AP's. We though at first it was the injector, but when we run the same setup, but instead connect the device to port 49 with a GLC-T sfp there are no errors.
Outdoor wireless AP --- 10' of cat6 cable --- Gigabit POE injector --- 10' Cat6 cable --- 3560G port 49 (GLC-T). (No errors)
I have upgraded the 3560G to the latest ios and still it has the same problem. If I run the same setup to a 2960 there are no errors at all.
Outdoor wireless AP --- 10' of cat6 cable --- Gigabit POE injector --- 10' Cat6 cable --- 2960 port g0/1 (No errors)
I have also tried manually setting the speed on the 3560G with no success.
View 9 Replies
View Related
Apr 19, 2012
I have a 3560G connected to an ASA FW, both running layer 3 and hosting 6 or so VLANs. The switch is the default gateway for all VLANs (client request) and therefore see's all networks as connected. I used route maps to push the traffic from the switch to the FW so that it got firewalled before being delivered, but I cannot use one of the commands for failover should the FW fail (I wanted to route locally should the FW fail). If I placed all VLANs in their own vrf, NETA would not longer see NETB as a connected network and would follow the route to the FW's NETA interface. I could then inject the connected into each vrf but adjust theirf metric so that they are less preferable than the route to the FW. Should the FW route die, the next route would become active and traffic would route internally to the switch.
View 5 Replies
View Related
May 25, 2013
I am trying to implement static route tracking on a Catalyst 3560G ( WS-C3560G-48PS, IOS version 12.2(35)SE5 and SW image C3560-IPBASE-M). The configuration is as follows:
track 101 rtr 1 reachability
!
rtr 1
type echo protocol ipIcmpEcho 10.199.101.2
rtr schedule 1 life forever start-time now
!
IP address 10.199.101.2 is reachable via ICMP (its the next-hop router).
The static routes configured are the following:
ip route 0.0.0.0 0.0.0.0 10.199.101.2 track 101
ip route 0.0.0.0 0.0.0.0 10.200.52.1 20
But only the secondary route(ip route 0.0.0.0 0.0.0.0 10.200.52.1 20) its being installed on the routing table by the switch.
View 8 Replies
View Related
May 25, 2013
I have made a routed port on 3560G Switch and defined a pool 172.28.4.62 255.255.255.192 and connected to E1 converter RAD (4E1 to 4 FE) the E1 media is through Microwave on the other end same E1 converter is connected through layer 2 switch and defined a pool as of routed port configured in 3560G switch.
The port is generating lot of giants and after a while it also distrubs other routes ( Port1 to Port 16), configured with Vlan11 and port 22 as routed port.I have checked the routed port through wireshark the maximum frame size is 1514 and configured the MTU to 1514, giants are not showing any more but after 10 to 12 hours switch gets hang. Either to shut the port or to reload the switch to get switch and other layer routes to be normal.
I have checked speed and duplex settings same as E1 converter. Full duplex. 100 Speed. Why switch is not behaving normal. If I shutdown the routed port it is normal.
1. interface GigabitEthernet0/22
no switchport
ip address 172.28.4.62 255.255.255.192
flowcontrol receive on
end
[code]....
View 5 Replies
View Related