Cisco Switching/Routing :: 3750 - How To Isolate Fiber Port Traffic
Jun 18, 2012
We would like to setup a link to our DR site that is separate from our main network traffic. This link will be used by an EMC VNX SAN for replication traffic. The SAN will be plugged into a fiber port on a 3750 switch and going out from the same switch (going in as multimode, going out as single mode) into a patch panel that runs over to the DR site (about a mile away). At the DR site it will go from the fiber panel into another 3750 switch which ends up going back out of that switch into our DR SAN.
I'm wondering what the best way would be to configure the fiber ports to accomplish this. I'm affraid that the replication traffic will find it's way over through another route and congest our main network unless configured appropriately.
View 4 Replies
ADVERTISEMENT
Nov 20, 2011
We have Cisco 3524XL switch, Motorola AXS1800 chassis. I am configuring this cisco switch so I can connect AXS1800 traffic thru cisco 3524XL, on switch port gigabit 0/1, I am using cisco Part no. WS-G5486 (1000Base-LX) connector to connect to AXS1800, both port are member of vlan 200 allowed, and configured dhcp-server 192.168.0.1, but still I can't ping any host or host can't get DHCP server.
View 2 Replies
View Related
Dec 26, 2011
We have Cisco 3524XL switch, Motorola AXS1800 chassis. I am configuring this Cisco switch so I can connect AXS1800 traffic thru Cisco 3524XL, on switch port gigabit 0/1, I am using Cisco Part no. WS-G5486 (1000Base-LX) connector to connect to AXS1800, both port are member of v lan 200 allowed, and configured dhcp-server 192.168.0.1, but still I can't ping any host or host can't get DHCP server. I have attached my config file for your review.
View 25 Replies
View Related
Dec 12, 2011
Been dealing with a strange problem for several days now. It started out with a problem that I thought was VTP related but ended up being something else. I setup a span port on a 3750 that I am connected to that was mirroring the trunk connection coming into the switch.
Never saw an VTP traffic come across the connection but doing a sh vtp status indicated the traffic was arriving and getting processed. When I found some debug commands (debug sw-lan vtp), I was also able to see the packets go between switches. Seeing this issue concerns me that there is other traffic that isnt showing up during a span session.
I know that doing a span on a switch, especially using a trunk port as a source, isnt a good idea. Since I didnt have a TAP at time, this was my only choice. I have since borrowed a NetOptics TP-CU3 tap from a good friend and was able to confirm the VTP traffic was going across the trunk connection between switches.
All of my 3750's are running 12.2.55.SE.
View 8 Replies
View Related
Nov 3, 2011
I have three switches:
primary - Cisco Catalyst 3750G-24TS-24
and two SG300-28
I need to apply uplinks as follows:
3750G-24TS-24 SFP (1) -> SG300-28 (first) mini-GBIC (1)3750G-24TS-24 SFP (2) -> SG300-28 (second) mini-GBIC (1)SG300-28 (first) mini-GBIC (2) -> SG300-28 (second) mini-GBIC (2)
I would like to know, What type of mini-GBIC and SFP and cable I should use for SX Multimode?What max speed rate I will get?
View 8 Replies
View Related
Feb 14, 2013
We have a scenario where we want to connect 14 access layer 2950 switches to Core switch 3750 via optical fiber in a LAN.What model of 3750 Switch should we use to tackle this situation.I have learnt that WS-C3750X-24P should support it.Isnt it?
Can we use optical fiber SFP module to connect 2950 switches to core switch?Does Cisco 2950 Switch support optical fiber sfp module?
View 2 Replies
View Related
Apr 2, 2013
I have a 6500 connected to 3750 using fiber connection using patch panel.on the gig port of the 6500 give of error in Input errors, CRC and FRAME.There is no error from the 3750 gigport.
View 6 Replies
View Related
Mar 5, 2012
I'm looking for switches that support single mode fiber connections and would like to know if "WS-C3750-FS-S Catalyst 3750 24 100BaseFX + 2 SFP" and "WS-C3750G-12S-S Catalyst 3750 12 SFP" can serve the purpose?
View 6 Replies
View Related
May 21, 2012
We have a stack of switches that is at the max number of members allowed in the stack. Problem is we are running out of port density and need to add more ports. So instead of adding a whole new stack I would rather replace 2 of the 24-port swicthes with 48-port switches.
If the two 24-port swicthes we are removing are stack members and neither of them are the stack master, I should be able to replace the 24-port switches with the 48-port switches without bringing the master offline? If the new 48-port switches are running the same IOS version as the current 24-port swicthes, they should add themselves to the stack?Would I have to tell the new 48-port swicthes what switch numbers they are replacing in order for them to be added to the stack since we are at the max number of members?Also since the 48-port swicthes are replacing 24-port switches will the master give the 48-port switches the configuration for only the 24-ports?
View 11 Replies
View Related
Jun 25, 2012
I am trying to connect a SF200-48 switch via Mini-GBIC MGBLX1 fibre module to a Cisco 3750 switch with a GLC-SX-MM fibre module installed both running a 1000 Mbps. When connected together they do not enable. Are there compatibility restrictions or is it that the Mini-GBIC modules cannot be used to uplink to a LAN?
View 2 Replies
View Related
Dec 12, 2012
I have a WS-X6816-10G-2T module with X2-10GB-SR modules. I will be getting a SMF hand off and the length of the termination is around 100 meters. (I will be getting another hand off for Inter-DC link for which I have X2-10GB-LR module). The question is can I connect this SMF hand off (short length) on the SR module?
View 2 Replies
View Related
Jan 14, 2013
I need Know what connection is using on Cisco 2811 router.I have this interface in Cisco 2811, I need Know if this port is connected to Fiber or Copper. I think is copper with RJ45 but I see 100 base TX/FX so this make me doubt about it because TX its for copper link and FX for fiber. [code]
View 5 Replies
View Related
Feb 19, 2012
In one location we have a HP 2510-48 port switch which we need to connect to a Cisco 3560 switch. The problem I have is that we have issues connecting fibre to the HP switch, so I have decided to attached a CAT 5 to Fibre convertor at this end and another to the cisco switch.
My question you can not connect a HP switch to a Cisco switch, is this true or do I just need to confirgure something on the ports.
View 2 Replies
View Related
Sep 4, 2012
We have a core switch with the following ios and supervisor engine. Can we add a16 port LR (x2)or LRM(X2) ON the core switch?if not what modifications has to be done?if an ios upgrade is necessary is it a costly affair?At present we have two 1gb up link modules in single and multimode fiber .
#sh moduleMod Ports Card Type Model Serial No.--- ----- -------------------------------------- ------------------ ----------- 1 16 SFM-capable 16 port 1000mb GBIC WS-X6516A-GBIC SAL0803T308 2 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX SAD07500600 5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G SAL1439UMZK
#sh versionCisco IOS Software, s72033_rp Software (s72033_rp-IPBASE-M), Version 12.2(33)SXI4a, RELEASE SOFTWARE (fc2)Technical Support: [URL] Copyright (c) 1986-2010 by Cisco Systems, Inc.Compiled Fri 16-Jul-10 19:51 by prod_rel_team
ROM: System Bootstrap, Version 12.2(17r)SX7, RELEASE SOFTWARE (fc1) uptime is 1 year, 27 weeks, 4 days, 23 hours, 30 minutesUptime for this control processor is 1 year, 27 weeks, 4 days, 22 hours, 58 minutes(code)
View 6 Replies
View Related
May 21, 2013
Has anyone configured Layer 3 port channel on Cisco 6509 switches which are connected over dark fiber between two buildings?
View 3 Replies
View Related
Sep 14, 2012
I am trying to configure a loop back interface like so: [URL], on the following device:
C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(50)SE, RELEASE SOFTWARE (fc1on port gig0/1 which is using a 1000Base-SX adapter. This is for troubleshooting purposes and it does not appear to be a feasible option. Is there another way to accomplish in the IOS?
View 1 Replies
View Related
Jun 5, 2013
I'm fairly new to Cisco products am in the process of developing my network knowledge on a deeper level. I have a 3825 with a HWIC-4ESW and I'm struggling to fully understand how the two "see" each other. I've setup a V LAN with a layer 3 address on the HWIC and added the switch ports to it. This seemed to allow devices connected to the switch ports to talk to the built-in router ports. I thought this was all making sense until i applied an access-list to the router port. It's a simple ACL i'm just using for testing and the only thing it does is blocks telnet from anywhere. I know the ACL is setup properly because if I connect a device directly to the router port i cannot telnet to the port. However, if i connect a device to one of the switch ports, i am able to telnet to the router port successfully.
It seems that I'm missing something with how traffic flows from the switch port to the router ports and how the two "see" each other.
View 2 Replies
View Related
Oct 10, 2012
Have a quick question regarding inter-vlan routing on a 3750. Overview of network is ISP --> ASA --> 3750 (acting as my core and default gw). I have 5 vlan interfaces on my 3750, all w/ 192.192.x.x subnets, a 6th w/ 192.168.100.x, and a 7th w/ 192.168.200.x. I have enabled "ip routing" on the switch and can successfully ping from subnet A to subnet B as long as both devices are using the correct DG for their vlan, which is the switch. I have a few ports that are trunked as well that go to ESX hosts which break out the vlans according to the subnet the vm should be attached to. The ASA is set to nat internal traffic for all the vlans.
Now my question: short of applying an ACL to each vlan interface to block traffic from other 192.192.x.x subnets is there a better way to accomplish this? I want my 192.168.10.x subnet to be able to reach all the subnets, but don't want 192.192.10.x to be able to talk to 192.192.20.x for example. I was thinking to create an acl like this:
access-list 120 permit ip 192.192.10.0 0.0.0.255 access-list 120 deny ip 192.192.0.0 0.0.255.255 192.192.10.0 0.0.0.255access-list 120 permit ip any 192.168.100.0 0.0.0.255 192.192.10.0 0.0.0.255
and then applying this to the interface for the appropriate vlan.
View 4 Replies
View Related
Nov 13, 2011
We have a remote office with a Cisco 3750-X switch with the IP-Services feature set connected via dark-fiber to a 6509-E at the corporate office. We plan on migrating the remote office to a new network (new acquisition) to subnet 10.10.10.0 on VLAN 20 which has an existing subnet of 192.168.100.0 and we would like to run both in parallel using their existing switches (Dell) and the new 3750-X.
I’m curious as to the best way to keep the traffic local between the two subnets using the 3750-X and if necessary put the 192.168.100.0 network on a VLAN. I thought about routing between the two networks via IP routing on the 3750-X but the new workstations default gateway is the 6509-E and existing workstations is a SonicWALL within the remote office. The default gateway for the new workstations can be moved from the 6509-E as a last resort.
View 5 Replies
View Related
Jul 15, 2012
I have 2 new 3750g devices in a small environment. switch1 acts as our collapsed core and has ip routing enabled, and is connected to a ASA 5510. There are 3 HP l2 switches connected to switch1 as well. switch2 is simply a server switch. switch1 and switch2 have a 2port etherchannel between them, and a vlan trunk carrying 4 vlan's. traffic between any 2 hosts on switch2 (same vlan) are slow. (average 300Mbits/sec) If I move one of those hosts to switch1, speeds increase by 3 times. (average 900 Mbits/sec). Additionally, traffic between any 2 hosts on switch1 are quick. testing is done with iperf as well as timing 1gig file transfers.
I don't see any errors or drops anywhere, and there are no other symptoms other than slow transfer beteween hosts on switch2. I just got 2 more of these 3750's to put in a 2nd site that we have, put a quick configuration on them, and have the same result. Other than switch1 having ip routing enabled, the configs are pretty much identical.
View 2 Replies
View Related
Dec 2, 2012
I want to know if there is way to tag traffic with DCSP tags without having to do all the other requirments of QOS setup. All i want to do is just tag traffic at different DCSP values via source and destination IPs. We do not have a need to be priortizing traffic on out internal switches. We just want to tag the traffic so our MPLS provider can distinguish the different types of traffic.
Our environments is primarily 3750s in all offices.
View 6 Replies
View Related
May 21, 2012
we have three separated network segments going to one Cisco 3750 switch all is L2 .. from this switch is 100 mbit uplink.we need to apply some Qos mechanism not to saturate line by traffic from one network.. Configuration from various reason CANNOT be done on switch where 100Mbit line is terminated.. so all must be done on SW1,2,3..Correct me if iam wrond but as switches doesnt see traffic from other network iam affraid only think we can do is limit bandwidth on links going into SW1,2,3 to 33 Mbit.I found commad srr-queue bandwidth limit.But links going to SWs are 1Gbit so if i force bandwidth to 10% (minimum what command allows) its 100 Mbit..If I force speed on those links to 100Mbit and than apply srr-queue bandwidth limit to 30% doest it work.??. Will srr-queue bandwidth limit speed to 30Mbit?? Or srr-queue bandwidth limit is calculated from maxim speed of interface?
View 1 Replies
View Related
Mar 14, 2012
I am trying to mark http packets from a web server with DSCP ef, but when I am doing a traffic capture all http packets have tos 0x0.I am able to mark UDP and ICMP packets originated from this server, but not any TCP traffic.The web server is in VLAN 20This is my config mls qos ip access-list extended MARK-HTTP-ACL permit tcp host 10.10.10.10 eq www. [code]
View 4 Replies
View Related
Jan 28, 2013
Unable to limit traffic on catalyst 3750 gigabit ports it has fiber modules,
I want to limit traffic 2mb per port
I have tried srr-queue and policier but it is not working and there is no ratelimit command under any interface, Applying policy to output is not supported of the interface
policy-map rate-limit
class class-default
police 2000000 8000 exceed-action drop
int gi1/0/3
service-policy input rate-limit
still when I start download it goes to 10 mbps
View 12 Replies
View Related
Feb 23, 2012
We have 2 switches split across 2 datacentres connected via an interconnect. Over the past couple of days the interconnect provider's Cisco kit has shut down our port (err-disabled) due to a broadcast storm. They had the level set at 1 which I thought was a bit low. They say they tried to set to 2, then 5 but still kept tripping the storm-control feature so they set at 10. They say they've always had it set at 1% (on a 100Mb switch) and so we must be generating more broadcast traffic.
I'm trying to identify where the broadcast traffic is coming from. On our Cisco 3750 I've clear interface counters and when I do a sh run | i broadcasts there are a few ports which have what seems like a high broadcast count. The one port that is especially high and the only one tripping the storm-control feature (I've enabled on all our ports to try to identify where the traffic is coming from) is the port connected to the 100Mb interconnect. I've mirrored that port to another port and connected a server with wireshark so I can capture all the traffic across that port.
What I'm struggling to find is the source of the broadcast traffic.I have a few questions are these broadcasts layer 3 or layer 2 broadcasts. Also in the output below when it says broadcasts received is this inbound to the port i.e. from the connected device or is this a total of inbound and outbound broadcasts.
When I use wireshark and filter the capture on broadcasts (ff:ff:ff:ff:ff:ff) I see only 200-300 compared to the thousands the switch is reporting.If I filter on the broadcast IP address I also don't see the numbers corresponding to what I see in the show interface output.
GigabitEthernet1/0/1 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 0014.a93f.7401 (bia 0014.a93f.7401)
Description: Interconnect
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 4/255, rxload 44/255
Encapsulation ARPA, loopback not set
[code].....
also I'm currently doing : monitor session 1 source int g1/0/1 both, and also tried just rx incase I just need to be looking at receive traffic but still nothing is standing out.
View 10 Replies
View Related
Jun 3, 2013
Actually i have a design from my customer who have ( Cisco core switch 3750 (allports fiber ports) which is connected to L2 switches , these switches carry servers and end users .the only routing protocol on the access switches is static route ,
My question how can i route the traffic from the server to the end user , as the the server is not direct connect to the core switch.
View 6 Replies
View Related
Mar 2, 2012
We are using Cisco 3750 switches in our environment as distribution switches.We currently use to police inbound traffic, but we need to find a solution to limit inbound traffic per IP.Something like this “Inbound traffic for each IP can be maximum 1 Mbps” This can be done having, one ACL and one class-map for each IP, but in my situation is not a practical solution, because we have more than 500 IP’s on that site.
Is any way to accomplish this without writing 500 ACLs and 500 class-map?
View 2 Replies
View Related
Jan 29, 2013
I am unable to isolate DMZ and LAN traffic with an SA520 running 2.1.7.1 firmware. I have the optional port configured as DMZ and DHCP server enabled. I tired leaving the firewall as default. Also tried creating firewall rules to deny traffic from LAN to DMZ and DMZ to LAN for any address and any service.I am still able to ping devices both from LAN to DMZ and DMZ to LAN. I am also able to see network resources in both directions.
View 5 Replies
View Related
Oct 14, 2012
I have 1 WAP321 for guest access. Now I need to isolate traffic of guest captive portal from my LAN.How can I do this?
View 1 Replies
View Related
Sep 13, 2011
We recently switched two of our branches to point-to-point fiber connections to our corporate office. Previously they were using MPLS connections. For branch A, the ethernet handoff of the fiber is connected directly to a Catalyst 3750 gigabit port. That port has no configuration on it. The other end of that fiber is connected to a gigabit port on the 3750 switch at our corporate office. That port is configured with an IP address that is within the subnet of branch A, and is operating at layer 3 due to the no switchport command.
Branch B currently has a Cisco Express 500 ethernet port (with no configuration on it) connected to the fiber hand off there. At first we setup a port on the 3750 at our corporate office that is connected to Branch B via the fiber in the same manner. This resulted in us receiving DCHP leases at Branch B from Branch A. Obviously not desired. Now we have the port on the corporate 3750 that is connected to Branch B's fiber configured with switchport vlan 64. I also configured interface vlan 64 on that switch at corporate with an IP address from the branch B subnet. We then set that IP address as the default IP address for devices at Branch B.
We are having trouble with both an ATM and a phone system not communicating properly at Branch B. At Branch A we are experiencing the same oddity with the phone system, but the ATM is able to communicate fully. At branch B, when configuring a Windows Vista or Windows 7 laptop with a static IP address that is known to be available, you get transit failures when trying to ping. Essentially everything seems to be able to route fine, but some traffic even after a full tcp hand shake seems to not transmit properly.
When you configure a point-to-point fiber connection from a layer 2 switch at a location without a router to a location with a Cisco Catalyst 3750 switch as the endpoint, what is the best way to configure both sides?
Currently we only have vlan 64 configured on the port mentioned on our switch at corporate, and then the switch at Branch B is essentially operating as an unmanaged switch at the moment with all ports in vlan 1.
View 4 Replies
View Related
Aug 6, 2012
I am aware that the 3750 switches are not able to support Netflows, so I have created a SPAN port and spanning traffic from a specific port. I would like to create a seperate VLAN and trunk the traffic from the SPAN port down to the 6509 switch and then capture all the traffic for that VLAN on the 6509.
View 4 Replies
View Related
Feb 21, 2013
I have One switch 3750 and many switch 2960 c.I use one ASA 5510 to reach emote branche site (vpn conexion).I use one router 1841 for internet conexion.Router 1841, ASA and catalyst 2960 are connected on the 3750.Default gateway of all user is ASA IP
I configured Vlan 3750 and it work.Now I need to implement security : permit/block specific traffic between vlan [code] From vlan 72 I cannot have remote access on computer in vlan 34 and I cannot ping computer in vlan 34.
View 1 Replies
View Related
Nov 13, 2011
I am trying to setup a network using Cisco 2960 switches with vlans configured. One vlan will handle video coming from four cameras that are connected to another 2960.
We have four cameras feeeding one port each on a 2960, that 2960 in turn feeds one port on the main 2960 which is the video vlan for that site. From the site it goes back to a Cisco 3750 to be sent over to a Sonicwall firewall. If we connect to the 2960 that the camera are connected to we can see the video, but not on the main site 2960.
View 5 Replies
View Related
