Cisco Switching/Routing :: 3750 VTP (v3) Communications Not Working Through Trunk
Nov 8, 2011
I have a couple 3750 switches that I am trying to run VTP Version 3 on.one as primary and the other as "server" which implies secondary from my research. [code]Additionally, running a show VTP devices yields a "No VTP3 devices found" on both devices. Despite ensuring that the domainname and password match.I have a patch cable from Gi1/0/1 on switch one runnning to Gi1/0/1 which from what I read is acceptable on GigE.
Cisco 4506-E port configuration WESTERN-4506-01#show int g4/47 GigabitEthernet4/47 is down, line protocol is down (notconnect) Hardware is Gigabit Ethernet Port, address is 0022.554c.01fe ( fe) Description: Trunk to 425
I have client who has two distant offices with 3750 L3 as core (do all vlan routing for local office) and multiple L2 access switches with multiple VLAN’s connected to it. First 3750 is hub also connected to internet, second 3750 is spoke and acting as a router on stick. We have eigrp configured on both side ISP provided client 100Mbps link as a trunk with two vlan; vlan10 for voice and vlan20 for data. We assigned two small subnets to these vlans 10.15.17.0/29 and 10.15.17.9/29. Hub addresses are 10.15.17.1 and 10.15.17.9 respectively. How to force voice over VLAN10 and data via vlan20, but still do some load balancing? How to setup default route on second (router on stick) switch?
Currently we have a 6513 core (running IOS and doing limited routing) with VLAN Trunking to about a dozen 3560 edge switches, with various VLANs going to each of the edge switches. All works well. We are downsizing and replacing the 6513 core with a 3750G stack. We have the stack up and running in the lab, and want to slowly (as we move floors) migrate all of the edge switching to the 3750 stack.
The plan is to connect the 3750 stack to the 6513, then slowly migrate the edge switches to the stack (from the 6513). I would like to put in place 4 x 1GB trunk links between the 6513 and the 3750 stack before I start moving edge switches to ensure adequate bandwidth. Once all of the edge switches are on the new 3750 stack, I will start to decommission the 6513.
What is the best way to configure the links between the cores (old 6513 and new 3750 stack)? I can easily get the edge switches configured to the 3750, but am worried about the core links. I really want to avoid having to perform an all-at-once cutover of the cores. Another question is when do I try and migrate the VTP server role from the 6513 to the 3750 stack? I could simply make everything transparent, and ditch server-based VTP, as we rarely change or creat VLANs.
Is it possible to rate limit on a L2 trunk port on a 3750?
current port config and ios are as follows;
interface GigabitEthernet1/0/50 description *** Connection to Fiber Link *** switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,172 switchport mode trunk end flash:c3750-advipservicesk9-mz.122-46.SE.bin
i was wondering if the "srr-queue bandwidth limit 10" command would work to limit the output from this interface to be 10 % of the port bandwidth and then the same command could be done on the other side.
I am taking only undersize errors on catalyst 3750 trunk interface (attached some outputs)...the other end is a 4500 switch and the interface is clean..can this be related to any bug ? this is my root port and often leading to trouble sometimes STP BPDUs transportation are affected..
I have a 3750 as a core and have a series of HP Procurve switches that are daisy chained using one port. I have two vlans on the port now (6 &9) and everything works fine, all switches communicate and end devices on the switches are also talking. There is a requirement to add a device towards the end of the chain which requires it to connect using Vlan1. Once I add Vlan1 to the port onthe 3750 I lose connectivity to all the HP switches.
This is regarding VLAN creation on C3750E switch.I want to create new Vlan 94 on this switch and also I want to allowed same interfaces like Vlan 95 & Vlan 96. [code]
We had a core switch (Cisco 4503), distribution switches(Cisco 3750) and access switches in our network and consists of many vlans. Almost all vlans uses DHCP Pools. But for few vlans DHCP is not yet configured due to initial design poblems. Recently one of the rogue user in vlan 1 connected to one of the access switch send rogue arp packets to the network (suspecting arp packet with interface vlan 1 ip of core switch with wrong mac-address (gateway ip of vlan 1)) and resulted in a prolonged network outage for the vlan 1. Any way we are going to seggregate vlan 1 into different vlans, but before that we need a temporary plan to block such kinds of attack like enabling DAI in the switch. I have checked the DAI implemenation feasibility with my knowledge and found that it is not possible to configure to the access switches(Cisco 2960) in which the user directly connected. But found that Distribution switch connected to that particular access switch seems to be able to configure since DAI commands are available to configure in switch.
Is it possible to block ARP packets with the interface vlan 1 IP Address with rogue mac-address by configuring DAI in the above mentioned Distribution switch and the port connected to the mentioned access switch?
I am trying to implement in the lab. I have 2 switches 3550 and 3750. my questions are:
1. why i can't see vlans in the running config on switch 3750 even after i created 3 vlans?
2. the 3750 is power over ethernet switch and i am trying to connect 3550 and 3750 thru cross over cable trunk link and the ports doesn't show up no light nothing. is it the right way of cabling.
we recently aquired a managed services job and have to do a overhaul of the vlan configs and have a whole dozen WC2948G's trunk between a set of ports as well as trunk out a LAG channel setup to non cisco equipment. the deal is the lacp-channel works properly on both ends but no routing of vlans between ports and between the lag trunk are working.
theres alot of settings in the config and im planning on clearing it and starting from scratch but before i do i want to know where my problem lies.
i have an issue to connect a trunk between cisco switch and extreme switch i have many vlans that i want to cross via a link between cisco 3750 switch and a Extreme Alpine 3800 switch
I want to police the traffic coming from host 10.0.0.10 that is connected to another switch via port-channel interface the port-channel have interfaces G2/049 and G2/0/50 , i have applied below config to the SVI 112 but this is not working, as the host is still able to go beyond the policed rate also in the "sh policy-map interface vlan 112" command everything is showing 0(zero).
class-map match-all CM_FTP_PORT_49 match input-interface GigabitEthernet2/0/49 class-map match-all CM_FTP_PORT_50
I have a WAN router that's on 172.x.x.x segment, and another WAN router that's on a 147.x.x.x segments.How can I make them communicate, I would like to interconnect both segments to talk to each other.We are using a Cisco 2800 on both segments.
I'm trying to get a node in SVI1 on VRF1 to speak to another node in SVI2 on VRF2 to reach each other. After hours of failure, I went to outside resources. Everything I read on the internet says it's not possible on this platform and at least one TAC engineer seems to agree.
I just can't believe such a high-end data center switch is not capable of handling such a basic feature.
I am using a cisco 3750 in my network as a gateway, and above it I use a squid machine for caching my internet. My network is like this:
Basically I have two VLANs on my network which are VLAN10 and VLAN100, VLAN10 is the cooperate network of my office. VLAN100 is the management VLAN which i use for the switches. I keep the squid as well the client in VLAN10.
squid (192.168.1.50)---->cisco 3750(192.168.1.123)---->Distribution Switch(cisco 2960)---->client PC (192.168.1.5)
I have done nating on squid and internet is working pretty fine when I use the client gateway as the squid, but when I use the cisco 3750 as my gateway after adding route maps for forwarding the internet traffic coming to the cisco 3750 to squid it disconnects me from internet as well I cannot even reach the switches from the corporate network. These are the only Lines I used for the routing:
! route-map proxy-redirect permit 10 match ip address 110
I have applied below script and i can see the script successfuly exceuted but i cant see the file which should store on the flash.Below is script, event snmp oid 1.3.6.1.4.1.9.2.1.56 get-type next entry-op ge entry-val 60 exit-time 10 poll-interval 1
action 1.1 syslog msg "CPU Utilization is high" action 1.2 cli command "en" action 1.3 cli command "show proc cpu sorted | append flash:abc.txt" action 1.4 cli command "show proc cpu history | append flash:cpu2info.txt" action 1.5 cli command "show ip inter bri | append flash:cpu3info.txt" action 1.5 syslog msg "cpu commands verification"
When I do show flash i cnat see the files in the flash.
We plan to implement multicasting on our network where the sourec and destination are going to be in different vlans.I have a test 3750 switch, Layer two multicast works fine, when I place the source and destiantion in different VLan it fails. [code]
Basically I have 3 VLAN’s. Office VLAN (for cooperative usage) which is VLAN 999 which has a defined IP address of 192.168.1.123 and Guest VLAN (for the guests who visits our hotel, most of it are wifi AP’s) VLAN 20 which has an IP address of 10.172.4.1. All these SVI are defined on the core switch.
Is there any way I can introduce a new VLAN lets say VLAN 40 and use PBR to route the packets going to VLAN 40 in the IP range 192.168.1.x to VLAN 999 and 10.172.4.1 to VLAN 20? I have tried this already and it is not working. Here are the configurations I have used.
Access-list 110 permit ip 10.172.4.0 0.0.0.255 any access-list 120 permit ip 192.168.1.0 0.0.0.255 any route-map INT_RVLAN permit 10 match ip address 120 110 set ip next-hop 192.168.1.123 10.172.4.1 interface VLAN 40 ip policy route-map INT_RVLAN
I am facing issue with http login after IOS upgrade on 3750 switches. I upgrade IOS from c3750-ipbase-mz.122-35.SE5.bin to c3750-ipbase-mz.122-53.SE2. bin Any other command I have to run.
I have two switches, WS-3750-24PS-S connected in two cabs via fiber. Patch panels at both ends with patch leads. Used tester to confirm end to end fiber connectivity. When plugged in, one switch lights up the other does nothing.
same at both ends. Tried both GI ports same result. swapped transceivers over and the same result, (one switch lit one not - the same switch in both cases). put both transceiver in each switch, (gi0/1-0/2 in a single switch). on the one that lights up in the original scenario we get link on both ports and they come up, on the other nothing happens. shut down both ports on the malfunctioning switch and no shut them, no change.
Show transceivers doesn't show transceivers on the malfunctioning switch, and no attempt is made to bring the ports up if the fiber is removed and replaced.
it is almost as though the two gb ports are kaput. Anything else I can try?
In my Cisco 3750 get rebooted and now the SFP module is not working.
It showing the following error message.
05:13:22: %PHY-4-CHECK_SUM_FAILED: SFP EEPROM data check sum failed for SFP inte rface Gi1/0/26 05:13:22: %GBIC_SECURITY_CRYPT-4-ID_MISMATCH: Identification check failed for GB IC in port Gi1/0/26
What is the error message indicating and what is the solution for this.
I have a Catalyst 3750 switch configured in a network. I would like an additional 3750 switch as a "hot" standby. A 2nd 3750 switch was purchased, and the same configuration was entered in to the new switch, so I have 2 switches with the exact same configuration.
When I move the connections to the new switch, I have a few VLANs that do not come up. One VLAN does come up and work normally. The VLANs in question show down, protocol down, and a show ip route reveals routes to the networks on these VLANs are not there When I put everything back on the original switch, everything works normally.
Why would the new switch not work with the exact same configuration?
Unable to limit traffic on catalyst 3750 gigabit ports it has fiber modules,
I want to limit traffic 2mb per port
I have tried srr-queue and policier but it is not working and there is no ratelimit command under any interface, Applying policy to output is not supported of the interface
policy-map rate-limit class class-default police 2000000 8000 exceed-action drop int gi1/0/3 service-policy input rate-limit
I have an ASA 5510 attached to 2 internal networks. Everything is working except communications between the 2 internal interfaces.I can ping the FW from either interface and I can ping hosts on both networks from the CLI but can't get any traffic to pass.I'd like to open the connection to all traffic. [code]
I have a Cisco SW ( 3560 ) with one Trunk link to my router ( 7606 ), Trunk link is fully utilized so i need to add 2nd Trunk.Shall all move some customers from old trunk to 2nd one and create a new subterface for them ?I am think if i can create bundle and add subinterfaces under this bundle ?Add two GE ports to be memeber of this bundle ?
We have purchased 3 no CISCO SF300-48P (Access Switches) with the interest of setting up a new laboratory consisting of 120 desktops. We currently have a CISCO 4507R (Core Switch) and a CISCO 3560 (Distribution Switch) for the campus wide network. Our network is developed with various VLANS to support Internet and Intranet facilities. The new lab need to be incorporated in to the Campus wide network with a new VLAN ID. But problem is while trunking the CISCO 3560 (Distribution switch) to the CISCO SF300-48P (Access Switch) communication does not happen. While, surfing the internet and various doc's say that SF300 uses GVRP instead of dot1q trunking.
We have setup a pair of Nexus 5596 L3 switches with 2 x 10Gbps LACP links between them to act as the vpc peer link. We also have another 2 x 10Gbps LACP links between the 5596 switches to carry non VPC VLANs, this is required to provide EIGRP routing between the switches and an upstream router.I have read that it is possible to setup the vpc keep-alive link over an SVI instead of the management interfaces. Is it ok to run the keep-alive SVI over the second LACP non VPC VLAN trunk or is it recommened to keep this seperate?
I have 2 hosts, 1 plugged in fa 0/21 in VLAN 101 and another in fa 0/22 in VLAN 101 on our L2 Cisco 2960. If I try and transfer files from either host the gig 0/1 trunk port on the 2960 leading tot he 3750 fa 0/1 port hits 100mb (using a real time bandwidth monitor tool), but why? This VLAN is on the same switch, why does it go one way up the trunk to the L3 3750 switch? The L3 3750 is the VTP server and the 2960 is a client. I would of thought the traffic stays local. The 2 hosts don't even have a gateway set.To sum up the typology the 2960 and 3750 are trunked using a single cable. The 3750 hangs of a ASA firewall using SVIs.Here is whatthe traffic looks like when copying a file between hosts (2gb file).
I have 2 Cisco 6509 switches linked together via single Fibre as a trunk.I want to change this to a port channel where I will add another 3 fibre ports to the port channel but what order do I do this to minimise any disruption.
1-Configure PortChannel and add the 3 new ports, this will bring up the Port Channel but what effect will this have on traffic currently going over the single Trunk link? Will spanning tree go mad, how will switches react?
2-Convert existing Trunk link to Portchannel then add in new ports to PortChannel, I guess in doing this there will be a small hit on traffic as it changes to a port channel.
I am struggling with a CE520 and its smartports stuff.I have configured the following vlans :
1- data 100 - phones
I need to bring those vlans (both of them) to a Cisco 800 router. The port of the 800 router is already configured as trunk and accepts vlan 1 and 100.The cisco 800 has both vlan 1 and 100 configured with 2 ips on different subnets, and ip routing is enable (to route between two vlans). Also, no access lists are configured.I have configured one port in the switch as role "router" and connected to the router. The other ports are all configured as phone-desktop (phone vlan 100 desktop vlan 1).If I connect a phone and manually configure an ip (the phone gets automatically vlan 100), and try to ping the phone from the router, it doesnt respond. Alse vlan 100 is protocol down.I am guessing what s the right configuration as the link between the switch and the router should be a trunk link for 1 and 100 vlans, but it looks like is transporting only vlan 1.Also changing the port role to "other" when you can specify the native vlan and another vlan, the switch doesnt accept vlan 100 as additional vlan on that link.
