Is there a way to use the "no switchport command to enable routing on a port and yet sequester it from traffic on other vlans within the switch?
The switch in question is a 3750E
We tested a QoS in a Cisco 3750E, IOS: 12.2(58)SE2.Voice traffice in the correct Q without any problem, but all the others traffic the Defualt Q (0), tried to capture the traffic and tcp/udp port are correct.Any thing wrong with my ACL or DSCP - CoS?? ( that ACL works fin on 4500 and 6500) [code]
View 3 Replies View RelatedI have a device which will be sending voice and data packets and is able to mark the packets with DSCP values. Voice, 18 and Data 42.If this was a straight through network, I'd be clear on how to handle this, but.....I will be putting this traffic into a VLAN to isolate it from some other traffic on the network. What is the best way to prioritize this traffic inside the VLAN? Will the Cisco switch look at and respect the DSCP values inside the VLAN and prioritize accordingly inside the VLAN? Or, do I need to do some sort of DSCP to 802.1p mapping? Another option I would be fine with would be mapping the DSCP values for voice and data to two different VLANs and then giving the voice VLAN priority over the data VLAN .... I'm using 3750E switches.
View 7 Replies View RelatedI'm fairly new to Cisco products am in the process of developing my network knowledge on a deeper level. I have a 3825 with a HWIC-4ESW and I'm struggling to fully understand how the two "see" each other. I've setup a V LAN with a layer 3 address on the HWIC and added the switch ports to it. This seemed to allow devices connected to the switch ports to talk to the built-in router ports. I thought this was all making sense until i applied an access-list to the router port. It's a simple ACL i'm just using for testing and the only thing it does is blocks telnet from anywhere. I know the ACL is setup properly because if I connect a device directly to the router port i cannot telnet to the port. However, if i connect a device to one of the switch ports, i am able to telnet to the router port successfully.
It seems that I'm missing something with how traffic flows from the switch port to the router ports and how the two "see" each other.
I need to use cisco 3750E switch on core. I want to know whether BGP is supported on this model or not?Currently i have c3750e-universalk9-mz.150-2.SE/c3750e-universalk9-mz.150-2.SE.bin" preinstalled. and i checked BGP is not supported on this IOS image.
View 7 Replies View RelatedQuick question here. Using 3750E series switches with multiple VLANS configured. These switches serve as our 'core'. I have SVIs configured for the different VLANs and add inbound ACLs in each of the SVIs to control traffic between VLANS. This switch also terminates a P2P Ethernet link which connects to our Colo facility. The port used for this is configured as an L3 port. I noticed today that I was able to send traffic across this L3 link that I thought should have been blocked by an ACL I had in place but it wasn't. So the traffic flowed from a port in say VLAN 20 across this L3 link (assigned with an IP address). Would this traffic flow not cause traffic to be checked against an ACL applied in the inbound direction on the SVI of VLAN 20 (int vlan 20)? Traffic does get checked when routing between SVIs. Why would it not get checked when routing between SVI and L3 interface?
View 2 Replies View RelatedI am in the process of upgrading our network switches and wondering if the .lic file will work with the new software or if I have to rehost for the move to 15.0. Its a remote site and I would like to get some solid info before I pull the trigger.
Also which IOS should I be upgrading to?
c3750e-ipbasek9-mz.150-2.SE.bin
or
c3750e-universalk9-mz.150-2.SE.bin
[Code].....
Been dealing with a strange problem for several days now. It started out with a problem that I thought was VTP related but ended up being something else. I setup a span port on a 3750 that I am connected to that was mirroring the trunk connection coming into the switch.
Never saw an VTP traffic come across the connection but doing a sh vtp status indicated the traffic was arriving and getting processed. When I found some debug commands (debug sw-lan vtp), I was also able to see the packets go between switches. Seeing this issue concerns me that there is other traffic that isnt showing up during a span session.
I know that doing a span on a switch, especially using a trunk port as a source, isnt a good idea. Since I didnt have a TAP at time, this was my only choice. I have since borrowed a NetOptics TP-CU3 tap from a good friend and was able to confirm the VTP traffic was going across the trunk connection between switches.
All of my 3750's are running 12.2.55.SE.
How do I redirect my port 80 traffic to my Trend Micro IWSVA in my 3550 switch? How do I use PBR? Can I use WCCP in my 3550?
View 3 Replies View RelatedNetworking is not my gig, but it has to be at this very moment. We have an ASA 5505. Let me explain what's going on.
On Tuesday I wanted to be able to use the ASDM since there is less room for error. But we only had a console set up. So I ran the following commands...
in ($config)
http of course didn't do anything incomplete command
http 192.168.1.2 255.255.255.255 didn't anything incomplete command
http 192.168.200.254 255.255.255.255 inside
[Code]....
Everything started working after that. Everything worked fine all of wednesday and thursday. Then this morning it stopped processing again. When I traceroute it gets to the machine that is hooked up to the console and stops. So I'm guessing its actually getting to the ASA router and being swallowed up again...
have 2 3750's one is an 3750E the other one is a G... Since they are 2 different versions Do I need to correct ios for each for example my 3750E switch i would have
IP BASE
c3750e-ipbasek9-mz.122-53.SE2.bin and for my 3750G switch should i use
IP BASE
c3750-ipbasek9-mz.122-53.SE2.bin
Which would be 2 separate images
Can I get a stack cable longer then 3m?
View 1 Replies View RelatedI am looking to find a command or counter to tell me if a cisco switch port on a 4510 was ever up and passed traffic. I want to shutdown all unused switchports on our access switches. But before I do that I need to make sure device is just not off or the person is away on vacation. If I do sh int interface, is there a counter I can reference.
View 4 Replies View RelatedWe would like to setup a link to our DR site that is separate from our main network traffic. This link will be used by an EMC VNX SAN for replication traffic. The SAN will be plugged into a fiber port on a 3750 switch and going out from the same switch (going in as multimode, going out as single mode) into a patch panel that runs over to the DR site (about a mile away). At the DR site it will go from the fiber panel into another 3750 switch which ends up going back out of that switch into our DR SAN.
I'm wondering what the best way would be to configure the fiber ports to accomplish this. I'm affraid that the replication traffic will find it's way over through another route and congest our main network unless configured appropriately.
Can the SRP547W be configured to allow traffic on port 25 from an external ip range to an internal address?
View 0 Replies View RelatedI have two goals on my Cisco 3750E -
* Limit bandwidth to match carrier provided bandwidth (10M ethernet port, but only 6M provisioned)
* Prioritize some traffic over others through the use of a priority queue.
I have come up with this design:
access-list 100 remark priority traffic
access-list 100 permit ip 10.1.1.0 0.0.3.255 any
access-list 100 permit ip any 10.1.1.0 0.0.3.255
[Code]....
How do I know? Is there a show command to show priority packets?
Am I right in assigning dscp 46 to this interesting traffic? That way it goes to queue 2?
Am I right in applying the priority-queue out command to the interface?
We also have voice traffic. But I think i can trust it to queue up into the router with trusted dscp
We're seeing "OutDiscard" error on a LAN switch connected to newly migrated Cisco IP phones. All the other error counters are clean except for the OutDiscard. (please see attached "show int count err" output.) [URL].
According to the link above, the common cause of such discards can be to free up buffer space.(Am I seeing a switch buffer issue?) How to identify/resolve the cause of the OutDiscard.The switch is 3750-E running c3750e-universalk9-mz.122-44.SE6.bin
I am seeing on my 3750E series switches (WS-C3750E-48TD). I have multiple VLANs configured on here, one which is used as a 'workstation' VLAN. I have an inbound ACL applied to the VLAN interface *(int vlan 50 to be exact). This list is admittedly long at roughly 6000 ACE's. Now I just recently installed these switches as they replaced some 4507R switches which we moved to our new centralized DC. Here is the issue I am having. This same ACL was applied to the same VLAN interface on the 4507s when they were doing the work of the 3750s. What I used to be able to do was actually edit the ACL by removing it with no ip access-list extended WS-In and then followed up by the ip access-list extended WS-In ......and the lines I wanted in the ACL. I know I could use the line numbers to edit the ACL but this worked OK for me. When I would do this on the 4507R, the ACL was still applied to the interface but traffic never seemed affected by the removal and re-adding of the ACL. I did this by copying and pasting the ACL into a terminal window. It seemed as though on the 4507 the ACL was not compiled until the entire thing was in loaded in and therefore traffic was not processed by the ACL until the load was done
View 3 Replies View RelatedI have a 3750E stackable swtch and I need to configure neflow on it. Are there any IOS versions that support netflow on the 3750E? Is there any possible to configure netflow on a 3750E? I do not see any netflow commands available on the switch?
View 2 Replies View Relatedwhat is difference between Cisco catalyst 3750e 48 and SF300-48p.
View 3 Replies View Relatedcan I make the stacking of these two switches WS-C3750E-48PD-SF and WS-C3750X-48PF-L. Both have universal IOS.
View 11 Replies View RelatedI have 3750E swiches with IOS v. 12.2(55)SE3. Couple servers connect to ths switch, after ping of IP this servers I can see mac addresses in mac address table.
For instance:
sw1#show mac address-table vlan 20
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports(code)
---- ----------- -------- -----
When ip generate traffic to this server this mac address appear in table again on shot time (less than 10 seconds).
I had a lot of problems with TCAM table in the past and made changes in SDM ended whit that. But now want to be proactive and anticipate the problems in my TCAM table.
If the my template is "default desktop" they support a number of indirect IPv4 routes of 2k. I wanna know automatically by my management tools if this number reaches 1.9k.
That way I can take corrective actions before the problems starts on my network.
I have a RVS4000 connected to my cable modem which I use as my gateway, the IP address of the RVS is 192.168.3.254
I have a 2811 with 3 subinterfaces of which I can ping all of them from my PC which at the minute is in VLAN 1, the only network that can connect to the outside world is VLAN 1, how can I enable the other 2 vlans to connect to the internet?
My set-up details are
Router
interface FastEthernet0/0.1
description *** Data Network***
encapsulation dot1Q 1 native
[Code]....
After I added the 3rd 3750E to my stack on Sunday I can no longer save my configs with 'copy run start' or 'write mem':
#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
nv_done: unable to open "flash:/config.text.new"
nv_done: unable to open "flash:/private-config.text.new"
nv_done: unable to open "flash:/multiple-fs.new"[OK]
[code]....
my flash seems to have plenty of space:
57409536 bytes total (24203776 bytes free)
I want to know what is the best way to black traffic inside the same VLAN, this VLAN is a user VLAN, it means that I am talking about access layer.I wanted to use private vlan, but C2960S doesn't support this feature. Any other way to prevent any to any traffic in the user vlan, this vlan only have to speak at the Layer 3.
View 2 Replies View RelatedHow do I limit broadcast/mulitcast traffic on a switchport to e.g. 5000 pps ? I don't want the port to shut down, just block or drop broadcast traffic that exceeds 5000 pps.
View 19 Replies View RelatedSo I took a laptop with wireshark and plugged it into a nexus 5000 port that is configured as a trunk with 3 vlans allowed on it. The laptop was seeing all kinds of traffic on the wire, most of it was not involving my laptop.
For example: Server A VLAN 10= 10.10.10.1 Server B VLAN 20= 10.20.20.1 and wireshark laptop is plugged into a trunk port which is allowing those vlan's. The vlan's are routable.
10.10.10.3 is seeing the entire conversation when 10.10.10.1 backs up 10.20.20.1 even though it has no reason to see it. It is as if the trunk is spanning traffic to the laptop port. No span is setup however. It's really weird. This is not just broadcast traffic, but actual tcp taffic between Server A and B. Why would a trunk port see traffic between 2 other servers talking to each other on the vlan.
Trunk port configuration below:
Interface Ethernet 141/1/3
switchport mode trunk
switchport trunk allowed vlan 10, 20
We have Cisco 3524XL switch, Motorola AXS1800 chassis. I am configuring this cisco switch so I can connect AXS1800 traffic thru cisco 3524XL, on switch port gigabit 0/1, I am using cisco Part no. WS-G5486 (1000Base-LX) connector to connect to AXS1800, both port are member of vlan 200 allowed, and configured dhcp-server 192.168.0.1, but still I can't ping any host or host can't get DHCP server.
View 2 Replies View RelatedWe have Cisco 3524XL switch, Motorola AXS1800 chassis. I am configuring this Cisco switch so I can connect AXS1800 traffic thru Cisco 3524XL, on switch port gigabit 0/1, I am using Cisco Part no. WS-G5486 (1000Base-LX) connector to connect to AXS1800, both port are member of v lan 200 allowed, and configured dhcp-server 192.168.0.1, but still I can't ping any host or host can't get DHCP server. I have attached my config file for your review.
View 25 Replies View RelatedI am attempting to block all FTP traffic on port 21 from the servers in my network, and only allow FTP from one server to go out.
I have created the following ACL
access-list 101 Permit ip any any
access-list 101 Permit 21 1.1.1.1 0.0.0.0 any
access-list 101 Deny 21 any any
and have applied it to my truck VPN that goes up to my firewall
int Vlanxxx
ip access-group 101 out
But when i test ftp is still allowed by all servers.
I am not able to find the exact bug for Cisco 3750E stack - Debug Exception (Could be NULL pointer dereference) Exception (0x2000) error. Closest i can find is CSCsa72400 which only affects ver 12.2(20)SE4.All the stacks (3 switches) are running 12.2(50)SE3, It appears that the switch 1 crashed and reloaded. My hunch is its software but i cant find any related bugs. It could be hardware issue as well ?
View 4 Replies View RelatedWhat is meaning backup on HSRP statas?There are 5 vlans.The other four vlans aren't backup status.Only one of five vlans display messeages. When I reload Catalyst3750E-1,debug log. [code]
View 6 Replies View Related
