I had a sw/reset on my 6509 switch. The info in the crashinfo file pointed me to bug CSCso89550.
The workaround for this issue is to disable the gold diagnostics tool.
We just replaced our Cisco 1240 AP in one of our shops with a Cisco 1141 AP. This is not controller based.
We use several wireless (infrastructure mode) auto diagnostic tools which connect to the AP. We also have many laptops which run the diagnostic software.
We had no problems with our 1240AP. With our 1141, we cannot connect to the wireless tools if both the laptop and the tools are connected to the 1141. If I connect one to the 1240 and one to the 1141, they can see each other and work fine. IF they are both connected to the 1141, they show up as connected in the AP, they can ping each other, but the software does not communicate.
[URL]
I have seen links out there for a conversion tool to convert commands on a Catalyst type switch (6509) to newer IOS type switches(4500-e) switches but they all error out on me on a 404. Any link where I can get this conversion tool?
View 1 Replies View RelatedWe have a problem with CDP packets on sent by our Cisco 6509's. Unlike our other Cisco switches (4948G, 5020, etc.), the 6509 tags administrative traffic on the native vlan. As a result the CDP packets are sent with an 802.1Q header with a tag of 1. The other switches send the CDP packets untagged on the native vlan. This causes problems because we have non-Cisco devices in our lab that also receive and send CDP, but they do not process the packets that are tagged by the 6509. They see the packets from the 4948 and 5020 just fine.
How can I disable the administrative native vlan tagging on the 6509? Here is the current setup:
nwkdev-6509-1#show vlan dot1q tag native
dot1q native vlan tagging is disabled globally
nwkdev-6509-1#show interfaces gigabitEthernet 1/9/1 switchport
[Code].....
On my 6509-E, all the modules show this:
Region F1: INVALID
Region F2: INVALID
Currently running ROMMON from S (Gold) region
Is this alright? Is the Gold region like a default region where ROMMON is always installed. And are F1 and F2 just storage partitions that are available to hold backup copies of the ROMMON? From what I read, it sounds like I can copy ROMMON images to F1 and F2, either the same version as the Gold region or different versions. Is that correct? Why would I want to copy different ROMMON versions to F1 and F2?
If I have two stackable switches were only one stackable switch has two uplinks one uplink goes to one core 6509 switch and the other uplink goes to the other 6509 core switch can a Layer 3 etherchannel be used if each uplink go to a different core switch, by the way hsrp is running between both switches and also can you give an example how data will be routed from the stackable switch through the ethernetchannel to one of the core switch accross the WAN to another core switch?
View 1 Replies View RelatedI've upgraded a 6509 switches wich are running in VSS, from IOS 12.2 (33)SHI1 to 12.2 (33)SHI5. After that I'm facing the folowing log messages periodically. [code] I know that this is a diagnostic result from TestUnusedPortLoopback feature. But this interface is disabled (shutdown).
View 5 Replies View RelatedI want to setup HSRP between three 6509 switches with a single virtual ip for all the three switches.
know if its possible and share any site or config.
I have 2 6509 switches configured with VSS.As per advised my managment I have to enable SSH but it is not available existing IOS which is "s72033-ipbase-z.122-33.SXI3.bin". SSH available in "s72033-ipbasek9-mz.122-33.SXI10".
upgrade the IOS with VSS configured switches.
we are using cisco 6509 series switches as core switches. and Cisco 4510,4507 series switches as edge switches. all the vlans are created at core switches and propogating to edge switches through VTP. we are using OSPF as routing protocol at core switch for internal routing. till now we are using 4510,4507 switches as layer 2 switches. Since, 4510 & 4507 switches are hign end swithces i want use them as layer 3 switches instead of layer 2.if i change these switches from layer 2 to layer 3 does it make any impact on our network or better to keep them as layer 2 switches.if i change these switches to layer 3 is there any advantage i will have.
View 3 Replies View RelatedOn our backbone (Cisco 6509) we have the following config.
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-200 priority 24576
1. is rapid-pvst the best spanning tree protocol to use? on some switches we have pvst (not rapid)
2. do all switches in the LAN need to use the same protocol?
3. does line 3 :priority 24576 mean that someone set tis switch as root manually? how can one further enforce the backbone as root (so noone adds a old switch with lower root id)
In the next couple weekends I'm planning to add 2 CISCO UCS 6248UP Interconnects to 6509 Core Switches via 10G links.
Is there any impact anticipated? It's a production environment and no loss of up-time is acceptable.
I am trying to understand what load balancing method is used on a port channel on a Nexus switch . I have a server connected by a VPC to two Nexus switches. The nexus switches are only acting as layer 2 switches. I have a 6509 connected via a upstream link that does all of the routing for my VLANS. If have a server connected to the Nexus switches and it talks to a server on my 6509 what load balancing happens on the Nexus going across VPC 27 which is a layer 2 trunk going up to my 6509. Is it done on layer 2 or layer 3 flows?
My Nexus shows the default load balancing configurations
Port Channel Load-Balancing Configuration:System: source-dest-ip
Port Channel Load-Balancing Addresses Used Per-Protocol:Non-IP: source-dest-macIP: source-dest-ip source-dest-mac
Is it possible to use two different load balancing methods at each end of a port-channel between two switches?
We have a Cisco 6509 at one end of the port-channel and a Cisco blade switch 3020 at the other end. Right now, we are using "src-dst-ip" at both end of the port-channel. We would like to change this. That is, we would like the #3020 switch to use "src-dst-ip" while the 6509 switch should use the "src-dst-port".
Why we want to do this, the reason is that we have FWSMs on the 6509. I've read that by configuring "src-dst-port" on the 6509, one can get a better performance of traffic going through the FWSM. However, the issue is that the 3020 switch does not support "src-dst-port".
The following error was seen on the switch and the Diagnostic Test Loop back failed following a new WS-6748-SFP module installation.Fabric in slot 5 detected excessive flow-control on channel 3 (Module 4, fabric connection 1)
Tried Hard reset of the module and still the error persist.
I installed WS-C4506-E 3 day ago. I discovered someting different module status Right at the end of the module ( WS-X4648-RJ45-E ) show red led. this is not port led i try to reset module several time. but it's same status. but this is operating now nomally I upload picture.. and this is module status and diagnostic result
Error code ------------------> 3 (DIAG_SKIPPED)
This Case is DOA(Dead of arrival ?
C4506#sh modChassis Type : WS-C4506-E
Power consumed by backplane : 0 Watts
Mod Ports Card Type Model Serial No.---+-----+--------------------------------------+------------------+-----------1 6 Sup 7L-E 10GE (SFP+), 1000BaseX (SFP) WS-X45-SUP7L-E ABCDE1234562 24 1000BaseX (SFP) WS-X4624-SFP-E ABCDE123456 6 48 10/100/1000BaseT (RJ45) WS-X4648-RJ45-E ABCDE123456
M MAC addresses Hw Fw Sw Status--+--------------------------------+---+------------+----------------+---------1 b0fa.ebe5.16c0 to b0fa.ebe5.16c5 1.1 15.0(1r)SG3 03.03.00.SG Ok 2 b0fa.ebc6.5b70 to b0fa.ebc6.5b87 1.2 Ok 6 10f3.1197.1490 to 10f3.1197.14bf 2.1 Ok
[code]....
We are currently designing Layer 3 to the edge EIGRP solution for our customers. The network is a hybrid of collapsed core (Core to access) as well as a three layer design (Core/Distro/Access) for connectivity to the Data Centre, Internet, Wireless Blocks etc.The core of the network contains two 6509-E switches interconnected on a Layer 3 Port channel (no VSS). Access Layer switches (3750-X series running Stackwiseplus protocol) connect to the core switches over p2p routed links and Distribution layer switches (3750X stackwiseplus) provide connectivity to the Data centre, Internet, wireless blocks etc.
The access and distribution switch stacks(Cisco 3750-X) are set up with two or three member switches with uplinks multihomed to the primary and secondary core switch with each uplink included in EIGRP. In each of the stacks, one of the switches controls the operation of the stack, which will be the stack master.As the Cisco Stackwise architecture is not SSO-capable but NSF aware, all Layer 3 fuctions must be re-established during a master switch outage. To minimize control plane impact and improve Layer3 convergence, uplinks should be diverse and originate from the member switches instead of the Master switches in the respective stack. This is as per Cisco recommended design solution.The above solution can be setup if there are more than two switches in the stack. i.e. uplinks are configured on the backup member switch modules.
1.But what about stack with two switches..Which switch should be set up as the Master for a two member stack with uplinks to the core primary and secondary from each switch(Master and Backup)
2. For Layer 3 routing, does the routing takes precedene over switch failures? Say for eg. In a two member stack, the master switch with uplink to primary fails, does EIGRP provide a fast convergence to route traffic via backup secondary and does not wait for the control plane on the switch stack to converge? All the access to core links will be set up for ECMP.
connecting a 5548 pair to our core 6509s. Just want to be sure we don't introduce any issues into the network.The 6509's are connected and perform all the routing. Essentially, we're moving away from a 3750 stack in the data center and the 5548s are the replacement. We'd want to limit the vlans to the specific server network vlans. Our current setup is a port channel between the 3750 and each of the 2 6509s for redundancy. I'd like to use the same functionality when we connect the 5548's but I'm looking for what the config should look like to ensure no spanning tree loops are introduced and that it is configured optimally.
View 1 Replies View RelatedHow i can view the capacity throughput (backplane) of core switches (6509)? How i know much is in use?
View 2 Replies View RelatedThe 6509 Series Switches support the scenario VSS Active-Active Chassis, I would like to setup both switch's as one virtual switch but working at the same time, not with Active - Stand By Chassis.
My plans it to create PortChannel accross both Switches 6509 in order to have 2 links one connected to one slot/switch and the other connected to slot/switch in the second 6509 for servers redundancy.
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
Disable wrr-queue cos-map on 6509 interface?.I have the following config on one of the interfaces that i would like to remove:
[code]...
I have port on cisco 3560 goes to error-disable,what is the cause of this issue,pls be noted this interface has BPDU Guard enable
View 3 Replies View Related#sh run | inc user
!
username USER0 secret 5 $1$passwordusername USER1 privilege 15 secret 5 $1$passwordusername USER2 privilege 15 secret 5 $1$password
!
#sh run | inc aaa
!
aaa new-modelaaa authentication login local_authen localaaa authentication login radius_authen group radius localaaa authorization consoleaaa authorization exec local_author localaaa authorization exec radius_author group radius localaaa session-id common
!
#sh run | begin line vty
!
line vty 0 4access-class 3 inexec-timeout 15 0authorization exec radius_authorlogging synchronouslogin authentication radius_authentransport input sshline vty 5 15!sh verCisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE6, RELEASE SOFTWARE (fc1)
the intent of the above is that management connections will only be accepted via SSH, and all of those will be authenticated via RADIUS, unless it's down, then it will use the local username/pw combinations, most of which are given Privledge level 15. Telnet should never work.SSH works as expected (authenticates via RADIUS), but the problem is that Telnet also works, will ONLY use the local database (never RADIUS), and, for some reason, leaves the users at Privledge level 1, instead of the configured 15.Essentially, it seems that at every point I have told it to do something that isn't the default with regards to telnet, it ignores me.Prior to a recent IOS upgrade, the switch didn't support SSH, so the previous config was Telnet with RADIUS, and that worked fine.
I have several SF300 switches deployed (SF300-08, SF300-24P). They are connected to IP Telephones (NEC) which communicate with the switch for auto voice VLAN on LLDP. The problem I am experiencing is that periodically the IP telephones are rebooted by the telephone vendor and when they do the switch puts that port into "Locked" port security mode and discards all traffic to the port. The IP telephones of course do not work. In other switch models, I have seen the ability to enable / disable port security switch wide or on a port by port basis. This model does not appear to have this feature. How to disable or why the phones would cause the switch ports to "lock"? There is usually one PC attached to each phone.
View 1 Replies View RelatedCan you confirm that if I want to disable temporarily a dhcp pool on a 4500, I need just to shutdown the interface VLAN corresponding to a specific dhcp pool?
ip dhcp pool test
network 10.X.27.0 255.255.255.0
default-router 10.15.27.250
[Code].....
I have a Cisco 4500 as my core switch and there are two sup eng in this core. However, I noticed that the redundant sup is in diable mode rather than Hot Standby.
I have tired to enable the module but I am not able to do that.
The sup of my core is: WS-X45-SUP6L-E
Disable ports looping Users connect the network cable at two points in the network generating looping. which command to disable two ports of a Cisco 2960 when they are connected at the same time with the same network cable?
View 2 Replies View RelatedI have configured ssh on a 2960 to use public key authentication. Now that I can securely log into ssh without a password Is it possible to disable password authentication so that it is impossible to login without the key?
View 2 Replies View RelatedI have upgraded a couple of 2960G switches to 12.2.52SE and now discovered that TCP port 4786 is open on the switches.
I have looked in the document{URL}, trying to find a way to disable this function/port, but didn't find anything useful. Any way to disable this function/port?
I am trying to Disable Telnet and enable SSH in CatOS for 6500 .
View 12 Replies View Relatedwe've had an issue with our network, we have 2 6509 connected with redundancy, which are connected with 2 x 4900 Switches, from which are connected to a ESX Chassis for visualization, the thing is that the ESX stopped working, and the 4900 switches, and the main core were suffering from overload, they hang on it very well, in order to stop the overload, one of the links to the ESX Chassis were disconnected from one of the 4900 switches. The CPU usage from the 4900 and the core(6509) went down below 40%, and then they started to migrate the virtual servers from the chassis to another 2 chassis that were added right after. They were actually working well, but suddenly the 6509 changed to the other supervisor after everything was OK. We were wondering what could have been the cause of this, maybe the virtual servers migrations, maybe the overload from the ESX ? We also had a few question, is there any need to reload the cores every few months as a planned task ? Because the cores have been up for more than 1 year. And also is there any kind of of tool to monitor the CPU status, or the status overall from the cores or the switches ?
View 3 Replies View Related
