Cisco Switching/Routing :: 6509 / Provide Internet Redundancy To Local LAN User Running In HSRP?
May 7, 2013
One of our customer , where there 2 6509 switch , one is Core_sw1 and other is Core_sw2 , catering about 32 Vlan , and HSRP in running for all Vlans , till here no problem , now there internet Router which having one Internet link , which connected and configured on Core_sw1 in a way that one interface of Core_sw1 is given Public IP and there is vlan 85 which internet vlan and vlan 85 ip are natted with that public IP with one simple static route given toward internet router , this is how internet is working ok.
Now i have configured vlan 85 in hsrp as all other are , how can give redundancy to vlan 85 user , that if Core_sw1 get down , internet traffic can get out through Core_sw2.using same internet router with single internet link .i am not talking of ISP redundancy , but Vlan 85 in Core_sw1 goes down , other Core_sw2 will server internet.
View 1 Replies
ADVERTISEMENT
Nov 14, 2011
Is there away to disable the mulicasting of eigrp and hsrp to the end user ports on a 6509?
View 2 Replies
View Related
Jan 21, 2013
As per the attached diagram: How do I configure the 2 ports on the 3560 (Ports 6 & 7) and the connected ports on each of the 2960 switches (Port 25) to provide redundancy.
If the up link from Switch A dies then I need the traffic to flow through the trunk and utilize the up link on Switch B with minimal delay (milliseconds).
View 9 Replies
View Related
Aug 14, 2012
I am facing a problem in implementing HSRP. My scenario is like this, I have two 3750 switches and I have a server with two NICs. I want to run HSRP in these two switches. By the way the server is connected directly with the switches. I mean each NIC to each switch.we have teamed the two NIC (Active / Standby).what configuration need to done in switches to work HSRP.
View 4 Replies
View Related
Jan 5, 2012
My actual Scenario
1 x 4500 and 1 x 3560?They are gateways of 8 Vlans?They are doing HSRP in each of those Vlans?The 4500 is the Active?There is a DHCP Pool for each of those Vlans on both gateways using "ip dhcp excluded-address" I ensured that the range of provided ips by each DHCP server will not be overlapped Obs.: Reducing the lease time, I ended with the calls bringing related problems.
OK, every thing is blue, every thing is fine.But the network diagram is realy complex(41 switchs, 89 uplinks), and depending of how is the network flow, one or other server answer first or latter.
For many reasons I would like that the secondary DHCP server would answer only if the primary DHCP server goes down.To me, the bigger reason is that DHCP database would be only in one DHCP server.But there is other reasons.
I passed by many frustrated solutions:Try to force a delay on the answer on one of the servers. - Impossible.Try to disable DHCP server, and, using EEM, enable it only if router became active in HSRP. - I couldn't do It.
What I'm thinking now is use the HSRP resource to resolve it.On both routers I would put a "ip helper-address" pointing to an Virtual_HSRP_IP.And depending on which router is the active, him will answer the request.
My first doubt is:Would it work?The second doubt is:Could I use the same Virtual_HSRP_IP that exists on that Vlan(see example 1),or I would need to point it to a Virtual_HSRP_IP in a different Vlan(see example 2)?
Example 1
-----------------------------------
| 4500 |
-----------------------------------
interface Vlan1
ip address 10.10.0.2 255.255.0.0
ip helper-address 10.10.0.1
standby 1 ip 10.10.0.1
[code]....
View 3 Replies
View Related
Jul 29, 2012
If I setup 4948E's in HSRP configuration. And I connect devices to the Standby Unit that do not require redundancy. Will there be any issues passing traffic? I don't believe that standby unit blocks the traffic but wanted to confirm.
View 5 Replies
View Related
Oct 9, 2012
I have a 3750 stack and want to confirm if I can run HSRP on the stack to two different ASR routers for redundancy purposes ?
It looks like the below :-
--------------------------------
| SW1 SW2 |
| 3750 Stack |
|------------------------------- |
| |
| |
----------- ------------
| P | | S |
| ASR1 | | ASR2 |
| ______| |_______|
View 2 Replies
View Related
Sep 9, 2012
I have a 6509 switch with SSO Redundancy (STANDBY HOT) with IOS ver 12.2(17d)SXB11, RELEASE SOFTWARE (fc1) (c6k222-jk9sv-mz.122-17d.SXB11.bin). I need to upgrade the IOS on this switch.I have 512MB Memory on the switch and 40144896 bytes free on Disk0.which IOS is the latest version to upgrade and also give me some hints for IOS upgrade on this switch?
View 7 Replies
View Related
Jan 8, 2012
I want to setup HSRP between three 6509 switches with a single virtual ip for all the three switches.
know if its possible and share any site or config.
View 1 Replies
View Related
Feb 26, 2012
I am at a client that I upgrade from running a single 4507 to two Nexus 5548UP switches with two Nexus 2224 fex's connected. The other access layer switches are 2960S switches. I implemented hsrp on the nexus 5k's for redudancy. The issue they are having is that some networks cannot communicate with each other. All user vlans can communicate with the server vlan, but it is not running hsrp on the vlan interface (there is a reason for that, but it not relavent for this issue). The phone vlan, which is running hsrp, can communicate with all networks.
When I am connected to either 5k, they can communicate with all devices on all networks. However, I am on vlan 10, which is a user vlan. I can communicate fine with the server vlan (vlan 101 - not running hsrp) and the phone vlan (vlan 60 - running hsrp). I cannot communicate with vlan 30 or 40, which are both running hsrp. This makes absolutely no sense at all to me. I checked out trunk ports to be sure that vlans are allowed across the networks as well. There are no firewalls between the vlans or ACL's.
View 1 Replies
View Related
Jan 11, 2012
we've had an issue with our network, we have 2 6509 connected with redundancy, which are connected with 2 x 4900 Switches, from which are connected to a ESX Chassis for visualization, the thing is that the ESX stopped working, and the 4900 switches, and the main core were suffering from overload, they hang on it very well, in order to stop the overload, one of the links to the ESX Chassis were disconnected from one of the 4900 switches. The CPU usage from the 4900 and the core(6509) went down below 40%, and then they started to migrate the virtual servers from the chassis to another 2 chassis that were added right after. They were actually working well, but suddenly the 6509 changed to the other supervisor after everything was OK. We were wondering what could have been the cause of this, maybe the virtual servers migrations, maybe the overload from the ESX ? We also had a few question, is there any need to reload the cores every few months as a planned task ? Because the cores have been up for more than 1 year. And also is there any kind of of tool to monitor the CPU status, or the status overall from the cores or the switches ?
View 3 Replies
View Related
Mar 13, 2012
I have to migrate two Cat6K series switches in a Data center to the new Cisco 6509 Series switches with no downtime. i know there are few threads on the same topic but none of them discuss about the downtime.The two Old Cat6K series switches are working in HSRP redundant mode. All access/Dist switches are dual homed to these two switches in downlink direction. In the uplink direction a router is dual homed to both Switches. Now my requirement is to completely migrate the configuration from the old switches to the new one in VSS mode without any downtime. Already VTP server is running on of the old switches so VLAN migration is not an issue. I will update the network diagram in few hours .As per now i am going to follow these steps:
1. Remove active links from switch 1 and shut it down
2. Monitor network and traffic impact on switch 2
3. Install the new 6509 switch along with switch 2 (VSS config already done in Staging)
4. Config HSRP and make it standby
5. Connect all removed links back to new switch
6. Remove old switch 2 and monitor network
7. Connect new switch with VSS config
8. Connect the two new switches together in VSS and move virtual IP to SVI.
During last step i think i will face some minor packet drops.
View 2 Replies
View Related
Jun 11, 2013
I have my hsp setup where switch A and switch B share active/standby roles among several vlans. In the last few weeks, i have seen trouble tickets where connectivity is lost and upon investigation i discover that i can ping physical interface IP addresses for both standby and active devices but not the standby IP. I have also validated configurations and layer 2 paths and they haven't been broken.
What I end up doing is failover to the standby device and back and the problem clears, reachability is restored. My question is whether I am solving this the right way. If so, what is it that would cause the standby IP to not be reachable and how does my solution fix that? N/B the switches are catalyst 6509's.
View 2 Replies
View Related
Apr 28, 2011
I am trying to configure an ASA 5505 running 8.3 to allow a priv 15 local user to be able to ssh into the device and be placed into priv 15 mode without having to execute the enable command and type the enable password.Right now when you log in as a priv 15 user you still have to execute the enable command and type the enable password to get to priv 15.
View 3 Replies
View Related
Feb 15, 2011
I've upgraded a 6509 switches wich are running in VSS, from IOS 12.2 (33)SHI1 to 12.2 (33)SHI5. After that I'm facing the folowing log messages periodically. [code] I know that this is a diagnostic result from TestUnusedPortLoopback feature. But this interface is disabled (shutdown).
View 5 Replies
View Related
Apr 2, 2013
I am trying to convince our Technical Lead that dual VSL links between our 6509-E chassis is a VERY good idea but he is fully convinced that the setup will work perfectly fine with only one VSL link. As I do agree that we can do this, I am looking for more concrete evidence that shows this would be a bad setup.
I know that we will lose the High Availably that comes with VSS, what I don't know is what will happen to all of the downstream switches that are connected and what will happen to the two 6509-E chassis..
View 5 Replies
View Related
Feb 21, 2012
in my 6509 switch while i checked is showing some thing like this RDCCI65F0#sh environment
environmental alarms:
no alarms
backplane:
operating clock count: 2
[Code].....
View 2 Replies
View Related
Oct 21, 2012
How I can shutdown a module when I am running vsl.I can use the following command #hw-module module 2 shutdown.As I have modules in both switch 1 and switch 2 how can I ensure I only shut down module 2 in switch 1.
View 1 Replies
View Related
Feb 6, 2013
I've been trying to set up my new Cisco 1921 Router to provide internet access to my local network but with no success. I've been reading guides and looking at videos and I have to be missing something becaouse I can't access internet (ping/tracert) from my local network.
The DHCP server works fine and the clients on my local network gets ip-adresses from the router but can't ping or tracert outside the local network.
[code]....
View 2 Replies
View Related
Jan 14, 2013
I'm working at a company that has several 6509 switches running CatOS. They have two of the 6509's running in vtp server mode and the rest as clients. I set up a new vlan from one of the vtp servers and it propagated out. The problem comes when I try to assign a port on one of the vtp clients to this new vlan. It gives me an error that the switch must be in vtp server mode to add/delete vlans. I'm not trying to add/or delete a vlan just trying to add a port into an existing vlan. I'm hesitant to put the switch in vtp server mode. Is this a CatOS thing or is there a specific command to accomplish this?
View 5 Replies
View Related
Sep 8, 2012
I want to give limited access to our first level support so that they can execute certain basic commands like, port vlan change, access port shut/no-shut on Cisco 6509 and 3750E switches IOS based. I want to restrict them to only few options so they can not make changes to uplink (TenGig) ports and can not issue reload command etc. We do not have TACACS. What is the best way to achieve this?
View 2 Replies
View Related
Sep 17, 2012
I have a Cisco 6509 with IOS "s222-ipservicesk9_wan-mz.122-18.SXF16.bin"I need to enable dot1x on user's ports on the switch. each user is connected to the switch through the IP phone.
I just found out that I can not enabled dot1x on trunk port. I have tried to use "switchport voice vlan " but I got:
Switch(config-if)#switchport voice vlan 123
Command rejected: Gi7/20 is Dot1x enabled port.
let me know what should I do to get dot1x working?
Note: I have connected a laptop directly to the port and dot1x is working fine.
View 5 Replies
View Related
Apr 24, 2012
i have a 6509 connected via layer 2 (VLAN1) to a 3750 (e.g. VLAN1 10.1.1.1)then to the HQ via Metroethernet(L3). Is it possible to connect the 6509 to an ASA that already has VPN connectivity to the HQ using HSRP? Also need to mention, the VPN connection is supposed to be the redundant connection if Metroethernet link fails.
View 3 Replies
View Related
Mar 6, 2011
How to configure HSRP with Statefull NAT using the application redundancy of the IOS XE? I want to have static NAT using the HSRP groups for clients and SNAT. (I want to achieve this as in normal IOS -[URL] High Availability NAT with HSRP)The configuration that I have on the 1st ASR. The configuration is similar on the second ASR
redundancy
mode none
application redundancy
group 1
name NAT-HSRPIN
[code]...
IP nat inside source static 10.10.10.20 "real ip address" redundancy 1 mapping-id 1 extendable.
View 1 Replies
View Related
Nov 16, 2011
I have router connected to 2 3550 switches directly. 3550A and B switches are running HSRP. OSPF is running between Router and 2 switches.
From Switch B i can ping the Router Wan interface but not the internet sites. from Switch A i can ping any sites?
Switch B
3550SMIB# sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1
[Code]......
View 7 Replies
View Related
Jan 14, 2012
i have a strange issue with an HSRP Setup. I have two (S1+S2) 3560 as Core/Distribution Layer. Inter-vlan routing are enabled on both Switches. S1 and S2 are connected with an ether channel over four fibre ports. S3 -S5 are the (L2) access layer.
Gi0/1 on S1 and S2 are L3 ports, connect to a Linux Firewall.
HSRP is enabled, S1 is the active router and the STP root bridge.
But, my monitoring via cacti show me, that the Gi0/1 on S2 is active, too! But it should not be active? Only if S1 fails, should S2 the active switch.A client from the access ports on S3 - 5 gets traffic from the Internet via Gi0/1 from S2. Gi0/1 on S1 is active too, but will send mostly traffic to the Internet. Why is S2 active and why route it traffic from the Internet to the client?
View 15 Replies
View Related
Jun 15, 2011
I have a ace board(Acsm) in my switch 6509.I need provide access for clients over https, my scenario looks like this post [URL] .But, i have only one interface, and need to configure nat for inbound clients, to access the server with ip address of the interface vlan of my ace(if i set ace gateway in a rserver, the ssl termination works). The Topology is: Client(https) -> Ace(Https) -> Ace(http) -> rserver (http). Need to configuring this nat? I need that external clients arrive at the server with the ip of the same network as him, he did not right back the packet to the default gateway, but the origin of the same network as him, so that the communication function successfully, end order.
View 1 Replies
View Related
Apr 20, 2013
I have got two links from the same ISP, primary and secondary and connected to two different switch. The ISP have passed the trunk vlan of 30, 31 and 32 on both of the links. The ISP can't provide stp. I have got another managed 2960 series switch. How can I obtain failover on switch level.
View 2 Replies
View Related
Oct 19, 2012
I am setting up 1811w router for accessing internet. DHCP is configured on it but it is not providing IP to laptop connected on port fa6.
Here is config of router
dot11 ssid internet
vlan 98
authentication open
[Code].....
View 22 Replies
View Related
Oct 10, 2011
I want to create a local user in my Cisco ASA 5520 to allow the user to use the ASDM in Read-Only mode. I want the user to view the Dashboard only.
View 1 Replies
View Related
Mar 9, 2012
I have upgraded my C3560-PS-S switch to the latest IOS version 12(2)55-SE4 and it is not providing PoE anymore? It used to work before this upgrade? I searched Cisco bugtrack and there is bug defined for this IOS/Switch.
Switch(config-if)#do show power inline Available:370.0(w) Used:0.0(w) Remaining:370.0(w)
Interface Admin Oper Power Device Class Max
(Watts)
--------- ------ ---------- ------- ------------------- ----- ----
Fa0/1 auto off 0.0 n/a n/a 15.4
Fa0/2 auto off 0.0 n/a n/a 15.4
Fa0/3 auto off 0.0 n/a n/a 15.4
Fa0/4 auto off 0.0 n/a n/a 15.4
Fa0/5 auto off 0.0 n/a n/a 15.4
Fa0/6 auto off 0.0 n/a n/a 15.4
Fa0/7 auto off 0.0 n/a n/a 15.4
Fa0/8 auto off 0.0 n/a n/a 15.4
Fa0/9 auto off 0.0 n/a n/a 15.4
Fa0/10 auto off 0.0 n/a n/a 15.4
Fa0/11 auto off 0.0 n/a n/a 15.4
Fa0/12 auto off 0.0 n/a n/a 15.4
Fa0/13 auto off 0.0 n/a n/a 15.4
Fa0/14 auto off 0.0 n/a n/a 15.4
Fa0/15 auto off 0.0 n/a n/a 15.4
Fa0/16 auto off 0.0 n/a n/a 15.4
Fa0/17 auto off 0.0 n/a n/a 15.4
Fa0/18 auto off 0.0 n/a n/a 15.4
Fa0/19 auto off 0.0 n/a n/a 15.4
Fa0/20 auto off 0.0 n/a n/a 15.4
Fa0/21 auto off 0.0 n/a n/a 15.4
Fa0/22 auto off 0.0 n/a n/a 15.4
Fa0/23 auto off 0.0 n/a n/a 15.4
Fa0/24 auto off 0.0 n/a n/a 15.4
View 3 Replies
View Related
May 1, 2012
I have 2x WLC 5508 running version 7.2. 1st one is setup and running. My questions is: If I want to setup Active-Passive redundancy, do I need to manually setup the 2nd one exactly as the 1st one and put them in the same group? Or is it a way to copy all of the configs I made on the 1st one over to the 2nd one?
View 4 Replies
View Related
Dec 11, 2012
a new LAN installation, two VSS pair 6509 core, 15 closets, with 3750 stacks. Floor 15 only, devices/hosts can ping teh DHCP server but cannot aquire IP addresses. no such problem on other floors?
portfast an dother parameters are intact.
View 2 Replies
View Related
