Cisco Switching/Routing :: 6509 Static MAC Address Entry And MS NLB / IPv6
May 23, 2012
I have seen other discussions regarding Static MAC address entries on IPv4, but what of IPv6?We have MS NLB solutions and they are working fine. We have Cisco 6509/6504, Version 12.2(33)SXI5
But then we have a new one for a new ActiveDirectory solution, and on those networks we have implemented IPv6.
How is Static MAC address entries and MS NLB solved in IPv6 (i.e arp ip.ip.ip.ip mac.mac.mac ARPA gi1/1). I can't seem to find much examples or documentation on this? Is it replaced with another function?The reason I ask is twofold.
1. I really want to know
2. The NLB cluster seem to drop IPv6 traffic at even intervals, witch seems to correspond with NLB transition.
We have a pair of 6509's with duplicate ACL lists & entries.
1 = Version 12.2(33)SXI4a 2 = Version 12.2(18)SXF15a
I wanted to remove some logging that was on an entry on one of our extended ACL's. On 1 this worked fine with the no 400
400 <acl rule without log>
However on 2 it lets me carry out the no 400 command but when i go to add the 400 <acl rule without log> i get the error % Duplicate sequence number.sure enough when i perform the 'Show access-lists <Name>' it is still there!
I have tried the following:
Adding a duplicate ACL entry before it (399) without log and i still get hits on line 400Adding and removing the duplicate created line 399 (without logging) with no issues.Adding and removing a dupliacte ACL (without Logging) after (line 401) with no issues
It looks like it is just this line it seems to think it has removed but hasn't?!
I understand an option is to duplicate the ACL in a text editor remove line, delete the ACL and put the edit back in .....however i wondered if this is something known (bug).
Everytime I start one of my two Windows machines, I need to go to the control panel network adapter and enter the static IP address in the IPV4 properties. It is always blank after a shutdown.I have two machines that are networked for flight simming.One of the machines must have a static IP so I configured both static. Not sure if this has anything to do with my problem.
I have a Swann Communication security camera system with their DVR8-4000 hooked to an IPv4 router, connected to the Internet using the new HughesNet Gen4 service. The Swann DVR wired to my router requires a static IP address. HughesNet Gen4 is implemented with IPv6 and I am told that it does not accommodate an IPv4 type static address.
I have discussed the issue with both company’s technical support. HughesNet Gen4 reps recognize the issue and may support static addressing in the future, but not now. Swann reps will not modify their implementation because of the relatively small Gen4 market. The Swann rep suggested that replacing my IPv4 router with an IPv6 router might resolve the “static IP address” issue.I am looking at several Linksys IPv6 routers including the EA4500 SMART WiFi Wireless Router N900, but know too little about IPv4, IPv6 and router/static addressing to proceed unassisted.
1) can I implement a static address with an Linksys IPv6 router cdonnected to Gen4?
2) Which Linksys routers offer IPv6 support?
3) How does one go about setting an IPv6 static address using HughesNet Gen4 on a Linksys router?
We have a 6509 series of core switches and 3750 series of L2 switches, There is no default gateway or any static routes to any IP.VLAN 1 is made admin down and another vlan is used for all communication here in this environment
Attached is configuration for reference But still I am able to take telnet or SSH. I want to know how telnet or SSH or tacacs authentication happens without any static or default route.
I have a 6509 running s72033_rp-ADVIPSERVICESK9_WAN-M version 12.2(33)SXH5. Four incorrect bgp aggregate-address statements were entered in which overlap. Attempted to remove the statements but they won't come out.
I have my hsp setup where switch A and switch B share active/standby roles among several vlans. In the last few weeks, i have seen trouble tickets where connectivity is lost and upon investigation i discover that i can ping physical interface IP addresses for both standby and active devices but not the standby IP. I have also validated configurations and layer 2 paths and they haven't been broken.
What I end up doing is failover to the standby device and back and the problem clears, reachability is restored. My question is whether I am solving this the right way. If so, what is it that would cause the standby IP to not be reachable and how does my solution fix that? N/B the switches are catalyst 6509's.
I am receiving this error after connecting a copper adapter on a GBIC blade in a 6509. Here are the results from the show Interface. I am waiting to confirm the device on the other side settings but as far as I see I get UP and Up for protocol and line respectively.
GigabitEthernet2/11 is up, line protocol is up (connected) Hardware is C6k 1000Mb 802.3, address is 0009.11e4.f3ce (bia 0009.11e4.f3ce) Description: RCPBSDEV MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set
how a static entry under a "sticky" performs Configuring Static IP Address Sticky Table Entries Cisco Documentation Says When you configure a static entry, the ACE enters it into the sticky table immediately. Configuring the ACE Action on Server Failure failaction purge # The purge keyword specifies that the ACE remove the connections to a real server if that real server in the server farm fails after you enter the command. The ACE sends a reset (RST) to both the client and the server that failed. Cisco Documentation Says If you do not configure this command, the ACE takes no action when a server fails
We have a site and on that site we have a server which is down form last two days. However , to manage these devices we are not using any tools. We are not able to find this server that where it is located and on which switch it is connected to.
I want to know that the timer for mac address is 5 minutes and arp timeout is 4 hours . Is there any way to find out the mac address of the server . I feel like this can we done with cef ? Is it true or not I am not sure. I am running 3750 stacks and 2811 routers. 3750 stacks are working as layer 3 devices. They are also running the pretty new IOS 12.2(53)SE.
According to my understanding now a days CEF entry does not expire if we are not using them. They remain in cache as we are running with destination base CEF.
Does PBR with deny ACL entries on a 3750 are still punted to the CPU? I found this article: URL
High CPU Due to Policy Based RoutingPolicy Based Routing (PBR) implementation in Cisco Catalyst 3750 switches has some limitations. If these restrictions are not followed, it can cause high CPU utilization. You can enable PBR on a routed port or an SVI. The switch does not support route-map deny statements for PBR. Multicast traffic is not policy-routed. PBR applies only to unicast traffic. Do not match ACLs that permit packets destined for a local address. PBR forwards these packets, which can cause ping or Telnet failure or route protocol flapping.
Do not match ACLs with deny ACEs. Packets that match a deny ACE are sent to the CPU, which can cause high CPU utilization. In order to use PBR, you must first enable the routing template with the sdm prefer routing global configuration command. PBR is not supported with the VLAN or default template
I checked the latest config guide, and those same guidelines are still listed. If that limitation is still there, are those packets switched at the process level (ip_input) or the interrupt level?
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports x1 NAM x2 Sup720 Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports x1 NAM x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
I plugged an IP device into a 2960 Catalyst switch. The port is up, but there is no MAC address learned on it:
TNSWAGCS01002(config-if)#do sh mac add int fa0/16 Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- TNSWAGCS01002(config-if)# TNSWAGCS01002(config-if)#do sh int fa0/16 FastEthernet0/16 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 0064.40ee.f510 (bia 0064.40ee.f510) Description: --- STC ---
I read that it may be a L1/L2 issue. We tried with another ethernet cable. We also tried with another IP device of the same model. That did not solve the issue.
I have some error messages in the Nexus 7000 log, after searching i cannot find an adequate explanation, pretty much the only thing i can find is below and i don’t think it is very relevant to my situation. The device is in production and so reloading and pulling card willy nilly is the last resort.
Device = Nexus 7018 IOS version = 5.1(2) Log messages= 2011 Dec 2 14:52:35 IAS01LVSWIPC01 %OC_USD-SLOT8-2-RF_CRC: OC2 received packets with CRC error from MOD 6 through XBAR slot 1/inst 1 and slot 2/inst 1 and slot 3/inst 1
I have configured a new switch 3560 switch and connected to 4500 switch and formed a trunk connectivity.Now the issue i am facing is when i do a SH CDP NEIGHBOUR from 3560 switch i am able so see 4500 swries switch but at the same time when i do SH CDP NEIGHBOUR form 4500 series switch i am not able to see the entry for 3560 switch.But i am able to telnet the new switch with out any issues
The issue is occuring on our local LAN where my ARP requests are being modified after a period of time by the router for one host. I'm finding that the host will work fine with the correct MAC IP pairing for a period of time and then about 15-30 minutes later, the arp table is changing so the associated mac/IP address is now the mac address of the router interface.
The FastEthernet 0/1 port has no ip proxy-arp enabled and is set with ip nat inside.This only started happening after restarting the router, however the running config was saved as the startup config prior to the restart.I've tried hard-coding the entry with the command arp 10.15.4.190 c82a.1459.0579 ARPA however that is not working as expected.
The device is an 1841 ISR with the advanced IP Services bundle loaded. Is there some way that the router is viewing my host (provides DNS, Directory Services) as a intrustion attempt and somehow rejecting the packets?
In my lab, there are some machines that are connected using Cisco 2950 switches. Those machines belong to a VLAN.Now I need to modify the VLAN settings of the machines and as such I also need to modify the VLAN settings on the ports on the Cisco switches.
In order to do this, first I need to login to those switches, but due to a lack of knowledge transfer, I don't have the password. Is the some generic password?Second I will need to modify the VLAN settings on each individual port. How can I do this?
Aug 24 11:32:16.275 AEST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan21, changed state to down Aug 24 11:32:36.827 AEST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan21, changed state to up Aug 24 11:35:23.854 AEST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1/2, changed state to down Aug 24 11:35:24.854 AEST: %LINK-3-UPDOWN: Interface FastEthernet0/1/2, changed state to downesw_mrvl_vlan_port_remove : Unable to find entry for VLAN(1) dbnum(1) esw_mrvl_vlan_port_remove : Unable to find entry for VLAN(1) dbnum(1)(code)
When the above problem happens, as work-around, we delete VLAN.DAT file on the Compact Flash of this 2811 router and recopy the VLAN>DAT file back to teh Compact Flash.
Then it runs for a few weeks and the same problem happened.
Then we put a new Compact Flash and recopied VLAN.DAT to new CF and it ran for 3 weeks and same problem started again.
Could be 2811 router motherboard? This customer has thousands of these 2811 routers in identical setups and this is the only router that is having this problem.
If a router receives EIGRP (AD90) routes, and is configured to redistribute thoes routes into BGP(AD20), why does the RIB show only the incoming EIGRP routes and not the redistributed bgp routes? Are redistributed routes considered for RIB entry in the router that is doing the redistribution
Will there be a way sometime in the future to add static IPv6 routes? I have a routed /64 and a routed /48 from a tunnel broker that terminates on my DIR-815, and I want to hang the /48 off of another router that I have attached to my LAN interface(goes to my home lab setup that I use for my job). I could just move the tunnel endpoint to the other router, but I like having IPv6 access for all my other PCs on the LAN segment.
I have a very basic setup here but strange the router is learning RIP routes advertised by the switch but the switch is learning anyRIP routes. Debug shows the switch is sending updates but not receiving any. There is also these error: %MRIB_API-3-ASYNC_ERR: Asynchronous error: failed to register to the MRIB. errno 0xE
I can ping across the gig 0/2 (switch) and GIg 0/2/0 (router)
I'm looking to try and implement ipv6 HSRP on a series of IOS-XR Routers running 4.2.1 following on from successfully setting up IPv6 HSRP on a few cat6509s on VLAN Interfaces in other parts of the network. I have entered the "router hsrp" configuration menu and gone into the interface in question that I'm looking to setup with IPv6 HSRP. Unfortunately, there version 2 or address-family ipv6 commands are not available.
Just I have upgraded some 2960S to IOS 15.0(2)SE from a IOS 15.0(1)SE3 and the catalyst don't switch any IPv6 traffic. Don't work any RA and also don't work any unicast IPv6 traffic from any interface. I can see some references to IPv6 changes in the FHS (First Hop Security) in the Release Notes, but no any reference to changes in the configuration.
The switches don't have any IPv6 specific configuration and the sdm is the default templata. Returning to 15.0(1)SE3 everything work ok.
On Catalyst 2960, and 3560E this IOS version seem to work fine with IPv6.