Cisco Switching/Routing :: BPDU Filter With 3560 Model Switch?
May 28, 2013
I am testing BPDU filter with 3560 model switch so I've looped 2 interfaces in that switch by configuring STP BPDU filter on interface levels and also connected one desktop in other interface on same vlan of looped interfaces with bpdufilter config. I am facing is both the looped interfaces are having heavy traffic due to this my switch CPU utilization also reached high. How to sort out this issue like why my switch interfaces traffic & CPU utilization went high even when I am using BPDU filter at interface level? As well as correct my BPDU configuration If I configured wrong. I thought it is a good practice and enabled this conf in some of my working environment but due to some loop my entire network went down?
View 6 Replies
ADVERTISEMENT
Nov 9, 2011
I am configuring some quotes for a customer whom I will be building a wireless network for. The wireless network will support about 60 AP's, as well as some other wired drops. The customer is working with a wireless vendor for the AP's, but I will be able to sell the switches for the network.
I want to ensure that he is pushing Gig and POE on each copper port for the AP's, since they will be "N" capable. I have selected several 3560 models which are in 24 port models, and I also think i have a requirement which mandates a 48 port in another location. What I have not been able to find in the Enterprise switch line is an 8 port which supports IOS and POE.
That being said, and since I am also "Select" certified, I went out to the SMB site, and did find that there were two models in the Small Business 300 line (models SG300-10P and SG300-10MP) which seem to support Gig ports as well as POE. I looked over the specs for each one of the two respective models, and I was not able to find what the difference between each of these two are. In other words, the specs, line by line, were identical.
View 6 Replies
View Related
Jan 9, 2012
Currently we have cisco 4503 switch in one of our location without redundancy which servers below,
300 user (desktop & ip phones)
5 vlans
15 access switches are connected
one L3 connectivity.
Actually i want to understand is it really necessary to have 4503 or we can go for 4900 series as we are planning to have redundancy in distribution segment.
Which is the best L3 switch in the above scenario and how to measure the overall performance of the current 4503 switch...
View 4 Replies
View Related
Aug 28, 2012
VLAN MAC address filter does not seem to be working on my 4900 switch. However the same config works fine when tested on my 3750 & 3560 switches.
Since user from different VLANs requires to be blocked, Unicast MAC address filter will not be feasible solution. VACL did not work on my 4506 switch too. K
Below is the config done on 4900 switch
mac access-list extended ABCpermit host 0003.0de9.d5ea anyexit
!
vlan access-map drop-mac 10
[Code]......
View 2 Replies
View Related
Oct 27, 2011
If i fully populate all switch port (Cisco 3750 series) with 100 filter list on each port is it recommendable.
View 4 Replies
View Related
Aug 13, 2012
We currently have two 5548UP and two 2232PP switches running on 5.1(3)N2(1a) and the plan is to connect our old 3560G switches to 2232 PP using enhanced Vpc.
I enabled spanning tree bpdufilter on the 2232 PP ports so that we can connect switches to them but VTP is not working on those ports. Is there anything that needs to be done on the HIFs for VTP to work.Does VTP depends on BPDUs? Does enabling Bpdufilter affects VTP?
View 2 Replies
View Related
Jan 11, 2012
I obtain this message on Nexus 7000:2011 Dec 22 03:37:53 NNN %STP-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on port-channel1 VLAN0020 and following with err-disabled port ?[URL]
View 3 Replies
View Related
May 22, 2013
We have an environment where users create a lot of bridge loops. We have tried to send E-mails about it and educate the users but it is almost a lost cause at this point. The loops are created when users don’t pay attention and they plug a patch cable coming off of an access port up to ANOTHER access port by mistake.
All of our access ports are from 3750 stacked switches. The way we tried to deal with this in the beginning was with BPDUGuard and ERRDiable (BPDUGuard) auto recovery. We turned BPDUGuard on globally and left BPDUGuard auto recovery at the default value (I believe it was 30 seconds). so a loop would be detected and after 30 seconds, the switch would try to enable the port and if the loop still existed, close the port for 30 more seconds. Then we started having problems with printers getting "fried". Their NICs would die out and the control board would need to be replaced. After a lot of troubleshooting and testing, it was determined that allowing the ports to come out of ERRDisabled state would flood the network and the packets would generate in the millions per second range and fry the NIC of these printer.
The fix for this and saving the printers was terrible. We removed ERRDisable auto recovery and just let the ports that are looped stay in an ERRRDisabled state. We wait for the user to figure out the loop and try to use the port and then put in a work order. Then we physically visit the site and verify the port was shut (ERRDisabled) from a loop and we bounce the port (shut/no shut) and everything is resolved. I did lab tests with a switch looped and a printer on the switch and watched it fry. We have had no printers fry after we removed the auto recovery protocol at every location. Only the locations where loops existed and auto recovery protocol running were printers going bad. What I found during my lab tests was that each time the port was auto-recovered (yes, for that millisecond while it checks if a loop still exists), more packets were re-generated and eventually enough was re-broadcastthat printers would go down. We never had a problem with computer NICs. I guess the cheaper printer NICs couldn’t handle the broadcast storms created by this. I tried playing with the auto recovery timers and even the highest setting would eventually re-create these storms.
So my question is what best practices are others using? Should we get rid of BPDUGuard and just try to let spanning-tree handle these bridge loops? Is there something else I can try? I’m not CCNA by any means, just trying to do what I can in my environment. Manually visiting sites when loops occur is becoming more and more my job, though and I have plenty of other things to be doing.
View 9 Replies
View Related
Jun 5, 2012
I have issue with 3560 switch QoS configuration . I checked in cisco site about mentioned model QoS configuration.once we mark the frame and map the CoS to DSCP and once it enters into switch and it processes according to LAN QoS configured on interface
we have configured both the commands shape and share.
once it leaves the switch and enters into Edge router and if we do not have configured QoS in router which is normally MQC , how does it process each packet ?Do we need to have end to end QoS configured in LAN ?
View 5 Replies
View Related
Dec 8, 2011
The last few days I've been exploring options in getting rid of some old routers accross a wan connections. I have a cat 3560 to play with and I thought I would try and use the no switchport command test out routing with switch. I've got some type of route issue and I tried a few things which I thought would fix the issue but had no effect. I'll post the config and a few commands so you can see what the basic setup is.
Here we can see in the arp that it knows about both 10.7.1.2 (PC unable to ping 10.3.3.254) as well as 10.3.3.254 (ASA).I tried adding in a ip route of 10.7.0.0 255.255.0.0 10.3.3.110 as well as 10.3.3.254. Neither produced the results I wanted allowing 10.7.1.2 (PC) to ping the ASA (10.3.3.254). [code]
View 4 Replies
View Related
May 8, 2012
I have an environment of 3 X 3560G of which I have 1st switch-CORE(f0/10) connecting to the VPN router(CE) interface-f0/0. Remaining 2 Cisco 3560's(Access) are connected to Gi0/1 and Gi0/2 on the 1st switch-CORE via gi0/1 . On all three switches I have created multiple VLANs and assigned ports to these VLAN. The switch to switch connection is trunk allowing all VLANs created on all these 3 switches. Now the issue is how I am going to have all these VLANs routed through single interface on the routeri-e f0/0, as all these subnets will communicating to remote site over VPN. What should be default gateway on the 2 Access switches and the CORE switch, also what static route should be on router to reach all subnets(VLANs) created on these 3 switches.
I have read inter-VLAN routing i-e creating sub interfaces on router but dont want to proceed with that and looking for any other way to have my VLANs talk on all three switches and then are accessible to remote site ove VPN?
View 9 Replies
View Related
Jun 4, 2013
I am trying to get my workstation to talk to a workstation on a different sub-net through a Cisco 3560 switch. The switch is running the following IOS version: [code]
My primary network is 172.16.0.0 and I am trying to connect to a device on a 192.168.111.0 sub-net. [code]
What would be the best way to get the two workstations talking via the switch?
View 3 Replies
View Related
Jan 27, 2012
I just replaced my 2Wire with PACE DSL Gateway Model 4111N. I am using the 2Wire filter in the phone jack to split the DSL and phone signals. Is there a different filter that will increase my signal strength?
View 3 Replies
View Related
Feb 26, 2012
how to take the event log of Cisco switch 3560, its argent.
View 1 Replies
View Related
Nov 22, 2011
I have a 3560-48 switch running Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(44)SE3 and i need to implement basic QOS commands to the fast Ethernet interfaces as well as the gig interfaces and Also I need to create port channels on the switch and need what the port channel syntax are as well for that particular IOS version?
I have only read only access and i can't see what the QOS and Port channels syntax should be for that IOS version.
View 3 Replies
View Related
Jul 22, 2012
I'm in the process of configuring QOS on a 3560 routing switch in a GOLD, SILVER, BRONZE priority type scenario.
Firstly, I understand that this config will add a tag of "precedence 5" to a packet if it matches the "ACL_QOS_GOLD_In" access list. Question is does the router see this "precedence 5" tag and then sets the priority, or am I missing something in my config where at present it just sees the "precedence 5" and doesn’t act on it ?
Secondly, Since the "precedence 5" tag has already been added to the packets, do downstream routers see this tag and act accordingly or so I need to configure those is well ? [code]
View 2 Replies
View Related
Jun 7, 2012
configure QoS on 3560 switch i have taken the template from cisco configuration guide since we have different QoS configuration on each model.
below is the configuration :
configure terminal
mls qos
end
mls qos map cos-dscp 0 8 16 26 32 46 48 56
no mls qos srr-queue input cos-map mls qos srr-queue input cos-map queue 1 threshold 2 1 mls qos srr-queue input cos-map queue 1 threshold 3 0
[code]....
Currently all the cisco phones are connected to this switch and configuration with only one vlan that is voice vlan .
1) what is the outcome of this configuration , i mean, what will be the expected output ? end of the day we need to prioritize the voice traffic but why other commands including threshold and buffers are mentioned with respectives queues , if I need to explain that what am i expecting out of this configuration ?
2) this is LAN QoS which i understood but again , do i need to configure policy-map along with class-map which is MQC on this switch ?
3) i have edge router where i have MQC already configured but confusion with this switch which is working as a Access switch .
4) I referred the cisco QoS document for the respetive model whereas we have policy-map configured on the same switch with class-map .
My understanding is if we have configured the LAN QoS , and mapped the CoS value with DSCP , we need not to have MQC.
View 4 Replies
View Related
Nov 28, 2011
we have a class based qos scheme (see attached file) on our 4500 series access switches and we have a access 3560-48 switch runing IOS Version 12.2(44)SE3 my question is can I use the same QOS scheme for the 3560 switch?
View 3 Replies
View Related
Mar 18, 2013
I have a 3560 switch with 1 VLAN (VLAN 10) where I need to make ports:
1-10 as isolated (can't contact each other)
11-20 as community (need to contact each other like a normal VLAN)
23 as promiscuous (server that ports 1-20 need to get to)
24 as promiscuous (WAN router where ports 1-20 need to get to and the remote servers).
[Code]...
View 26 Replies
View Related
Oct 31, 2012
I wanted to upload image having .tar extension in Cisco 3560 switch. What are the steps to upload.
View 1 Replies
View Related
Feb 12, 2013
I have observed a situation where one of our cisco switch 3560 is rebooting daily at periodic times.We have checked the power cables and source everything is fine and still clueless whats causing the issue. [code]
View 13 Replies
View Related
Aug 19, 2012
I want to configure Cisco 3560 SWITCH with IP cameras. I need to configure the ports connected to Camers. IP addresses to the Cameras has been assigned.
View 1 Replies
View Related
Sep 26, 2011
I have an issue with a 3560 in my network, after sometimes it fails to give out power to some ip phones,while others are not affected and below is the message i get
"Power given, but Power Controller does not report Power Good"
output of sh power inline and sh env all : everything seems to be ok on the switch
#sh power inline
Available:450.0(w) Used:48.0(w) Remaining:402.0(w)
Interface Admin Oper Power Device Class Max
(Watts)
--------- ------ ---------- ------- ------------------- ----- ----
Gi0/1 auto off 0.0 n/a n/a 15.4
Gi0/2 auto off 0.0 n/a n/a 15.4
Gi0/3 auto off 0.0 n/a n/a 15.4
[code].....
It's solved by a reboot of the switch, i could have suspected a power environnment issue but it's the only equipement disturbing in the network.
View 20 Replies
View Related
Feb 7, 2012
Are the LC SFPs interchangeable with the 3560 V2 POE switchThe P/N number we have on the LC SFPs are 30-1301-04.Will this P/N number suit bothe the 2960-S and 3560 switches
View 1 Replies
View Related
Aug 20, 2012
I am trying to configure 802.1x wired on a 3560 switch and don't see the required commands under the interface. I am running c3560-ipbasek9-mz.122-55.SE6.bin. I was thinking it might not be available on the ipbase image, but I do have the commands on a 3750g running the ipbase image, so I'm not sure about that.
View 4 Replies
View Related
Sep 10, 2012
i am facing an error while upgrading the IOS image on 3560 switch. [code]
View 1 Replies
View Related
May 25, 2012
I have made a topology by using one 3560 switch and 2 2950 switches. I have also made 2 vlans name Clients and other Servers and vlan 1 is for anagement purposes. The left 2950 switch is for clients and the right is for servers. Clients is vlan 2 and servers is vlan3 . Now what i want is that my dhcp is should assign ips to clients in vlans 2 provided that servers are in vlan 3. I am also using a border router and i have introduced a default route on the 3560 to the border router.
Now when i assign static ips to my clients pc and server dhcp then i can ping between vlans but when i try to assign ip through dhcp then it wont work. Also the default route on the switch to the border router doesnt seem to work. I can ping only the border router when i put a default route on the border router instead of the 3560 switch.
View 3 Replies
View Related
Jul 23, 2012
I have a cisco 3560 24PS and its connected to two ADSL broard band routers.one is a personal broadband line using a Billion ADSL broadband router, and the other is a business broardband line using BT's 2wire broadband line.on the Billion routers i have various things attached like a NAS and a printers, both wired connections. then i have laptops and phones that connect over wifi, so its configured to act as a DHCP server
the only thing conncted to my 2wire router is my company's laptop (wired or wifi depending on where i'm working from), so again i have it working as a dhcp server.The switch is configured with multiple vlans, with dhcp scopes assigned for each vlan.I have a static route pointing all traffic to my Billion ADSL for internet connectivity.
The problem i'm having is that when i turn on the cisco switch, all wifi conected devices loose their conection. only 2 things get it working again, a reboot of the router, or disabling then enabling the DHCP service on the router.upon further analysis i was able to find out that the devices were not able to pick up an address from the router. again i looked deeper into this and i can see the following on logs of my router: [code]
so it seems that the router tuns off its DHCP capabilities because it detects that my Cisco switch is running DHCP services. I need to figure out how to keep the billion routers DHCP running when ever the switch is turned on.is there a way of filtering out any DHCP chat from the switch to the router?
View 7 Replies
View Related
Apr 17, 2013
I want to replace an existing 3560 Switch with another switch of the same exact model and IOS. However, this switch that needs to be replaced is the VTP Server of my LAN at this location. When I replace the switch I will just use the same exact running config but I'm concerned about the vlan.dat file. Do I need to copy that file over to the new replacement switch and if so, what is the best way to do that?
View 5 Replies
View Related
Sep 12, 2010
I have the following problem with
Situation:
- 2x 3750G-12S Distribution-Switches (DS) and several 3560/2960 Access-Switches (AS)
- redundant Fiber optic uplinks between AS and DS
- Cross-Stack Etherchannel config on all uplinks
- UDLD aggressive mode configured on all uplinks
Problem:
- when I reload the DS and the switch comes up again, I've lost the connection with several (not all) AS
- looking at the AS log I found the following error message: "%UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Gi0/1, aggressive mode failure detected"
Cause:
- in the log of the AS I don't see intf Gi0/1 go down during the reload of the DS
- this means the DS didn't shuts down all its ports during the reload
- but this also means that UDLD on AS didn't know about DS reload, and therefore didn't resets counters
Workaroud/Solution
- I'm now configuring errdisable recovery on all AS
So I'm forced to configure errdisable recovery, even if I don't want.
View 3 Replies
View Related
Apr 6, 2013
does cisco switch 3560 or 3750 supports MC-LAg ? if yes, then on what IOS? if no, then what are the devices which supports MC-lag?
View 1 Replies
View Related
Oct 30, 2011
I have configured a new switch 3560 switch and connected to 4500 switch and formed a trunk connectivity.Now the issue i am facing is when i do a SH CDP NEIGHBOUR from 3560 switch i am able so see 4500 swries switch but at the same time when i do SH CDP NEIGHBOUR form 4500 series switch i am not able to see the entry for 3560 switch.But i am able to telnet the new switch with out any issues
View 11 Replies
View Related
Sep 25, 2012
I have a 3560-X switch and want to access it through GUI. what image I need to download and steps to use GUI(Just like ASDM for ASA 5500 series Firewall).
View 1 Replies
View Related
