Cisco Switching/Routing :: Benefits Of Using Static Route With Default GW With Catalyst 3560
Jul 4, 2012
A check out a network segment and want to know why SwA has a static route to SwB if SwA already has a Default GW to Core?
(SwA, SwB - Catalyst3560, Core - Catalyst4948)Note, there are distribute list on SwA - it does not has any OSPF route (exclude O*IA).
Does this mean when SwA send out packet with DA 10.5.64.0/26, Core will use only L2 switching (instead of L3)? Is this more effectively for Core Switch?
Pleace check my reasoning:
1. When use a static route: SwA receive packet from Vlan 20 with DA 10.5.64.0/26 it will strip out Dest. MAC and replace it with MAC of SwB. Core will switch this packet to SwB based on mac add. table (l2 switching)
2. When SwA has only Default gateway and receive packet from Vlan20 with DA 10.5.64.0/26 it replace Dest. MAC with Core MAC. Core receive this packet, lookup route table for 10.5.64.0 entry and forward packet base on this.
View 6 Replies
ADVERTISEMENT
Feb 25, 2013
We have two catalyst 3560 switches running c3560-ipbasek9-mz.122-58.SE2.bin They are connected using etherchannel using gi 0/21 - 24 interfaces.
on 3560-1 switch, there isn't any ip-default gateway or ip route configured. It only have 1 interface vlan configured.
on 3560-2 switch, there is ip default gateway configured along with 1 interface vlan.
What i dont understand here is that, i can reach out to other subnets from 3560-1 switch in which the routing is not enabled?
View 4 Replies
View Related
May 25, 2013
I am trying to implement static route tracking on a Catalyst 3560G ( WS-C3560G-48PS, IOS version 12.2(35)SE5 and SW image C3560-IPBASE-M). The configuration is as follows:
track 101 rtr 1 reachability
!
rtr 1
type echo protocol ipIcmpEcho 10.199.101.2
rtr schedule 1 life forever start-time now
!
IP address 10.199.101.2 is reachable via ICMP (its the next-hop router).
The static routes configured are the following:
ip route 0.0.0.0 0.0.0.0 10.199.101.2 track 101
ip route 0.0.0.0 0.0.0.0 10.200.52.1 20
But only the secondary route(ip route 0.0.0.0 0.0.0.0 10.200.52.1 20) its being installed on the routing table by the switch.
View 8 Replies
View Related
Jan 15, 2011
I have a really weird issue with my cisco catalyst 3560G.
-device: cisco catalyst 3560g
-ios: 12.2-53(SE) IP SERVICES
scenario: configured IPv6 iBGP link between this switch and a router. the router is announcing 1 (test) route. the switch sees the route properly, but doesn't add it to routing table (the route never gets to be "best path", although it should be).
View 15 Replies
View Related
Nov 15, 2011
I have been researching a way to remove this subnetted route from my L3.There is an extra subnetted route that should not be there when I execute the command: show ip route
Below if part of my Show Run and the Show IP Route commands. You will see the 10.0.0.0/24 subnet as subnetted. I dont know why the L3 uses the 10.0.0.0/24 when I enter 10.10.10.0/24? But thats a whole different questions.
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 10.10.10.1 255.255.255.0
!
interface Vlan3
[code].....
View 5 Replies
View Related
May 8, 2011
My 2811 is connected with two ISP,s as below and have VPN with Central branch.I want to set DSL as primary and WiMax as secondary but problem is that routes learned via BGP get precedence over default route as they are specific one.I think i may need to put all static specific routes of central branch over DSL along defautl but I want any idea if my default route stay active and when it down then BGP neighborship can be establish (like ip sla tracking.)
View 3 Replies
View Related
Jul 27, 2011
We have recently purchased a Cisco SG300 and have been configuring it. [code] The VLANs have ACLs set up to prevent any communication between the Holly and Tempo VLANs (and their associated WAN VLANs).Each VLAN has a WAN available for it's use, which connects to external networks (including the Internet).In order to facilitate this, we have set up all the necessary ACLs and routes and confirmed that this all works.However, the problem comes when we assign the static routes that specify the default gateways.We add the two static routes below:
-0.0.0.0 next hop 10.10.200.254 metric 1
-0.0.0.0 next hop 192.168.200.254 metric 1
In this case, only one of the VLANs has WAN access. It is either Holly or Tempo (it can be either if the order the static route is added is changed).What we need is to force Holly to use Holly WAN and Tempo to use Tempo WAN, but we cannot see a way of doing this.Effectively, we want the following static routes: [code]
View 2 Replies
View Related
Oct 28, 2012
We have a IP-phone system connected to port 1 on a 3560 switch, the phone system tags traffic with dscp. The switch uplink is on port 24.
Is this configuration correct:
interface 1:
auto qos trust
interface 24:
priority-queue out
View 3 Replies
View Related
May 2, 2012
I have Catalyst 3750. and 2 ISPs
I wanted to use, let say on port5 of Catalyst 3750 only 2nd the ISP will route to this port.
The rest is pointed to the 1st ISP.
Im thinking of using VLAN..
View 7 Replies
View Related
Sep 5, 2012
I have a MPLS cloud in our data center. I want one network coming into our core router to have a different default route than the other networks coming in. I'm getting hits on the acl but the route isn't applied and goes to the default route that is configured in the router. I have other PBR for setting local-preferences and as-paths and they are working fine.
The router is a 7206 Version 12.4(11)T3
!
ip route 0.0.0.0 0.0.0.0 1.2.3.4
!
ip access-list extended 2nd_Default_Route
[Code].....
View 1 Replies
View Related
Jan 24, 2013
I have a Cisco 2960 ( WS-C2960-8TC-S) running 12.2(46)SE C2960-LANLITEK9-M image.I would like to set an ip route 0.0.0.0 0.0.0.0 87.101.156.97 but the current image does not allow.Will ip default-gateway 87.101.156.97 work or do I need ip routing ?The ISP has provided a /30 address and we are using an additional /29 for our network devices. I dont think this image can be upgraded. I need to forward routes directly out to ISP. [code]
View 5 Replies
View Related
Jul 27, 2010
IP SLA configuration fails over but cannot ping the 4.2.2.2 via Site B. Here is the output on Cisco 3750...
SW2#show runBuilding configuration...
Current configuration : 2901 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname SW2!boot-start-markerboot-end-marker!!!!no aaa
[Code].....
View 5 Replies
View Related
Aug 19, 2012
I'm working on a little OSPF setup in my lab and having a problem pinging out to the internet.I have a setup with (3) 3550's running ip routing. I'm configuring OSPF but I can't ping the internet from any L3 switch except the switch with the actual uplink to the internet.[code] From SW2 and SW3, I can ping SW1 on all IPs (192.168.1.90, 10.10.10.1, 10.10.10.5) but I can't ping 192.168.1.1 which is my gateway to the internet.
View 3 Replies
View Related
Jun 20, 2012
I have a 3750 at a branch running EIGRP connected to two routers that both have configured:
access-list 1 deny 0.0.0.0
access-list 1 permit any
access-list 2 permit 0.0.0.0
access-list 2 deny any
router eigrp 1distribute-list 1 out FastEthernet0/0distribute-list 2 in FastEthernet0/0
Due to this recently applied config the switch become unreachable from the outside and cannot ping anything. Everything connected to it works fine. I was able to remote into it from a switch behind it and noticed that the 3750 has no default route in the routing table. I do see a default route in the eigrp topology table. How to make the switch learn a default route maintaining the existing configuration on the routers.
View 3 Replies
View Related
Aug 12, 2012
I am having touble with a NAT concept. What I have is a 3rd party software VPN product that basically tunnels encapsulated traffic to/from a server sitting inside the network. Right now this traffic utiluizes a physical interface on the ASA5510, but I need the interface for another project.
What I have is this:
Internet<----->ASA<-->router<-->4507(layer3)
| |
| |-Vlan1
[Code]......
View 1 Replies
View Related
Feb 7, 2012
Does the Catalyst 3560 support GRE ?
I know that Catalyst 3750X support GRE ,but Catalyst 3750X cannot work in hardware it.
Does the Catalyst 3560 cannot work in hardware too?
View 4 Replies
View Related
Oct 28, 2012
I'm currently configuring per port policing on a 3560 and want to limit inbound traffic to 750mbit:
mls qos
access-list 1 permit any
class SET_IF
match access-group 1
policy-map SET_QOS
class SET_IF
[code].....
When I test the setup with iperf I always get different results when I change the nummber of parallel connections.Isn't there a way to limit the throughput regardless of the number of conns (INGRESS!) like with srr-queue bandwith limit?
View 2 Replies
View Related
Nov 29, 2012
We have observed increase of CPU utilization of 50% after upgrade from 15.0(1)SE3 to 15.0(2).The SDM template is "desktop default" template.The increase of CPU utilization in Switches with LAN Base after upgrade is about 10%.
How to find the cause for the 50% increase ?This is command is the output of 15.0(2). The calculated sum for 5min process-utilization is 21% plus 1% interrupt is 22 %. Where is the rest ?
switch#sh proc cpu sorted 5min | exc 0.00
CPU utilization for five seconds: 30%/1%; one minute: 29%; five minutes: 28%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
169 135084171 33273787 4059 9.92% 8.94% 8.73% 0 Hulc LED Process
83 80075989 13546109 5911 5.60% 5.39% 5.38% 0 RedEarth Tx Mana
[code].....
View 17 Replies
View Related
Aug 11, 2012
I'm having an issue with 2 of my 3560s which are not booting. The last thing I did on both switches before it hangs was:
>write erase
>reload
restarted as normal
[Code]....
I've tried powering-off the switch and pressing the Mode button and power on. I got to swtch: mode switch:reset
It restarted past the POST but just hang halfway at the same bootp-up process as shown on the attached. The SYST LED is Green color when it hangs.
View 9 Replies
View Related
Jul 30, 2012
We have two sites: 192.168.100.x and 192.168.101.x currently connected via IPsec VPN. On each end we have a Cisco ASA 5505. However, each site also has an MPLS VPN with intentions to move all traffic to this link. Will this work on the ASA? We need to make sure traffic can hit the ASA @ site A on the inside interface and trafiic will forward to the MPLS VPN router which then handles the traffic. Too, will it cause any problems in bi-directional flow between the two sites?
View 3 Replies
View Related
May 29, 2012
this is router 887, its vlan is 192.168.3.1/24. If I'd like to add a static route via different host within same vlan, rather than the router, like:
ip route 192.168.100.0/24 192.168.3.6
How can we achieve it? I tried adding it directly and failed:
(config)#ip route 192.168.100.0 255.255.255.0 192.168.3.6
%Invalid next hop address (it's this router)
View 6 Replies
View Related
Sep 23, 2012
I just got my Cisco SG300 28, but I have some problems getting the routing to work. I get the vlans to get to the router, with the default route. But not getting them to talk with each other. I can ping the IPs from the cisco, but I am not getting traffic to go from vlan 1 to vlan 2. When I try to google, it say that it should do it automatically, and I found no setting for it. It looks like it not creating any route for the interfaces.
View 2 Replies
View Related
Dec 12, 2012
Cannot set route map on interface vlan. which in non default vrf on Cisco 3750.IOS c3750-ipservicesk9-mz.122-55.SE.bin sdm prefer route in enable ip vrf users rd 200:0 route-target export 200:0 route-target import 200:0 interface Vlan201 description Users 1 ip vrf forwarding users ip address 10.31.76.1 255.255.252.0 ip helper-address 10.31.4.57 route-map fromuser permit 10 match ip address fromuser set ip next-hop 10.31.128.155 When I enter "ip policy route-map fromuser" to interface Vlan 201 I heve the message:
% Remove VRF configuration from interface Vlan201 first
View 5 Replies
View Related
Nov 29, 2012
Right now I have 2 default routes load balancing 100MB internet links. This is on my 2 6509's.
ip route 0.0.0.0 0.0.0.0 10.47.2.1 (FWSM)
ip route 0.0.0.0 0.0.0.0 10.47.2.250 (5510)
Is there anyway to make the first default route take more of the traffic, like 60/40 or 70/30?Any program that I could use to see top users going through the FWSM?
View 1 Replies
View Related
Sep 19, 2012
Recently we observed that newly installed WS-C3560CG-8PC access switches are able to communicate without a default route or default gateway.The 3650 switches are used as a layer2 access switch behind a layer3 distribution/core. They have only the management VLAN configured for IP with a single address.
The ARP table looks like there is an implicit proxy-ARP request sent for any IP address.
We definitely have no configuration whatsoever which would explain this.
Is this a new feature? We don't observe that with the older 2960-series...
Here is a brief trace of what's happening (debug arp):
host41#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Sep 20 14:44:06.706: IP ARP: sent req src 10.1.8.41 1833.9dc9.wxyz,
dst 1.1.1.1 0000.0000.0000 Vlan1
Sep 20 14:44:06.711: IP ARP: rcvd rep src 1.1.1.1 2c54.2dd3.wxyz, dst 10.1.8.41 Vlan1..
[code]....
The mac address if of course the mac address of the layer 3 interfaces of the distribution switch, no surprise here (proxy ARP is turned on by default).
Why is the 3560 sending out proxy arp requests without being told to? As far as I understood proxy ARP on Cisco IOS it only means it will reply to a proxy ARP request but will not send out proxy ARP requests by default.
View 3 Replies
View Related
Oct 21, 2012
I have a 2504 WLC connected to a Catalyst 3560 which has multiple vlans and is connected to a 2800 series router. I know the catalyst is L3 but I am needing nat functions to get outside to the internet. From my 2800 series router I am able to ping out to the internet, also I am able to ping the vlan interfaces on the catalyst switch. Problem is from the catalyst switch I can ping the inside and outside address of the 2800 but I cannot get any further then that. I cannot ping the 2800 router gateway. Not sure what I am doing wrong as far as routing.
I've attached my 2800 and 3560 configs.
View 3 Replies
View Related
Oct 15, 2012
Cisco C2960S IOS:12.2(55)SE5
Cisco C3560X IOS: 12.2(55)SE3
The 3560 switch is serving as an access and distribution layer switch. End devices are connected to it and it also implements IP routing via SVI and L3 ports.Auto qos voice cisco-phone has been implemented on applicable access layer ports. SRND4 is being used.
2960:
mls qos map policed-dscp 0 10 18 24 46 to 8
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
[code].....
Question 1:Why is the auto qos generated policed-dscp map different on these two switches?The Cisco Smart Business Architecture LAN configuration files guide [URL] does not specifically use the 3560 in their examples, they use the 3750 but it's my assumption that the same techniques, configs apply with regard to my specific feature questions. When using a 3750 in the Access layer, the guide shows (page 15) the same auto qos generated policed-dscp map configuration that is on my 2960. The SBA LAN config guide shows that when using a 3750 as a Distribution layer switch (page 26), the policed-dscp map configuration is the same that I see on my 3560.In the configuration guide for the 3750 distro switch, there is no auto qos applied as there are no access ports, so the mls qos commands are manually input. Since my 3560 does have access ports, auto qos generated the mls qos commands, and the results are the same be it following the guide and manually entering (per distro switch guidelines) or using auto qos. This leads to question 2...
Question 2:Why is the mls qos map policed-dscp configuration different depending on use as an access vs. distribution switch?
Question 3: On the 3560, access ports that have "auto qos voice cisco-phone" applied are put into queue-set 2 (output). Queue-set 2 (output) uses default values (not configured). Is this correct and desirable? If so, why? The 2960 has all ports in queue-set 1, regardless of being an access device port or a trunk port connected to the 3560 (as per the SBA LAN config guide EgressQOS macro commands). The 3560 trunk ports are all also configured to use queue-set 1 (output), again as per the SBA LAN config guide EgressQOS marco commands.
View 1 Replies
View Related
Jun 4, 2012
It is possible to configure the IOS NetFlow 122-58.SE2 in a Catalyst 3560?
View 5 Replies
View Related
Dec 10, 2012
I have one specific trouble with Catalyst 3560CG switch and Stardom reserved industrial controller. Controller has 2 processors, one of them after(!) negotiation become main with IP 192.168.1.1, other one stays in reserve with IP 192.168.1.129. If main one shuts down, spare one becomes main with IP 192.168.1.1. This perfectly works with DLINK and MOXA level 2 switches, but fails with Catalyst 3560, because spare one cannot even connect to switch port. I don't know the exact reason of it, but i suspect, that it happens because of before negotiation both controllers have ip 192.168.1.1 (i know, that it is wrong and weird, but so it goes). First of them correctly connects to switch port, which goes up and passes pings. Second processor tries to connect to switch port, which goes several times up and very soon down, then processor lefts his tries to connect to anybody and become idle. The switch seems to some way check IPs of 1-st and 2-nd port packets, and shuts down 2-nd port. I have connected via hyperterminal and tried to disable some level 3 functions and checks of the switch, but this wasn't useful. how exactly(or at least approximately) should i configure a switch to make this bundle work?
View 1 Replies
View Related
Oct 21, 2012
I've just installed 2 of these in my workplace on a PLC network.I'm now looking to set one of the ports up as my diagnostic port and would like to be able to mirror any of the other ports to this port.I believe it is called SPAN on Cisco switches.The only reference I can find to it is configuring via Telnet which I haven't got a clue about.On my old Wiedmuller switches it was just a few clicks away.
View 3 Replies
View Related
Aug 12, 2012
I have 5 SVIs configured for VLAN Interfaces 121-125 for my vSphere environment.
All VMs can ping IPs on all the VLANs (VMs on VLAN 124 can ping VMs on VLAN121)
All VMs, except those on VLAN 124, can access the Internet or even ping my router IP.
If I change one of the VLAN 124 VMs to use a different VLAN, and update the addressing appropriately, it can access the Internet.
The problem is exhibited with Windows and Linux VMs. So, I believe something in my switch setup is the problem with VLAN 124 in particular.
If i do a show vlan brief, VLAN 124 is listed.
If I do a show ip int brief, VLAN 124 is listed as upup. I also tried to shut o shut the VLAN 124 interface.
Only one specific VLAN has connectivity problems?
My topology is Catalyst 3560 to home router to Internet.
Here is my IOS image: c3560-ipservicesk9-mz.122-55.SE6.bin
Here is my show run output:
3560_02#sh run
Building configuration...
[Code].....
View 4 Replies
View Related
Sep 13, 2012
I have CISCO RPS 600 (PWR-AC-RPS) is it support Catalyst 2960 and 3560 ? and which type of cable require since i have cable 22-18 pin and on my switch require 22-14 pin.
View 2 Replies
View Related
Oct 15, 2012
Scenario: Two buildings connected with a private leased fiber line, so it does operate as a LAN. There are several subnets and everyone at both buildings needs to be able to access all subnets. However the physical machines on those subnets are building specific:
-Building 1: 10.2.0.0/24 (vlan20), 10.4.0.0/24 (vlan40), Internet connection
-Building 2: 10.1.0.0/24 (vlan10), 10.3.0.0/24 (vlan30)
The majority of the traffic between the subnets is specific to the buildings as well (i.e. most of the traffic is between 10.1 and 10.3 or 10.2 and 10.4).
Currently I have a Catalyst 3560 at Building 1 operating as the single "core" L3 router (and then a variety of switches connected to that). I have another 3560 at Building 2 that I'd like to turn in to the "master" L3 router for the two subnets primarily used by Building 2. In other words, make it so traffic from 10.1 to 10.3 doesn't have to run to building 1 just to get back to building 2.
I've got a basic knowledge of adding VLANs, VLAN interfaces and a static routes. The part that I'm getting confused on is that the Building 1 core router needs to make its default route to the firewall (and on to the internet) but "know" that traffic on vlans 10 and 30 gets sent across the fiber line to the other router. So I'm assuming this gets done with some combination of vlan definitions, vlan interfaces and static ip routes on each router.
View 6 Replies
View Related
