I have a Cisco 2801 with a 4 port Layer2 switch card installed (HWIC-4ESW).
How do I bridge Ethernet0/1 to the 4ESW so if you were to plug a computer into the 4ESW, it would be on the same network as Eth0/1? see my config below:
interface FastEthernet0/1
description Internal Interface
ip address 10.1.2.1 255.255.0.0
[Code].....
We have a number of sites which have high-speed L2 links which terminate on our L3 switches at each site. The ports are between the sites are placed in routed mode.
I would like to use Jumbo frame between two of the network which will communicate across sites and 1500 mtu on the rest, is this something which is possible?
From my understanding is the mtu is set on the interface therefore if I set the mtu on the L2 link ports on both sites to 9000 then would this cause a problem for the 1500?
We have a couple of switches with a L3 Vlan 238 interface which runs PIM SM and OSPF, and HSRP. We have connected to this same segment telemetry processors which have raw socket interfaces configured - which means it picks up all IP packets which hit the interface and forwards them along.So we dont want the processor to recevie any of the 224.x.x.x switch housekeeping traffic? is there anyway to prevent that ?
View 1 Replies View RelatedI have a 3560 switch where I have 4 ports connected, one is to our WAN provider - 10Mbps and the other three are connected to different customers who I want to get an equal share of the 10Mbps bandwidth.I'm fairly clued up about configuring modular QoS but I'm being thrown by the fact that you can't apply a service-policy outbound on the ethernet ports.
View 3 Replies View RelatedI have 2 3550's connected across a wireless link. [code] However, from Switch A, I cannot reach 10.1.3.9Can this 3550 not route traffic between 2 routed ports?
View 8 Replies View RelatedWe are running a Cisco 887VA router for our internet access but of course the port connected to the internal network only supports 100Mbit/s. There are a few 100Mbit/s ports on the router; I was wondering whether it was possible to use more than one port to provide aggregation to get higher speed such as two ports providing 200Mbit/s? We are running Gigabit internal.
View 4 Replies View RelatedI have 4 cisco 2960 switches to which many users are connected. No vlans are the only default vlan 1 is there. Now I want to make ether channel on switch 1 whcih has 24 fast etherenet ports. Can I make port 1- 8 as one ether channel which are connected to users or i can only make ethere channel of ports that are connectd to other switchs. If I can, how the other switchs will comnicate with the switch ports bundalled in the ether channel in switch 1.
View 6 Replies View RelatedQuick question here. Using 3750E series switches with multiple VLANS configured. These switches serve as our 'core'. I have SVIs configured for the different VLANs and add inbound ACLs in each of the SVIs to control traffic between VLANS. This switch also terminates a P2P Ethernet link which connects to our Colo facility. The port used for this is configured as an L3 port. I noticed today that I was able to send traffic across this L3 link that I thought should have been blocked by an ACL I had in place but it wasn't. So the traffic flowed from a port in say VLAN 20 across this L3 link (assigned with an IP address). Would this traffic flow not cause traffic to be checked against an ACL applied in the inbound direction on the SVI of VLAN 20 (int vlan 20)? Traffic does get checked when routing between SVIs. Why would it not get checked when routing between SVI and L3 interface?
View 2 Replies View RelatedI have a collapsed core design with routed ports between all components. Access layer switches, data center switches, core/aggregation. All routed (no spanning-tree at all).Now...I have to add an IBM BladeCenter with a BNT layer 3 switch to my topology. However, those nasties don't seem to support routed ports.How can I have a routed port on my cisco switch and a standard access port on the BNT and still establish an adjacency with an SVI? I am running OSPF, but I am labbing this in my home lab with 2 x 3550s and EIGRP.
On SW2:
*Mar 1 00:57:00.711: EIGRP: Received HELLO on Vlan100 nbr 10.1.1.1
*Mar 1 00:57:00.711: AS 999, Flags 0x0, Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
*Mar 1 00:57:02.303: EIGRP: Sending UPDATE on Vlan100 nbr 10.1.1.1, retry 9, RTO 5000 tid 0
*Mar 1 00:57:02.303: AS 999, Flags 0x1, Seq 17/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
[code].....
I have a computer with special software, customer abroad has a Laptop and connect multimedia center via etherner port to this laptop, I want to connect directly to customers ethernet port so I can program that multimedia center using a software in my PC. I know the ip address of multimedia center, but I cannot ping to it then I use hamachi port bridging.
View 1 Replies View RelatedI am trying to have F4 (the WAN interface) bridged to a VLAN interface. I have put my VLAN interface and my F4 in the same bridge-group, set an IP in the BVI Interface, and made sure that VLAN was properly trunked and configured on one of the router's switch ports
In other words, I need F4 to be treated as a switchport in access mode on my VLAN 10.
(...)
bridge irb
(...)
interface FastEthernet0
description trunk
switchport trunk native vlan 10
[Code].....
A ping in my vl10 VRF to 10.0.0.1 does not work. ARP does not resolve.
I am trying to bridge the traffic(including different vlan traffic) from rtrA to rtrB using "bridge-group" functionality.I achived the same using a 7200 using the below configuration. [code] When I tried the same using 7600 router ping failed between rtrA and rtrB. Then from the documents it seems "bridge irb" is not supported in 7600.Is there any other way we can achieve the same fuctionality ( eg: using switchport also fine) ?
View 3 Replies View RelatedI have following requirements to implement on cisco asr1001 router.
1.G0/0/0 and G0/0/1 interfaces are connected to a swith through trunk. Multiple customers are will be using this trunk interface . Each customer will have subinterface with dot1q tag.
2 I want both sides of the ASR1001 to be in same segment .
3 If above two is possible I would like to implement shaping on each customers sub-interface level
is above implementation is possible on asr1001. configration and ios information. I found a technology called EVC . but I am not sure is that the one suited for me.
network diagram is attached seperately.
I have 2 networks.
NETWORK 1:EOC connection fro ISP going into a router (not the RV042) with a static WAN address from ISP. This router is hooked up to a switch that all the computers are connected to. All the computers on this network are using 192.168.1.x addresses. Most of these addresses are static, but the router is running DHCP in case we hook up temporary computers like laptops or client machines to this network.
NETWORK 2:DSL connection going into a router (not the RV042) with a static block of IPs from ISP. (8 IPs, 5 usable for the WAN interface, 1 static IP is being used for WAN interface). This router has a VPN connection set up for remote access to the linux machines on this network. This router is running DHCP on the LAN interface for this network with addresses 172.16.1.x. All the computers on this network are tied together with another switch, completely seperate from the 192.168.1.x network switch.
PROBLEM:We needed computers on the 192 network to be able to access computers on the 172 network. Someone decided to just run a cat 5 cable from the 192 switch to the 172 switch (not the routers, the switches). This "worked" - badly. Appearently there is a DHCP conflict (or something else going on) that was causing the router on the 172 network to try and assign addresses to the 192 network computers, and it was also "resetting" a connection about once an hour. This crashed our server on the 192 network. I disconnected that cat 5 cable between the two siwtches, and now each of the two networks are working properly, but they are now completely isolated from one another.
I need to create a bridge between the 2 networks so that machines on the 192 network can access machines on the 172 network while filtering out DHCP broadcasts from either network router to the other network. (I may need to filter out other protocols as well, but don't know yet.)So, I see 3 potential ways of doing this but don't know if they will work:
1) Can I just set up multiple subnets on the LAN interface of the RV042 and just run 2 cat5 cables from each switch on the two networks to the LAN ports of the RV042?
1a) If I do set up multiple subnets on the LAN interface of the RV042, do I need to assign the two ports to different VLANs? (I don't see any way to set each port to a specific IP address.)
2) Can I set up the 2 WAN ports on the RV042, one static for each network, and will the RV042 route traffic from 1 WAN port to the second WAN port?
3) Is there some other way I should consider setting this up?
Finally, someone mentioned that once I get the RV042 set up correctly as a bridge, I will need to route 172 addresses on the 192 network to the 192 interface of the RV042 via the DHCP router on the 192 network, and conversely, I will need to route 192 addresses on the 172 network from the DHCP router to the 172 IP interface of the RV042. I think this will be easy enough to set up in each of the DHCP routers...
I currently have a 2811 and a LAN setup via a sub-interface FA0/1.3 and using a HWIC-AP I have a sub-interface dot11radio 0/1.5. I have them setup to work and surf the inet great, but I have recently been overly annoyed with the fact that the wifi cannot access windows shares on desktops and visa versa with the laptops.
The trick to make this happen is currently they are not on the same subnet. I know the answer is bridging the interfaces but when I do this using the simple commands:
bridge 1 protocol ieee
interface x & y
bridge-group 1
Although what should be simple has failed (good thing I tftp'd my working config). Here is my current configuration.
interface FastEthernet0/1.30
encapsulation dot1Q 30
ip address 192.168.3.1 255.255.255.0
[Code].....
We are looking for a solution that to use Sub-interface on a routed port on 6509, instead of using a SVI on it.Are there any different when using Sub-interface?
View 3 Replies View RelatedCisco 3725
IOS: (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T9
Wireless Module NME
Brief current running config below:
interface FastEthernet0/0
description WAN LINK
bandwidth 8192
[Code].....
I have a network where if an end user attaches an hub to the network, or rather one of those cheap unmanaged 8-port mini-switches and then plugs the two ends of the same cable into two ports of that mini-switch, all the network goes down. Loops are generated and many uplinks are shut down in err-disable state due to the loopback reason.
I know I could discourage the use of those mini-switches using port security. I even have NAC (cisco) deployed on the network, but there are cases where that mini-switches are allowed by the managment.In those cases, is not possible to exactly know wich hosts (mac addresses), and even how many of them will attach the network concurrently.As I know, they could even chain many mini-switch one to another. Of course, when even a single mini-switch is allowed on the network, it raises as a security hole.
Is there a way to allow the use of those devices without the risk of network outages? Some STP protection method? The best would be to have the Cisco access switch to get aware of the loop on its affected switchport (where the mini-switch is attached), immediately shutting down that port (to avoid loops on the network) and maybe sending an SNMP trap or a syslog message.
We are using Cisco Catalyst 2950 and 2960 for our access layer.
I need to bridge 2 subinterfaces; F0/0.301 and F0/0.302 on a single router.The router interfaces with a Cisco 2960 (LAYER-2) switch.QUESTION is, does a Cisco router support bridging on subinterfaces on the same physical interface?Currently this is NOT operational Spaiing-tree on F0/0.301 and F0/0.302 is down, switch side is forwarding for both Vlans.show ip interface brief shows up/down status of F0/0.301, F0/0.301 and BVI6 is down/down?
:
SETUP:
bridge irb
!
!
Interface F0/0
no ip address
[code]....
what routed ethernet card (WAN) can be inserted in Cisco 2811? I wan to replace 2Mbps Framerelay to 10 Mbps
View 5 Replies View RelatedI have a Cisco 1841 that has an ADSL (ATM) card installed. It was previously used with an ADSL line to provide NAT routing for an office. Now I want to use it witha cable modem, which would mean abandoning the ADSL interface and instead routing between the two Ethernet ports.Between the Cisco and the LAN is a Linux transparent proxy. It provides routing between 192.168.1.0 (LAN) and 192.168.2.111 (Cisco LAN interface). The network looks like this:
Cable Modem(174.76.21.1)(gateway) --- (174.76.21.10)(WAN) Cisco 1841 (LAN)(192.168.2.111) --- (192.168.2.11) Linux Proxy (192.168.1.10) --- (192.168.1.0) LAN
For testing and diagnostics, I've connected a laptop to each FastEthernet port on the router. One laptop is configured with the IP 174.76.21.1 to simulate the cable modem gateway and the other laptop has the IP 192.168.2.11 to simulate the Linux proxy. From those systems I've performed the following diagnostics with the following results:
From 192.168.2.11
Ping 192.168.2.111 - OK
Ping 174.76.21.15 - OK
Ping 174.76.21.1 - Timed out
From 174.76.21.1
Ping 174.76.21.15 - OK
NAT translation to LAN IP's failing
There are some vestiges of the ADSL configuration, but I've cleaned most of it out and shut down the ATM interfaces. Here's my config:
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
[code].....
I would like to do the following architecture with the same C3750 : network X,Y,Z connected to 3750 in VRF D the 3750 uses a routed interface on subnet E for the default route in VRF D on this routed interface a BYPASS EQUIPMENT the other BYPASS EQUIPMENT interface is connected also to another routed interface on subnet E "also" this routed interface is in another VRF C with other network A and B.do you know if it will work because of 2 routed interfaces on the same IP subnet or is there a way to do that ? the only goal for me is to catch traffic from network X,Y,Z on SYN and ACK.
View 5 Replies View RelatedI'm trying to configure a SPAN session on a Cisco 3725 router, but it won't let me complete the command. The router has two Fast Ethernet interfaces: 0/0 and 0/1. I'm trying to configure a SPAN session with Fa0/0 as the source interface and Fa0/1 as the destination interface. [code] But when I try to configure the session, it seems like it's giving me the option to configure the SPAN session, but in the end the router won't let me: [code] When I type "?", why would it give me the option of using the Fast Ethernet interface as source port, then when I try to execute the command, it doesn't like it?
View 7 Replies View RelatedActually i have 7600 router and all trafic passes through Gi0/1(Routed port) interface to 6500 series switch. I need to create a vlan on this router eg. vlan 10 Any how it is possible assign a vlan to routed port and traffic of wan interfaces and the vlan traffic passed together.
View 2 Replies View RelatedI have made a routed port on 3560G Switch and defined a pool 172.28.4.62 255.255.255.192 and connected to E1 converter RAD (4E1 to 4 FE) the E1 media is through Microwave on the other end same E1 converter is connected through layer 2 switch and defined a pool as of routed port configured in 3560G switch.
The port is generating lot of giants and after a while it also distrubs other routes ( Port1 to Port 16), configured with Vlan11 and port 22 as routed port.I have checked the routed port through wireshark the maximum frame size is 1514 and configured the MTU to 1514, giants are not showing any more but after 10 to 12 hours switch gets hang. Either to shut the port or to reload the switch to get switch and other layer routes to be normal.
I have checked speed and duplex settings same as E1 converter. Full duplex. 100 Speed. Why switch is not behaving normal. If I shutdown the routed port it is normal.
1. interface GigabitEthernet0/22
no switchport
ip address 172.28.4.62 255.255.255.192
flowcontrol receive on
end
[code]....
I have Cisco 3560x layer 3, but there is one problem with MAC ACL. Here is sample scenario:
I have two V LANS 2 & 3. There is one device (D1) on V LAN 2 and three (D2,D3,D4) devices on V LAN 3. D1 can talk only to D2 and D3. D4 can talk only to D2 and D3. D1 and D4 cannot talk at all. I got the IP access list all set, but I was asked to get the MAC ACL on it. The problem is that as soon as packet is routed, its MAC addresses will change, correct? Is there way of preventing device with same IP but different MAC from talking to device it should not to, keeping in mind that the packet will be routed?
I'm trying to configure intervlan routing between a cisco 2801 router and HP/Amer switches. Using int fa0/1 and subinterfaces I was sure I had it configured correctly, but I cannot ping the default gateways when I place a host in a particular vlan. Below is what I have configured.
HP switch - port 9 connects to fa0/1 on 2801
ip default-gateway 10.1.100.1
trunk 9 Trk1 trunk
trunk 10 Trk2 trunk - to another switch
[code].....
I have a computer with special software, customer abroad has a Laptop and connect multimedia center via etherner port to this laptop, I want to connect directly to customers ethernet port so I can program that multimedia center using a software in my PC. I know the ip address of multimedia center, but I cannot ping to it then I use hamachi port bridging.
View 1 Replies View RelatedI have faced a problem with configuring Cisco 3750G series switches as Sever farm switches with redudance.
servers have 2NIC (1GBps) and both are bridged for redundant connections.In both switches all ports get green coluor except one port on Secondary SW. I saw some Spanning tree block port status on that switch.when i type Show cdp neghbor command on switch i can see other switch through a server connected port. Also Spannig tree root bridge election is occured through that port . Simply i need to configure both switches to pass traffic through there uplinks them selves.. but it seems like Secondry switch pass its traffic through primary switch ( i think according to STP ) usinginterconnection of bridge port of a server. [code]
I have some questions about how to configure my Cisco 1941 with a routed subnet from my ISP to forward them to 1 or more servers in my LAN.1 Routed subnet /29 from my ISP (over a fiber connection).In my LAN I have (at the moment) 3 servers, and about 15 clients.I would like to use the first ip address from the routed subnet for internet traffic from all the clients in the LAN.I would like to use the second ip address from the routed subnet for server1 so that server1 accept some allowed connections and that server1 connects to the internet with the second ip address from the routed subnet
I would like to use the thirth ip address from the routed subnet for server2 so that server2 accept some allowed connections and that server2 connects to the internet with the thirth ip address from the routed subnet.I would like to use the fourth ip address from the routed subnet for server3 so that server3 accept some allowed connections and that server3 connects to the internet with the fourth ip address from the routed subnet.[code]
I want to know if is it possible to configure QoS on a 4500 Sup7 on a Layer 3 routed port like the following example (Similar to CBWFQ on IOS Router)?
View 3 Replies View RelatedI've got a bunch of 3750-X switches all running IP Base and acting as a routed access layer. They run OSPF in a totally stubby area with the distribution layer (Nexus 7K) as the ABR. We also have a physically separate management network into which the fa0 management interface of the 3750-X is connected. The management network itself runs OSPF and has multiple subnets and external access.
On the 3750-X, I'd ideally like to be able to run some sort of separate OSPF process for the management network or at the very least have a static default route for management traffic pointing out the fa0 interface, but clearly not have it interfere with the main default route for data traffic coming from the N7K ABR. Normally I'd just create a management VRF, sling the fa0 interface into it and run a separate OSPF process in that VRF. The problem is you can't create VRFs in IP Base! Surely there must be a way to do this? Cisco don't really expect customers to upgrade to IP Services just to have a working OOB Management network, do they?!
What should the duplex mode to be set on a routed port gi0/21 that are running HSRP ? I try setting the gi0/21 to full, but it caused the port to be down. The only way for the port to be up is setting it to half duplex.
Cisco 3750 Switch
==============
interface GigabitEthernet0/21
no switchport
ip address 10.200.104.34 255.255.255.248
[Code].....
