Cisco Switching/Routing :: C2960 Make Configurations Only On Base Of DSCP Field
Nov 28, 2011
I am begining to work to apply Qos on switchs (C2960 & C6500), and I still have a doubt about the necessity to consider the cos value. I indeed want to apply Qos for ToIP, Video, perhaps create a scavenger class, ans in all cases, I classify my packets with TCP/UDPB port and mark them with DSCP. So is it really necessary to study all the DSCP/CoS mapping problematics ? Is it not possible to make the configurations only on the base of the DSCP field?
A quick one because I'm scratching my head trying to figure the difference between the 2960 LAN Base and LAN Lite IOS installs. I want to put a 2960 into a site which has as layer 2 link on dark fiber taking it elsewhere. This part I'm not concerned about - the WS-C2960--24TC will do what I need without issue - but I don't know if I can get away with LAN Lite, or if I need LAN Base.
I basically need V LAN's with associated SVI's, and a routed link on the up link port (I don't care if it's a switch port with an associated SVI or a no switch port and IP address), but it's got to be able to run OSPF. Can I do this with LAN base on this series switch? Or do I need to go for a higher series (3560?). I *could* get away with static routes, but my boss is walking death on them unless I can 100% prove they're necessary, so I'd rather not right that fight!
Does anyone know of some off the shelf (commercially available) software that will set the DSCP field to something other than 0? Im looking to do some network testing using any off the shelf software, voip, games, whatever. I have already setup a traffic generator but my testing needs to encounter a more real life scenario. I have already tried many games, skype, gchat, etc. but nothing sets the DSCP field to anything other than 0.
I have a WS-C3750X-12S-S (IP Services) that I THINK I'd like to downgrade to LAN Base so I can stack it with a WS-C3750X-48T-L that is already LAN Base..
I want to know what is the different between IOS of the catalyst WS-C2960-48PST-S and the IOS of catalyset WS-C2960-48PST-L.a want to upgrad the IOS of a WS-C2960-48PST-S with the IOS of WS-C2960-48PST-L (because this reference has a LANBASE version of IOS).
I have a Domain Controller on windows 2003 advanced server. and I have roles and some configuration such as rights, user accounts, DHCP configuration, DNS server and etc on it.Some times windows needs to be reinstalled but after reinstalling,configuration of roles would be lost. I don't know how can I backup these settings? Is there any solution about this problem.I know a simple way is creating an image of windows installation drive by an application such as Norton Ghost but I'm talking about windows solution.
I am getting a very strange problem where 4500 switch is remarking the packet with dscp 1 to 0.
Let me explaint the setup. I have two PCs connected on same switch but on different modules. PC1 is conencted to Gi4/19 and PC2 is connected to Gi2/43. Both the ports has been configured to trust the dscp. Below are the configuration:
i did on cisco 2960S switch at user ingress interface. but the marking is not showing in show policy-map interface gig 1/0/10 interface and ACL is not showing any match.
I also had a config reference from 2960S cisco guide.
access-list 103 permit tcp any any eq 80 access-list 104 permit tcp any any eq 23 access-list 105 permit icmp host 172.24.68.4 any
I have a pair of Nexus 7K's running 5.1(3). I have a handful of edge devices that I need to mark ingress traffic, and need to mark both DSCP and CoS. Right now, I have a working config that marks DSCP appropriately.While that works dor DSCP, the MQC will not allow me to mark both DSCP and COS in the same class, and unlike IOS, it appears that Nexus does not have a default DSCP-to-COS mapping. My understanding is this can be solved using table maps, but I don't see how that can solve my problem in this specific scenario (it appears I can do marking or table-map mutation, but not both?). How I can accomplish both?
there is something I find strange on C6500 about QoS: C6500 derive an internal DSCP value for it's internal use, but when configuring the qos mapping on output interfaces, only a cos value (I guess, an internal cos value) can be used. Is it a misunderstanding from me, or is it really illogic?
I've been working on a 3560 that doesn't seem to map dscp values to a new value: mls qos map dscp-mutation ToR1 22 24 to 46
[Code]....
On the router on the other side, I created an acl that matched on dscp 46, but it doesn't match on it. I've tried moving the mutation map to the ingress interface and I've tried setting dscp with a service policy instead of marking COS and using internal dscp. Where is the mutation map supposed to be placed: ingress or egress? Also, I added an entry in the acl on the router to see if I was mapping to dscp 24, and I am:
[Code]....
So it seems like the mutation map is being ignored completely. Any reason why?
I am reading through a QOS Document and they want me to trust the DSCP value from an IP phone (Siemens) but UN trust the PC DSCP value. How can I trust one thing but not the other? I am using a 2960 Cisco switch with IP base IOS.
i have Catalyst2950SI with iOS12.1, connect a wifi-access-point to f1/1(dot1q trunk port),and connect another L2SW to f1/2(dot1q trunk port),and IP phone, MobileCamera connects to wifi-access-point,IP phone has dscp=40 value on its own packet,but MobileCamera doesn't have any dscp value or cos.now, i wanna do QoS by that dscp, So i type as below,
I have a problem with dscp preservation on a WS-C3750X-48 catalyst; in my little diagram, his name will be SW2, so I have this:SW1 <-> SW2 <-> RT1. some phone connected to SW1 mark with dscp EF (46) the voice traffic.The "mls qos" was enabled on SW1 and SWt. The interlink switch ports has the "mls qos trust dscp" option, the phone port and the router port also.And the problem is I can see the dscp marking on the SW2 when I span the voice vlan on this switch but the dscp was removed ( DSCP set to 0) on the router port ( span on the router port for look )If I made also a packet capture on the router RT1, I see the DSCP was effectively reset to zero.If I disable the "mls qos" on SW2, of course all is fine and the dscp was preserved and forwarded to the router. [code]
I am trying to mark http packets from a web server with DSCP ef, but when I am doing a traffic capture all http packets have tos 0x0.I am able to mark UDP and ICMP packets originated from this server, but not any TCP traffic.The web server is in VLAN 20This is my config mls qos ip access-list extended MARK-HTTP-ACL permit tcp host 10.10.10.10 eq www. [code]
i would like to know the possibility to use mls qos trust dscp with service-policy in the IOS ver.12.2(25)SEE2.The specific version is not possible to configure like below.
Cat3750(config-if)#do sh run int f1/0/1 Building configuration...
Has anyone implemented a working Nat on a Stick?I am looking for 3750 configurations for Nat on a stick.Our users need to access the camera monitoring from home as well as in work.We will like to setup the monitoring software with public address (and port) of the cameras, as the users use the same configuration at home and work.DNS will not work for us as the monitoring settings only accept IP.
I built a VSS pair with a couple of 6509's. This was our first pair so we took the opportunity to do some testing. One of the features we tested was the priority/preemption feature, which we decided not to use. After some time we shutdown switch 1 and relocated it to another building. Unfortunately, because of a lack of fiber, it was not connected to switch 2 for several months. Also, unfortunately, I failed to remove the priority commands. Now while switch 1 was "unconnected", we made changes to the config on switch 2. Months later, when the fiber was complete and I connected switch 1, preemption caused it to take over. I'm guessing switch 1 thought it's config file was the better one, and proceeded to overwrite switch 2's production config. I quickly disconnected the fiber but not before losing my production config on switch 2. We of course recovered from that with a backup, but now I need to connect switch 1 again. I have removed the priority command from switch 1 and rebooted it.
We have a customer who uses about 20 x c2960's switches for access layer and 2 x c3560e for distribution layer. C2960's uses C2960-LANLITEK9-M , Version 12.2(58)SE1. Everything was working fine. Now we got information, that sometimes there are problems with connectivity. Customer tries to reach internet.
SW11#sh int fa0/18 FastEthernet0/18 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is e8ba.806a.4412 (bia e8ba.806a.4412)
I am trying to configure RSPAN for one of my client. They have Server-Client VTP architecture. Voice Recording Server is connected to C4507. Agents are connected to C2960 and C3750. I got 2 sessions configured and the connectivity is a as follows:
1. Voice Recording Server-----C4507-----C2960-----C2960-----Agent IP Phones (Session 1) 2. Voice Recording Server-----C4507-----C3750-----Agent IP Phones (Session 2)
Recording works with Session-2 but not with Session-1. I understand the problem could be due to multiple reasons: 1.1. C2960 is working in client VTP mode so i cannot add remote span command under the vlan configuration. 1.2. C2960 has LANLITE IOS image which i am not sure if it supports Remote Span.
When configuring QoS on 3750s/3560s, we're mapping packets to particular interface output queues with commands such as: [code] The command to see what's actually being enqueued, dropped, etc. is: [code]
Note that these queues are numbered 0 - 3, and not 1 - 4. We've been assuming that the first queue number in the "mls qos" (i.e., 1) command maps to the first queue (i.e., 0) in the "show mls qos" command.
I have a C2960-24TT-L Switch with the following problem:When the Power Cord is plugged in the Switch, all switch indicator LEDs go on very briefly. Then SYST LED blinks very briefly, goes on steady and remains at this state without any indication at the console.Tried the reset by holding the MODE button while plugging in power but I still get no indication at the console. All is fine with console, meaning that if I take out the cable and plug it in another switch, then I see all that there is there to be seen.My question: Is the switch beyond repair or is there something that can be done to get the switch to run POST and boot at rommon so that I can reload SW and configs?
I have two WS-C2960-24TC-L Switch with Software Ver 12.2(25r)SEE6 with image c2960-lanbase-mz.122-35.SE5.bin and 12.2(25r)SEE1 with image c2960-lanbase-mz.122-25.SEE2.bin currently on it.
I want to enable SSH connections on the switches and believe I need to import the cryto image onto the switch. I would like to upgrade it to new version that can also support ssh connection but not sure which image to download from cisco. The switches are now live.
System image file is "flash:c2960-lanbase-mz.122-35.SE5/c2960-lanbase-mz.122-35.SE5.bin" cisco WS-C2960-24TC-L (PowerPC405) processor (revision H0) with 61440K/4088K
I've got a C2960 (sw01) and a C2948. (sw02) The sw02 switch is trunked with sw01, and is meant to serve as an extension to the VLANs (1-4) that exist on sw01. It is trunking properly, however, how would I go about giving the sw02 an IP so that I can access it via SSH? Would I have to create a VLAN specifically on sw02 with an ip and switchport an interface to use it? I know that a VLAN can only have a single IP, but I'd like sw02 to have an IP on VLAN1 (192.168.1.0 subnet), is that possible?
i am trying to upgrade the firmware in my C2960 switch to 15(1) SE2, and i get the error:Failed to execute the command archive download -sw /overwrite /http iosFile
I am not sure why the CRC and input errors are increasing in fastethernet port...This port is used as Intradomain cross connect to Data Center service provider for LAN extension between two Data Centers in different locations... The link is 100 MB. The switch port is directly connected to patch panel of DC provider and I believe they have some L3 switch or some other device that is providing LAN extension...
#sh interfaces fastEthernet 0/23 FastEthernet0/23 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 0019.3050.1497 (bia 0019.3050.1497) Description: ASA_VPN_TO MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
I am not sure why the CRC and input errors are increasing in fastethernet port...This port is used as Intradomain cross connect to Data Center service provider for LAN extension between two Data Centers in different locations... The link is 100 MB. The switch port is directly connected to patch panel of DC provider and I believe they have some L3 switch or some other device that is providing LAN extension...
#sh interfaces fastEthernet 0/23 FastEthernet0/23 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 0019.3050.1497 (bia 0019.3050.1497)
I have version 2 ssh configured on a Cisco 4507r-e. Unable to sync archives with CiscoWorks. V2.99 is unsupported on CiscoWorks. Does CiscoWorks need to be updated or does the switch?
cat4500-ipbasek9-mz.122-52 LMS 3.2 # show run ip ssh version 2 #show ip ssh SSH Enabled - version 2.99
