Cisco Switching/Routing :: C6509 Loss Of Packets ICMP Sent By Different Hosts In Different VLAN
Oct 17, 2012
I've a big problem with a loss of packets ICMP sent by different hosts in differents VLAN. Here my architecture:
Core Switch : 2 Switch's C6509 (Version 15.0 (1) SY1)- Mode VSS - One lien VSL , the other link is defective.Access Switch: C3750 , Connected to Core Switch through 2 fibre optique wires.Topology: redundant ring
When I send consecutive ping message I found always a missing of packets . Furthermore When I insert the "show ip traffic" command., the parameter "bad hop count" increase after a loss of packets. I've 2 hosts connected in my network and they send packets with TTL =127.
In the Core Switch I haven't configured the MEC because it gave me troubles with the packets multicast.
View 1 Replies
ADVERTISEMENT
Dec 22, 2011
Both regular IP traffic and ICMP traffic are passing through the source port. C6509 provides the option of filtering vlan traffic during monitoring. But I don't have vlan traffic.
qa-c6509-c(config)#monitor session 1 filter ? vlan SPAN filter VLAN
So I applied an access-list which only allows icmp traffic to be sent out of the monitoring port. But it does not work.
View 4 Replies
View Related
Jan 2, 2012
I have Cisco WS-C6509 with IOS version 12.2(18)I have several vlan interface on this device.Today I create new vlan intervace
interface Vlan165
description test5
ip address 10.10.10.1 255.255.255.252
end
and vlan:
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
165 test5 active Gi7/14
But I can't ping this IP address and show ip route shows:
sh ip route 10.10.10.1
Routing entry for 10.10.10.0/24
Known via "static", distance 254, metric 0 (connected)
I have static route for this subnet /24?I can not see any error in logs, but looks like I reached vlan interface limit on this device or something like this.How can I check it?
View 9 Replies
View Related
Mar 23, 2013
I have a cisco 2811 router set up as a nat/firewall gateway for my network. I've configured it for CBAC on using ip inspect and an access list.What I want is to use audit-trail to record network traffic (which means sending syslog messages to a server) concerning established sessions from my own network to locations in the outside. If i configure this using ip inspect audit-trail and no ip inspect alert-off, the configuration looks like this: [code] which works just fine, but there is the matter of icmp packets.
Since i use polling software that needs to check some machines in the outside part of the network, it is only natural that several icmp sessions are established through the Inspection Rule per minute. The problem is that since these sessions are recorded along with everything else, my syslogs are flooded with these (since i am using logging trap informational) to the point that more messages are generated about icmp than all other traffic combined, especially in non-working hours.What I am asking is a way for the audit-trail to be selecively disabled for icmp, so that the outgoing (echo) &incoming (echo reply) sessions can be established without generating syslog messages.
View 1 Replies
View Related
Nov 19, 2012
We have recently started as Internet service provider in an open metropolitan.
We use a Cisco 3560G Layer 3 switch, where we have all our vlan where we have konfiguerat ex. Switch (config) # interface vlan 150, an interface for each VLAN capabilities such as int vlan 1 - 10/10 int vlan 2 to 30/10, int vlan 3 100/10 and so on.
Our int vlan is configured as follows:
dhcp relay information trusted
ip address <x.x.x.x> <x.x.x.x>
ip helper-address <x.x.x.x>
Ports (ex. int Gigabit Ethernet 0/1) are configured as follows:
description Uplink
switchport access vlan x
[Code].....
Now the problem; we have a customer in ex. vlan 3 who needs to access a server provided by another customer in the same vlan (vlan 3), and access to each other in the same vlan is not possible. You can access the server from any other vlan, but when it comes to access to another host in the same vlan, you will not reach it.
We suspect that the energy company has configured with pvlan isolated. If we use the command ip local-proxy-arp on each vlan, it works to reach each other, but it seems that our 3560 becomes overloaded when ip local-proxy-arp is enabled and it streaming and use IP telephony it doesn't work. The response time at ping is longer and the loss of packets increase with ip local-proxy-arp enabled. The other operators in the metropolitan also uses Cisco 3560G so the hardware should be sufficient.
We have also tried to add no split-horizon, but it made no difference. How do we get around this without negative consequences? Probably need something that makes you allow to send out the same interface that it came from, because it works as long as you are in another vlan.
View 1 Replies
View Related
Apr 8, 2012
Randomly when I try to access to 2950 from management tools, switch is unreachable, I have to access from other switch and reload 2950.
Problem only is from managemt tool to managament vlan 1 2950.
The strange thing is that management interface is encountering a very fast increase of throttles, broadcast and ignored packets:
2950#show interfaces vlan 1
Vlan1 is up, line protocol is up
Hardware is CPU Interface, address is 0023.3488.fd65 (bia 0023.3488.fd65)
Internet address is xxxxxxxxxx
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
[code]....
It could be a hardware problem?, IOS has been upgraded.
View 11 Replies
View Related
Jun 15, 2013
SG-300 52 native VLAN blocking network packets
View 3 Replies
View Related
Feb 20, 2012
We have 2 6513 switches with SUP720/PFC3A and various POE modules and a 6748-GE-TX facing our servers. Additionally, we have a 4Gbps portchannel trunk interconnecting the switches. We have approximately 300 Nortel IP 1140e phones in use between the two switches.For the purpose of call recording, we've attempted to mirror the voice vlan using various approaches and have been met with limited success. We mirrored the VLAN using tx, rx, and both. When using both we appear to get duplicate packets at the destination interface.We seem to lose packets completely going in one direction or another for a given call. Packets are lost before they get to the destination interface?
View 2 Replies
View Related
Mar 22, 2013
Why it makes problems to use a default route on a BGP-router (cisco 6500 with sup720 3bxl).Only a very few amount of hosts have that kind of problem and the 50% paket loss is only between this hosts. So another host has no loss to any of the affected hosts. looks for me like there is a problem in the CEF-table.The router has a BGP-fulltable. The gateway of last resort is only set for cases like a flapping BGP-route, so that the traffic is sent to a default next hop, because sometimes he knows a better route which isnt flapping.
View 1 Replies
View Related
Apr 18, 2012
At this moment we have a Linksys x3000 configured as modem on a ADSL connection (PPPoA)From our monitoring server we send ICMP packets to see if the connection is alive (or not).The problem is when we disable the ipV4 SP1 firewall and do not tick the: "Filter Anonymous Internet Requests" , we still receive connection timeout's from outside hosts. Is this a bug? And if not; how can we enable ping from outside networks?We really want to enable ping because of the monitoring software.The firmware is the latest version: 1.0.0.1
View 7 Replies
View Related
Jun 1, 2012
got this problem within the last few days
UPnP renew entry 255.255.255.255 <-> 68.98.71.182:61041 <-> 192.168.0.197:61041 UDP timeout:-1 'Teredo' (this one repeated 13 times just in that 1 info slot)
Blocked outgoing ICMP packet (ICMP type 3) from 192.168.0.197 to 109.185.100.195
Blocked incoming TCP packet from 108.170.42.83:80 to 68.98.71.182:36792 as SYN:ACK received but there is no active connection
this goes on for a multiple of different ip's and i believe its due to the fact that the game i play is p2p
QoS is off spi is off udp and tcp endpoint independent firmware version 1.21 i am using wireless cable isp using motorola sb5101 i believe i port forwarded the ports used for the game but that didnt work so i put my computer into dmz. I've also noticed a lot more jitter then i used to have and my upload speed is down about 4mbps. Was thinking it might just be outdated firmware?
View 3 Replies
View Related
Oct 14, 2012
We would like to install a WS-SVC-WISM2-1-K9 in each of our 2 WS-C6509-E chassis. Both of these have supervisor 720 engines installed. One in each chassis.From what I have read we need to upgrade the IOS to 12.2.33 SXJ4. Is this correct?If this is true then what are the memory requirements for the upgrade to this IOS version. Below is the output from Show version?Is there sufficient memory instqalled to do this install?
View 3 Replies
View Related
Mar 9, 2012
we plan to implement VSS on our datacenters (C6509/Sup720), in order to remove L2 loops (currently, access layer are C3750 stacks, which could evoluate for N5K/N2K). I would like to have some feedbacks about VSS stability. Some years ago, I have seen some bugs with this technology in another company, so I am still not totally comfortable to use it in the datacenter.
View 0 Replies
View Related
Apr 4, 2012
We plan to implement a large number of ACL on our Distribution switch which is a HSRP pair of 6509C switches running on sup-bootflash:s72033-psv-mz.122-18.SXD3.bin WE need to divide the Network in three layers
unsecure layer
Proxy layer
Secure layer
We have approximately 250 vlans on the our distribution switches and plan to implement 15 ACL on different vlans Each ACL can contain upto 30 lines or less.
basic ACL example we will be applying on different vlan
vlan 200
ip access-group test123 in
My question is Can these ACL on a vlan can have a massive impact on the 6509 CPU ?
View 1 Replies
View Related
Jan 13, 2013
I have a 2 cisco core (cisco WS-C6509-E (R7000) processor) and been working for quite sometime.they are conneted with HSRP with active standby config with a 10 g module for redundancy just today I see that the cpu utilization went to about 50% and its the same on both cores.
[Code] .......
View 5 Replies
View Related
Feb 26, 2012
Last night, the C6509-E do a unexpected reload. In the crashinfo, I can see that the last error message before the reload, was as follows: %C6K_ PLATFORM-SP-2-PEER_RESET: SP is being reset by the RP
I consulted the cisco website about this error message and what I found was the following:C6K_PLATFORM-2.
View 1 Replies
View Related
Sep 26, 2012
what should it be the minimum IOS version that I require on my WS-C6509-E equipments to support "logging origin-id" command?
Cisco documentation says that this command was introduced in 12.2(15)T, and integrated into 12.2(33)SXH.
BUT my Cisco switches have 12.2(33)SXH5 IOS version......and they do not support "logging origin-id".
(config)#logging ? Hostname or A.B.C.D IP address of the logging host buffered Set buffered logging parameters buginf Enable buginf logging for debugging cns-events Set CNS Event logging level console Set console logging parameters count Count every log message and timestamp last occurance esm Set ESM filter restrictions event Global interface events exception Limit(code)
View 2 Replies
View Related
Apr 1, 2013
I operate between c6509-E, what did you flooding? its just packet capture gi1/3 but i dont know it and is it attack?also same seq no switch gots it?what is problem?
View 2 Replies
View Related
Mar 25, 2012
we have a WS-C6509-E WITH SUP VS-S720-10G, and IOS s72033-advipservicesk9_wan-mz.122-33.SXI5.bin. [code]
From, what we can see, whenever we try to clear arp-cache, it doesn't remove the IPs from the ARP. We've checked a bug in the IOS 12.2(33)SXH4 with the same issue, in version SXI4 is solved, but I have version SXI5, it is supposed to be fixed, from this caveat CSCtf16300, since it says it was fixed on 12.2(33)SXI4, it should be fixed on SXI5, right ?
View 2 Replies
View Related
Nov 25, 2012
I have a C6509 with WS-X6548-GE-TX port module. The first port group, 1-8, is showing oversubscription (packets dropping) in the shared buffer. What interface commands can I use to find the specific port causing the buffer overflow?None of the ports is continuously overutilized and none of them in a SPAN destination group.I don't want to move connections without knowing which one is causing the problem. Also I fear that moving the connections may shift the bleeding to another shared port group.
View 2 Replies
View Related
Sep 9, 2009
I need those two stencils.I have checked here [URL] but:
- the one for the C6509-E is not there
- the one for the supervisor does not work properly (misaligned anchor points).
View 2 Replies
View Related
Oct 21, 2012
I have been looking at grading the IOS version on our 6509-E however there is not enough space on disk:0 to upgrade to the version I need to install. The question I would like to ask is - is it possible to boot the IOS from a TFTP server? If this is possible what configuration do I need on the 6509 to enable this. How does the 6509 know about the TFTP server as an IOS is not installed and therefore it will not have a network configuration
View 2 Replies
View Related
Sep 10, 2009
I am trying to figure out what is heat dissipation of a C6509-E configured as follows:
1 x WS-C6509-E-FAN
1 x VS-S720-10G-3C
1 x VS-F6K-PFC3C
8 x WS-X6748-GE-TX
8 x WS-F6700-DFC3C
2 x WS-CAC-6000W
I have tried two ways: 1) the power calculator and 2) manual calculation using the C6500 installation guide.
1) The power calculator says 13630 BTU/h
2) Manual calculation says: [code]
The there should be also the two PS in the picture, and the new total should be: [code] Well, 62711 BTU/h looks quite a bit too much and I think that the heat dissipation of the power supply should't be considered in the calculation.Isn't it an item that takes power from the grid and that generates heat according to its efficiency as the other modules?
View 2 Replies
View Related
Sep 19, 2012
Network newbie need to verify all necessary services and protocols on a new WS-C6509-E are turned on. This layer 3 switch will be used to connect to servers.
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXI9, RELEASE SOFTWARE (fc2)
[Code]....
View 6 Replies
View Related
Mar 20, 2012
We have two c6509 budled in VSS. I have noticed randomly high usage of CPU, sometimes up to 99% in peaks. I have found that it can be generated by SNMP engine. So I unconfigure all SNMP things. But situation is the same. I would like to know if this state is OK or not. CPU shows are enclosed in file.
View 1 Replies
View Related
Aug 8, 2012
We are facing issue of getting very high CPU utilization for the VSS Switch model WS-C6509-E some times approx 100%.Attaching here show tech-support taken later after CPU normal along with show logging, show cpu sorted.HCAINNOI01XXXCS0001#sh proces cpu | ex 0.0%CPU utilization for five seconds: 100%/13%; one minute: 90%; five minutes: 91%PID 5Sec 1Min 5Min Process16406 91.2% 75.2% 76.2% ios-base16426 1.7% 1.4% 1.4% udp.proc16429 0.3% 0.3% 0.3% raw_ip.proc16432 2.8% 3.1% 3.1% cdp2.iosproc
View 3 Replies
View Related
Nov 27, 2011
we have cisco WS-C6509-V-E with IOS version 12.2(33)SXI4; s3223_rp_IPSERVICESK9_WAN_M) running on a switch. I am trying to configure the command "mac-address-table synchronize" under global config mode. But when I enter the command Cisco(config)#mac-address-table ?It doesn't show the synchronize option?
View 3 Replies
View Related
Nov 14, 2012
I am trying to find a command for dhcp snooping rate-limiting on a CatOS. The PFC card is PFC. PFC3B is said to support that command. But there seems no this command.
-6k> (enable) sh ver
WS-C6509-E Software, Version NmpSW: 8.4(5)
Copyright (c) 1995-2005 by Cisco Systems
NMP S/W compiled on Aug 3 2005, 13:26:46
[Code] ......
Up time is 1183 days, 1 hour, 41 minutes
View 3 Replies
View Related
Jan 14, 2013
We are planning to replace a few line cards in the existing 6509-E chassis. The sup installed is a VS-S720-10G-3C but the line cards are legacy. As a result we are not able to enable the VSS functionality. We are looking to replace the existing line cards with the following:
1. 1 x WS-X6716-10G-3C
2. 1 x WS-X6724-SFP
3. 4 x WS-X6724-GE-TX
What are the requirements in terms of IOS and Roman.
The current IOS is: Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICESK9_WAN-M), Version 12.2(33)SXI2a, RELEASE SOFTWARE (fc2)
And the ROM Version is: ROM: System Bootstrap, Version 12.2(17r)SX7, RELEASE SOFTWARE (fc1)
Do I need an upgrade?
View 3 Replies
View Related
May 11, 2012
I have recently configured secondary ip address on LAN Interface of Cisco C6509.. We have some application which needs to use broadcast traffic communication to communicate with client... Broadcast is working within subnet & also working from broadcast server to primary subnet. But not working from secondary subnet.. I have checked broadcast within secondary IP range & it's working fine... Secondary not working broadcast with primary and also with broadcast server... broadcast address is different for these subnet but both should be communicate since configured on same interface... When I went through Cisco website found that command "ip directed broadcast" which will pass broadcast to different subnet... But I'm not sure whether any other impact if I enable that command on particular Ethernet interface...
View 6 Replies
View Related
Nov 24, 2011
We have some ME3800MX router/switches running ME380x-UNIVERSALK9-M), Version 12.2(52)EY2. The Cisco website says:
The switch does not support these Cisco IOS router ACL-related features: # •Non-IP protocol ACLs (see Table 26-1) or bridge-group ACLs
how we would match ICMP traffic then?
View 4 Replies
View Related
Mar 18, 2013
I've set up a simple lab network of two cisco routers 2611XM and to each router I've attached a computer (host). I have set up a dhcp ip addresses for each host. I've set up a correct routing as well on each router. There are 3 networks: 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 The first network between the first host and first router, second is between two routers and third is between the second router and second host. If I use first host (192.168.1.20) I can ping to any ip address (192.168.1.1 (router 1), 192.168.2.1 (router 1), 192.168.2.2 (router 2), 192.168.3.1 (router 2)) except the second host ip address which is 192.168.3.20. When I sit on the second host (192.168.3.20) i can ping to 192.168.1.1 (router 1), 192.168.2.1 (router 1), 192.168.2.2 (router 2), 192.168.3.1 (router 2) but i can't ping to the first host which is 192.168.1.20. I've even tried with attaching a switch to a router and assign it an ip address of 192.168.1.3 and the ping was echoing to it.
View 5 Replies
View Related
Nov 16, 2010
Currently have a setup where we have multiple SVI interfaces in a VRF on a Catalyst 6500 Switch. All these SVI belong to the same VRF. In order to achieve connectivity for hosts within the VRF to access hosts outside the VRF (Hosts reachabe via the Global Routing Table (GRT)) I am thinking I need to configure 2 things
1. Creating a summary route for all the subnets within the VRF in the Global Routing table.
<Config on 6K in Global Routing Table>
Note: 10.10.10.10 is the ip address of loopback 10 and this loopback 10 is in VRF Red
ip route 172.16.0.0 255.255.0.0 loopback10 10.10.10.10
2. Create a couple static routes within the VRF for networks that reside in the Global Routing table but which are not local to this 6K.
<Config on 6K within the VRF Routing Table>
Note: 1.1.1.1 is the ip address of loopback 1 and this loopback 1 is in the GRT or not assigned to a VRF
ip route vrf Red 172.32.32.0 255.255.255.0 loopback1 1.1.1.1 global
ip route vrf Red 172.32.40.0 255.255.255.0 loopback1 1.1.1.1 global
ip route vrf Red 172.32.50.0 255.255.255.0 loopback1 1.1.1.1 global
I have read through some posts and it seems to indicate that I cannot point to a loopback interface as it is not a point to point interface. How this solution can be achieved. The reason I was pointing to a loopback was so that I am not tied to a particular physical interface and for the summary route that was created in step 1 really not sure what L3 interface I could point to since I have multiple SVI's that are in the same VRF. Would I also need to create that same summary within the VRF. I don't intend to since I am assuming that once within the VRF the more specific connected interfaces would take affect and forward respectively.
In addition to the above I also need determining the forwarding behavior when there is a ip helper address configured under the SVI's which are in a VRF but the ip address for that helper is not part of the VRF. I would think if a static route is configured under the VRF for that helper address network pointing it to the Global Routing table it should work. The config for that would be
ip route vrf RED 172.32.52.5 255.255.255.255 loopback1 1.1.1.1 global
View 9 Replies
View Related
