Cisco Switching/Routing :: Cat 6506 Goes Into ROMmon
Nov 29, 2012
I have a Cat6506. There were 2 Sup 720 in it for redundancy. They told me they had problems with this thing in the past needing to go out and reboot the machine. I need to go out periodically because it goes into ROMMON. I type boot and it comes back up. One time though neither one would reboot. I had to take a third one out there and reconfigure it. Now it is starting to do the same thing. One thing I did notice is they never connected it to an UPS. It is plugged strait into the wall with power going to two outlets. I am beginning to think there are spikes in the power occurring and this is sending it into ROMMON.
I am configuring multicast in a environment where I have a 4506 at each site (4 total) and a 6506 as the core. Each 4506 is connected via layer 3 to the 6506. I have a mix of 3560s, 3548s, and 2960s connected to the 4506s and the 6506 via layer 2 trunk
I have multiple multicast sources and hosts communicating at a time (multiple cameras sending video / multiple computers receiving video). So this is not a scenario where there is 1 sender and many receivers. This would be many senders (~50) and some receivers (~10)
I configured ip multicast-routing on each of the 4506s and on the 6506. IGMP snooping is on by default on the 3560 and 2960 switches. CGMP is on by default on the 3548 switches.
I set up PIM sparse-dense mode and IGMP version 3 on each of the layer 3 interfaces for the 4506s and 6506 where they connect and on each VLAN that is sending or receiving multicast. Multicast is working throughout the network, however I am looking to verify the configuration as I scale this out to more clients on the network.
#1 - Is it correct to us sparse-dense mode in this configuration?
#2 - Do I need to configure a rendezvous points using AUTO-RP? (ip pim send-rp-announce INTERFACE scope TTL). Not sure here if I need to designate this and what to choose. Right now I do not have this and it is working, but documentation seems to infer that I need to designate this.
#3 - Is there any other configuration settings I should be considering? I hard to find real world configurations of multicast as examples or people that know multicast routing well.
I upgraded the IOS on 6506E, SUP 720-10GE, non-redundant, to a new one, rebooted OK. Switch seems to work fine but "show bootvar" shows the previous IOS name instead of the new one: s72033-advipservicesk9_wan-mz.122-33.SXJ3.bin.Removed the old IOS name on "boot var", gave it new IOS name, "show bootvar" now has correct new IOS name, write mem again and reloaded switch.It booted up OK but "show bootvar" still has the old IOS: "s72033-ipbasek9-mz.122-33.SXI2a.bin".According to IOS upgrade procedure, after all the upgrade IOS steps done, then just "write mem" then the "bootvar: will have the new IOS name, but on my switch it is always has the old IOS name ? How can I set the bootvar to new IOS name?
Access-group only allows me to set the mode.access-group > mode > prefer > port > int g2/1,Those are the only options available to me, it doesn't allow me to go.ip access-group <name> in or out or access-group <name> in or out.
I realize the commands may be a little off, I don't have a switch nearby. When I get on our 3750 there are no issues, it allows you to apply the ACL the conventional way. I just can't seem to find any way to apply an ACL on an interface on the 6506 though.
I tried to upgrade IOS from SXI2a to SXI9 in cat 6506 VSS. But the problem is that switch always boot with old IOS. I put the new IOS in sup-bootdisk and slave sup-bootdisk, bootvar is ok with new IOS: [code] Show bootvar is ok but switch always boot with old IOS SXI2a, some bug in IOS sxi2a???, I will try to delete de old IOS from sup bootdisk and try with the new one only.
I have PAT set up successfully on 6506 chassis - My outside address range is 78.24.112.114 255.255.255.240.Relevant parts of the config below: [code] This works fine but of course is only using the one IP address 78.24.112.114.how I can utilize the other outside addresses available or is this not really necessary? I've browsed through loads of Cisco docs.
We purchased two new 4948 with two 10GE uplink ports and upgraded the devices to run IOS 15. My 6506 is running Sup 720 with s77233-adventerprisek0_wan-mz.122-33.SXI9. Currently we have 4948's connected to the same 6506's with no problems. Today I tried to add the new switches with new IOS and it caused of of my 6506 core switches to failover. I can't explain why because it was close to start of business and couldn't do much troubleshooting. Currently we have four 4948 (running IOS 12.2(14) switches running Layer2 connecting dually to each of the two 6506 cores via 10GE fiber uplinks. I tried to add two more to the scenario, again running layer2 and dual-honing them to each of te 6506 switches. there are two 6506 core switches and they run HSRP and spanning tree is manually set to give priority to even vlans on one 6506 and odds on the other 6506. Also the new switches I tried to add did had rootguard applied as well as the uplinks.
We have to get this working and have no test environment to work with. We need to do this late this evening after close of business.
On another note, I have had problems upgrading some of my older 4948's to IOS 15. I followed Cisco's suggestion and upgraded the EPROM first and then the IOS upgrade took on three of the switches that were ordered rather recently. The four that were ordered in one batch will not take the upgrade even following Cisco's instruction and lots of other tricks. Nothing works. Having problems with IOS 15, in general?
I have a problem with high CPU load by DHCP Snooping process on Catalyst 6506 (WS-SUP720-3B, soft: s72033-ipservices_wan-mz.122-18.SXF11.bin). I have it enabled on 15 VLANS, in which there are subscriber devices residing, and sending DHCP requests through Cisco to DHCP server (Cisco acts as DHCP relay, and it's collecting the snooping database, I also use DAI).
Snooping database contains 6962 bindings now.
CPU load goes high only sometimes, and I don't have a clue, why it's going so high. It can load as high as 45-47% of CPU, like this:
When the load is high, the command: show ip dhcp snooping statistics is showing, that the overall quantity of Packets Processed by DHCP Snooping is increasing rapidly. In normal situations, it's like 10-20 packets per second, but when the load is high, it's 1000-10000 pps.
But when I look at SPAN from my subscriber's VLANS, I don't really see any flood of DHCP requests, or something like that - everything looks as usual. Maybe, some of subscriber's devices are sending incorrect DHCP requests, that are causing packets to loop inside RP, or something like that? How can I detect that thing?
Also I thought, that if I enable the ip dhcp snooping trust mode on all of the Catalyst interfaces, the DHCP snooping will not process the subscribers DHCP packets, and I can, by exclusion of interfaces from one to one, detect, from which interface the problem is originating. But this seems to be incorrect, I turned the ip dhcsp snooping trust on all interfaces, and I still get spikes of CPU load by DHCP snooping process. Why it's still examining packets, even on trusted interfaces, is it ok?
And one more question - if I disable the ip dhcp snooping globally, will it clear all my existing bindings in snooping database?
I have a 6506-E with 720 Sup. I am trying to connect a server with HP 550SFP Nic to my 6506.If I plug the SFP from my server into my 6506 it will not link. When I plug that very same SFP into a 3750 it links fine. Makes me think that there is something I am doing worng on the 6506 Config.But, If I plug another server using a IBM LAN Card into the same port on my 6506 it connects and works fine so now I am starting to wonder.
We currently have an existing 6506 in data center that we want to add another 6506 to and do a VSS implementation.I'm trying to minimize down time so our current basic plan was to do the following:
1. Bring up the new 6506 and configure it for VSS 2. Trunk a port between the new 6506 and the production 6506 3. Physicall move connections from the production 6506 to the newly connected VSS switch 4. After all physical ports have been moved, power off the original 6506 swap the supvisor card out for the new 2T Sup card 5. Configure original 6506 for the virtual domain and then connect the VSL's.
According to the documentation, to run "switch convert mode virtual" the standby unit has to be in hot standby. This means I can't run this prior to moving the connections over, which means once I run "switch convert mode virtual" it will reboot the switches (~ 9 minutes of down time). Is there anyway around this?
problem to configure MWAM. I have installed MWAM module in 6506-E slot 2 with sup720-3B. After installing MWAM the Status is PwrDown. I tried to turn on the power but its not happening. MWAM is installed in slot 2 and here is the result of show module 2 My Sup720-eB IOS image is s72033-advipservicesk9_wan-mz.122-33.SXJ1.bin
6506-E#show module 2 Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 2 3 MWAM Module WS-SVC-MWAM-1 SAD081203GK Mod MAC addresses Hw Fw Sw Status --- ---------------------------------- ------ ------------ ------------ ------- 2 0003.feae.bb8c to 0003.feae.bb93 3.0 Unknown Unknown PwrDown Mod Online Diag Status ---- ------------------- 2 Not Applicable
I had these error messages on both my Cisco 2851 and on my Cisco Catalyst 6506.
On Cisco 2851: %SYS-SP-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (4/4),process = SEA write CF process. [code]...
And on 6506: Dec 27 15:20:55 MET: %SYS-SP-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (129/129),process = SEA write CF process.[ code]...
I have these IOS versions on my Cisco: Cisco 2851: 15.0(1)M4 Cisco 6506: 12.2(33)SXI
i want to know if 1port of the 16 10Gbase-t Module (WS-X6716-10T-3C) for the Catalyst 6500E Series, can be connected to a 1Gbase Port of a 2900 ISR Routers, are they gonig to work at 1Gbps or, simply, they are not compatible?
If it is true, can i create a 4ports etherchannel between them? of course using the 16 1Gbase-T switch module on the Router.
I upgraded four 3560E, 12.2(44) to 12.2(55)SEThree 3560 works fine, the last one stops after 17-18 seconds with a solid green LED. I cant get into ROMmon, the switch doesn't boot up. its like "dead but still alive"
My TS: 1: Removed all SFPs. 2: Reset PSU and fan modules. 3: Replace PSU and fan modules. 4: Try to get into ROMmon.(pushing mode button and break seq.) Startup LED:0-1 seconds: SYST: Amber RPS: Amber STAT: Green DUPLEX: Green SPEED: Green 1-17 seconds SYST: Blinking Green RPS: OFF STAT: OFF DUPLEX: OFF SPEED: OFF 18 s--> (only testet up to one hour) SYST: Solid Green RPS: OFF STAT: OFF DUPLEX: OFF SPEED: OFF
A working 3560EStartup LED information. If I compare a working switch with the faulty switch I can see about 18 seconds into bootingSYST change very fast from green to amber and continues with booting,this doesnt happened on the faulty switch (solid green 18 seconds). Pushing MODE button, doesn't get me in to ROMmon, this works for all the other switches.On a normal 3560 it takes around 40 seconds before I get in to ROMmon. With this faulty switch it stops after 18 seconds(solid green) and it doesnt respond.
Could not find a valid file in BOOT environment variable. BOOT variable can be set from IOS. To find currently setRom Monitor variables, type 'set' command.
Choosing a boot method, type 'confreg' command.rommon 1
I have 2 Cat-6506's that are used for my WiSM's. The only thing in both Chassis is 2 X WiSMs a SUP-7203A and a 6516A line card.The only connection between the rest of the network and these chassis is on port gig 1/2.[code] If I have read other posts correctly all points to the ASIC being overun by that traffic being sent from my WiSMs out to the Network.
I am still working on the design of my big project and always that you think that every thing is solve, appears a details.We need to deploy a fiber links to some buildings that will have access switches connected to the Core. I have been reading about ethernet ring topologies and quite differents to the hierarchical model because of the using of Ressilent Ethernet Protocol instead of STP or RSTP.My question is which of the next to scheme will be the best?
1.- Deployment an ethernet fiber ring topology with REP? Consider that the edge Switch of this ring will be my Core and this one is connected to my distribution switches in a hierarchical topology. In this situation, Acces Switch 1-A is connected to Acces switch 1-B, Access Switch 1-B to 1-C and Switch 1-C to the Core. Feel fre to recomend me wich switches and considerations are the best. We conssider 1 Catalyst 6506 Chasis for the Core and catalyst c2960s-48-TDL for acces, maybe the 3750x series. Each Acces node in the ring topology will have a maximun of 50 end devices.
2.- Deployment a Fiber ring but not connecting each switch with the next. In this case we want to ensure redundancy to the core wih equal costs path, but because of the ring each switch won´t have equal length link to the core. In this situation, Acces Switch 1-A is not connected to Acces Switch 1-B is connected directly to the core but the fiber cable will take the route to Access Switch 1-B, to Acces Switch 1-C and finnally to The Core Switch. This apply to the other to Switches. Note now that Acces Switch 1-A will have a 281 Ft link to the core and a second 1612Ft. link to the core. Here comes the question this differents lenght will negative affect RPVSTP ? or It doesn´t matter? Can i setup an etherchannel/load balance in this situation?
I'm have ether channel between CISCO 6506 and CISCO 3750X. I'm set load-balance ip-src from 6506 side and dst-ip from 3750 side. i'm try test etherchannel for detect physical link for test ip. On 3750 all work, but on 6506 i'm get error: test etherchannel load-balance interface port-channel 1 ip 10.10.10.2 10.10.10.1 ^ % Invalid input detected at '^' marker.
I am seeing Native VLAN mismatch errors on my 6506 switches as below [code] Will it(VTP Version mismatch) be the issue for getting the VLAN Mismatch Error ?
We are facing problem with cisco 6506 switch while configuring when we try to save it, we are not able to save the config, neither we are able to view running and startup config.
I was unable to configure vlan-based qos on Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICESK9-M), Version 12.2(33)SXH6, RELEASE SOFTWARE (fc1) Seems to me my configuration is not working. Here is the output of the interface:
sh int G1/6 | i rate Queueing strategy: fifo 30 second input rate 25231000 bits/sec, 4282 packets/sec 30 second output rate 46940000 bits/sec, 9257 packets/sec
Why I can't see matches in ACLs? I've double checked the direction and seems to me it is correct. I can't see matches even I configure something like this:
10 permit ip host 192.168.1.168 any 20 permit ip any host 192.168.1.168
Why my output rate is higher than 30M? Is it bacause there is no matching traffic here in ACLs? I'm absolutely shure that this host with such ip connected to this interface:
#sh arp | i 192.168.1.168 Internet 192.168.1.168 0 feed.beef.f00d ARPA Vlan3 #sh mac address-table | i feed.beef.f00d * 3 feed.beef.f00d dynamic Yes 0 Gi1/6
I'm currently pursuing to take my CCNA and am currently studying for it, but have recently encountered a problem with one of my 1760 routers that I can not solve.Yesterday I went to boot up my router like normal, however when I went into hyperterminal I noticed the router was in Rommon mode. Thinking I could change the configuration registry, I tried to bypass the NVRAM by using confreg 0x2142. However this still causes the router to go into Rommon mode. I am getting an error that states that there is insufficient memory to load the IOS image. [code]
I have used the dir flash: command and can see the IOS image, and try to boot from it (boot flash:iosimagename) but it will still go back into rommon mode. I also just swapped the RAM from my other 1760 into this 1760 and it booted up and went into normal configuraiton mode without any issues. However, the other router now will not load it's IOS image and I get the exact same error.I'm at a loss here, and have searched to figure out where or how I can just wipe the router clean to try and start fresh, but cannot get out or Rommon mode. The only thing I can think of is that the RAM went bad since it wont boot up either machine.
I have an issue with a customers 6503 with Sup-2T cards, where we are locked out of the console due to an authentication configuration error. So tried several times to get the card into rommon, with no success.
Checking through the various documents on CCO I dont find any reference to rommon on this card, but do find information on using the CMP to support the supervisor. I logged into the CMP but couldn't find a way from there to do a password reccovery either.So, is the `normal' IOS rommon/password recovery method supported.
I am facing a problem with a cisco 6509 that goes into rommon every time i restart. If i give the command
rommon 1> boot
it will pick up the IOS on the sup-bootdisk: or bootdisk: and boots up but i dont understand why on reboot it wont pick up this IOS and boot itself and why do i have to write boot command everytime on rommon.
I have also explicitly given the command "boot system bootdisk:IOSNAME.bin" in the startup config file but still no luck.
Multicasting. The configuration is I have a 6506 as my core switch receiving multicasts from an interface assigned to VLAN10. I have a monitor port setup with a PC running Observer which says multicasts are being received on the core switch. On a different interface on the core switch I have a 2960G switch connected to it and this interface is on VLAN 10. The 2960G switch has a workstation connected to it that needs to receive the multicasts. How do I configure the 6506 and/or the 2960G to process the multicast traffic?
We recently installed a WS-X6716-10GE module in slot 6 within a Cisco 6506. We are using two ports on the module (6/13 and 6/14), which are port channeled together to a Nexus 5548. Everything has been running fine for about a month and the card had a green light but the ports stopped communicating. The module was screwed into the chassis/slot. For problem determination reasons, we reconfigured ports 6/13 & 6/14 to 6/15 & 6/16 and moved the cables but the module was still not responding. We eventually pulled the module out of the slot and reinserted the module back into the slot, which reset the module and fixed the problem. Is there any way to determine if this was hardware problem with the module and it should be replaced, or is it a software bug/problem? We opened up a ticket with the TAC but we haven't heard back from them yet.
Cisco WS-C6506-E Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICESK9-M), Version 12.2(33)SXI8, RELEASE SOFTWARE (fc2) Mod Ports Card Type Model --- ----- -------------------------------------- ------------------ 5 2 Supervisor Engine 720 (Active) WS-SUP720-3B 6 16 CEF720 16 port 10GE WS-X6716-10GE
We have two catalyst 6506 switches with 10 gb u plinks and around 120 edge switches cat 3750-x switches. Still the module on the core wheere servers are connected is 1000mbps port.Now if we induct a nexus switch to the datacenter what kinds of benefits we can reap In a virtulised environment as well as real environment?following are the some of the queries.Can we reduce the number of edge switches? ( by virtual environment), Inter operabaility between cat ios and nexus ios, how this will affect the environement,What will be the over all benefits ?, What are the cons of this induction ?
I have two Catalyst 6506 in VSS mode with VS-S720-10G running 12.2(33)SXI1 IP SERVICES.I have two firewalls that communicate on to the other through a dedicated VLAN created on Catalyst 6506.
One firewall is able to ping the other one on this dedicated VLAN but if I send multicast traffic from firewall-1 I didn't receive it on firewall-2.I found a bug related to multicast issues on Cisco WS-C6509-E with VS-S720-10G. The bug ID is CSCtc59038.
