Cisco Switching/Routing :: Catalyst 6509Es / Sup 720 ARP Discards
Dec 11, 2011
We have a failover pair of load balancers (non-Cisco) which are connected to each other via Catalyst 6509Es with Sup720 supervisor cards. Failover is achieved by the newly active load balancer GARPing all its service IP addresses with the relevant MAC address in order to update nearby ARP tables (failover GARPs are fired out by the load balancers at a rate of 200 per second). Failing over services between these load balancers has been found to be problematic, with numerous services not failing over in a timely manner.
Some of the load balanced networks involved are routed on the Sup720s, the rest are routed on FWSM modules in the same chassis. Problems occur only with VLANs routed on the Sup720s; all VLANs routed on the FWSMs fail over without issue.
Investigation has shown that this is due to a proportion of the ARP table entries not being updated in the Sup720 and (with the default 4 hour ARP table timeout) subsequently requiring a manual flush of the "wrong" ARP entries.
Testing by throwing GARPs at both the FWSM and the Sup720 has revealed the following:
we can quite happily throw ~200 GARPs per second at the FWSM and all the relevant ARP table entries are updated with the correct MAC address. This fits with the sucessful failovers for any FWSM routed networks. however, repeating the same test with a VLAN routed on the Sup720 results in GARPs being dropped by the Sup720. The Sup720 keeps discarding a proportion of GARPs until we drop the rate of GARP to <~75 per second. We're not rate-limiting ARP anywhere in the Sup720 - hardware or otherwise - and the FWSM handles the rate of GARP without issue. Is there any built-in restriction on the Sup720 we're not aware of that would cause the observed behaviour, is it configurable.
View 1 Replies
ADVERTISEMENT
Dec 10, 2012
I have one specific trouble with Catalyst 3560CG switch and Stardom reserved industrial controller. Controller has 2 processors, one of them after(!) negotiation become main with IP 192.168.1.1, other one stays in reserve with IP 192.168.1.129. If main one shuts down, spare one becomes main with IP 192.168.1.1. This perfectly works with DLINK and MOXA level 2 switches, but fails with Catalyst 3560, because spare one cannot even connect to switch port. I don't know the exact reason of it, but i suspect, that it happens because of before negotiation both controllers have ip 192.168.1.1 (i know, that it is wrong and weird, but so it goes). First of them correctly connects to switch port, which goes up and passes pings. Second processor tries to connect to switch port, which goes several times up and very soon down, then processor lefts his tries to connect to anybody and become idle. The switch seems to some way check IPs of 1-st and 2-nd port packets, and shuts down 2-nd port. I have connected via hyperterminal and tried to disable some level 3 functions and checks of the switch, but this wasn't useful. how exactly(or at least approximately) should i configure a switch to make this bundle work?
View 1 Replies
View Related
Feb 25, 2012
We have a Cisco 6513 Switch. During some parts of the day it is having large amounts of transmit discards on a certain interface because of the amount of data we are pushing. We have determined it is a link problem and not a problem with the switch. The link cannot handle the amount of packets the switch is pushing out. I was wondering if there is a way to create a buffer or a way to regulate the maximum amount of packets that can leave that interface without losing any packets?
View 5 Replies
View Related
Apr 8, 2013
I am having an issue pinpointing why my 2821 router is discarding so many packets when transferring data to our second site. The traffic flows from the local lan, to the router, where it is redirected via WCCP to a WAN optimization device, back to the router and over a GRE tunnel to the second site where the same process happens. The traffic does get there, but the LAN/Repeater router interfaces have around 20,000-60,000 input drops an hour. From the output below, it looks like traffic is being dropped by the RP.
I just restarted the router as a last resort, and here is what has accumulated in the last 30 min:
FastEthernet0/0/1 is up, line protocol is up
Hardware is Fast Ethernet, address is 0025.840c.7680 (bia 0025.840c.7680)
[code]....
And CPU never goes above 40%
100
90
80
70
[code]...
View 17 Replies
View Related
Dec 18, 2011
I have an issue where I'm seeing output discards on pretty much all my ports configured for QoS. The switches are cisco WS-C3750V2-48PS running 12.2(50)SE1. There are four switches stacked using stack cables. The QoS implemeted was auto-qos with no modifications to the standard config. All ports are in queue-set 1. The phones connected are Cisco 7942's. Already did the standard check for speed duplex mismatch, crc's, runts, giants, etc...No discards before the QoS was applied. No bug ID's I could find regarding these switches and this IOS version. The one thing noticed is that 99% of all the drops are from queue's 2 and 4 or 1 and 3 doing the below command.
**I've limited the cut and paste as to not clutter the discussion until someone requests something else**
show platform port-asic stats drop
Port 18 TxQueue Drop Statistics
Queue 0
Weight 0 Frames 0
Weight 1 Frames 0
[Code]....
View 5 Replies
View Related
Dec 13, 2011
After opening up Solarwinds NPM, I noticed that a few of my interfaces had lots of discards (who knows how long it's been sets the counters were reset)
interface GigabitEthernet1/0/25description Etherchannel to MamaCassswitchport trunk encapsulation dot1qswitchport mode trunkswitchport nonegotiatepriority-queue outchannel-group 4 mode on
interface GigabitEthernet2/0/25description Etherchannel to MamaCassswitchport trunk encapsulation dot1qswitchport mode trunkswitchport nonegotiatepriority-queue outchannel-group 4 mode on
interface Port-channel4switchport trunk encapsulation dot1qswitchport mode trunkswitchport nonegotiate,It looks as if priority-queue was configured outbound on these interfaces, could this be the cause of the transmit discards which are now up to 79,835, I just reset the counters on the interfaces a little while ago.
I'm not the best in the world when it comes to QoS, we do have some VoIP phones, but they are only a specific network, and do not travel outside, since there are used mainly for VoIP training. I do know both interfaces are running the default of FIFO.
View 1 Replies
View Related
Oct 17, 2012
I have been experiencing discards and no buffers errors on my 2950 switches. These switches are connected to two core switches 4948 and 3560G. I have noticed previous posts regrading these problems but have been unable to find any cases that were resolved. We are using 12.1(22)EA11 software on our 2950 switches.
Outputs:
flrnet3#SH controllers ethernet-controller gigabitEthernet 0/2
Transmit Receive 22204993 Bytes 904542488 Bytes
[Code]....
View 3 Replies
View Related
Sep 10, 2012
I would like to know if Catalyst WS-C3750G-48TS-E recognizes and understand Cisco VSS ( Virtual Switching System) . Is there a List available which tells us which Old Catalyst Switches or current switches understand Cisco VSS?
View 3 Replies
View Related
Aug 2, 2012
I have the network described below, on which I am running PIM.
(network) ---- Embedded Linux Router --(vlan 5)-- CAT 3560G --(vlan 5)-- Cisco 1811 Router ---- Multicast Listener
The Linux Router and the 1811 have formed a PIM neighbor relationship. The multicast listener sends an IGMP Join and I can see the PIM join leave the 1811 router (via "debug ip pim"). Using tcpdump on my linux router I never see the Join come in, but I can see the PIM Hellos (which is why the neighbor relationship formed).
View 2 Replies
View Related
Oct 24, 2012
I have a network with a Catalyst 3750 as the main switch and then some Catalyst 2960 switches that are plugged in to that. I have a server running windows server 2008 with a couple of virtual machines running in Hyper-V. I created 4 VLANS listed below and gave the 3750 the following IP Address.I would like the 3750 to only be configurable from VLAN 40 but currently every VLAN can connect to it, I noticed in the standard web page settings there was a setting for "Management VLAN" but it was set to 1 and would not let me change it, I kinda assumed that was for the management port in the back.-Now the tricky part, I was trying to set up routing between the VLANs and so far I have only been able to get a sort of "all or nothing" routing to work. I can turn IP routing on and add two or more VLANs to the routing and it works fine. But what I was hoping to do is create a couple of "junction vlans" that would only route to one or two other vlans. For instance, I wanted to create a VLAN 100 that routed to VLAN 20 and 30 but nothing else. I also want to route VLAN 1 just to VLAN 30, and so on. I am able to do each one of the cases but only one, it seems like the switch only supports one "routing table" am I missing something or is this just a limitation of the switch?
View 2 Replies
View Related
Oct 28, 2012
I have a network with several catalyst 2960 switches and one catalyst 3750. I have created two VLAN and set up the proper routing and everything is working fine there. I have a client/server application that used multicast in the initial start up for the client to determine available servers, the issue is one of my clients is on a different VLAN then the server. I am able to route the multicast using MVR as long as both the server and the client are plugged into the 3750 by creating a static route, making the server a source port and the client a receive port. Unfortunately I need the client and the server plugged in to different 2960s. My question is how do I establish multicast routing between the two and perferably do it dynamically (always route multicast traffic from one VLAN to another).
View 2 Replies
View Related
Jul 24, 2007
Does Catalyst 3550 switch support inter vlan routing ?
View 12 Replies
View Related
Dec 17, 2011
I have been looking into this for a while and I can't seem to figure out why my 2nd vlan is not able to connect properly to the net.
My switch has 12 ports where my devices connects directly, they are all on Vlan 1 and they all work perfectly. on Port 12 I have a dlink router that is connected to a cable modem. the dlink router has an Ip address of 192.168.0.20
I created a second vlan (vlan2) and enabled dhcp relay on it. then I assigned port 9 on the switch to (vlan2)my laptop which is connected to port 9 seems to get an ip address fine and able to ping only some devices on my network (vlan1) and is not able to go out to the internet. I think it has to do with the routes. [code]
View 4 Replies
View Related
Dec 19, 2011
I am implementing a guest wireless network to work alongside my internal network. The guest network will use the existing switching network and will be separated by VLANs. I have the ASA set so that traffic can get to it and out to the Internet. I can set up a workstation on the same VLAN as my guest network and can route inside my network (strictly doing this for testing purposes). Where I am having problems is with the Catalyst 4506 switches and the ip routing. I had two separate "ip route" statements defined on my switches.
ip route 10.200.2.0 255.255.255.0 10.200.2.254
ip route 0.0.0.0 0.0.0.0 10.100.100.254
I have discovered that the traffic is always following the default route despite the fact that my IP address on my test workstation falls in the 10.200.2.x network. I was looking at documentation and found that it is possible to set up policy-based routing on the core switches. Can you have two "ip route" statements defined like this to segreate traffic or do I have to use PBR for routing (or a combination) in this case? If I define PBR then how does that impact my existing routing? I need to make sure that I can still route the existing traffic while I'm configuring this change.
View 9 Replies
View Related
Apr 16, 2012
I have been looking into this for a while and I can't seem to figure out why my 2nd vlan is not able to connect properly to the net. My switch has 12 ports where my devices connects directly, they are all on Vlan 1 and they all work perfectly. on Port 12 I have a dlink router that is connected to a cable modem. the dlink router has an Ip address of 192.168.0.20,I created a second vlan (vlan2) and enabled dhcp relay on it. then I assigned port 9 on the switch to (vlan2),my laptop which is connected to port 9 seems to get an ip address fine and able to ping only some devices on my network (vlan1) and is not able to,go out to the internet.
View 3 Replies
View Related
Feb 25, 2013
We have two catalyst 3560 switches running c3560-ipbasek9-mz.122-58.SE2.bin They are connected using etherchannel using gi 0/21 - 24 interfaces.
on 3560-1 switch, there isn't any ip-default gateway or ip route configured. It only have 1 interface vlan configured.
on 3560-2 switch, there is ip default gateway configured along with 1 interface vlan.
What i dont understand here is that, i can reach out to other subnets from 3560-1 switch in which the routing is not enabled?
View 4 Replies
View Related
Mar 19, 2013
I have peculiar challenge ahead of me and would like to get new perspectives.
The objective is to route specific VLAN traffic and the caveat is that I have multiple VLANs with the same network address.
For example:
VLAN100 10.10.10.0/28 VLAN101 10.10.11.0/28 VLAN102 10.10.12.0/28
VLAN103 10.10.12.0/28
VLAN104 10.10.11.0/28
I need traffic going from VLAN100 with a destination of 10.10.11.0 forwarded to VLAN101 and NOT VLAN104.
This task is currently being completed by a multi context firewall and we're trying to decommission the asset.
View 5 Replies
View Related
Oct 21, 2012
I have a 2504 WLC connected to a Catalyst 3560 which has multiple vlans and is connected to a 2800 series router. I know the catalyst is L3 but I am needing nat functions to get outside to the internet. From my 2800 series router I am able to ping out to the internet, also I am able to ping the vlan interfaces on the catalyst switch. Problem is from the catalyst switch I can ping the inside and outside address of the 2800 but I cannot get any further then that. I cannot ping the 2800 router gateway. Not sure what I am doing wrong as far as routing.
I've attached my 2800 and 3560 configs.
View 3 Replies
View Related
Oct 28, 2012
We have a IP-phone system connected to port 1 on a 3560 switch, the phone system tags traffic with dscp. The switch uplink is on port 24.
Is this configuration correct:
interface 1:
auto qos trust
interface 24:
priority-queue out
View 3 Replies
View Related
Jun 4, 2013
Are there any best practices for preventative maintenance on Catalyst Chassis switches. Looking to build a PMI schedule for a customer. Or is there evidence not to perform it at all. Things like re-seating line cards, cleaning fan exhausts, etc.
View 1 Replies
View Related
Feb 7, 2012
Does the Catalyst 3560 support GRE ?
I know that Catalyst 3750X support GRE ,but Catalyst 3750X cannot work in hardware it.
Does the Catalyst 3560 cannot work in hardware too?
View 4 Replies
View Related
Jun 14, 2012
i have a cisco catalyst 2960g and for some reason out of the blue, some interfaces go down and then up. It started doing it after a power cycle.
View 1 Replies
View Related
Apr 22, 2012
I've gotten this out of our storage unit here at work: This was not in use, I've restarted it, I can't get into the flash dir,I've tried to restart the switch via the documents I've gotten on the site.I have the lastest iOS version .bin for this switch, but I can't get this to load: here below is what happens when I try.
View 5 Replies
View Related
Jun 13, 2012
I'm having trouble setting up SSH on my new Switch.
no aaa new-model
aaa authentication login default local
ip domain-name king.local
[Code].....
I would like to be able to use Vlan 10 192.168.155.1 for SSH remote management.
View 11 Replies
View Related
Oct 2, 2012
We have 2 catalyst 3560g-48-PoE protected by a 1000Va 800Watt tripp-lite and I was cheking to see if that is really sufficient. Looking at the charts from Cisco suppport I would think I should have more, but have not had any issues with a few power outages
View 1 Replies
View Related
Jan 8, 2012
I am trying to setup the WOL for our enterprise. We have a C4500 setup with mutliple Vlans. We are using Microsoft SCCM server to wake up workstations for security update. The workstations are on vlan190 and the Microsoft server is on vlan 441
Here's my config
the config below
interface Vlan190ip directed-broadcast 100 (Enables the translation of a directed broadcast to physical broadcasts)
access-list 100 remark ====== Wake-On-LAN ======no access-list 100 permit udp host 10.4.40.98 any eq 9 logaccess-list 100 remark ====== End of ACL 100 ======
[Code].....
View 2 Replies
View Related
Jul 25, 2012
have 3 Catalyst 3750 in same stack, the IOS version is 12.2(53)SE2. Today we can not telnet/ssh to this switch, but ping is ok, and switch function is ok. I try to access the console port, it show "low on memory, try again later". After I reboot the master switch in the stack, the master switch change to another switch, then I can telnet/ssh to this switch. I check the Ciscoworks server syslog report, there are many MAC address flapping error message, and I beleive the MAC address flapping occured before several weeks. ( the G2/0/15 & G3/0/15 is connect to a VMware ESX server and the EtherChannel config mismatch with this Catalyst 3750 switch ) How to mention the root cause of the "low on memory" problem and what is the abnormal memory usage ( free memory percentage below ?% )?
View 5 Replies
View Related
Apr 9, 2013
my Catalyst 3750 switch. Following a power cut the switch no longer boots up. The SYST light flashed green but no POST checks are made. I cannot see any boot messages from the console port either. The switch was on a UPS but some thing may have damaged the switch.
View 7 Replies
View Related
Mar 18, 2013
I have Catalyst 2960 S (WS-C2960S-48FPS-L) Switch. I have plugged in SFP module but still interface is down and line protocol down. Is there any configuration to enable SFP module and make the interface up?
This port is connected to nexus 5 k.
View 11 Replies
View Related
Dec 4, 2011
I am trying to find out what the most upto date IOS I can put in my Cisco Catalyst 3500 XL switch, and I'm not sure if this the newest software. I have a lab setup at my house to study for the CCNP certs and this IOS doesn't have all the commands I need, well it might but all depracated commands.
View 5 Replies
View Related
May 13, 2012
There is a requirement to configure tacacs and radius on catalyst 3750X (version 15.0) where two vrf exist.Is therer a solution to configure "tacacs-server,host x.x.x.x vrf yyy" ?? I know it is possible to configure under the "aaa group server radius xxx" the command "ip vrf forwarding yyy".Is there anything else for the tacacs-server and radius-server command?
View 2 Replies
View Related
Mar 19, 2013
Does SUP 7E is comatible with IOS? It came with IOS-XE preloaded and there are no IOS software listed under downloads.
View 3 Replies
View Related
Aug 20, 2012
i try to implement layer 2 qos in 2960. when i complete to configure the switch, i want to test the qos.PC1 conect to switch port 1,PC2 conect to switch port 2 . PC1 is source teminal. i use skydata.exe and FTP for the test.
when use the skydata ,the PC2 speed can reach 10mbps.when use the FTP , the PC2 only can reach 1.2mbps. why?
View 3 Replies
View Related
