Cisco Switching/Routing :: Correct 2960 For Small Datacentre
Jan 20, 2013
I have two cabinets in a datacentre (with 12 CAT5 links available between them), at the moment I just have a single firewall and a very basic 3Com 2824 unmanaged gigabit switch in each cabinet that are connected together. This works perfectly as the traffic use is very light and is typically server->firewall->Internet rather than too much heavy inter-server traffic.I want to improve the redundancy and reliability however. So I plan to get two Fortigate firewalls, put them in a HA cluster and have one in each cabinet with connections to the WAN. The servers are all VMware so have mulitple NICs teamed. The last bit then is between the VMware host servers and the firewalls - the switches. I'd like to have each server connected to two switches to give multiple paths, so I'm looking at two switches per cabinet. From doing a fair bit of reading it looks like I'll have no problem with this, STP should be able to sort out the multiple routes to whichever firewall is the active member at the time. There will be some need for basic VLANing as I would like to separate management traffic and certain servers I wouldn't expect to exceed 5-10 VLANs.
As I said the traffic is very light and from what I can tell I don't require any "fancy" features, and given the I need to buy four switches I'm trying choose a switch that is reliable but will do the job and not much more. If we experience growth down the road then we can buy more expensive switches then. So I've been looking at the WS-C2960-48TT-S and the WS-C2960-48TT-L, the first using the LAN Lite software while the second uses the LAN Base. The LAN Base version is virtually twice the price so I'm wondering if there are any features of LAN Base that are required in my scenario? I've done quite a bit of reading but cannot really see a reason why LAN Lite should not work fine, but don't want to discover I missed something when it is too late .
View 16 Replies
ADVERTISEMENT
Mar 21, 2012
I got Two Distribution Switches of Cisco 3750G. Each Distribution have two 3750G switches stacked. I also have one Cisco 3750V2 Access Switch connected to both Distribution. When I am checking for redundancy, I can only get redundancy test pass for one link not atall for other. If I have a link up with Distribution 1 only then its fine; but disappointment with Distribution 2 link. I can see that the switch priorities of Dist 2 is not correct ie. Master's priority is 10 and Member's is 15.
My question is that due to misconfigured priorities on Distribution 2 stack switches I am failing with redundancy if ONLY Dist 2 is up and Dist 1 is down.
View 4 Replies
View Related
May 13, 2013
What is the correct way to lic VSS on a 4500 SUP7L-E ? url... Under Table 5 - Support by Image Type; VSS is listed as available on IP Base (SUP7E only) and a plain Yes under Enterprise Services, inferring that you need Enterprise Services lic on SUP7L-E to get VSS? url...Under Table 1 - Minimum License for VSS; IP Base or higher (7-E) or special license (7-LE and Catalyst 4500-X)Can find no option on CCO / configuration tools to list a 'special' VSS license for 4500R+E chasiss with dual SUP7L-E and IP Base.How are you meant to purchase/license VSS on 4500E Chassis + SUP7L-E ?
View 6 Replies
View Related
Feb 7, 2012
I have an existing stack of 4 x 2960-S switches connected by stack cables.I would like to add another 2960-S switch to the stack but am unable to as the 2960-S will only allow 4 x 2960-S switches per stack.how I would add the 5th 2960-S switch to the existing stack of 4 x 2960-S switches.
View 12 Replies
View Related
Feb 11, 2013
I have a 24 port 2960-S that is not communicating with a 2960-LST that it is directly connected to over fiber. The link is up on the LST but will not come up on the -S. What command should I use to bring up this link? I have tried no shut from the (Config-if)# prompt.
View 3 Replies
View Related
May 14, 2012
I cannot seem to correct a duplex mismatch issue.I have a Cisco 2950 switch connected to a Cisco 2621 router. I am running a per-interface Vlan. I have two fastethernet ports and one NM-1E card installed on the router. One fastethernet port is connected to my gateway router, the second fastethernet port is connected to my switch for one Vlan. The NM-1E Ethernet card is being used for the second Vlan which consists of nine IP cameras. Though the cameras on the Vlan are working fine.Now, the NM-1E card is set to half-duplex. I know that I should be using a fastethernet module like a 1FE 2W or a 2FE 2W card, (which I have,) but the router does not recogonize either one of these cards when they are installed, and yes, they have been confirmed as good cards.
Using Router-on-a-Stick configuration is out due to the bandwidth contention besides the fact that the router I am using it on will not handle this due to the flash being an older version.I have forced the switchport to half duplex, setting the speed to 10. I was getting fewer error messages at first, but they soon increased back to the frequency that they began with.I have set the switchport to duplex auto, but this failed to resolve the issue.Obviously, I cannot force the switchport into duplex full since the NM-1E interface is set to half duplex. Can the NM-1E card be configured to full duplex? I can't seem to find any documentation showing where it can be forced to full duplex mode.Could nine IP cameras just be too much for both the router and switch to handle?
View 4 Replies
View Related
Jun 14, 2012
Looking at the following output (show interface status) from one of our 4507s I see gig interfaces 3/2 to 3/6 are all trunked (dot1q). When I look at a show run they do not show as trunked. They should indicate switchport trunk encapsulation dot1q and switchport mode trunk (as does interface gig4/2). I have seven other 4507s all running the same IOS: 12.2(25)EWA8 and they all show the same information in show run and show interface status (as far as trunked goes). This is not a problem as I know the interfaces are trunked and working properly I am just puzzled as to why I see this difference.
Here is the sho int gig3/2 trunk. It looks like you are correct. I did not realize some were set to trunk mode on and others were not. I would think the running config would still show the port using dot1q but I guess not.
View 3 Replies
View Related
Apr 22, 2012
We tested a QoS in a Cisco 3750E, IOS: 12.2(58)SE2.Voice traffice in the correct Q without any problem, but all the others traffic the Defualt Q (0), tried to capture the traffic and tcp/udp port are correct.Any thing wrong with my ACL or DSCP - CoS?? ( that ACL works fin on 4500 and 6500) [code]
View 3 Replies
View Related
Jan 1, 2012
Clarifying whats the correct # of port asic in WS-X6704-LC?According to the following link (Catalyst 6500 Architectural white paper): [URL]
"In the WS-X6704-10GE line card, there are two port ASICs each supporting 2 x 10 Gigabit Ethernet ports"
While in the document: Understanding Quality of Service on the Catalyst 6500 Switch: [URL]
Table 10.
WS-X6704
Number of 10 GE Ports 4
- QoS on 10-Gigabit Ethernet Line Cards (WS-X6704-10GE)
So whats correct? 4 port asic or 2 port asic?
# Port ASIC’s on the linecard 4
# Physical Ports per Port ASIC 1
View 1 Replies
View Related
Jan 12, 2012
The network in my building consists of several 2950s connected back to 3550s using redundant fiber links and MST. Recently one tenant decided they wanted to run their own switch and use the existing building network for VoIP only which is on a dedicated VLAN. I was thinking about creating an access port on the 2950 and setting it to the VoIP VLAN as I do not want to give them a trunk port. The client can take this link and connect to their switch. So far does not seem to be an issue. Now what happens if the client configures spanning-tree on their switch? I have no control over their device and cannot manage it. Is there a way I can protect my edge switch and access port to allow them to run their own spanning tree without it interfearing with my existing MST instances? I was thinking BPDU guard but if they turn on stp and my switch sees a bpdu then the port is disabled and they lose VoIP access. At the same time I dont want them to be able to create a loop on their switch and have it affect mine. But since the is only a single cable from my device to theirs?
View 4 Replies
View Related
Apr 19, 2012
Small datacenter design. My requirements and setup will be as follows Dell PowerEdge M1000E Blade Chassis (initially one full chassis)Dell Powerconnect 10GbE Blade SwitchesDell Compellent Storage Array 10Gb iSCSI with redundant controllersDell Powerconnect 7024 dedicated external storage Virtual host blade servers 2 x Cisco ASA for firewall (5525-X or similar in active-active configuration)2 x redundant routers or switches as gateway to public internet I am looking to be able to segregate customers (approximately 100) into seperate VLANs at the access layer and route them up to the Cisco ASA firewalls using Dot1Q trunking for segregation. The Cisco ASA's will perform NAT functionality and route to the redundant gateways. I then need to police each customers traffic at the gateway to limit bandwidth and perform specific traffic marking along with simply routing out to the internet.
Budget is somewhat restrictive so I am looking for the most "cost effective" devices I can use at the gateway to perform the traffic policing/marking/routing for each customer.
View 1 Replies
View Related
Apr 6, 2012
i have a cisco router 887 which i am trying to configure. but however, do i really need to use the SDM utility or i can do it through CLI?i need to replace my current router in my small home office.
View 3 Replies
View Related
May 1, 2013
I need to extract the serial numbers of SFPs which are plugged in a SG-200-18.For information, SG-200 doesn't have a CLI ... only a Web GUI.I just find this information : [URL]
View 2 Replies
View Related
Nov 2, 2010
i have major problem with two new Small Business 300 Series switches.Everytime i try to save the running config i get a GUI error message: "Another copy process is active, please try again later."It's also not possible to re-flash the firmware because the GUI stops responding.I have also tried to do this via console access and this produces a "the copy utility is occupied by another user" error message.-> so this is not a browser based problem.My first thought was that the switch (SG 300-28) is faulty so i unpacked the next new one (SF 300)and got the same error messages!Then i had a 2 hour webex support session with the Cisco Small Business Support and they did not found a reason for this behavior.Both switches are working normally, you can configure them, but after a reboot they are back to factory default again There is no possibilty for copy running config to startup config and it's also not possible to flash the firmware.(Web GUI & Console). tell me if this is a fundamental problem of the 300 Series?
View 6 Replies
View Related
Aug 22, 2012
I am having difficulties with getting SPAN traffic over my WS-X6704-10GE (CFC).
CISCO7606
ios 12.2(33)SRE6, SUP720-3BXL
Trying to use the span feature, put the commands listed below in and they entered successfully, but the port is not being mirrored.
interface TenGigabitEthernet1/1
description PUBLIC
dampening
mtu 9216
ip address x.x.x.x x.x.x.x
[Code]....
View 1 Replies
View Related
Apr 7, 2012
My problem is that I have a Cisco 300 series small business switch with multiple VLANS each one with an IP address and two or three ports assigned to each VLAN. I have an E3200 wireless router that I want to use to use to share internet on the switch. All of the VLANs are reachable from the other VLANs and I've put a static route on the E3200 so that I can reach the VLANs from a machine connected only to the router. But I can't reach machines on the otherside of the router or get to the internet from the switch.
View 3 Replies
View Related
Jan 17, 2013
My management has tasked me to give them a high level overview of the different switching we can choose for our new building.
This is what I know so far.4 Closets, each closet has 450 ports,One MDF room that is will contain one UCS Chassis and a Nimble iSCSI SAN.
I am working on the spreadsheet and it looks like this (Not totally filled):
2960s3560x3750x45064510Approx cost (Each, 48PORT, POE+, 10G uplink, Dual PS, IP BASE)
6K7K8K45K75KMax Capacity192432432192384Backplane speed206464520520ProLeast ExpensiveStackable to 9Stackable to 9ProDual PSDual PSDual PSDual PSDual PSProLayer 3 opt
Layer 3 optDual SupsDual SupsConExpensiveExpensiveConNo Dual PSConLayer 2 OnlyCannot stack more than 4
For the MDF I would like to use 2 Nexus 5548's with FEX's, and the layer 3 daughter board. For the IDF's I was thinking of two 4010's.
View 12 Replies
View Related
Nov 21, 2012
I am using a 3750 as a default gateway for multiple Vlans on a few 2960 switches. The trunk lines are configured and working and I have assigned ip addresses to each of the Vlan interfaces on the 3750. My issue is that I can only ping the ip address on the Vlan interface of the 3750 if I have a working computer plugged directly into the Vlan on the 3750. I only have 3 vlans on the 3750 that have hosts directly connected (vlans 2, 10 and 40) the other vlans ( 20 and 70) don't have any clients plugged into them on the 3750 but the hosts reside on 2 different 2960s that connect via trunk ports. How do I keep the vlan interface on the 3750 switch pingable when I don't have hosts directly connected in that vlan on the 3750? (yes, I have enabled ip routing on the 3750)
View 5 Replies
View Related
May 21, 2013
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
View 1 Replies
View Related
Nov 16, 2011
Does the Model "WS-C2960-24PC-L" Supports IP Routing or not?
View 9 Replies
View Related
Dec 26, 2012
I'm having a strange problem where I'm not able to get through a Cisco 2960-S L2 switch when connected through vpn, while LAN-WAN traffic is working fine.The situation on site is the following:When inside the network I'm able to get to the internet without a problem. The problem is within a vpn-session. When this session is succesfully started I can ping and manage the Cisco 2960-S switch, but I can't ping or manage the Dell switch from my laptop. I can however ping the Dell from the Cisco-switch. [code]
View 7 Replies
View Related
May 15, 2012
set up my QoS on two 2960
-------------------- ------- ------- ------------
PBX Asterisk |----|2960-1 |------|2960-2 |-----|Voip client2|
-------------------- ------- ------- ------------
-------------- |
[Code].....
This will be this configuration for all input interface right ? For the Output part I'm lost, what do I have to do ? And for the 2960-2 do I have to put the same configuration ?
View 5 Replies
View Related
Nov 7, 2012
we hava a couple of 2960 switches and we are logging to a syslog server. Ports keep going up and down is it normal severity (error) ?
View 2 Replies
View Related
Feb 23, 2012
We recently updated a site2site link to metro ethernet, ISP call it 100mbps LAN Extension, but to me it is just QinQ over fibre connection. Most went well, one thing (annoying to me) is we can not ping our switches on both ends anymore.
We have a 3750 in headend and another 2960 on the other end. I used to be able to ping/telnet to the management IP from one to the other. Now we can not. I think the ISP is applying some configuration on ports of their customer-premises equipments (both are Cisco switches) but agent in ISP told me no. I thought there is some configuration on Cisco switch to block "MAC discovery" but i just can not remmenber what was that and google also failed me this time.
View 3 Replies
View Related
Apr 20, 2013
I have got two links from the same ISP, primary and secondary and connected to two different switch. The ISP have passed the trunk vlan of 30, 31 and 32 on both of the links. The ISP can't provide stp. I have got another managed 2960 series switch. How can I obtain failover on switch level.
View 2 Replies
View Related
Feb 21, 2013
I have IP phones connected to 2960 i want to segregate traffic traffic comming from IP phones which has a COS value of 5 and want to allocate a band width of 200 MBPS for those traffic .
Can any one share sample QOS configuration for achiving this in 2960 ?
View 2 Replies
View Related
Mar 10, 2012
My cisco ios 2960S is crashed and the ios is gone The issue is i am connecting my pc to management port and i give switch:
IP_ADDR x.x.x.x/255.255.255.0 and also switch: DEFAULT-ROUTER
But i can not copy tftp to flash,according that i have L3 port (management) why should i use xmodem?
View 3 Replies
View Related
Mar 16, 2012
I have 2 switches connected Via MM fiber cable one of them SRW2024-K9-NA with MGBSX1 Transceiver and the Secand One 2960 with GLC-SX-MM
are there is any configration must be done or not ?
View 2 Replies
View Related
Jul 22, 2012
Have Cisco catalyst 2960 IOS ver12.2(53)se2 when power on the power LED does not come up and on this is what shown on hyper terminal. what need to be done for this switch ?
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: b4:d9:8d:27:4c:00
Xmodem file system is available.
[code]......
Interrupt within 5 seconds to abort boot process. Boot process failed. The system is unable to boot automatically. The BOOT environment variable needs to be set to a boot able image.
View 12 Replies
View Related
Jul 2, 2012
I currently have a network with (8) 2960 Cisco Switches. (6) of the 2960 switches are etherchanneled back to (2) 2960 switches in the computer room. I would like to setup QOS on the (8) switches, however the traffic is very differnt on each of the switches. I have video, ip phone, server, printer, PC traffic. I am not sure what the best method of separating this traffic into differnt QOS queues.
View 3 Replies
View Related
Jan 6, 2012
we have a cisco 2960 48 port tcl switch port and i've enable ssh on my switch and now :
1) how can i login to ssh ? how should create username for ssh ?
2) how can i disable telnet ?
3) how can i change main (master) password?
View 7 Replies
View Related
Jun 4, 2012
I have an switch 2960 and i have made an SSH connection . But the problem is that whenever i try to open with my teraterm or putty it ask for username and after that password but does take the password. It shows an error of password what should be the problem.
Commands that i entered to make SSH
config# username admin password pankaj
config# ip domain-name home.local
config# crypto key generate rsa
config# 1024
config# ip ssh version 2
View 6 Replies
View Related
Jun 4, 2012
I have an switch 2960 and i have made an SSH connection . But the problem is that whenever i try to open with my teraterm or putty it ask for username and after that password but does take the password. It shows an error of password what should be the problem.
View 1 Replies
View Related