Cisco Switching/Routing :: How To Edit Port On 6509
May 15, 2013
I am very new to configuring ports on a switch. My boss usually does the port configurations but I am starting to learn some of the basic commands. The commands I know how to do are; close a port by typing config t, int gi0/port# and typing shut. I know how to enable a port, but how can I add info to a port or copy settings from one port to another?
We have some ports that are configured for 192.168 addresses but most are 10.128 addresses. I need to configure a certain port to be able to receive 192.168 addresses.
View 2 Replies
ADVERTISEMENT
Apr 22, 2012
I have 2 Cisco 6509 switches linked together via single Fibre as a trunk.I want to change this to a port channel where I will add another 3 fibre ports to the port channel but what order do I do this to minimise any disruption.
1-Configure PortChannel and add the 3 new ports, this will bring up the Port Channel but what effect will this have on traffic currently going over the single Trunk link? Will spanning tree go mad, how will switches react?
2-Convert existing Trunk link to Portchannel then add in new ports to PortChannel, I guess in doing this there will be a small hit on traffic as it changes to a port channel.
View 2 Replies
View Related
Jan 15, 2012
Created two 6509s as VSS with just one 10gb connection?I know it is recommended to use both the 10gb connections on the sup-720 from below configuration guide
"
Information about VSL Topology
#
A VSS contains two chassis that communicate using the VSL, which is a special port group. Configure both of the 10-Gigabit Ethernet ports on the supervisor engines as VSL ports.
"
But will the VSS come up if I use just the one?
View 2 Replies
View Related
Mar 14, 2012
We are looking for a solution that to use Sub-interface on a routed port on 6509, instead of using a SVI on it.Are there any different when using Sub-interface?
View 3 Replies
View Related
Mar 10, 2012
We have a pair Cisco 6509 switch in which 2 * 48 Port 1G line cards and 1 * 16 Port 10G line Card, FWSM and Sup 720 are installed.We have Cisco UCS and HP Blade servers.Cisco UCS servers are connected to Cisco 6509 switch using Fabric Interconnect, and HP Servers are directly connected to core switches.Recently the team made many changes in the network. Upgraded the IOS in Cisco 6509 switch, Configured Port profiling , MAC Pinning , HBA Cards to UCS / Nexus 1000V Infrastructure. After this change they lost the connectivity to UCS and HP Serers. Every tower is checking at their end.
The Network Team has reverted back the core switch with old IOS , but still the problem persisit.I could only see the following error log in the core switch. There are two port-channels one between core 1 and core 2. The other is between core switch and FWSM module. [code]
View 2 Replies
View Related
Jan 14, 2013
I'm working at a company that has several 6509 switches running CatOS. They have two of the 6509's running in vtp server mode and the rest as clients. I set up a new vlan from one of the vtp servers and it propagated out. The problem comes when I try to assign a port on one of the vtp clients to this new vlan. It gives me an error that the switch must be in vtp server mode to add/delete vlans. I'm not trying to add/or delete a vlan just trying to add a port into an existing vlan. I'm hesitant to put the switch in vtp server mode. Is this a CatOS thing or is there a specific command to accomplish this?
View 5 Replies
View Related
Jun 6, 2012
I have several closets with Cisco 3560 on the edge that I'd like to change the vlan that's used for the management vlan on each. In the core I have a Cisco 6509 with Sup720's.
I'd like to do this by changing the native vlan on the trunk port on the core 6509 interface that connects to the 3560. and leave the management vlan on the 3560 as vlan 1.
Seems trivial but what I tried didn't work and I didn't have the window to troubleshoot. I'll paste the simplified configs for the interfaces below
!
6509 configs:
!
interface Vlan50ip address 172.16.50.2 255.255.255.0!interface FastEthernet
[Code]....
View 5 Replies
View Related
Oct 3, 2012
We are currently designing Layer 3 to the edge EIGRP solution for our customers. The network is a hybrid of collapsed core (Core to access) as well as a three layer design (Core/Distro/Access) for connectivity to the Data Centre, Internet, Wireless Blocks etc.The core of the network contains two 6509-E switches interconnected on a Layer 3 Port channel (no VSS). Access Layer switches (3750-X series running Stackwiseplus protocol) connect to the core switches over p2p routed links and Distribution layer switches (3750X stackwiseplus) provide connectivity to the Data centre, Internet, wireless blocks etc.
The access and distribution switch stacks(Cisco 3750-X) are set up with two or three member switches with uplinks multihomed to the primary and secondary core switch with each uplink included in EIGRP. In each of the stacks, one of the switches controls the operation of the stack, which will be the stack master.As the Cisco Stackwise architecture is not SSO-capable but NSF aware, all Layer 3 fuctions must be re-established during a master switch outage. To minimize control plane impact and improve Layer3 convergence, uplinks should be diverse and originate from the member switches instead of the Master switches in the respective stack. This is as per Cisco recommended design solution.The above solution can be setup if there are more than two switches in the stack. i.e. uplinks are configured on the backup member switch modules.
1.But what about stack with two switches..Which switch should be set up as the Master for a two member stack with uplinks to the core primary and secondary from each switch(Master and Backup)
2. For Layer 3 routing, does the routing takes precedene over switch failures? Say for eg. In a two member stack, the master switch with uplink to primary fails, does EIGRP provide a fast convergence to route traffic via backup secondary and does not wait for the control plane on the switch stack to converge? All the access to core links will be set up for ECMP.
View 3 Replies
View Related
Dec 7, 2011
We have two 6509 switches with one WS-X6704-10GE module in each of them. There is an optical cable between the two switches plugged in WS-X6704-10GE module on both sides. When you shut down the port on one side the other port still stays as up and you need phisycally to unplug the cable to have it down. The same behaviour is seen no matter on which of the two switches you shut down the port, the opposite one always stays as up and only removal of the cable makes it go down.
The ports are configured quite simply:
interface TenGigabitEthernet1/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-10
no ip address
udld port
The IOS version is 12.2(18)SXF8
View 2 Replies
View Related
Oct 3, 2012
I am attempting to block all FTP traffic on port 21 from the servers in my network, and only allow FTP from one server to go out.
I have created the following ACL
access-list 101 Permit ip any any
access-list 101 Permit 21 1.1.1.1 0.0.0.0 any
access-list 101 Deny 21 any any
and have applied it to my truck VPN that goes up to my firewall
int Vlanxxx
ip access-group 101 out
But when i test ftp is still allowed by all servers.
View 6 Replies
View Related
Mar 7, 2012
I have to add some new ACEs on a Critical production 6500 running CatOS.The documentation that I have seen so far explains how to create, commit and vlan map a VACL ... however I see no instructions or comments on best practices for editing VACLs.
View 1 Replies
View Related
Jan 11, 2012
I am new user of cisco router i can access the hardware and login in the account but the problem is if i use the command "enable" asking for a password, old I.T. personnel who setup this router already resign.
View 2 Replies
View Related
Feb 20, 2012
How much is the limit for the creation of PortChanel in a Core Switch 6509 and 6513?Is there a limitation byu hardware?
View 7 Replies
View Related
May 21, 2013
Has anyone configured Layer 3 port channel on Cisco 6509 switches which are connected over dark fiber between two buildings?
View 3 Replies
View Related
Feb 6, 2012
When using Cisco IOS c2960-lanbasek9-mz.122-50.SE3.bin we can delete line in SNMP group config with
no snmp-server group <group-name> v3 priv context vlan-<vlan-id>
without problems.
But, after upgrade on version c2960-lanbasek9-mz.122-58.SE2.bin there is output:
#####% Ambiguous command: "no snmp-server group <group-name> v3 priv context vlan-<vlan-id> "
It looks like some bug, but there is nothing in the bug toolkit.
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Jan 11, 2012
we've had an issue with our network, we have 2 6509 connected with redundancy, which are connected with 2 x 4900 Switches, from which are connected to a ESX Chassis for visualization, the thing is that the ESX stopped working, and the 4900 switches, and the main core were suffering from overload, they hang on it very well, in order to stop the overload, one of the links to the ESX Chassis were disconnected from one of the 4900 switches. The CPU usage from the 4900 and the core(6509) went down below 40%, and then they started to migrate the virtual servers from the chassis to another 2 chassis that were added right after. They were actually working well, but suddenly the 6509 changed to the other supervisor after everything was OK. We were wondering what could have been the cause of this, maybe the virtual servers migrations, maybe the overload from the ESX ? We also had a few question, is there any need to reload the cores every few months as a planned task ? Because the cores have been up for more than 1 year. And also is there any kind of of tool to monitor the CPU status, or the status overall from the cores or the switches ?
View 3 Replies
View Related
Apr 11, 2012
The have around 80 staff and I think the current infrastructure is overkill for the size of the company. The current kit is old and they have no GB ethernet ports. They currently have:-
Core Switch:
1x Cisco c6509with a 48 port fast ethernet module (WS-X6248-RJ-45)
and an 8 port fibre module (WS-X6408A-GBIC)
I'm looking to replace this with something with 72 ethernet ports and 8 fibre ports
Access Switches:
2x 3500Replacement needs at least 48 ports and 2 fibre modules each
and 2x 5500Replacement needs at least 72 ports and 2 fibre modules each.
View 13 Replies
View Related
Feb 26, 2012
If client gateway = 192.168.64.9 then next-hop = 192.168.64.8 else use default-route 0.0.0.0
I know it's possible to do a route-map match ip-address ACL list. But is it possible to match on gateway?
Some info about hardware and config:
6509-E in VSS (IOS 12.2(17r)SX5) withVS-S720-10G supervisor.
All routes are static, IP for 192.168.64.9 is on SVI vlan.
View 3 Replies
View Related
Mar 6, 2012
I have two ISPs. Each is on it's own subnet connected to the 6509 MSFC/Switch. FW1 is on 100.1.100.0/30 and FW2 is on 200.1.200.0/30 subnet. My goal is route all traffice going to the Internet from subnet 10.133.3.0/24 to FW1 and all other subnets across the organization to FW2. I am not sure if I need to use ACL / Static route combo, or just a static routes or ACLS?
View 5 Replies
View Related
May 29, 2012
We have a Catalyst 6509 switch, and we hope to use policy based routing to redirect http traffic to my proxy server, where I can find the configuration example?
View 11 Replies
View Related
Nov 8, 2012
I would like to ask you if it's possibile to block routing between some Vlan for just once of them.
Maybe I can explain better:
I've got a Cisco 6509 with 4 configured vlan interfaces
Int Vlan 10 10.10.1.0/24
Int Vlan 20 10.10.2.0/24
Int Vlan 30 10.10.3.0/24
Int Vlan 40 10.10.4.0/24
Vlan "10" is the phone voip Vlan and it must not talk with the others Vlan. The others Vlan can comunicate normally except with Vlan "10".
Pratically Vlan "10" needs to be isolated from the others.
This equirement comes becouse Vlan 10 is wireless and has the WEP key encryption (very weak protocol). Some Phone couldn't support the WPA2 key and I need to avoid an unauthorized external client, cracking the WEP key and connecting to this WiFi, could have free access to the others Vlan.
View 5 Replies
View Related
Nov 14, 2012
I have a problem on my catalyst 6509 on which I would like to do the following things :
I have some Vlans in which multicast is enabled.
In tose Vlan theres is a router which is default router for equipements.
I had enabled multicast routing because some Vlan needs to exchange multicast informations, but I wolud like to make difference between Multicast traffic. For example I have 5 vlans:
Vlan 1 and 2 need to exchange Multicast informations but the don't need multicast information from Vlan 3 and 4
Vlan 3 and 5 need to exchange Multicast informations but the don't need multicast information from Vlan 1 and 2
Vlan 5 is independant Vlan but doesn't need to have multicast information from all others vlan.
Last problem, equipement on differents vlan can use the same Mulkticast group address. In this case, Multicast routing is not working between Vlan 1 to Vlan 2 and Vlan 3 to Vlan 4.
View 6 Replies
View Related
Mar 6, 2012
I need to setup my 6509 with PBR going to two different Firewalls. The 6509 has vlans and multiple serial interfaces. What/where do I install the policy-maps? I want to direct one of the vlans to one firewall and the other vlans and wan subnets to the other firewall.
View 26 Replies
View Related
Aug 7, 2011
I am migrating from Cisco 6509 IOS (12.2) to Nexus 7000 NX-OS (5.1(1)).I am looking for a equivalente NX-OS command for permit ipinip on IOS.
View 2 Replies
View Related
Mar 3, 2012
I have 2 6509-E chassis with SUP-720-VSS and classic line cards :-(. on October 2011 the switch reached 100% CPU on both devices and the entire network went down. Customer restarted the core so we lost all the log files and couldnt find out any root cause on the same. TAC engineer suggested to have some script configured on the system in case of CPU shooting up above 70%, it will create a file in flash and keep appending the logs to the same. Last week i got call from customer saying that the CPU again went high for around a minute on both the cores. Last time i added CoPP also on the switch in order to prevent the CPU reaching 100%. Still it went high and from the captured logs i saw that the process created the high CPU was Port Manager Per and SSH process. Attached the file created by the netdr capture command.
View 1 Replies
View Related
Aug 3, 2012
I have a customer that has a Catalyst 6509 with two Supervisor VSS capable and my Sales team sell another 6509 with just one Supervisor VSS capable. Simple question: Will VSS configuration will recognize that I have three Supervisors? It will work as QUAD-SUP solution or as a normal VSS solution?
View 7 Replies
View Related
Nov 16, 2011
We are trying to migrate from 1g to 10G, couldn't find any module on 6509-E which supports 10G on SFP+ ...I can see X2 and Xenpacks .. but not SFP + .what exactly this Xenpack means ?
View 3 Replies
View Related
Sep 1, 2012
We have connected a single F5 box with dual links to 2 different Cisco Catalyst switches using 802.1Q trunks. F5 is configured with RSTP mode and on Cisco Switch RPVST+ is configured.STP root bridge is hardcoded on the Cisco side. Loop Guard is globally enabled.On F5 STP link type is Auto, STP Edge port is disabled since that port is connected to the cisco switch.When we are failing over the F5 primary link to the secondary link we see 'Loop Inconsistent' on the cisco switch and things dont work after the failover.We have tried configuring the F5 as STP passthrough but that doesn't fix out the issue.I have checked out the forums and found out following recommendations
1. Configuring MSTP bw F5 and Cisco for better compatibility (Not possible from Cisco side because of a major change in large production setup)
2. Configuring VSS in Cisco switches (not possible due to hardware limitation)
3. Connecting F5 using single links to each switch (redundancy compromised)
I am wondering that on which default vlan does the F5 STP instance0 sends the STP BPDUs ? the term used on Cisco side is native vlan and others use PVIDs; that F5 default vlan should match the native vlan on cisco trunk side.
View 2 Replies
View Related
May 15, 2012
Tonight we were performing an IOS upgrade on our 6509 VSS to 122-33.SXI6. Both 6509's have dual Supervisor cards installed. Initially we had problems with switch 2 slot 5 supervisor returning to rommon however switch 2 slot 6 supervisor loaded correctly. After manually setting the boot var in rommon, switch 2 slot 5 supervisor reloaded correctly.
After all supervisor's were online we noticed when looking at " show switch virtual redundancy" that sw 1 & 2 slot 6 supervisors were running the correct IOS version but sw 1 & 2 slot 5 were running different IOS versions, however when looking at the show version we are running on the upgraded IOS??? See output below...
Why the active supervisor has loaded the incorrect IOS the VSS is running on the upgraded IOS? I have verified the IOS was copied correctly to each supervisor bootdisk, I see no issues.
My Switch Id = 1 Peer Switch Id = 2 Last switchover reason = none Configured Redundancy Mode = sso Operating Redundancy Mode = sso
Switch 1 Slot 5 Processor Information :----------------------------------------------- Current Software state = ACTIVE Uptime in current state = 3 hours, 38 minutes Image Version = Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXI9, RELEASE SOFTWARE (fc2)Technical Support:
[code].....
View 3 Replies
View Related
Nov 30, 2011
We are looking to avoid the need to install an additional device in our network as our core 6509s are not being pushed by any stretch. However, we are having an issue getting the 6509 to assign DHCP addresses and perform NAT.
Most interfaces and V LAN's on the 6509 are using public IPs and have BGP routing at the edge. We have a trunk up link coming into the 6509 on a ws-6816 card via a SMF GBIC in slot 9, port 2 that feeds a wifi link where we are looking to provide guest access to our network.
We created 2 V LAN s on the switch 20 and 21. We assigned a private IP and network to the VLAN20 interface and assigned a new public /30 sub net ip to the V LAN 21 interface. The following configuration was applied which I thought was the required configuration based on how we would typically configure ISR routers for the same services...
ip dhcp excluded-address 10.200.200.1
!
ip dhcp pool WiFi_Pool
network 10.200.200.0 255.255.255.0
default-router 10.200.200.1
dns-server 4.2.2.1 4.2.2.2
[ code]...
What am I missing in this configuration? Note that if I create an access switch port for v LAN 20 on the switch and plug a laptop in directly to the 6509, the laptop is unable to receive a DHCP address. If I assign the laptop an address in the 10.200.200.0 /24 range manually, I can ping 10.200.200.1 from the laptop, however, the laptop will not get to the internet as it appears to be failing to perform nat.
View 7 Replies
View Related
Jun 5, 2011
I have a network with four 6509s in a ring with 10Gb links. Two adjacent switches are at the home office, the other two at the DR site. The switches at each location are physically similar to each other with respect to what blades are in them. We went through an upgrade from SUP-720's to VS-SUP-720's recently, only at the DR site - basically a practice, with the home office conversion hopefully taking place next weekend.
We initially just brought up the two chassis separately, in non-VSS formation (stand-alone). So far, so good - everything was connected, all traffic was passiing, all links were up, everything was reachable: EVERYTHING worked. Then we made the conversion: step-by-step from the cisco.com page; create a virtual domain, make one switch switch 1, the other switch 2, create differently numbered port-channels on each 6509, add the SUP 10Gb links to the port-channel, do the conversion.
Here's where the trouble started. First of all, the two 10Gb links back to home office created a spanning-tree loop and we had to shut down one of the links. (Is there something that needs to be configured on those links to turn spanning tree on? Does VSS conversion turn stp off?) Secondly, though it worked while in stand-alone mode, the copper blade in the standby 6509 stopped passing traffic - it would take config, the links would come up, but you could not ping across those links. Interestingly enough, there was an access switch with links to each of the copper blades, and having them both up also caused a spanning-tree loop. adding a new port-channel and putting both links in it did nothing to alleviate the loop. This leads me to believe that stp is not working properly. I reiterate, that even though the loop occurred, nothing else plugged into that blade was pingable.
View 3 Replies
View Related
