Cisco Switching/Routing :: Poor Inbound Speed On 2960?
Feb 12, 2013
I have 5x Cisco 2960 and 1x Cisco 2960G. All of them are using IOS Version c2960-lanbasek9-mz.122-55.SE6.bin I'm having poor inbound speed with ALL of the Cisco 2960 (except 2960G) although the outbound speed is normal. The port is 100Mbps Full-Duplex, but the max inbound speed on a single connection is around 35Mbps. With the 2960G, I can get max 1Gbps inbound speed on a single connection.
I checked everything and still not know why the 2960 switches can't get max 100Mbps inbound.
I'm experiencing poor udp speed on my sg-200-08. I'm running a nfs share on Ubuntu server 12.04 to a Ubuntu 11.10 client connected through udp protocol . If I use an un managed site com (plastic ****) I get about 50MB/s transfers, with sg-200-08 I can't get over 12/13 MBs transfers.
I've tried to set on both server and client MTU = 1492 and I've changed firmware from 1.0.3.3 to 1.0.5.1 (I've not tested 1.0.6 because of some posts here regarding udp problems).
I have an existing stack of 4 x 2960-S switches connected by stack cables.I would like to add another 2960-S switch to the stack but am unable to as the 2960-S will only allow 4 x 2960-S switches per stack.how I would add the 5th 2960-S switch to the existing stack of 4 x 2960-S switches.
I have a 24 port 2960-S that is not communicating with a 2960-LST that it is directly connected to over fiber. The link is up on the LST but will not come up on the -S. What command should I use to bring up this link? I have tried no shut from the (Config-if)# prompt.
I have two Cisco 7606 routers using BGP to connect our customers to the internet. Recently we added a new 1G circuit in addition to an existing 1G circuit and all traffic inbound is now on this new 1G circuit. We would like to shift some of the inbound traffic over to the other 7606. Our Tier provider has the same AS number for both paths. One path goes directly to New York and the other goes to Boston then New York.
ON switch 6500 i have configured an interface vlan x and applied policies on inboud and outbound directions as per below: [code] But the problem i am facing is that the policy outbound works ok , but the policy inbound doesnt work at all. specifically it doesnt match anything. [code]
I have a non-cisco router with a public WAN address. This is conencted to a 3750 switch internally. The switch is the default gateway for all VLANs, and the gateway router has static routes back to the 3750. The Router provides NAT, no NAT is done on the switch.My requirement is to port forward port 29 000 so that I can access a server on VLAN4 via this port.
So, I have: Router: Port 29000 map to 192.168.4.1 (Switch VLAN4 address)
The question is, how do I route port 29000 from the 3750 to the server on 192.168.4.42 ? what exactly I should add in order to port forward port 29000 incoming form my router, to my server on 192.168.4.42.
I have a VPN on my ASA 5510 between (A)192.168.255.0/24 and (B)172.20.2.0./24. The purpose of the tunnel is to send kerberos tickets from our domian controller on the A side, across to a server at B, and receive a respose. I want to lock down inbound traffic to the A network, but not sure of best method.
I initially tried using an ACL filtering on ports, but soon realised the incoming traffic uses a wide range of ports so this is not really possible.Seeing as the A side will always be initiating the conversation, I was wondering if I could use the 'established' option on the inbound ACL for the ASA at A side, so that it would block any flows that are not initiated by the A side.
How filter inbound routes in Cisco ASA OSPF? Because Cisco ASA has no "distibute-list" command for OSFP process configuration, I try to use "filter-list" command in area definition. So, I try to use next configuration:
We are using Cisco 3750 switches in our environment as distribution switches.We currently use to police inbound traffic, but we need to find a solution to limit inbound traffic per IP.Something like this “Inbound traffic for each IP can be maximum 1 Mbps” This can be done having, one ACL and one class-map for each IP, but in my situation is not a practical solution, because we have more than 500 IP’s on that site.
Is any way to accomplish this without writing 500 ACLs and 500 class-map?
We have a NETAPP nas box having two interfaces connecting to two fex's on 5ks. The 5ks are inturn connected to nexus 7k boxes. We have a 100mbps man link (LAN Extension). The netapp's two nics are grouped together to form a teaming type of environment. SNAPMirror replication is very poor at the rate 10mbps though the WAN speed is 100mbps and also the wan link is utilized only about 60mbps. What could be the problem. We tried removing storm unicast control 10 but with no effect.
I have tried all the speed test sites and tried downloads with and without my EA2700. Every test shows about half the perfomance when connected through the router. My speed tests at speedtest.net with a direct connection are in the 21-26Mbps range, the same tests run about a minute later through the EA2700 fall in the 10-12Mbps range with spikes up to 17Mbps.I've reset the router and modem.I've gone back to the 1.0.14.129982 Firmware (which it's currently on)I've set the MTU everywhere from 1400 to 1500 (literally EVERY setting for at least a couple of hours) it is 1492 currently. None of these have worked. In addition, when a large stream starts, such as a Steam download, I will lose ALL connectivity. Going in to Network and Sharing and clicking to connect to the internet restores the connection, no need to reset any hardware (which is odd in itself). I have had MANY routers over the years and I've all but exhausted support with service provider as the connection is solid if I eliminate the router.Main machine is a Windows 7 Home edition Total of 5 machines, 3 of which see regular use All machines go through a Trendnet 16 port switch and performance is the same direct or through the switch I m on Brighthouse in Central Florida and have all but exhausted their support.
I'm intending to purchase a switch for work,and I need to limit the bandwidth of one of the ports to 25 Mbit upload and 25 Mbit download (we have 100/100 Mbit connection and the customer is only paying for 25). I been trying to find information on how this could be "properly" done and what kind of switch I need to buy. As far as I have understood, most L2+ switches support outbound rate limiting, but not inbound, and as I only want the customer to have 25 mbit up and down, I need both.
I been looking at a Cisco Catalyst 3560 switch, and I'm first and foremost wondering if I can limit the inbound AND outbound bandwidth on this switch? Perhaps it can even be done on a simpler, cheaper, switch - as I rather not spend more money then necessary?
Lastly, how to do it, limit the inbound and outbound bandwidth on a single port (perhaps on the above mentioned switch, if possible), to 25 Mbit?
I just picked up a EA6500 wireless router today and I am a bit disappointed. I paid $199 for this router because I was hoping to take advantage of of fast N speeds and the advanced features it offers.When I first logged in to set up the router, I saw an amber exclamation point with a note that read "Updating Linksys Smart Wi-Fi Service". When I put my password in I was met with a "Unexpected Error" message.Also, the firmware updater doesn't work. Now on to the more bothersome issue. Wireless speed is poor. I replaced a WRT160NL router with this one. On my old router using WPA2-Personal (AES) I would see speeds of ~300 Mbps. On my EA6500, I see 120 Mbps. I have checked and double checked all wireless and security settings and don't see anything that looks wrong.
I own a ea4500 wireless router, I have tested the speed at speedtest.net and wirelessly I get around 9 mbps. My speed is 23 mbps when I hard wired the pc. I have check the speed on a tablet ( android ), pc and a mac to about 5 feet away from the router with no walls or anything between the two devices.I have checked all the settings but I don't see anything wrong, I have changed to N mode only to make sure I use top speed.All my devices are able to use N.
Enabling auto detection of the upstream bandwidth in the qos tab results in a significantly lower than normal maximum upload speed? I have the Blast plan from comcast (20/2 sustained; 30/4 with powerboost). Here are the results.
I want to configure accesslists on my Catalyst 3750X-switches to protect different VLANs/networks. Any best-practices about inbound versus outbound accesslists? In my head it is more readable and easier to understand the config when accesslists are assigned outbound on the VLAN to protect instead of assigning them inbound on all possible source-VLANs. But of course, from a performance point-of-view it is better to use inbound access-lists to avoid un-necessary routing etc.
My management has tasked me to give them a high level overview of the different switching we can choose for our new building.
This is what I know so far.4 Closets, each closet has 450 ports,One MDF room that is will contain one UCS Chassis and a Nimble iSCSI SAN.
I am working on the spreadsheet and it looks like this (Not totally filled):
2960s3560x3750x45064510Approx cost (Each, 48PORT, POE+, 10G uplink, Dual PS, IP BASE) 6K7K8K45K75KMax Capacity192432432192384Backplane speed206464520520ProLeast ExpensiveStackable to 9Stackable to 9ProDual PSDual PSDual PSDual PSDual PSProLayer 3 opt Layer 3 optDual SupsDual SupsConExpensiveExpensiveConNo Dual PSConLayer 2 OnlyCannot stack more than 4 For the MDF I would like to use 2 Nexus 5548's with FEX's, and the layer 3 daughter board. For the IDF's I was thinking of two 4010's.
I am using a 3750 as a default gateway for multiple Vlans on a few 2960 switches. The trunk lines are configured and working and I have assigned ip addresses to each of the Vlan interfaces on the 3750. My issue is that I can only ping the ip address on the Vlan interface of the 3750 if I have a working computer plugged directly into the Vlan on the 3750. I only have 3 vlans on the 3750 that have hosts directly connected (vlans 2, 10 and 40) the other vlans ( 20 and 70) don't have any clients plugged into them on the 3750 but the hosts reside on 2 different 2960s that connect via trunk ports. How do I keep the vlan interface on the 3750 switch pingable when I don't have hosts directly connected in that vlan on the 3750? (yes, I have enabled ip routing on the 3750)
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
I'm having a strange problem where I'm not able to get through a Cisco 2960-S L2 switch when connected through vpn, while LAN-WAN traffic is working fine.The situation on site is the following:When inside the network I'm able to get to the internet without a problem. The problem is within a vpn-session. When this session is succesfully started I can ping and manage the Cisco 2960-S switch, but I can't ping or manage the Dell switch from my laptop. I can however ping the Dell from the Cisco-switch. [code]
This will be this configuration for all input interface right ? For the Output part I'm lost, what do I have to do ? And for the 2960-2 do I have to put the same configuration ?
We recently updated a site2site link to metro ethernet, ISP call it 100mbps LAN Extension, but to me it is just QinQ over fibre connection. Most went well, one thing (annoying to me) is we can not ping our switches on both ends anymore.
We have a 3750 in headend and another 2960 on the other end. I used to be able to ping/telnet to the management IP from one to the other. Now we can not. I think the ISP is applying some configuration on ports of their customer-premises equipments (both are Cisco switches) but agent in ISP told me no. I thought there is some configuration on Cisco switch to block "MAC discovery" but i just can not remmenber what was that and google also failed me this time.
I have got two links from the same ISP, primary and secondary and connected to two different switch. The ISP have passed the trunk vlan of 30, 31 and 32 on both of the links. The ISP can't provide stp. I have got another managed 2960 series switch. How can I obtain failover on switch level.
I have IP phones connected to 2960 i want to segregate traffic traffic comming from IP phones which has a COS value of 5 and want to allocate a band width of 200 MBPS for those traffic .
Can any one share sample QOS configuration for achiving this in 2960 ?
