Cisco Switching/Routing :: SG300 LAN Flooded With STP Messages
Feb 28, 2012
I have a new redundant network with two cores C1 and C2 and five access switches A1 to A5. They are all Cisco SG300 switches. I have noticed there are too many STP messages emanating from one host which has a MAC address which cannot be traced on the network. In the redundant network, I made C1 the root bridge by giving it a priority of 4096 and C2 has been given a priority of 8192 so that it is the secondary root bridge in the network. I have left all other STP settings to default on the rest of the switches in the network.
The problem is that one host is advertising a RST root bridge all the time. Now it has a mac address which is different from the mac address of the root bridge itself and i cannot trace this mac address on the network. Look at the snapshot of Wireshark output in the attach.The source MAC address which is the host advertising all the time is 1c:df:0f:34:db and the root bridge is 1c:df:0f:bb:34:c4.
Why would the root bridge be resetted all the time?I've also noticed that one port in a LAG configuration on one of the access switches is flapping up and down all the time.I tried to troubleshoot this problem. It is not the cable. It would be something else. What could cause this flapping of the port?Could it be related to STP?
On the other Core switch C2 I can see a LAG status switching between forwarding and blocking all the time. What could make the LAG status to flap from forwarding to blocking and back all the time like this?
View 3 Replies
ADVERTISEMENT
Jan 10, 2012
Brand new SG300-20, every now and then on console
12-Nov-2011 23:35:33 :%HAL_config_phy-I-CHNGCOMBOMEDIA: Media changed from copper media to fiber media (Unknown) on port gi19.
12-Nov-2011 23:35:33 :%HAL_config_phy-I-CHNGCOMBOMEDIA: Media changed from copper media to fiber media (Unknown) on port gi20.
12-Nov-2011 23:35:33 :%Fiber-I-SFP-PRESENT-CHNG: gi19 SFP status is present.
12-Nov-2011 23:35:33 :%Fiber-I-SFP-PRESENT-CHNG: gi20 SFP status is present
However these ports are not in use and have nothing installed...............Firmware 1.1.2.0 (latest as of Nov 2011)
View 5 Replies
View Related
Feb 11, 2012
Is there a way to get more messages out of a 2950 set to syslog? I've turned every logging option I can find to DEBUG, but all I get in my syslog are LinkUp/Down messages and "Configured from console by console". I'd love to see more information such as configuration changes, or even someone attempting to set up DTP on a switchport set to access mode.
View 2 Replies
View Related
Mar 27, 2012
I've got a 48-port 3750 running 12.2(46)SE and I am seeing these messages in the logs. Has any seen this message before or what it means ?
Invalid packet (too large) length=22320
View 1 Replies
View Related
Dec 16, 2012
Is there a way to turn off 802.1x authentication messages to the console of a 3750 switch? The issue we have is that we like to monitor the terminal when remotely configuring our switches. However, every time a computer authenticates to the network we get messages and sometimes quite a few depending on the situation.
View 3 Replies
View Related
Dec 26, 2010
I had these error messages on both my Cisco 2851 and on my Cisco Catalyst 6506.
On Cisco 2851:
%SYS-SP-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (4/4),process = SEA write CF process. [code]...
And on 6506:
Dec 27 15:20:55 MET: %SYS-SP-3-CPUHOG: Task is running for (2000)msecs, more than (2000)msecs (129/129),process = SEA write CF process.[ code]...
I have these IOS versions on my Cisco:
Cisco 2851: 15.0(1)M4
Cisco 6506: 12.2(33)SXI
View 3 Replies
View Related
Jan 24, 2012
While working at a client site today, I was troubleshooting some ICMP connectivity for a network we have created.I turned on 'debug ip icmp" on the 3550 switch int he middle, and was inundated with the following debug output:
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
[code]....
This output fires several times a second, and based on how often it is firing, I am curious if it may be a culprit with respect to the fact that the client has indicated that they have some slow internet.Should the next step be to look at the workstation at 172.16.1.5?
View 10 Replies
View Related
Jun 12, 2012
Is there any way to change the port that is used for syslog messages on a Cisco 9500 switch?By default this is set to UDP port 514.There doesn't seem to be a command to change the port.
View 1 Replies
View Related
Sep 30, 2012
We use C2950G switches with IOS 12.1(22)EA12 . Switches are set up to send logs to a server (informationnal level). On this server, we receive many of logs from those switches, but none about interfaces errors (even if interfaces statistics show interfaces errors). On C3548 switches it's work fine.How should I be sure the set up of switches is correct ? Why do I never receive messages as %LINK-4-ERROR:[char] is experiencing errors ?
View 2 Replies
View Related
Aug 15, 2011
I m getting below error messages in show logs -
Aug 12 15:30:57.127 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
Aug 12 15:31:02.175 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
Aug 12 15:31:08.219 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
Aug 12 15:31:10.239 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
there is no error messages related to PSU in "show env all " log .
here is show version -
------------------ show version ------------------
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA13, RELEASE SOFTWARE (fc2)
Technical Support: [URL]
Copyright (c) 1986-2009 by cisco Systems, Inc.
[Code] ....
View 8 Replies
View Related
Feb 12, 2013
Setting up NTP. Currently the source for NTP within our network is our core 6500.Currently the NTP source for the 6500 are internet based NTP Servers. I would like to configure the 6500 to respond to NTP messages as the NTP Master. However will the 6500's source remain as the internet based NTP Servers?? In other words if the 6500is configured to be NTP Master, where would it get it's time from?
View 5 Replies
View Related
May 9, 2012
I have a situation in which I want to log a specific message (informational - 6 level), but don't want to enable informational logging and get all the messages that come with it. Is there a feature in IOS, 3560 12.2(25r)SEE4, similar to the 'logging lists' feature on the ASA that allows you to specify logs that you want to capture without having to change your logging level? I didn't want to have to write an EEM applet for this, but if that's the only way, I'd consider it.
View 3 Replies
View Related
Dec 26, 2012
I am getting the below messages on my Cisco 6500 series switches every 1min. The IOS version is 12.2(33)SXI6 & with SUP32-GE-3B
%ILPOWER-7-DETECT: Interface Fa1/1: Power Device detected: Cisco PD
%ILPOWER-7-DETECT: Interface Fa1/1: Power Device detected: Cisco PD
%ILPOWER-7-DETECT: Interface Fa1/1: Power Device detected: Cisco PD
These messages are I am recieving on few ports only not on all port having IP Phone connected. I tried changing the phone to some other model but that also did not resolved my problem. Also I tried powering on the phone using power adapter but the issue still persist.
Client are not facing any issues due to this error, but still I would like know what can be the issue which is generating these logs.
View 1 Replies
View Related
Jul 2, 2012
Query is, Can i send my syslog messages to SNMP sever? if so, what command needs to be enabled on nexus 7k?
View 3 Replies
View Related
Dec 9, 2012
We have recently upgraded oor LAN and we are using couple of Nexus5548UP switches in the core with 2960 stacks as access switches. Each access switches stack is connnected to both core switches with link being port-chanels and VPCs. All is working fine, but our SolarWinds management platform (NPM) is being flooded with "Physical Address changed" events. Here is an example of messages:
NSW_Core_2 - Ethernet1/7 Physical Address changed from 000000003811 to 73616D653811
NSW_Core_2 - Ethernet1/7 Physical Address changed from 200B82B43811 to 000000003811
For each interface I have messages like these repeating.I am not sure what those messages means or if there is actually anything wrong. Performance of the network is good, there are no errors on any interfaces and I do not see anything related in the switch loggs.
View 4 Replies
View Related
Jan 14, 2012
I am using radius authentication on C4507R+E with supervisor card 6L-E and IOS 15.0.2(SG1). It works perfectly but all radius messages appear in the console. Radius is very verbose, I can't use console because of the significant number of messages and I am worried about switches performances. I add that all debug commands are disabled.
View 1 Replies
View Related
Sep 25, 2011
We are facing issue with one of the module installed on cico 4506 swicth. All of a sudden cisco phones connected to that module went down and the messages logged on the console. [code]
View 9 Replies
View Related
Apr 23, 2012
We had a core switch(4503) in our environment and recently we tried to enable syslog in the switch. But the syslog server doesnt receives all the configured level messages from the switch. Following is the only message getting in syslog server after the configuration change in switch.
%SYS-5-CONFIG_I: Configured from console by CWLMS onvty1
(No Traffic related messages like acl deny traffic, spanning tree events etc are getting to syslog server as well as log buffer of the switch)
Following are the logging configuration for the core switch
logging monitor informational
logging facility syslog
logging source-interface Vlan44
[Code]....
1) Is there any more configurations required for getting all traffic related messages, (i mean all possible messages - upto level 7 - debugging)?
View 3 Replies
View Related
Dec 15, 2012
I am using Solawinds syslog and trying to get our Cisco routers send syslogs to our syslog server. I followed the procedure on Configuring Cisco Devices to Use a Syslog Server from [URL] Our Cisco swtches are all sending syslog messages but not the routers. I compared the config with our access switches but can't seem to find the problem:
Sample router config:
service nagleno service padservice tcp-keepalives-inservice tcp-keepalives-outservice timestamps debug datetime msec localtime show-timezoneservice timestamps log datetime msec localtime show-timezoneservice password-encryption!hostname WWF-RT1boot-start-markerboot-end-marker!security authentication failure rate 10 logsecurity passwords min-length 8logging buffered 4096logging rate-limit all 10logging console critical!aaa new-model!!
[Code] .......
is there a command that prevents the router from sending the syslog to the server?
View 2 Replies
View Related
Feb 5, 2012
I recently set up a small photography business and am trying to get a Cisco 877 and Cisco SG300-10 switch to talk to each other.
What I want is for the Cisco 877 to handle the internet and the SG300-10 to handle the local network,
I have set up 2 vlans in trunk mode on the switch and want vlan2 to manage local traffic and vlan3 to handle the internet.
I have got the 877 connecting to the internet what I dont have, traffic going to vlan2 on the switch from the 877
Look at the running configs for the switch and the router and tell me how to get the vlan on the router to pass traffic to the switch. In a nutshell I am inserting the internet into the switch but am not sure how to progress. I have the c870-advipservicesk9 image file on the router.
Switch Config
interface gi2
description connection-to-data-vlan
exit
interface gi3
description connection-to-internet-vlan
exit
vlan database (code )
View 11 Replies
View Related
Dec 8, 2011
I am currently having an issue with connecting a Catalyst 2960-S switch to a Small Business SG300 switch. When I connect them they are unable to form a link. When I do a show spanning-tree it says the mst link is in dispute.
View 1 Replies
View Related
Dec 10, 2012
I am trying to configure Cisco SG300-52 switch for the first time and stuck without CLI configuration option. The configuration can be done using GUI, however, configuring using CLI would be more comfortable (as I am used to work with CLI of other Cisco switches)..
I was able to lo gin to switch using SSH, but the CLI appears in MENU format and was not able to find any way to go to CLI mode.
As per some blogs, in SG300 switches CLI mode can be accessed using Ctrl + Z in Menu, which did not work either in my case.
Switch is running with latest firmware version Sx300 Firmware Version 1.2.7.76.
View 2 Replies
View Related
Feb 28, 2012
I have three Cisco SG300-28 switches. I setup a test lab environment with a core (server) switch in Layer 3 mode and the rest are (clients) in Layer 2 mode. As I understand, these switches doesn't support VTP, only GVRP. And GVRP works the same with VTP. Whenever you create VLANs on the core or main switch, other switches will learn from the core switch and no VLAN creation for the client switches will be made. (Hope I got it right. I guess GVRP is more complicated than VTP). I want to use GVRP to create VLANs on the main switch so that I won't be doing it all over on the other switches. The following is my (so far) configuration through CLI only:I haven't use the web GUI. My SW version is 1.1.2.0.
1. I already enabled the GVRP globally.
2. I configured GE 12 & GE 24 as TRUNK ports for the core switch that connects both switches, I also configured GE 12 ports for both the client switches. All other ports are in ACCESS mode. (I am connected to GE 2 port)
3. I enabled GVRP on the TRUNK ports only for all switches.
4. I allowed all vlans on the TRUNK ports. (#switchport trunk allowed vlan add all)
5. All TRUNK ports registration mode is NORMAL and dynamic vlan creation is enabled on all trunk and access ports.
6. I created 3 VLANs without configuring its IP Addresses:
-vlan 2 = MGT
-vlan 3 = IT
-vlan 4 = MKTG
I don't know if I missed something on the configuration or the connection.
1. Is it necessary to enable all switches to layer 3 mode? Or depends on the network setup? Does this affect the GVRP?
2. Does switching ports to TRUNK mode means they are already 802.1q ports by default? Because I can't configure TRUNK ports to 802.1q (#switchport encapsulation dot1q) config like other switches. [code]
View 1 Replies
View Related
Jun 20, 2012
try to configure QoS on a Cisco Small Business SG300 Switch. I followed the instruction on [URL] and configured one Port for tagging my Traffic from a Aastra IP Phone. Tagging works fine (i verified with wireshark).The problem is, that all traffic to a PC connected directly to the Aastra IP Phone is blocked. Is there a possibility to tag any other traffic to the port as a default?
View 1 Replies
View Related
Jun 6, 2012
I just purchased an SG300-10 (negular, non-POE) and planning on using it with no special configuratinos initially. Longer term, will be using VLAN and QOS for VOIP.What I would like to know is if ports 9 & 10 can be used as standard copper cat5e ports, or are they only useful for special purposes? When I hookup my router/firewall to port 1 it all appears to work. If I hook it up to 9 or 10, the port lights do not come on and it doesn't work. I read that ports 9 & 10 don't have POE on the POE switch, but I assumed that all 10 ports would function with cat5e?
View 1 Replies
View Related
Apr 10, 2012
We are using the SG300 series switches, and have come across an issue where we need to block ARP broadcasts based on IP.
we have multiple computers, each with only one ethernet adapter, each adapter has two IPs configured, 10.10.10.x and 192.168.0.100.All machines have the same 192.168.0.100 address (Used for applications/hardware running locally to that machine and this IP cannot be changed).
When the machines are connected to the network, ARP is advertising BOTH the 10.10.10.x address and the 192.168.0.100 address.
As all machines have the same 192 address we receive IP conflict notifications on each machine.
How can the ARP broadcasts for the 192 address range be blocked?
View 1 Replies
View Related
Mar 13, 2012
I'm looking to configure the QOS for VOIP on my network.I have a switch SG300 and several no Cisco VOIP phone. What are the parameters to be taken to implement the QOS?
What is the procedure for installing the QOS? I need to create a VLAN for the data and one for VOIP?I read in the quick start guide that there is auto-QOS for VOIP?This can be done from the GUI? what are the options to put?
View 0 Replies
View Related
Jul 19, 2012
I have an SG300, configured with several VLANs. I'm replacing a E3000 with the RV180, I've got it in the environment, but I can't seem to get to the internet from hosts on the SG300.
I have Port 4 on the RV180 connected to Port 20 on the SG300...Port 20 is in the native VLAN (VLAN1) and VLAN1 is configured as a trunk. I'm relatively new to networking so I'm not sure where to start troubleshooting. I have the default route on the switch and I have the static routes for the VLANs on the router, should I be using tagging someplace?
View 3 Replies
View Related
Apr 3, 2013
I have a cisco L2 SG300-10p Managed switch . I want to configure one port as a turn but cant find the command Encapsulation dot1q . Its a poe switch i want to use for both internet and voip in separate vlans.
View 1 Replies
View Related
Jan 31, 2012
it says that the cisco sg300-28 managed switch default system mode is Layer 2. but i want to change it to layer 3.
i can't get inside the "Console Interface Main Menu" where the switching from L2 to L3 will be done.
I have done the ff:
1. Upgraded firmware to 1.1.2.0 (latest)
2. Reset the switch to factory defaults.
3. The guide stated that in order to perform telnet to the switch, you need to enable it. So I logged in first in to the web GUI and enable telnet service.
4. I can now start telnet on the switch but I can't see the "Switch main menu".
All I can see are these lines from telnet:
User Name:cisco
Password:******
switchd5928c#
I just want to know how to get into the console interface main menu where these lines should appear so that i can change the system mode:
• System Configuration Menu
• Port Status
• Port Configuration
• System Mode
• Help
• Logout
View 3 Replies
View Related
Jun 1, 2012
I'm looking for feedback and constructive criticism on our network redesign project for our company.We are currently on a 192.168.1.x/24 and running out of addresses. We are looking to move to the following design and implement VLANs as well for segregation and security. We are probably going to use a few SG300s for switches. [code]
View 4 Replies
View Related
Jun 1, 2012
Can a Cisco SG300-10P switch power a Cisco SG200-08 switch over POE? Or an SG200-08P power an SG200-08 via POE? I have an area where I'd like to put a small switch, but would like to avoid having to have electrical power run to it. Or will the SG300 and SG200 POE switches only power endpoint devices such as cameras and IP phones?
View 4 Replies
View Related
Aug 27, 2012
A client of ours has installed an SG300-24P switch and would like to setup a LAG between the SG300 and the 3560 switch we manage for them. They would like the LAG to also pass the voice and two data VLANs currently in use; 5, 10, and 100 respectively. I configured the two ports as an Etherchannel with trunking on the logical port, but no luck. I reconfigured as follows:
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode active
end
[code]....
I see no output when I do show lacp nei. At this point the client is looking to use for the configurations to use as he does not know how to setup the SG300 and it is a switch I have never dealt with. I have found some configurations that I believe would allow a single VLAN across, but nothing I believe will allow the LAG to pass all the VLAN's.
View 7 Replies
View Related
