Cisco Switching/Routing :: Stale ARP Entries On 6500 Running IOS?
Sep 11, 2007
On occasion I will have to clear the ARP cache on a 6500 when a customer swapeeds out a firewall or firewall NIC. The ARP cache will show the MAC of the previous device and will not update until either the ARP table refreshes dynamically (currenty at default time) or it is cleared manually.
Sometimes I need to clear it manually and sometimes is is refreshed dynamically when the new device comes up. Inconsistant issue....
Under what circimstances will an ARP entry NOT be refreshed when a firewall or firewall NIC is swapped out.
We are implementing NAC in our environment and unfortunately still some of our obsolete 6500 switches are running CATOS, the current (cat6000-sup2cvk9.8-6-4.bin) image does not support some of the commands related to NAC implementation. Therefore, I would like to urge you to provide me the 8.7 image which supports all the NAC related commands and will be easier to finish the long pending assignment.
We are in process of replacing the obselete hardware but that will take time.
I have the ME3400 deployed in an the following design. 8 100Meg ports connects to Cisco 2955s, and the 1Gig port uplinks to a Cisco 3560. My CDP neighbour table only shows an entries for the uplink Gig port. If I look at the CDP stats in the show cdp Interfaces Fastethernet 0/1,, I see CDP packets being sent every 60, but nothing returning.
How many VMs can a pair of 5548s support? Remember, for each VM, I will have an ARP entry in the 5500 ARP Table (assume 5500 is the L3 default gateway).
One of our client wants to know "How many route entries a 2821 router or 881 router can support" Such as the 3750 can support 11k routes in ‘desktop routing’ mode. But I want to know the limitations on routers.
I am receiving this error after connecting a copper adapter on a GBIC blade in a 6509. Here are the results from the show Interface. I am waiting to confirm the device on the other side settings but as far as I see I get UP and Up for protocol and line respectively.
GigabitEthernet2/11 is up, line protocol is up (connected) Hardware is C6k 1000Mb 802.3, address is 0009.11e4.f3ce (bia 0009.11e4.f3ce) Description: RCPBSDEV MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set
What the support for WCCP on a FWSM running 4.0(7) is like, if there is any at all ?
I've read that the earliest PIX release that supports WCCP was 7.2(1) but I'm not sure how FWSM 4.0(7) aligns with the PIX versions.The only doc's i can find refrencing WCCP on a 6500 with FWSM is in the 6500 12.2 IOS guide.
I have a stack of 2 x 3750X switches these are running 12.2(55)SE5. I needed to add some static IP routes and found that the ‘ip routing’ command is not supported. I came across a document that stated “On switches running the LAN base feature, static routing on VLANs is supported only with Cisco IOS Release 12.2(58)SE and later.” So I have upgraded to 12.2(58)SE2, but ‘ip routing’ is still not a valid command.
The release notes state:“On the Cisco Catalyst 3560-X and 3750-X Series, it adds support for 16 static IPv4 routes in the LAN Base image.”
I have read other posts that talk about running the ‘sdm prefer routing’ command which I have done, but I am still unable to add any routes or run the ‘ip routing’ command.
As per my understanding 6509 all slots are dual channel, so 9 slot * 40 per slot (20 g in and 20 g out) = 360 GB How cisco claim the 720 ?? What about the 6513 chassic switch fabric connection?
I am seeing a strange situation on my 6500 switch?By having snmp walk on '1.3.6.1.4.1.9.9.109.1.1.1.1.3' (== cpmCPUTotal5sec), I came to know that there are two processor and the cpu util for switching processor is gone to 88 % and some time creeps to 99 %.
snmpwalk -v2c -c "removes" sw6500 '1.3.6.1.4.1.9.9.109.1.1.1.1.3' SNMPv2-SMI::enterprises.9.9.109.1.1.1.1.3.1 = Gauge32: 12 (--- this is for CPU of Router Processor ) SNMPv2-SMI::enterprises.9.9.109.1.1.1.1.3.3 = Gauge32: 99 (--- this is for CPU of Switching Processor )
but when I do sh process cpu on the console, all looks normal as it shows cpu utilization of RP. why the value is so high on the switching processor ?
For intervlan routing, Is 'IP routing' command enabled by default on a 6500 series switches based on the IOS?and on 3750 switches, do we need to enable the "ip routing" command manually for intervlan routing?
I'm looking to restrict Inter-VLAN routing through L3 switch (cisco 6500) and wanted to know best possible way to do it. I used VACL and achieved success to some extent, but my config is making clients take up to 5-6 mins to authenticate IP address from the DNS (bootps).My VACL config was as follows:
Subnet to restrict is 10.100.15.0 (VLAN 15) STEP 1: Created extended ACL to allow bootpc/bootps through DNS ip access-list extended EACL_DNS permit udp any eq bootps any permit udp any eq bootpc any
STEP 2: Created standard ACLs to allow only relevant subnet, server VLANs & some IPs from other subnets for printers/scanners etc.
ip access-list standard SACL_VLAN_15 permit 10.100.15.0 0.0.0.255 (the subnet I'm restricting) permit 10.100.50.0 0.0.0.255 (server VLANs) permit 10.100.25.45 0.0.0.0 (printer in another VLAN which has to have access in VLAN 15)
STEP 3: Created VLAN access list
vlan access-map VACL_15 10 match ip address EACL_DNS action forward vlan access-map VACL_15 20 match ip address SACL_15 action forward
STEP 4: Applying VLAN Access list on VLAN 15 vlan filter VACL_15 vlan-list 15 Though the above works, below is noted:
1. I'm still able to PING 10.100.15.2 (the switch virtual interface) from outside the subnet, which I don't intend to do so. Howeve all cients in the subnet have no connectivity from outside the VLAN 15.
2. As mentioned its taking quiet some time to negotiate with the DNS server at system boot time.
I used to "ip routing" command in order to enable inter-vlan routing, for example with 3750 cisco. I have a 6503 cisco with SUP720 MSFC3. I was able to create some vlans but I can not configure inter-vlan routing.
sw#conf t Enter configuration commands, one per line. End with CNTL/Z. swsur(config)#ip routing
For intervlan routing, Is 'IP routing' command enabled by default on a 6500 series switches based on the IOS?hes, do we need to enable the "ip routing" command manually for intervlan routing?
I've upgraded a 6509 switches wich are running in VSS, from IOS 12.2 (33)SHI1 to 12.2 (33)SHI5. After that I'm facing the folowing log messages periodically. [code] I know that this is a diagnostic result from TestUnusedPortLoopback feature. But this interface is disabled (shutdown).
I am trying to convince our Technical Lead that dual VSL links between our 6509-E chassis is a VERY good idea but he is fully convinced that the setup will work perfectly fine with only one VSL link. As I do agree that we can do this, I am looking for more concrete evidence that shows this would be a bad setup.
I know that we will lose the High Availably that comes with VSS, what I don't know is what will happen to all of the downstream switches that are connected and what will happen to the two 6509-E chassis..
I need to confirm that the 4510R+E switch with the SUB7-E/2 running version 15 IOS will not support NAT. I am 99% convinced that it does not but i am looking for confirmation, as i am a bit surprised by the lack of NAT support on this platform.
Looking for feedback from other organizations that have large 3750 stacks. I've got one stack of (8) 3750's composed of (6) 3750G's and (2) plain 3750's. This particular stack is usually unresponsive to SNMP queries and often fails to write config when we make changes. After a couple tries it will finally go. Part of my probably here is likely the plain 3750's that always boot faster and come up as the master. I should manually set the master to one of the G's. What I'm wondering is who else has 7-9 3750's stacked and are they performing well for SNMP, telnet, etc? I've got another newer stack of 7 3750E's that I need to add one more switch to. Need to decide if I want extended downtime to break the stack up or just add the 3750X to make member 8 and hope it performs well. I have 50+ 3750 stacks working great on our campus.
How I can shutdown a module when I am running vsl.I can use the following command #hw-module module 2 shutdown.As I have modules in both switch 1 and switch 2 how can I ensure I only shut down module 2 in switch 1.
I have a Catalyst 4510 that is running IOS version 15.X that has a bug and Cisco recommends upgrading the IOS. Are there additional steps required to perform an IOS upgrade due to licencing Cisco put in place?
I have several older 2950's running on my network. This one in particular became of interest to me because I couldn't set up SSH on it or enable any QoS features on it, so I did some research. What I found was there are basically 2 versions of the IOS, c2950-i6q4l2 or c2950-i6k2l2q4. I also read that the c2950-i6q4l2 IOS versions (like the one in the switch I am referring to) have both the SI and EI feature sets integrated, but the one that gets enabled is entirely dependent upon the switch model you are running it on. Did I understand this correctly? Does the IOS check the hardware on the switch and then decide with feature set to use? If so, what is prohibiting the EI feature set from being enabled on this switch? Is there a way to force the EI feature set to be enabled since it is integrated in this image?
Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA12, RELEASE SOFTWARE (fc1) Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 07-Jul-08 23:39 by amvarma Image text-base: 0x80010000, data-base: 0x80570000
I have a customer who has an ASA 5505 that is handling the routing for their internal network. They are running out of available IP addresses on their subnet 192.168.1.0/24. They have dumb switches that don't suppport multiple vlans or trunking & they are only able to connect to one switchport on the ASA. He doesn't not want to purchase any new equipment or rearrange their existing equipment at this time. The customer would like to statically assign IP addesses for 192.168.1.x & 192.168.2.x and have the ASA hand out DHCP addresses for 192.168.3.x addresses. The customer suggested configuring a super subnet. A 192.168.0.0/22 address scheme would provide an ip range 192.168.0.0 - 192.168.3.255 on a single VLAN. I know this is an unconventional way to setup an internal network & I will definitely advise the customer that this should only be considered as a temporary solution until they get more appropriate network equipment.
We have a bunch of switches that are running fine but the running-config file is missing and we can't save the config to the tftp server. IOS is c3550-ipbasek9-mz.122-37.SE1. I've got lots of these switches running the same code that are just fine.
I would like to perform nondisruptive upgrades on two Cisco Nexus 5010s that currently run NX-OS version 4.1(3)N2(1) to Release 5.1(3)N2(1a). Is this possible? Or, do I need to upgrade to Release 5.0(2)N1(1) first?
is there a command available to run diagnostics in ASR port/SPA? the one below is from a juniper remote device. i was only able to find 'test interface' but haven't run this yet (currently in production).
