Cisco Switching/Routing :: WS-C3560-24PS - Rate Limit And QoS
Mar 4, 2012
I am having an issue with VoiP phones giving me an insufficient bandwidth message. I have three remote locations connected to our main building using 2 Mb point to point ethernet solutions through TWC. Each remote location has a Cisco WS-C3560-24PS running IOS C3560-IPBASE-M, version 12.2(25) and have the cable modems plugged into port 1 on them. The remote buildings are labeled 192.168.101.xxx, 192.168.102.xxx, and 192.168.103.xxx. There are 14-16 VoiP phones in each remote building. The main building being in the subnet of 192.168.100.xxx. I have the 3560s connecting to a single port on a 2801 in the main building, all using the subnet of 192.168.253.xxx The phone server sits in our network at 192.168.100.203. I have created the ACLs, class maps, and policy maps on all of the equipment.
For the remote buildings I have the following:
ACL
===========
Extended IP access list VOIP
permit tcp any host 192.168.100.203 dscp ef
permit tcp any host 192.168.100.203 eq 5566
[Code]....
I have put a hub in to capture traffic via Wireshark to see if DSCP flags are being appropriately marked and I do see that all VoiP packets are getting marked with as EF. However, I have been receiving phone calls from people in the remote buildings stating that their phones will cut out, flash Insufficient Bandwidth on the LCD displays and then the call will cut back in. I am wondering if the 2801 is not applying QoS with the rate-limits in mind since it is set to 100 Mb, or is it an issue with trying to take 3 remote locations and bring them down into 1 port on the 2801?
View 6 Replies
ADVERTISEMENT
Oct 11, 2012
We have a Cisco switch in each office and every now and then the port that has the D-Link Wireless AP (DAP-1522) connected to it goes to err-disable state. Actually sometimes even a regular port that has a cisco phone connected may also go to err-disable state (less often). So I have to telnet into the switch and issue shut and no shut command on that interface to get it back to life, then it works for a few days or weeks until it happens again. Any suitable configuraiton for that interface, that would prevent that from happening or a workaround ?
Here's the info:
Model: cisco WS-C3560-24PS and cisco WS-C3560-48PS
Image:c3560-ipbase-mz.122-35.SE5.bin
This is the log from one switch:
31w5d: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/2, putting Fa0/2 in err-disable state
31w5d: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 74e2.f592.f7f2 on port FastEthernet0/2.
31w5d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
And from another, which is almost the same:
5d10h: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/3, putting Fa0/3 in err-disable state
5d10h: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address d8a2.5e31.2cf6 on port FastEthernet0/3.
5d10h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down
5d10h: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to down
Here's the configuration of fe interfaces (they are all alike):
interface FastEthernet0/2
description Voice & Data Combo Port
switchport access vlan 11
switchport mode access
switchport voice vlan 15
[code]....
View 3 Replies
View Related
Jul 23, 2012
Can a C3560-24PS switch with 32 MB flash be loaded with IOS 15? Will it be able to execute the code and function properly?
View 2 Replies
View Related
Oct 27, 2011
I can´t configure speed in a giga port on WS-C3560-24PS-S switch(config-if)#speed ? no negotiate Do not negotiate speed
do you know if the port support speed 100??
because I need to connect with 2955C-12 switch in one port: 100BASE-FX (Multimode Fiber) uplinks, this port its only 100mbps?
and the switch C3750G-12S-E can I configure the ports on 100mbps?
View 4 Replies
View Related
Jun 14, 2011
I am not on site and I have not seen a WS-C3750V2-24PS-S. Customer has a stack of 6 x WS-C3750V2-24PS-S and one unit has failed. We do not have a WS-C3750V2-24PS-S spare. Can we replace it with a standard WS-C3750-24PS-S (not V2) switch and be part ofthe stack.
1. Are there any traps gotchas?
2. What about IOS versions - aren't they different for V2 switches
3. Are the stack ports and stack cables same for both WS-C3750V2-24PS-S and WS-C3750-24PS-S
4. What is the main reason for bringing out the V2 switches. What features do they have extra?
View 3 Replies
View Related
Jun 5, 2012
is possible to have WS3750G-24PS in one stack with WS-C2960S-24PS? I want to add two new WS-C2960S-24PS to stack with one WS3750G 24PS.
View 1 Replies
View Related
Jun 10, 2012
I configured rate limit on cisco 2960 switch sexuss fully, but i could not configure in cisco 2950 (verson 12.1 (22).To confiure the same on 2950
View 4 Replies
View Related
Jun 9, 2013
How to rate limit a 3560 inbound and outbound using different QoS methods. I've read about vlan class maps/policy maps, using the rate limit command on the physical interface, using the srr-queue bandwidth command(it's a gig switch so not sure that would work) and marking all packets and then applying QoS. I'm just learning QoS so trying to figure all of this out and find the best way to do things.
Also, I was told to do this because it's not advisable to have a connection to your ISP that is not 10mb or 100mb on a switch, since they are not divisible by 10 and it can cause issues?
View 2 Replies
View Related
Oct 20, 2011
I am using Cisco 3560 as distrubution switch and want to limit port 445 traffic on 1 MB and applied rate limit statment on Gi0/1 port but switch unable to limit said traffic.rate-limit output access-group 120 1024000 128000 128000 conform-action transmit exceed-action drop.
View 25 Replies
View Related
Nov 5, 2009
To rate limit the 2960 switch port to 1 MB.I have made the specified chnages , how ever still it is reaching more tha 1 MB
Hard coded the bandwidth of port to 10 MB and have applied the specified command srr-queue bandwidth limit 10.
View 4 Replies
View Related
Nov 26, 2012
How is it i can implement the command 'ip multicast rate-limit out group-list <access-list>' but i get the error "ip multicast rate-limit" command is not supported on 6509?
Is it an IOS limitation or a limitation of the switch series and subsequently can't be used at all?
View 2 Replies
View Related
Jun 8, 2013
How (and is) it possible to rate limit pps on an interface (physical/logical), on a 6509-E?The porpuse is to protect from attacks which lead to very high pps, bypassing traffic rate-limits, and effecting the device's performance
View 2 Replies
View Related
Mar 21, 2012
I am looking for step-by-step configuration on how to enable rate-limit and traffic shaping on Cisco 6513 vlan interfaces. I am not able to find this particular document on CCO.
View 3 Replies
View Related
Nov 27, 2011
I am configuring a 3560 to provide internet access for our customers and I need to make sure they don't use more bandwidth than they have contracted for.I see that the 3560 supports the rate-limit command, but was told that I should use traffic shaping and policing along with access lists to manage the bandwidth.Is there a reason that I should avoid using the rate-limit command - it looks much simpler.
View 10 Replies
View Related
Oct 3, 2012
Is it possible to rate limit on a L2 trunk port on a 3750?
current port config and ios are as follows;
interface GigabitEthernet1/0/50
description *** Connection to Fiber Link ***
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,172
switchport mode trunk
end
flash:c3750-advipservicesk9-mz.122-46.SE.bin
i was wondering if the "srr-queue bandwidth limit 10" command would work to limit the output from this interface to be 10 % of the port bandwidth and then the same command could be done on the other side.
View 1 Replies
View Related
Oct 8, 2012
I want to limit the bandwidth going to remote site on the switch connecting to our netapp.We have a 4 port channel group setup on our 3750x switch going to our netapp storage. We have a Wan 100mb link to our remote site and we want only 60MBs of that link to be used for Netapp traffic all other local traffic needs to use the full amount of the bandwidth to the netapp.
Is possible to allocate bandwidth in this way and how would I go about this? We dont have access to the routers for the link and they plug directly into a port on our cisco.
View 3 Replies
View Related
Feb 25, 2013
If I have an interface configured as follows (on a Cisco 3750 Switch)
Interface gi 1/0/24
Bandwidth 100000
And then added the following command
srr-queue bandwidth limit 40
Would the result be 40% of the physical 1Gbps interface or 40% of the 100Mbps Bandwidth set under the interface bandwidth command.
View 2 Replies
View Related
Aug 8, 2012
I'm configuring AP in Hreap mode. Objective for me is th have a "plug & play" installation method for HREAP. I configure on HREAP AP, Native VLAN set to 1 and the WLAN and Vlan mapping for the current wlan is set to 1 too. WLC version is 7.0.230.0 and AP version is 12.4(23c)JA4
on my cisco switch (WS-C3560-24PS with 12.2(55)SE1), the port configuration is as below:
switchport trunk encapsulation dot1q
switchport trunk native vlan 45
switchport trunk allowed vlan 45,74
switchport mode trunk
no logging event link-status
no logging event power-inline-status
no snmp trap link-status
spanning-tree portfast trunk
spanning-tree bpduguard enable
AP receives a DHCP IP in Vlan 45 and users connected in vlan 45 too. I would like to undestand why the AP is working properly because normally vlan 1 is not configured as allowed vlan on my switch and the native vlan is dedicated only to untagged ethernet packet.
View 1 Replies
View Related
Nov 6, 2011
I have WS-C3750-24PS version 12.2(55)SE4. I am configuring PBB VPLS. MY PE/P routers are alcatel 7710/7750
my topology is like that.
CE1<-------> Provider_switch(3750)<-------> PE1 < ----IP/MPLS----> PE2<-------> Provider_switch(3750)<----------->CE2
16 11 11
[Code].....
View 3 Replies
View Related
Jan 21, 2013
I have three new 2960 switches as listed in the title. I configured them as follows:
192.168.1.215 host: whse-c
192.168.1.216 host: whse-b
192.168.1.217 host: whse-a
Switches B and C flow into A before continuing on into the server room switch (distance issues).All three switches are configured for ports 21-24 at 1000 and set as cisco switches. all other ports are undefined as they have a myriad of desktops, printers and non cisco access points flowing into them. side question - should i configure them as access points where applicable even if they are non cisco? I am replacing three netgear switches that currently are in place and have no known issues other than they are old and the fans may fail soon.hooked up .217. was able to get to it from the network. Hooked up 215 and then 216. All the sudden I lost the ability to tap into the switches, any of them. (I think I had done 215 at that point too, before adding 216. I found out later it took the network to its knees as internet was lost, and the MPLS stopped functioning.
I undid the changes and put the netgears back in service and all was right with the world again. At first I thought it was a bad host name as I had used whse-a on switch C in error. I changed that after this issue.Later that day I put 215 in place. checked it from the network and could get to it just fine. Then I put 216 in service. I lost connection to 215. I could no longer get to the internet from my pc and the MPLS went down again. This time I just unhooked 216. 215 is still in place and working on the network at the moment and not causing issues. (btw these switches are not even in my path from my pc to the internet, just on the same network) tomorrow I am going to try 217 again while 215 is still on the network and see if there are any issues adding that swtich. if I can do so, and there are no problems, is this an indication of a faulty switch? what further testing can I do, have I missed something in setup? If this brings the network down again, why cant i add two of these switches to each other/on the same network path (B and C were not even connected to each other yesterday evening when it went down again).
View 2 Replies
View Related
Mar 11, 2013
3560 is running c3560-advipservicesk9-mz.122-40.SE. The SFP (GLC-TX) has been tested in another 3560 and is recognized. Both the gi0/1 and gi 0/2 ports show the type as unknown.
Port Name Status Vlan Duplex Speed TypeGi0/1 notconnect 1 auto auto unknownGi0/2 notconnect 1 auto auto unknown
View 2 Replies
View Related
Dec 10, 2011
I'm having trouble stacking a new WS-C3750X-24P with existing switches WS-C3750G-24PS ?I can see the license is on the new WS-C3750X-24P:
switch#sho lic
Index 1 Feature: ipservices
Period left: 8 weeks 4 days
License Type: Evaluation
License State: Active, Not in Use, EULA not accepted
License Priority: None
[code].....
I could put on the c3750e-ipbasek9-mz.122-55.SE1 image, but I may need to get the license sorted still, but not sure if that will work or how to add it if i got one.....
View 2 Replies
View Related
Jun 5, 2013
I receive a question from a future customer about this future if its supported on " WS-C2960S-24PS-L":configuring 2 dhcp server on this swith ( 1 dhcp for voice vlan , and 1 for Data Vlan).I did some search , but i didnt find the answer .i have to advice a customer before ordering the switch.
View 2 Replies
View Related
Feb 10, 2011
Just spoke to the TAC and didn't get the information needed. When configuring ip dhcp snooping database I am adding this to my configuration:ip dhcp snooping database scp://dhcpsec@192.168.1.50/home/dhcpsec/switch1.dhcp.database.txt..I assumed that to do this I would either specify the password on the command line, similar to the way its done when using ftp/http, or that I would need to create a public/private key.I have enabled scp and can manually copy a file from the switch to the linux server. So I believe I have all the aaa commands correct. Cisco WS-C3560G-24PS System image file is "flash:/c3560-ipservicesk9-mz.122-55.SE.bin".
View 3 Replies
View Related
Jan 8, 2013
The default value of DRAM and Flash memory are 128 MB and 16 MB of Cisco Catalyst WS-3750-24PS-E switch .I want to know , wherther the default value may be change upto 256 DRAM and 128 Flash.
View 2 Replies
View Related
Apr 23, 2012
I have a WS-C3560G-24PS service as a distribution switch with six (6) WS-C2950T-24 connected to it. In looking at the utilization on the inter connect links no one is running close to a gig speed and this includes the link between this switch and the core. The CPU load (6%) and memory utilization (30%) on the switch do not seem bad so what else does one watch to see if it needs an upgrade?
We are starting tohave discussions about any needed upgrades on the network. I have an ocassional user that complaines about low performance but looking through the network I can find nothing glaring on a consistent basis that says an upgrade is warranted. I am however looking at things such as the above. Utilization on links, CPU, memory, etc.
View 2 Replies
View Related
Feb 24, 2011
I am not able to disable rate limit comand from Cisco 3700 series router. I have tried with no rate limit command in the interface .Command is taking but still the rate limit comman in the interface.
View 2 Replies
View Related
Dec 6, 2011
I have a stack of Cisco 3750v2 switches with 8 VLANs (one per customer) and 8 SVI's (again, one per customer). I am trying to apply rate limiting to the SVI's of each vlan for both input and output traffic. This is my SVI configuration for one such VLAN (I have substituted the real IPs for prviate IPs for the purposes of this example) -
interface Vlan30
description ****CUST-C-VL30-SUBRATE-CAR-10M****
ip address 192.168.30.250 255.255.255.0
[Code]...
Based on this and the speed tests I am performing from within the VLAN i am receiving the full bandwidth and not what should be assigned based on the rate limiting. Have I missed anything as far as the configuration goes?
View 10 Replies
View Related
Jan 17, 2012
I'm trying to limit one of my inside hosts, since it's been a little of a hog. I have 3Mb available from my ISP via 2x T1. I'm testing this on a computer in a lab:
PC 10.10.10.10------Cisco2960-------- 10.10.10.1 Inside - ASA - Outside 208.66.x.1------------------------208.66.x.2-Cisco 2811-2xT1
Here's what I've tried so far, please see text in red:
***global (outside) 1 208.66.x.115
***nat (inside) 0 access-list No-Nat
***nat (inside) 1 0.0.0.0 0.0.0.0
[Code].....
It didn't work... I was able to max the bandwidth again. I also tried to apply service-policy to inside int, which didn't make a difference.
View 1 Replies
View Related
Feb 16, 2012
I run streaming multicast video cameras on my network. I stumbled upon the command ip multicast rate-limit. When I configured a test setup in my lab (multicast camera source and a few routers) and tried the command it simply did not work. Moreover, when I went to use the command on a 3900 router in my lab, it was not there.
I take it this command has been deprecated?
View 3 Replies
View Related
Jan 14, 2013
I've been experimenting with the 'vlan dot1q tag native' command on a switch and it seems as though tagging the native vlan breaks vty access to my access point.With the 'vlan dot1q tag native' commnand applied, I lose management connectivity to the AP with 'no vlan dot1q tag native' applied, connectivity is restored. Why is this? Is it safe to say that one can access the AP via vty lines using ONLY untagged packets?
SWITCH
Model: WS-C3560G-24PS
Code: c3560-advipservicesk9-mz.122-46.SE
--Abbreviated CONF
vlan dot1q tag native
[code]....
View 14 Replies
View Related
Oct 24, 2012
I have a 3560-8PC in which the mgt vlan randomly (twice in one day or 2 weeks later) goes into the down state and will return w/o any interventaion 15-20 minutes later. Int G0/1 is the uplink to a 3750. I dont think its a layer1 issue at this time since i have seen it work just fine for over 2 weeks and drop again. I don't see any errors on the 3750 either.
WS-C3560-8PC 15.0(2)SE C3560-IPBASEK9-M
LOG:
----------------------------------------
.Oct 20 19:34:37.533 EDT: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changeds tate to up
[Code].....
View 5 Replies
View Related
Nov 23, 2012
I have C3560 switches in my work environment. I want configure ssh on that switch but the IOS what they have 'c3560e-universal-mz.122-58.SE2' not support. As per advised I was triying to upgrade 'c3560e-universalk9-mz.122-58.SE2" for all my access switches.
I successfully upgraded for two switches.
I have two problems now
01. I upgraded the IOS successfully one Switch but the Poe is not working. What is the reason ?
02. After upgrade the IOS, the out put is as follows
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 30 WS-C3560E-24PD 12.2(35)SE5 C3560E-UNIVERSAL-M
Cisco#sh boot sys
[Code].....
View 4 Replies
View Related
