We are working with a contractor to upgrade our network, and I heard from them that the 5596/5548 might not need the Layer 3 module for our inter-VLAN routhing. They have yet to give me an answer.
We do have a few static routes on our current layer-3, core switch too.
We have several of the SG300 Serices switches. We use them to route VLAN traffic to Remote Offices, Internet Connections, and WiFi Access Points.In one remote office we have a SG300-10 setup to route the HQ Network and the remote Office Subnet. The SG300 is Connected to HQ via Fiber and has multiple Tagged VLANs on it. If I do speed tests over the Fiber Link on the Incoming Tagged Netwotk I get Decent performance, 80Mbs. If I switch to a networtk that is not priginating from HQ, and have the SG300-10 route packet, I get dismal performance. 15-20Mbs.
I Fireded up a New SG300-28P FW v1.2.7.76. Added a the HQ VLAN 101 and new VLAN 1025 . Mapped some Tagged and untagged ports for each. Switch was connected to HQ Network as untagged VLAN 101. I put a laptop on an Untagged VLAN 101 port. Ran some tests, cam back with 750-850Mbs. Great. Put the same laptop on a Tagged 101 Port, Configured the NIC for Tagged VLAN 101, Same test, same Speeds, 750-850Mbs.I then Configured laptop for Tagged VLAN 1025. Connected to tagged VLAN 1025 port. Ran speed tests, resuts were 15-20Mbs!
I then Configured laptop for Untagged VLAN 1025. Connected to unagged VLAN 1025 port. Ran speed tests, resuts were 15-20Mbs!It was only the Laptop and the Connection to the HQ net on the SG300-28P. Why is the performance of this unit soooooo poor when it needs to route?Other Switches have FW v1.0.0.27 or FW v1.1.2.0. They have Similar speed issues. All Configured for Layer 3.
I have a SG300-28P switch. I just read in the Administration Guide that, when in Layer 3 mode, the switch doesn't support MAC-based VLAN or Dynamic VLAN Assignment.
So, in order to assign a client to a VLAN based on their MAC or based on the response of a RADIUS server, we have to disable layer 3 features. Without layer 3 switching, the switch is unable to act as a default gateway and forward packets between VLANs. As a result, the VLANs can't communicate in any way, or access the internet, unless a separate router is connected to every VLAN. Right? Doesn't this limitation significantly reduce the usefulness of the DVA feature?
When mutiple Policy based routing configured on 7600 routers, did the router performace degraded with the number of policy based routing rules?Also, did 7600 running 12.x use per-flow based routing or per packet based routing?
vlan 10 ports 1-10 vlan 21 ports 11-20 vlan 30 port 21-30 vlan 40 ports 31-40 default vlan should be vlan 21
I have the servers, switch and router connected to vlan 21. Vlan 21 works great I can browse the internet, but I cannot ping any other vlans. router is connected to fa0/19
[code] Building configuration... Current configuration : 4833 bytes ! version 12.2 no service pad
I have an environment where i have two nexus 7010 switches, along with 2 nexus 5510's. I need to run OSPF as a layer 3 routing protocol between the vpc peer links. I have 1 link being used as a keep alive link, and 3 other links being used as a VpC link.
1) Is it best to configure a separate Vpc VLAN i.e 1010
2) Is it best to configure a vrf context keep-alive
3) just have the management address as the peer ip's.
Is there any official Cisco reference to describe what is considered to be the highest acceptable production CPU load on 2800 routers? I found the document "Integrated Services Routers G2 - Performance Overview" that states at page 5,Most service providers set their CPU alarms to 60 or 65 percent. Many enterprise customers are comfortable running production networks with CPU around 70 or 75 percent.
we are intending to purchase some 887G router for one of our client, but we not sure if it support "performance routing" or not. coz we don't see it on cisco's datasheet, and "cisco feature navigator" don't have that information.
Now the DSL was installed a while back for a different need and now that need is gone. What Id like to is have the Cisco router do performance routing and send out internet traffic to either its own external IP or send it over to the DSL if it can get a better response. Presently, Since the Cisco is my gateway, the DSL line is sitting idle.
I am currently having performance issues running a 3 x stack 3750G (different models) as a core for a network of roughly 12 x distribution switches. [code] As above, I have a 12 port Fibre switch and 2 x 3750G-48 port switches. [code] I tried to change the SDM to route but hit another issue where the 3750g-48 does not support SDM route so I had to revert back to desktop VLAN.Could the SDM Template be the reason for slow performance? If so which SDM Template should i use as this is the Core L3 switch.
I have a new 861 router which I have connected to my home broadband cable modem. Got it all working okay and I have access to the Internet but its not as fast as it is if I connect my laptop to the modem.
My Internet is 60mb (was 100 but I downgraded). When I cannot my laptop directly to the cable modem, I get 60mb download speed on speedtest.net If I connect the router's WAN port back to the modem then I roughly get about 40mb, sometimes even 50.
I do not have any IOS firewall configured on the router, just basic ACLs to stop SSH and TELNET from public networks. If I do enable firewall then my Internet connection halves itself. I have read around that this is the case with ios firewalls on these small routers so I've disabled the firewall but I still don't know why I cannot get full Internet speed.
Pure 3750X-48PS ip base stack.One switch reboots from a power issue (possibly the master switch? Haven't confirmed yet in the 3 cases I've seen)The rest of the stack stays running fine (as it should), the rebooted switch rejoins the stack just fine
What I've observed after this scenario takes place is that network throughput on any port in the entire stack is severely degraded. Prior to the one switch rebooting, I can hit gigabit transfer rates going anywhere on any of the switches in the stack. After one member reboots by itself, I typically hit a transfer wall around 5-20mbps in one direction and sometimes better going the other direction. I've only confirmed this on 3750X stacks and I can replicate it every time. Newest code I've experienced it with is 12.2(58)SE1. I have not seen confirmed reports of this on older 3750 (E, G, plain) stacks of which we have a ton of.
Rebooting the entire stack so that all 3750X members are coming up at the same time solves the transfer rate issue every time. I would think there has to be a better way to get performance back to normal or prevent the performance hit in the first place.
Supervisor Engine 720 options support centralized forwarding rates up to 30Mbps and distributed forwarding rates up to 400Mpps. I never understood the claim of forwarding rate logic in mbps. How i can load the 6509 box to check this forwarding rate?How can the performance increase from 30mbps to 400mbps? is this just because of DFC on all the line cards if yes does it mean i have to add the DFC on SUP as well .
I have a network coming up for a switch refresh. Management is pushing for 2960s and I would like 3850s. We are running Cisco Voice and Video over the network. I saw a few things that seemed to be in favor of a Layer 3 switch vs. a Layer 2 switch. Some items like better performance due to switching based on IP vs. switching based on MAC. Some information that will show the 3850 to be a better choice or that the 2960 is capable.
Will a MTU mismatch in Nexus 7000 affect the performance ? I have a nexus 7000 at one end with MTU set to 1500 and Melanox bx5020(Storage switch) at other end with MTU set to 9600. Storage team is complaining about performance issue related to slowness.Does MTU mismatch plays any role in slowness ??
I have a situation where I have ethernet traffic from two separate networks/ip subnets (Subnet A and Subnet B) on a single ethernet connection. I have the need to separate the traffic into two separate networks and two isolated broadcast domains. I thought this could easily be accomplished with a Cisco 300 Layer 3 switch, but I can't get it to work correctly. I have the switch set to IP routing mode. I have three VLANs configured. VLAN 1 sees the combined Layer 2 & 3 ethernet traffic for both subnet A and subnet B. VLAN 10 has an IP address assigned from subnet A and is the gateway for devices within that subnet. VLAN 20 has an IP address assigned from subnet B and is the gateway for devices within that subnet. IP proxy arp is on by default and should be active.Devices in VLAN 10 can ping devices in VLAN 20 and devices in VLAN 20 can ping devices in VLAN 10. This appears to be working only because the switch is the default gateway for those components.
No devices or servers in VLAN 1 can ping VLAN 10 or VLAN 20 components, and VLAN 10 and VLAN 20 components can not ping VLAN 1. I analyzed the ARP traffic on VLAN 1 and the switch is not responding with its own MAC address for requests for IPs for active devices connected to VLAN 10 or VLAN 20. The Cisco documentation says that the device should be responding and acting as a router.I can not physically connect everthing on VLAN 1 directly to the switch, I can not make the switch the default gaeway for all devices on VLAN 1, and I can not create static routes directly to the VLAN 1 switch IP address for all devices that are part of VLAN 1, so I am stuck. I need the switch to let VLAN 1 components automatically know what is connected to VLAN 10 and VLAN 20.
I am willing to scrap this approach entirely if there is an easier way to do this. Put simply, I have a few devices in Subnet A that need to be isolated from Layer 2 & 3 traffic destined for a few devices in Subnet B, but I can't reconfigure my entire network to create these isolated broadcast domains.
I found that when I enabled layer 2 auto QoS in 3560 switch, I need to wait so much time to open a file in network drive. Howerver, when I disable the Qos. It can improve a lot. I have used a sniffer to capture the packet to see. Those default packet is in DSCP 0. Therefore, I think majority packet will drop to queue 4. How can I increase the buffer and threshold in order to improve queue 4 performance.
I have a vlan that is used for ip cameras. This vlan is routed with other vlans on our Cat 4506-E. how can i implement multicast feature to improve performance?
I have a WS-C3560G-24PS service as a distribution switch with six (6) WS-C2950T-24 connected to it. In looking at the utilization on the inter connect links no one is running close to a gig speed and this includes the link between this switch and the core. The CPU load (6%) and memory utilization (30%) on the switch do not seem bad so what else does one watch to see if it needs an upgrade?
We are starting tohave discussions about any needed upgrades on the network. I have an ocassional user that complaines about low performance but looking through the network I can find nothing glaring on a consistent basis that says an upgrade is warranted. I am however looking at things such as the above. Utilization on links, CPU, memory, etc.
I got one SF 300-48 layer 3 switch I tried to configure to use it in the office network.Unfortunately I'm unable to configure the VLAN settings.I need port one for input(VLAN2),port 7-15 for another vlan(vlan3) also need to connect with the vlan 4.port 15 is another vlan(vlan4) this is for wireless.Other ports are static.It doesn't get any connections with other vlans.I wish to know how to configure vlans in GUI mode.I tried , But I can't get the Vlan setting correctly.Also,I need to know how to communicate both vlans in GUI mode.
i've a problem with my SF300-24 routing. That's my network configuration:
Port 1 to 12 assigned to VLAN 10 Port 13 to 23 assigned to VLAN 20 Port 24 has an ip 10.17.7.254 to connect with my deafult route, beacuse I've also a Linksys RV042 router, connected in turn with my ISP router, having an ip 10.17.7.1.
I created a lab and I have a few issues. One with a layer 3 switch and another with a ASA 5550.
1. Layer 3 switch: I have created multiple Vlans and I am able to route between them. I can ping the switch IP but not the default gateway to the ASA. I did a tracert of the default gateway of the ASA and once I am past the Vlan gateway it fails.
2. On the ASA 5550 I created the Vlans on sub-interfaces but still cannot get to the internet. ASA config is below the switch config.
I have a project I am working on that will require routing over a MetroE circuit to connect a few sites together back to HQ. Although, I know this can be accomplished several ways, I have come up with a solution that I think will work, but would like you all's input as to whether this is adequate and if my thoughts on how to properly "organize" the network are right.
I have been working with the SG300 line in Layer 3 mode and have not had any issues in a test setup I have here in the office. Basically my thought is to have a single VLAN/subnet allocated for each physical site. That will handle the basic interoffice connectivity etc. I also have a need to prioritize voice/video traffic throughout the entire network. My plan was to create an additional VLAN/subnet to house the teleconferencing equipment. Thats pretty much the jist of the setup. My only question is how to properly prioritize the voice/video VLAN.
My first question is I have an access layer switch which is a single VLAN and I am trunking that VLAN to a distribution layer switch, I can ping the gateway on the distribution layer switch for THAT VLAN, But cannot ping the gateway address for the second VLAN I have on the distribution layer switch. I know it is simple, But I have forgotten and just need a push
Also I have a third VLAN set to route traffic not bound for those 2 VLANs out to a router is the statement "ip route 0.0.0.0 0.0.0.0 172.16.252.2" good enough and do I actually need to create a VLAN for that traffic? and if so, is an access switchport the best option?
I am tryingto add a new VLAN on my C3560E Layer 3 switch for administration purpose.My goal is to make this VLAN for administration only and to let the administrators from 172.17.1.1 connect to any host of the internal network 172.16.0.0 plus exit to the internet via the default gateway 172.16.1.245.
What happened is that: 1. The host connected to Vlan30 can correctly ping the interface it is connected to. 2, The internal network can access the internet 3. The host connected to VLAN30 cannot access the internet and cannot connect to any internal server.
Do I have to add a static route? This is a production envuironment and it is my first experiment with a layer3 switching in production, so I cannot mistake
I just inherited a network and feel like.I am missing something. We use ATT&T Opt-E-Man which limits the MAC address to 50 for the connection or you have to pay.Hence the routing VLAN is the only access across the two sites.I have a VoIP vendor who insists on using the same VLAN for all sites. Upon exam the VLAN is at the remote site but it does not work.
it says that the cisco sg300-28 managed switch default system mode is Layer 2. but i want to change it to layer 3.
i can't get inside the "Console Interface Main Menu" where the switching from L2 to L3 will be done.
I have done the ff:
1. Upgraded firmware to 1.1.2.0 (latest)
2. Reset the switch to factory defaults.
3. The guide stated that in order to perform telnet to the switch, you need to enable it. So I logged in first in to the web GUI and enable telnet service.
4. I can now start telnet on the switch but I can't see the "Switch main menu".
All I can see are these lines from telnet:
User Name:cisco Password:******
switchd5928c#
I just want to know how to get into the console interface main menu where these lines should appear so that i can change the system mode:
• System Configuration Menu • Port Status • Port Configuration • System Mode • Help • Logout
I have a cisco 878 router and I can’t assign ip address to it’s fast Ethernet interface. When I assign ip address give me this message: “you can not assign ip address to layer 2 interface”.
But I can not understand why give me this alert when I use a layer3 device?!
Is it possible to to build a Layer 3 ether channel from two separate physical switches (layer3) that are trunked together?I know you can easily do this on a single switch and on stacked switches which I've done but in this case the customer have purchased two 3560X's which are not stackable yet want redundancy. The purpose of the etherchannel is to connect both switches to a private circuit provided by the hosted partner then route to the same setup in the DR location to different subnets.
