Cisco 6500 Sup720-3B SPA IOS SXI - GRE tunnel will not come up.It worked fine on SXF code, but the crypto map can not be applied on tunnel interface.The iskmp is up with the OM_IDLE The crypto give it a Cryto UP, the the Tunnel does not come up. It is UP down.Does some one have a working config with a 6500 IOS SXI Train with GRE IPSEC Tunnel?
View 1 Replieswhen using "show mls statistics" I see a lot packets are getting L3 Processed. Does that mean they are getting software-forwarded?
IOS is 12.2(33)SXI5.
Cat6k#show mls statistics
Statistics for Earl in Module 5
L2 Forwarding Engine
[Code]....
I have problem with the standby supervisor in 6500 vss and need to replace the supervisor. I have follow how-to on the cisco web site url...
But when i boot the new standby sup720 it comes active and both supervisors is rebooting. I wonder if i can do the replacement without rebooting both active and standy supervisor.
I have been net searching this question and I find answers relative to other Cisco products but not for the 6500 series. We are running entservicesk9_wan-mz.122-18.SXF17a.bin and would like to know how to change the default SSH listening port..
View 1 Replies View RelatedI will be installing a secondary SUP720 in a 6509-E and will be upgrading the IOS on the existing SUP which is on 122-18.SXF6. I've read that this release has passed End of Critical Maintenance earlier this you. I thinking of upgrading the IOS to 12.2.33-SXJ1(ED) or 12.2.33-SXI8(ED) (possible more stable), but i'm not sure if i need any step upgrades from the current version. The SUP meets the required hardware specs and I will also be upgrading the ROMMON to 12.2(17r)SX7 first.
I have alot of experience upgrading IOS on routers and switches, but i just need to now if there are any gotchas that i need to know for the upgrade on the SUP.
The other issue is i don't believe the current IOS has been installed, are there any issue running on an IOS not installed. Patching is not available since the system is not running from an installed image. To install please use the "install file" command.
if it is possible to recover a Cat 6500 that has no code on bootflash from ROMMON, and is it mandatory to have a compact flash card to do the recovery ? or can one use xmodem or TFTP ?
View 6 Replies View RelatedI have a situation where a customer doesn't have the required power units installed in their 6500 for me to provision a WiSM2.They use a VSS pair with a single Sup720 in each. They have no intention of adding a second Sup to each chassis.
I need to justify why they can't use slot 6 (which has power reserved) if I am to get them to upgrade the PSU's. The documentation I've found says it is supported but not recommended.
I tried to configure netflow without success.
Setup is the following.
Cisco Catalyst 6509 with Sup720-10GE IOS 12.2(33)SHX7. There are around 30 L3 vlans configured on the switch. I'm only interested for the traffic on one L3 vlan which is the connection to wan cloud.
I wanna see only the traffic that goes to and come from the wan. On other Catalyst where I have routed interfaces i successfully configured netflow. I read a lot in the forums and documentations but i didn't find the right one.
We recently purchased 2 Cisco 6500 series switches (with Sup 2T). These switches will be replacing our old 2 6500 series switches (with Sup 720).
We have 70 vlans and 90+ closet switches (2900) connecting the core switches We have 2 WLC connected to the core switch. We also have a 1 x 1 connection to a VSS switch which in turn connects to our Server Co-Location data center utilizing IPSec & GRE tunnel to connect to our Server Co-Location data center.
Our routing protocol is EIGRP. Our VTP domain at Server Co-Location is separate from our location “A” campus. I was wondering what is the best way to migrate our Core switches at location “A” campus.
The requirement is we would like to replace these switches with minimum downtime.
I have 2x v10000 Websense Security Gateways that are connected to 2x 6500 SUP720. When I turn on cluster management function between Websense appliance, they speak to each other only if they are connected in the same 6500. When they are connected one in every 6500 cluster management does not work. They are connected on the same physical vlan. Do I need multicast to be configured in the 6500 switches?
View 5 Replies View RelatedDoes 6500 SUP720/2T support MAC Address-Table Move Update Feature?
View 1 Replies View RelatedHave a 6500 using the vpn spa with ipsec tunnels. The plan is to migrate all tunnels over to DMVPN. When we configured the mGRE tunnel and bring it up, all the other tunnels slowly drop. As soon as we shutdown the mGRE tunnel, all other tunnels come up. We have a tunnel key set for the mGRE tunnel. The only limitations I could find were that we only source 1 mGRE tunnel from an interface, I could not find anything about sharing and interface with p3p tunnels. Is it possible to source an mGRE tunnel and p3p tunnel from the same interface?
View 4 Replies View Relatedhow can we upgrade 6500 non modular ios to normal 6500 ios?
View 5 Replies View RelatedI have a strange QoS problem with one Cisco7600 (sup7203BXL, IOS 12.2(33)SRE6).
This is layer 2 traffic,and all ports are L2 dot1q trunks:
1) Packet comes with DSCP 46 on Gigabit port (WS6728-SFP) with "mls qos trust dscp" configured. It goes out the port of the same card/slot with DSCP 0.
2) packet comes with DSCP 46 on different Gigabit port on the same card/slot with "mls qos trust dscp" and also "mls qos vlan-based" configured. It qoes out out the port with DSCP 46.
Why the switch behave differently if "mls qos vlan-based" is configured on port (or to say it works correct since it doesn't override DSCP)?
I have global command "mls qos rewrite ip dscp" since this 7600 is also MPLS PE router and I found in documentation that "mls qos rewite ip dscp" is mandatory for QoS on MPLS (EXP bits). So I can't turn off "rewrite ip dscp". Again the problem that I presents is L2 problem not MPLS (MPLS is used for different traffic).
Also mls qos mappings are ok COS to DSCp are 5 to 46 and vice versa.
Furthermore, as far as I know if I have configured "mls qos trust dscp" on Gigabit ethernet port, switch (7600) should work in this order:
- make internal DSCP from packet DSCP
- since I don't have configured DSCP mutation DSCP should stay the same (46)
- using map DSCP - COS ( 46 -5 ) switch will choose queue on outgoing interface in regards to mapped COS
i have a 7201 router with NPE-G2. i have a design which i have the option to send all the traffic through a GRE tunnel or a L2TPV3 tunnel.which method is more CPU consumption ?
View 1 Replies View Relatedwe have some problem with GRE traffic which is processed by CPU and not by CEF.In sniffed packets I can see a lot of "TCP window update" packets. I found that some kind of GRE traffic are forwarded to CPU, like packets with IP options or TTL=0 but non of those are seen in the sniffed packets.
View 2 Replies View RelatedI'm in process of purchasing a new Cisco routers for our branches that will be used primary to enable IPSec virtual tunnel interfce with "tunnel mode ipsec ipv4". does the default IOS IP Base supports this feature? or i need to purchase DATA license or SECURITY license?
View 4 Replies View RelatedI am using a Cisco RV110W (Firmware 1.2.09) in a branch and I would like to create a VPN Tunnel to another site that has a Cisco RV042 (firmware v4.2.1.02)
What would be the correct Configuration? the current configuration I am using is
in the RV042 i am using
Check Enable
Local Group Setup
Local Security Gateway Type : IP Only
IP Address : RV042 Pulbic IP address
[Code].....
Can the sup720b be used in any other slot on a 6513 besides 7 and 8?
View 1 Replies View Relatedi know that Sup720-3BXL has been used the SDRAM.but i don't know that which of memory? using of ECC or plain memory?if use the plain SDRAM, how can prevent to parity error?
View 1 Replies View RelatedWe are looking into replacing our current Windows NLB configuration with a SLB solution as NLB creates some nasty multicast traffic.
We are currently curious about the limitations for running SLB without a dedicated ACE Module, will it handle line-rate speed (1 and 10 gbit) with SLB?
Does VSS introduce any limitations for SLB? Any other pitfalls/limitations we should be aware of?
Hardware info: 2x WS-C6509-E in VSS with VS-S720-10G (VS-F6K-PFC3C) running s72033-ipservicesk9_wan-mz.122-33.SXI7
I will use function of span in sup70-3b.How many session can use in sup720-3b? For example, 2 or 4 session.
View 1 Replies View Relatedmigration of an existing Sup720 configuration to a new Sup2T. At present we have a Sup2T chassis in the lab running 15.0(1)SY1 and a production Sup720 chassis running 12.2(33)SXI5.I've taken a copy of the production startup-config, renamed it to 'startup-config-BGFL_6509_MBAS-020712' and copied it to the bootdisk (and slave bootdisk) of the new Sup2Ts.I've then added the command 'boot config bootdisk:startup-config-BGFL_6509_MBAS-020712' in an attempt to boot from that config and have the Sup2T migrate it to the new config standards (particularly from a QoS perspective as mentioned here :[URL]
!
boot-start-marker
boot system flash bootflash:s2t54-advipservicesk9-mz.SPA.150-1.SY1.bin
boot config bootdisk:startup-config-BGFL_6509_MBAS-020712
...
Router#sh bootvar
BOOT variable = bootflash:s2t54-advipservicesk9-mz.SPA.150-1.SY1.bin,1;
[code]....
I have the above config in a 6509-E chassis with X2 Cac-3000 psu's
The problem i'm having is when everything is powered up it runs fine for about 10minutes then reloads the switch,The 6748 has a 6700-CFC installed the only way i have managed to get it run without crashes is to remove the 3BXL card from the sup and replace it with a PFC-3B, whilst this has solved the problem the client wants the 3BXL card to be installed, am I right in thinking that the CFC installed on the 6748 is incompatible with the 3BXL or maybe the 3BXL is faulty
How can i find the serial number of sup-720 which is totally dead and not boot?By which sticker on SUP and where ? How many digits ?
View 4 Replies View RelatedI have a SUP720-3BXL that will not boot. It will get stuck at booting from the SP. It never switches over to the RP. [code]
View 5 Replies View RelatedI have received a sup720-3B from Cisco with an internal 512MB flash(sup-bootdisk). I want to verify what IOS image is on the disk and do not have an spare 6509 chasis. Can I remove the 512 MB flash disk and insert it to my disk0: on my production 6509 with the sup32 that the 720 will repplace and view what is on the disk without corrupting?
View 7 Replies View RelatedWe have a Cisco 7600 Router with SUP720/MFSC3 that was running version 12.3(33)-SRC3 for more than 2 years now. We recently had to upgrade to a newer release to solve a bug issue after recommendations, so we chose to go to SRD8 release. Since then we are facing a rather strange problem with one of my peer ebpg. we have 2-3 peering on the same router. only one of them is affected. The ebp keeps flapping every 3 minutes due to hold down timers.
12:14:33: %BGP-5-ADJCHANGE: neighbor 15.14.11.18 Down BGP Notification sent
12:14:33: %BGP-3-NOTIFICATION: sent to neighbor 15.14.11.18 4/0 (hold time expired) 0 bytes
12:14:33: %BGP_SESSION-5-ADJCHANGE: neighbor 15.14.11.18 IPv4 Unicast topology base removed from session BGP Notification sent
12:14:47: %BGP-5-ADJCHANGE: neighbor 15.14.11.18 Up
[code]....
We asked our peer if they have similar problems but it seems they do not. Our peer is using Cisco 12810 running 12.0(32)SY11 After downgrading back to version 12.2(33)SRC3 again, the probem was fixed...
to the above question. I see the specs for the WS-SUP720-3B and 3BXL but not the WS-SUP720-BASE with the MSFC3 and PFC3A daughter cards.The 3B can handle 256,000 routes using IPv4 and the 3BXL can do 1,000,000.
View 4 Replies View RelatedCurrently we do not have multicat routing enabled on either of our 2x Sup720-10G 6509 Switches. We have no intention of doing so either. I am looking for clarification on how mutlicasting operates within a Vlan.
IOS: s72033-ipservicesk9_wan-mz.122-33.SXH2a.bin
Our Vlan has IGMP snooping enabled. Here is the output.
6509Switch#sh ip igmp inter vlan 25
Vlan25 is up, line protocol is up
Internet address is 10.1.1.254/24
IGMP is disabled on interface
we do not want to disable IGMP due to this one concern that I can't find documented. If we disable IGMP snooping on the vlan, what happens to multicast packets with a TTL > 1. Do they get flooded to the entire switch and all Vlans? Or does it stay within the Vlan?
I got a new VS-S720-10G it had 122-33.SXH8b on there. I had to downgrade it to 12.2.33.SXI1 to match our other switches. I installed the file I use in all the other switches, s72033-adventerprisek9_wan-mz.122-33.SXI1.bin but the Sup is now is only booting up only to ROMMON mode.
Initializing ATA monitor library...
Self extracting the image... [OK]
Self decompressing the image : #################################################
################################################################################
################################################################ [OK]
%SYSTEM-1-INITFAIL: Network boot is not supported.
System Bootstrap, Version 8.5(4)
Copyright (c) 1994-2009 by cisco Systems, Inc.
Cat6k-Sup720/SP processor with 1048576 Kbytes of main memory
[code]....
How do I get the older version of IOS to load up?
Last month I was reviewing following Cisco document, in which Cisco mentioned that ""To avoid possible memory fragmentation in the forwarding information base (FIB), Cisco recommends that the switch processor (SP) DRAM to a minimum of 1 GB ""
[URL]
Since this document has been revised in Oct 2011 and, I can't no more find the above memory recommendations.
I want know if any one using WS-SUP720-3B with IOS SXI6 and Cisco ACE30 has gone for upgrading the SP DRAM from 512MB(default) to 1GB ?
We have Router CISCO7613,SSO redundancy configured with two Sup 720-3BXL running 12.2(33)SRC1 image. Even thought I've configured SSO, my standby sup remains in COLD state with the following logs generated.
Mar 20 22:07:32.514 IST: %ISSU-SP-3-PEER_IMAGE_INCOMPATIBLE: Peer image (c7600s72033_sp-ADVENTERPRISEK9-M), version (12.2(33)SRC1) on peer uid (8) is incompatible
Mar 20 22:07:32.514 IST: %ISSU-SP-3-PEER_IMAGE_INCOMPATIBLE: Peer image (c7600s72033_sp-ADVENTERPRISEK9-M), version (12.2(33)SRC1) on peer uid (8) is incompatible
Mar 20 22:08:48.263 IST: %PFREDUN-SP-4-INCOMPATIBLE: Defaulting to RPR mode (Runtime incompatible)
[code]...
These logs says that due to some reasons, the configuration is not being synchronized with active and standby sups and hence the redundancy mode remains in RPR mode and SSO not achieved, and hence COLD state. However, I couldn't find a reason why the configuration is not being synchronized, I've issued the command, redundancy config-sync ignore mismatched-commands, and everything worked fine, SSO achieved and standby sup came to HOT state.Now my query is,
1. Why the configuration was not synchronized and standby SUP got in COLD state??
2. Since I issued the suggested command, at least, some of the mismatched lines in configuration will be ignored, Will that create a problem when my Active sup fails and standby become active?