Search this Blog

Thursday, December 29, 2011

Please explain the password recovery enable procedures for 3560

The following procedures get to the switch: dir flash and get the following.....unable to stat flash//: no such device

Can you please explain how to resolve this?

Try the following

switch: flash_init
switch: load_helper
switch: rename flash:config.text flash:config.old
switch: boot

after the switch boots and you are at the enable prompt, type this:

switch# rename flash:config.old flash:config.text
Switch# copy flash:config.text system:running-config

Alternatively you can also try this -

Issue the dir flash: command.
Note: Make sure to type a colon ":" after the dir flash.

Please click here for more information on Password recovery for Layer2 Layer3 questions.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, December 22, 2011

How do you implement mac access-list in 881 and 892 router ?

We can get additional switch-port in the same router but we can't see the function in this router. Can you please confirm that the switch port must function like the catalyst 2960 switch. We want to allow only the specific mac address from the switch port, so, We are looking for the mac access-list concept in this router.

Looks like you want to implement port-security on the integrated switch. This should be possible.
Please click here for more information on Cisco 860 and 880 Series Integrated Services Routers. It should be ok for the 880 series and 892 series.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, December 21, 2011

%C4K_EBM-4-HOSTFLAPPING: Host 86:AA:C0:79:AA:6A in vlan 60 is flapping between port Gi5/9 and port Gi5/23

%C4K_EBM-4-HOSTFLAPPING: Host 86:EE:E0:79:AF:6D in vlan 60 is flapping between port Gi5/9 and port Gi5/23.

Can you please suggest a fix?

Message means that packets with same source MAC address coming from two different interface. That means you may have a netwrok loop causing this. You need to go to devices connected to interfaces Gi5/9 and Gi5/23 and check where this MAC is learnt on those. And trace it further same way checking the STP details.

By this you will find a loop to fix it. Most common cause is High CPU on one f the switches in the way or uni-directional link causing STP problems.

Do a show cdp neighbor and see if the switch sees itself on those 2 ports , if so then those 2 ports are somehow physically tied together and must be fixed , spanning tree won't always fix this situation though it should.

Please click here for more information on the common issues in Cat 4500 switches.



Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Friday, December 16, 2011

Etherchannel limitations WS-X4548-GB-RJ45

Is anyone aware of any limitation on building an etherchannel on the abovementioned linecard, when bundling more than one port on the same card? The 4506 is using a 6L-E supervisor engine 12.2(54)SG1.

If it's done on a 6500 with a WS-X6148-GE-TX linecard it affectivley can only reach 1gb throughput.
There are no limitation information on this WS-X4548-GB-RJ45 (just like we could find for WS-X6148-GE-TX)...

Please pay attention to the distribution of the Etherchannel ports across the different ASIC ports group in the card (as per the 8-to-1 oversubscription) of this classic module WS-X4548-GB-RJ45 ==> Capacity of 6 Gbps (full duplex) connections to the central forwarding engine

WS-X4548-GB-RJ45V:
#
• Bandwidth is allocated across six 8-port groups, providing 1 Gbps per port group

The amount of oversubscription can be controlled by varying the number of ports used at 1000 Mbps. All ports can use Gigabit EtherChannel or IEEE 802.3ad for high-speed interconnection applications
Please click here for more documentation on product specification for Cat4500.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, December 14, 2011

%C4K_EBM-4-HOSTFLAPPING: Host 86:AA:C0:79:AA:6A in vlan 60 is flapping between port Gi5/9 and port Gi5/23

Can you please suggest a fix for this error?

This error code means that packets with same source MAC address coming from two different interface. That means you may have a netwrok loop causing this. You need to go to devices connected to interfaces Gi5/9 and Gi5/23 and check where this MAC is learnt on those. And trace it further same way checking the STP details.
By this you will find a loop to fix it. Most common cause is High CPU on one f the switches in the way or uni-directional link causing STP problems.

Also do a show cdp neighbor and see if the switch sees itself on those 2 ports , if so then those 2 ports are somehow physically tied together and must be fixed , spanning tree won't always fix this situation though it should.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, December 8, 2011

Duplication packet occured on Catalyst 4507R+E

What does the message below mean?This log message is produced Catalyst4507R+E.The device is inserted SUP-7 with 3.1.0SG Image.With this log message, the device produced duplication packet of multicast.
Dec 2 16:40:00.276: (Suppressed 269 times)Dup Packet Fail for Sw Port

The message "Dup Packet Fail for Sw Port" is seen when certain multicastpackets are software bridged and software has run out of buffers whilereplicating the packets in software.In typical deployments, one should NOT have a lot of multicast packets to CPU. Could you check what iscausing multicast packets to CPU periodically? Can you get the output of"show platform cpu packet driver" ? This could provide a hint as to packets drops due to high incoming rate to CPU. It can be normal situation as some multicast should come to CPU to build all records, so depending on the mcast groups number sometimes buffers can be filled. So you can Change the logging level to '5' not to see that message. Other possibility is that you get Multicast packets with TTL expired (TTL=1) thus those punted to CPU and dropped there. For this sniffer should be done on mcast ports to check mcast packets.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, December 5, 2011

VTP Pruning issues

We have just recently cut over from an older core switch/router platform (running CatOS 8.x) to a newer platform running IOS 15. So all the SVI's for our VLANs moved over from the old platform to the new, and a trunk link (4x1GB etherchannel) was configured between the two. All the other access layer switches that had trunk links to the old core were also migrated to the new core (also still trunked of course.) Most of the company's servers, the IP PBX and phones, and some other departmental access switches are still homed into the old core (they will soon be migrated to the new core as we have time.)

The old core and most of the access layer switches are running VTP v2 in a given domain. The new core is also in the same VTP domain, but is in transparent mode (we plan to do away with VTP as a part of this migration, but it hasn't happened yet for all switches.)

So, we have been having a problem since the cut with the old core switch doing VTP pruning of various VLANs off the trunk link between the old core and new core. This isolates the devices on that VLAN on the old core, because that VLAN's devices can not reach their network gateway which is now on the new core. I am familiar with the concept of VTP Pruning, but I thought that if there were other switches "down the line" from the switch that does not have ports in a given VLAN, that the switch that would otherwise do the pruning would NOT prune the VLANs from the trunk. So what I'm trying to say is like this:

[ switch 1 ] ===trunk=== [switch 2 ] ===trunk=== [ switch 3 ]
(has ports (does NOT (has ports
in V100) have ports in V100)
in V100)

So, if in this case "switch 1" is the old core, and "switch 2" is the new core, why would switch 1 prune V100 off the trunk link between itself and switch 2 if there is another switch (or switches) past switch 2 that have that same VLAN?

Note that I am not having VLAN pruning problems on any of the other trunks into the new core.

Network devices in VTP transparent mode do not send VTP join messages. On Catalyst 6500 series switches with trunk connections to network devices in VTP transparent mode, configure the VLANs that are used by the transparent-mode network devices or that need to be carried across trunks as pruning ineligible (use the clear vtp pruneeligible command). »

So in your scenarion I would use the command clear vtp pruneeligible 100, in order to exclude the vlan 100 for any pruning eligibility on the trunk and define the vlans you DO NOT want to be pruned on the trunk

Please click here for more information on how to configure a VTP.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Sunday, December 4, 2011

%DUAL-5-NBRCHANGE: IP-EIGRP(0) 250: Neighbor 10.100.1.1 (Tunnel120) is down: holding time expired

We configured a 2811 series router for dmvpn. Our two tunnels are up but one of the tunnel is flapping with this message. How can we fix this problem.

It's actually called the hold timer in EIGRP but is really the same thing as the dead timer in OSPF. The holding timer expired means that you missed three hellos and declared the peer down. A possibly necessary band aid is setting the hold time higher, though you should also really find out why packets are not being delivered

Tweak the ip hold-time and you should be able to resolve the issue.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Friday, December 2, 2011

NAT inside-to-inside (hairpinning) with NVI on 887VA problem

We are trying to configure hairpinning on our Cisco 887VA VDSL router, so all LAN users can connect to the server using SMTP port 25 which is also in the same LAN subnet, using external router address, which is assigned to dialer1 interface.
Traffic coming in from outside works fine.

Traffic coming from outside to 1.1.1.1:25 goes through fine, but LAN users are unable to connect to 1.1.1.1:25

When we run tcpdump on the server on port 25 nothing happens. The traffic is not going through. We have also noticed in debug ip packet is this line:
s=1.1.1.1 (Vlan1), d=192.168.101.200 (Vlan1), len 52, rcvd local pkt

We have encountered the same connectivity issues with the NVI NAT configuration if the addresses we translated into were actually located in the directly connected networks of the router. What helped, after a tedious search, was to configure no ip redirects on the egress ('outside'-alike) interfaces. There are some strange interactions with the ICMP redirect mechanism and we stumbled across this workaround.

Can you add the no ip redirects command to all your IP-enabled interfaces, i.e. E0.101, Vlan1 and Dialer1? Even if it turns out to not solve your issue, it should not do any harm (basically, this command stops sending the ICMP Redirect messages and should allow the router to hairpin any streams).


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How to upload outputs other than running or startup config to ftp server?


How do you upload the running or startup config to an ftp server but I was wondering If there Is a way to upload , lets say , the output of a sh ip int command ?

Router#show ip interface brief | redirect flash:ShowInt.txt

Then upload ShowInt.txt to where you want.

Or you can do

sh ip interface brief | redirect tftp:///filename.txt


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, December 1, 2011

Problems with Cisco 887 3G functionality

We have a question about the configuration of the 3G functionality on the cisco 887 router. The 3G connection should be the primary connection, because we don't have a direct internet connection. We make use of a data card of KPN NL. On the internet we found some information about the configuration of the 3G module, but won't get a 3G connection. If we look to the gsm profiles we see that the profile is still inactive. Can someone help me with the configuration of the 3G functionality and tell me how to activate the gsm profile?

Make sure the SIM card is not locked with a pin code, you can check from the router with
sh cell 0 security

If the output contains "SIM Status = Locked" then type cellular 0 gsm sim unlock [current pin code] to unlock the card.

When you are sure there is no PIN, you can use the following template:
cellular 0/0/0 gsm profile create 1 office.vodafone.nl ipv4 pap vodafone vodafone

interface Cellular0/0/0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer in-band
dialer string gsm
dialer-group 1
async mode interactive
ppp authentication pap callin
ppp chap refuse
ppp pap sent-username vodafone password 0 vodafone
end


dialer-list 1 protocol ip list 1

!
chat-script gsm "" "atdt*98*1#" TIMEOUT 30 "CONNECT"
line 0/0/0
exec-timeout 0 0
password vodafone
script dialer gsm
login
modem InOut
no exec
rxspeed 7200000
txspeed 2000000

ip route 0.0.0.0 0.0.0.0 Cellular0/0/0 permanent


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, November 30, 2011

3750G IOS upgrade issue

We upgraded ourIOS to the current version from the cisco download site. Now when we log into the switch with the GUI from IE we only get the express setup page. We applied the settings and reboot the switch and it still comes back to express setup.
System image file is "flash:/c3750-ipservicesk9-mz.122-55.SE4/c3750-ipservicesk9-mz.122-55.SE4.bin"

You might be running 12.2(50) and later you need CNA 5.0 . Please click here to download it.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, November 29, 2011

Archive Command on Catalyst 3750 - Time-Period not working

We implemented the following configs on my Catalyst 3750 with IOS versiion 12.2(50)SE3, but our configs are not being backed up every day like it's suppose to be:

archive
path tftp://10.6.0.90/$h-config-$t
write-memory
time-period 1400

As soon as we do the write command or the archive config command, a copy of our configs are sent to our tftp server. But, nothing is written to our TFTP every day like the time-period command indicates in our configs.


Can you try
!
config t
!
archive
path tftp://10.6.0.90/$h-config-$t
time-period 1440
end
!
!
wr mem
!

to verify

show archive
show run


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Saturday, November 19, 2011

How do you configure Cisco ASA multiple context mode

We are looking for some clarification regarding running a Cisco ASA in transparent mode with multiple contexts. Our current network design is the following - Collapsed Core/Aggregation Layer running Cisco 3750s. The 2 Cisco 3750s are using SVIs with HSRP for default gateways per customer with a total of 8 customers. Each customer is segregated into seperate VLANs with Cisco 2960 switches used in the Access layer. Each customer has 2 Cisco 2960 switches with redundant uplinks to the Core/Aggregation layer. Customers are spanning tree loadbalanced between core/aggregation switches. What we need to now do is add two transparent firewalls into the mix in either an active/active or active/standby setup. We need the firewalls to support all 8 customers, therefore we are guessing they need to run in multiple context mode. Having read into this it has left me somewhat confused as to how to integrate them into the above setup as a bump in the wire so to speak.

You would need to create 8 transparent contexts (one per customer) and assign 2 vlans in the same subnet to each customer. For example:vlan 1 and 11 for customer 1vlan 2 and 20 for customer 2vlan 3 and 30 for customer 2and so on.

Please click here for config examples to setup Multiple modes, transparent firewall with Outside access.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, November 15, 2011

Cisco 7609 RSP720-3CXL-GE "mls cef maximum-routes"

We receive syslog warnings that we run to the threshold for the maximum supported mpls routes in the CEF table, below some information.
What is the impact/risc if the threshold is exceeded?
What is the service impact when increasing the settings?
What do we do with the redundant sup720?
is there some good documentation on this? in particular the RSP720-3CXL-GE (I found some old stuff on CATOS and sup32)
ASDGTS1CRT01#sh mls cef maximum-routes
FIB TCAM maximum routes :
=======================
Current :-
-------
IPv4 - 450k
MPLS - 384k
IPv6 + IP Multicast - 88k (default)
ASDGTS1CRT01#sh mls cef sum
Total routes: 750214
IPv4 unicast routes: 375897
IPv4 Multicast routes: 3
MPLS routes: 374036
IPv6 unicast routes: 0
IPv6 multicast routes: 0
EoM routes: 278

Actually RSP720-3CXL can get up to 1M of IPv4 +MPLS routes. Your current values are 450k+384K=834K. So you have some room to increase that:
- Theoretically this maximum number of routes can be adjusted by the following commands:
mls cef maximum-routes ip 500
mls cef maximum-routes mpls 500
reload
500 or any number that can support all the routes.
- Please be aware that if we change the maximum number of IPv4 + MPLS routes to 1M, there will be little resource for IPv6 and Multicast.
IPv4 - 500k
MPLS - 500k
IPv6 + IP Multicast - 8k (default)
- Also changing that you can exaust all available memory in TCAM. In some cases that can lead to CEF auto switch off to resume the normal operation of router. In turn this can lead for packets to be processed switched. So fine tuning should be done accurately.


- If total is below the Processor limit - then CEF just stop storing routes above limit to TCAM - and those can be software switched increasing CPU load. If it will be close to physical limit - then memory can be exausted and in some corner cases CEF can be auto switched off to resume normal operation of router.

- you need to reload to apply changes, also reaching the maximum limits can sometime lead to CEF problems due to no memory

- Redundant SUP does not participate in control plane decisions - it just synch it's state with active one. Nothing more

Whole reload needed as this should be populated to TCAM.
If you just reload standby - it would still get in synch with active and get current TCAM values from it thus your changes will not be applied. Thus Maintenance Window should be organized for that. But I would also start checking the routes - if there is any possibility to remove some. You don't have too much room for TCAM increase so might soon get it filled as well and then you ill reach HW limit. So possibly a good chance to start revising those now.
Though that is really depends on your NW.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, November 14, 2011

Spanning- tree priority with VPC

We are deploying a pair of Nexus 3064 switches in a VPC and they will handle all of the Layer 3 Routing and switching for a small data center. Do we need to test their spanning tree priority the same if they will be configured as a VPC? Example:Primary - 4096, secondary - 4096.

Having the same bridge priority is not a requirement to maintain vPC consistency. Even if you had the highest bridge priority in the secondary, your vPC primary would forward BPDUs in vPC domain. quoted from "Cisco NX-OS Virtual PortChannel: Fundamental Design Concepts..." "vPC by default ensures that only the primary switch forwards BPDUs on vPCs. This modification is strictly limited tovPC member ports. As a result, the BPDUs that may be received by the secondary vPC peer on a vPC port areforwarded to the primary vPC peer through the peer link for processing. Note: Non-vPC ports operate like regular spanning-tree ports. The special behavior of the primary vPC memberapplies uniquely to ports that are part of a vPC."

Please click here for the Design Guide for Cisco NX-OS
Please click here for spanning tree design guidelines

Having the same (highest) priority would also be no problem because in the non-vPC context (i.e. classic spanning tree topology) there would be a tie-breaker (lowest MAC) to elect the root.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, November 10, 2011

VPN 2 ISP's Main Office - 1 ISP BranchOffice Gateway Problem

We currently have an exchange server located at our head office IP address 192.168.0.10 with a Cisco Firewall/modem at gateway address 192.168.0.254. Connecting to the Internet picking up exchange mail and web browsing for the PC’s attached to Head office
We recently installed an additional Cisco VPN Router at address 192.168.0.253 (head Office) with its own isp connection to allow the remote office to connect ot our server and hopefully access exchange mail, accounting software etc.

A VPN Tunnel has been setup between Head office and the remote office; the tunnel stays connected and works fine. We can ping or connect to any computer at the remote office from the head office.

The problem is that we can’t ping or connect to any computers at the head office from the remote site that don’t the have the Cisco’s VPN Router’s IP address of (192.168.0.253)

The IP range at the Remote Office is 192.168.12.1-254 Gateway Address is 192.168.12.1

We can ping any Computer at head Office from the remote Office if the gateway address in the PC at the Head Office is changed to 192.168.0.253
Is there any way to translate IP address’s to allow access to Servers/printers at the Head Office from the Remote Office?
Remote Office IP Range
192.168.12.1 - 192.168.12.254
DNS Server (Windows 2008 Standard Server) 192.168.12.20
Gateway Ip 192.168.1.1

Head Office IP Range
192.168.0.1 – 192.168.0.254
DNS Server (Windows 2003 Standard Server) 192.168.0.254
Gateway Ip 192.168.0.10

Other Severs I need to get access to Head Office from the Remote Office
192.168.0.10 Exchange/active directory server
192.168.0.20 Aristocrat Database Server
192.168.0.4 Document Server

Routers – Cisco 8-Port VPN Routers Model No RV082

Looks like you have a routing issue at the head office.

Basically, you have two different routers, but only one default route - so, since you don't have an entry for the network at the remote end, the traffic is sent to the default gateway - which doesn't know where to send the traffic, so drops it off.

You can do one of two things.

1) Connect the two routers to the same layer 2 domain (which it seems you may have already), and put a static route into the device at 192.168.0.254 basically saying "anything for network 192.168.12.0/24, send via 192.168.0.253" - not sure of the exact format for this because I've not worked with these apparent Linksys devices before, but on an IOS router you would do something like

ip route 192.168.12.0 255.255.255.0 192.168.0.253

on the device at 192.168.0.254

2) Put a static route for the 192.168.12.0/24 network into every device/PC/server on the 192.168.0.0 network - in a windows machine it goes something like this

route add -p 192.168.12.0 mask 255.255.255.0 192.168.0.253

Option 1 is easier and has the benefot of only needing to be done on one device, but may lead to issues with redirects or traffic load levels on your main router.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

RV220W Critical error

We were trying to adjust some parameters on the administrative interface on the Rv220w when we got the message 'A critical error encountered while loading web page'. At this point the admin web page was 'locked', and we had to close the page and log back in again. We were trying to adjust the remote logging parameters when this happened. We checked in the logs, but there was no information about this problem.

critical error is encountered when attempting to configure settings for remote logging to a syslog server.

This is a known bug in the product and the issue has been fixed. Please contact Cisco Support Center if you need this fix immediately.

Work Around:
Enable email logging on the Administration > Logging >Remote Logging Configuration page.

Note: you do not need a real Email server in the LAN to apply the workaround.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, November 7, 2011

Top 5 Tech Support questions on Cisco System's products - Weekly Update Nov 1st

The most actively discussed Tech Support questions on the web for Cisco System's products (Week of Nov 1st 2011)
  1. 2950T IOS Update Failure
  2. Cat6500 w/Sup-720 sup-bootdisk error
  3. Traceroute output !A * !A
  4. DMVPN Tunnel Stuck in Exstart/BDR
  5. CAT 4500 error 4900M - %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR:

2950T IOS Update Failure

We are trying to update a switch we bought to the latest IOS using the Cisco Network Assistant but the it is failing becasue it's saying we don't have the space.

In the CLI we get,

Switch#dir all-filesystems
Directory of flash:/
2 -rwx 109 Mar 01 1993 00:01:47 +00:00 info
3 -rwx 270 Jan 01 1970 00:01:37 +00:00 env_vars
7 -rwx 3081999 Mar 01 1993 00:03:23 +00:00 c2950-i6q4l2-mz.121-22.EA1
.bin
8 drwx 2688 Mar 01 1993 00:05:25 +00:00 html
90 -rwx 109 Mar 01 1993 00:05:26 +00:00 info.ver
7741440 bytes total (1233920 bytes free)
Directory of nvram:/
30 -rw- 0 startup-config
31 ---- 0 private-config
32768 bytes total (32716 bytes free)
Directory of system:/
2 dr-x 0 memory
1 -rw- 1133 running-config
No space information available

How do we clear all this out to make room for the new IOS. We are trying to install ( c2950-i6k2l2q4-mz.121-22.EA14.bin ).

Use CLI directly to upgrade your IOS. Not sure why the Cisco Network Assistant is refusing to upgrade your IOS. Yes, it would need to delete the current image and store in the new one but that is how the upgrade is supposed to happen.

Try the follow steps -
  • Place the new image on a network server into a folder that is accessible either via HTTP, FTP or TFTP from the switch. Let's assume it is HTTP (recommended).
  • Verify that the switch can ping the server.
  • Use the delete flash:c2950-i6q4l2-mz.121-22.EA1.bin command to delete the existing IOS image from the FLASH on your switches
  • Use the copy http://X.X.X.X/some_path/c2950-i6k2l2q4-mz.121-22.EA14.bin flash: command to copy the new IOS image from the HTTP on the server X.X.X.X (replace with appropriate IP address and path) to your FLASH
  • After the transfer is complete, enter the global configuration mode and enter the command boot system flash:/c2950-i6k2l2a4-mz.121-22.EA14.bin to configure the switch to immediately boot the new image
  • Exit the configuration mode, save your configuration, reload your switch


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Cat6500 w/Sup-720 sup-bootdisk error


We are trying to upgrade the IOS on a 6500 Sup-720 and we are getting an error.

Loading s72033-advipservicesk9_wan-mz.122-33.SXI3.bin from 10.9.0.81 (via Vlan2): !
%Error writing sup-bootdisk:/s72033-advipservicesk9_wan-mz.122-33.SXI3.bin (Bad service code). We can't seem to find anything about this particular error.

This means the IOS is unable to read the sup-bootdisk and its contents. May be the filesystem might have got corrupted.

Please try formating/erasing the sup-bootdisk?
- command may be something like "format sup-bootdisk" or "erase sup-bootdisk"
MAKE SURE YOU DON'T REBOOT THE SUP ENGINE AFTER FORMATING OR ERASING THE SUP-BOOTDISK, have an IOS in another disk and point your boot system command to the IOS which is on another disk, because during reboot if the SUP is not able to read an IOS from sup-bootdisk then it will go to rommon mode....


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Friday, November 4, 2011

Traceroute output !A * !A

We are getting this output doing a traceroute:

Router# trace 172.20.5.51

1 10.1.15.42 0 msec 0 msec 4 msec
2 172.20.10.26 !A * !A

Everything is fine.
The IP 172.20.5.51 is a loopback of the same device that has the 172.20.10.26 on a physical interface (so the packet is getting to the destination fine, connectivity is fine).

But we haven't found the meaning of the !A * !A output.

The !A indicates an "Administratively Prohibited" reply was received from the remote node, the * indicates the probe timed out.

Perhaps the node at 172.20.10.26 has an access list on the interface which denies ICMP replies in some form or another.

Please click here for document that contains a list of the Cisco traceroute replies in it.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, November 3, 2011

DMVPN Tunnel Stuck in Exstart/BDR


We have a network consisting of 13 routers all of which connect via DMVPN. Two of the routers are hubs, one with an OSPF priority of 255 and the other 253. All spoke routers form an adjacency (FULL/DR) with the router with a priority of 255. All routers trying to form an adjacency with the other hub stay stuck in the EXSTART/BDR state and eventually transition to DOWN/DROTHER due to "too many retransmissions."

We have tried using the ip ospf mtu-ignore on both the hub and spoke router. We have ran debug ip ospf adj on both hub and spoke and I don't see any error signifying mtu mismatch. We have also tried increasing the retransmit-interval on the spoke. We have verified that the hello, dead, wait, and retransmit timers are the same.

Here are possible reasons for why you get stuck on EXSTART phase:
  1. MTU problem, meaning the routers can only ping a packet of a certain length.
  2. Access list is blocking the unicast packet.
  3. NAT is running on the router and is translating the unicast packet.
  4. Both routers have the same router ID (mis-configuration).
  5. You can try adding "tunnel path-mtu-discovery" on all of your interfaces.
  6. It could be that your nhrp maps and/or you nhs configs are a bit off. double check them making sure they are correct.
  7. Also, you can do a debug ip ospf events on both routers and see who is not sending the hellos.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, November 2, 2011

CAT 4500 error 4900M - %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR:


We have recently upgraded a number of these model switches to cat4500e-ipbasek9-mz.122-54.SG1.bin ... about 12 weeks ago. Of the 6 that we upgraded, one has had the following triggered on it.

Nov 1 13:54:54.049 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0
Nov 1 14:04:56.113 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0
Nov 1 14:14:58.173 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0
Nov 1 14:25:00.237 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0
Nov 1 14:35:02.305 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0
Nov 1 14:45:04.373 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0
Nov 1 14:55:06.417 ACDT: %C4K_SWITCHINGENGINEMAN-4-VFEICINTERRUPTICCERR: VFE IC iccErr interrupt. valid: 1 errStatus: 0x2000000 replyBusParity: 0xBD replyBusLog.rep: 0x8000000 0x180000C7400 log.rep: 0xF8082600000000 0x0 0x0 0x101035A extLog.rep: 0xFF00000000 0x0 0x0 0x0 tcamIfRxErrStatus.rep: 0x2000000 IC CAM stsReg.rep: 0x0 0

What concerns me is that there was nothing in the logs preceding this alarm .. documentation reflects that it's an informative message and no action is required ... but why would it keep repeating on a 10 minute cycle since it was first triggered?

What you have seen are the correctable parity errors. To learn more about Parity Errors please click here for CCO documentations. Please click here for documentation on troubleshooting line cards.

In general that is usually transient if seen once - or HW problem in case of mulitple occurrencies. So if that is still scrolling - please consider the replacement of Supervisor (RMA). The scrolling message is confusing and possibly should be addressed in SW. However the root cause for it is HW parity error. The reload should stop this error - on re-occurrence replace it.

In regards to scrolling message It can be both - DE actually need to look into the code. SO if that parity error stays there as not correctable and switch is doing regular routine and finds that again and again - thus the continious logs. I guess nothing can be changed in the way it handles that.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, October 31, 2011

Juniper switches - Metric2 change and route selection

Can we change metric2 of a BGP prefix?

For BGP routes, metric corresponds to the MED, and metric2 corresponds to the IGP metric if the BGP next hop loops through another router
You can create routing policy with any action, but only actions relevant to the protocol will be executed. So, can't set external type for BGP routes nor add community to routes exported to OSPF and the like.

Regarding route preference, it's local value (device specific) and you can't set it in export policy. Additionally, OSPF import policy is limited to filtering OSPF external routes (from going into RIB), other actions are not effective.

Please click here for more information on the summary of Key Routing Policy Actions


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, October 25, 2011

Wrong userid/password 2960G-24TC-L

We bought a new Cisco 2960G-24TC-L, and connected to it through a web browser. We tried the logon screen with different passwords below, but got the error of bad user/password.

We used :
cisco / cisco
Cisco / Cisco
cisco / Cisco
Cisco /cisco

Any suggestions?

Please login to the switch via console port and add this command to your switch and try using the Web browser again.

ip http server


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, October 18, 2011

IP DHCP Help while configuring 2921

Our current configuration on a cisco 2921 (Verson 15.0(1r)M9 Release (fc1)):

ip dhcp pool Voice
network 10.21.179.0 255.255.255.128
default-router 10.21.179.1
option 150 ip 10.21.179.196 10.21.179.200

Issue is when a device looks to renew their lease no IP's are available. Debug ip dhcp events tells us the dhcp pool is exhausted. It appears that when the devices, Cisco phones in this case, goes to renew their lease, they do not renew with the current IP they already have. This causes the pool to become exhausted of ip addresses. For some reason, the router holds the IP's in reserved status and will not reassign them back out for a specific amount of time.

There are two choices to explore
  1. Decrease your dhcp timer.
  2. Increase your dhcp scope.
If you have more devices than your scope allows, you're going to see this problem over and over.
If you don't, then just decreasing the time the router keeps the mac address assigned to the ip will do the trick.

The DHCP command below is listed below - default is 24 hours or 1 day.

Router(dhcp-config)#lease

Also if you haven't got thousands of phones then assign them static bindings for their specific mac-addresses

ip dhcp pool PHONE1
host x.x.x.x
hardware-address xxxx.xxxx.xxxx

and so on for each phone keeping the parent pool with all the settings then each child pool will inherit these: default-router, tftp server,...


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, October 17, 2011

VTP question about "Show Run" in Cisco 2950

We have a Cisco 2950. When we type "show vtp status" and it tells me this switch is in client mode, and it's in such-and-such domain, etc., However, the command does not show this information when we type "show run"? Can some one please explain?

Because the vlan configuration when running in VTP server/client mode is stored in the vlan.dat file and not in the running config. If you put the switch in VTP transparent mode then the vlan information is written into the running config and then you would be able to see it. It is also stored in the vlan.dat with VTP transparent as well.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Sunday, October 16, 2011

Junos Pulse and Cisco Mobile VOIP app on iPhone

We have 2 SA6500s in an active/active cluster and are using Junos Pulse to allow iPhones to access our network. However, we are trying to use the Cisco Mobile VOIP app (I'm using 8.1) for voice calling. When we're on our internal wireless, VOIP works fine. When connected via Pulse, the voice mail works but Internet calling is disconnected. It looks like it repeatedly connects and disconnects. Has anyone seen this before? Thanks.

Solved disabling SIP INSPECTION on Cisco FWSM facing CUCM!

No reason: indeed it's the very same firewall that packets from iPAD meet from intranet.

May be the problem was that from vpn connections packets go trough another more Cisco Firewall. SIP inspection on Cisco Firewalls never used to work with third party sip devices, now does not work with Cisco SIP devices as well!


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, October 13, 2011

Is Tcl supported on 2811? IOS 12.4(15)T10

We are trying do some tcl scripting on our 2811 routers for research, but none of the commands seem to be working. In priveledged mode 'tclsh' isn't found, and neither is 'event'. According to all the documentation, our IOS 12.4(15)T10 should come with EEM, but we are unsure about the tcl shell. Can you please explain.

Since it is IOS 12.4 (15)T10, we think it should support tcl scripting. For event manager applet, you need to be in configuration mode.
Command will be :

conf t
event manager applet

For going into tcl scripting mode, please try these exact commands and the place from where it would be run.

Router# tclsh

If above doesn't works

Router # conf t
Router # tclsh


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, October 12, 2011

What is the command to check supervisor crc error threshold is needed

We have seen the following message on a CISCO 7609-S (12.2(33)SRD3):

%FABRIC_INTF_ASIC-4-FABRICCRCERRS: Fabric ASIC 0: 239 Fabric CRC error events in 100ms period

Explanation (Output Interpreter): The Switch Fabric interface Fabric interface encountered more crc error events than the Supervisor crc error threshold allows.

We would like to check the current crc error counter and crc error threshold on the supervisor.

Does anybody know which commands have to be issued to get this information?

Please take off the following outputs several times with a slight interval between them:

show fabric channel-counters
show fabric errors
show fabric drops

remote command switch sh fabric errors

it might be a one time occurrence (most likely).

Also please click here to get the documentation on Truncated mode and understanding the Catalyst 6500 Switch Fabric Module with Supervisor Engine 2.

If you're using truncated, it looks like the default threshold is 2. You may also want to look at Switch Fabric Module Redundancy in the same document.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, October 11, 2011

What is the maximum allowed NAT/PAT Translations on Sup720

We are trying to figure out maximum allowed NAT/PAT Translations allowed on a WS-SUP720-BASE. At any one time we can expect about 30k active users browsing the internet. Can someone please confirm if it supports 300k+ translations.

General rules are:

- the Sup720 is not conceived to NAT all the traffic handled by it. It can do it of course but since the feature is hardware assisted, as Giuseppe correctly pointed out, which means that it cannot be entirely performed in hardware but requires the assistance of software (read CPU) there are scalability considerations to be aware of.
In other words if you require that all the traffic (or vast majority of it) going through your system has to be NAT'ted it is better that you use another device for that (a software based router is better equipped for that). NAT on Sup720 can be used as a temporary measure or for limited traffic volume.

- Performance depends on some variables such as packet size, transport protocol (TCP vs UDP), and type of NAT (static vs dynamic; NAT vs PAT).
NAt is more performing than PAT with UDP being slighlty more performing than TCP.

NAT is declared hardware assisted on sup720 datasheet. Please click here for the datasheet.

Don't expect the system to be able to handle more NAT entries then the size of its TCAM tables used for multilayer switching operations.
for sup 720 3B
256,000 route entries
128,000 netflow entries
see table 1 of above document


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, October 10, 2011

WS-C2960-48TC-S, WS-C2960G-24TC-L, and modules MiniGBIC GLC-GE-100FX

WS-C2960-48TC-S, WS-C2960G-24TC-L, and modules MiniGBIC GLC-GE-100FX
We have a network of fiber MM 62,5 / 125 um SC connector length 800 m. We would like to buy two switches WS-C2960-48TC-S, WS-C2960G-24TC-L, and modules MiniGBIC GLC-GE-100FX + MM patchcord 62,5 / 125 um LC-SC connectors.

Does the configuration the equipment meet our requirements?

Consider GLC-SX-MM if you are going to connect both switches together. GLC-GE-100FX has a speed of 100 Mbps while GLC-SX-MM operates at 1Gbps.

The bandwidth that you plan to push - 100 Mbps or 1Gbps has a direct implication. If you want to push 1Gbs between the links then consider the GLC-LH-SM.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, October 6, 2011

How to configure DHCP option 60 & 43 on IOS to an Aruba AP

How do you configure a Cisco Router 2811 which is also acting as the DHCP server for our branch office for DHCP option 60 and 43 so Aruba AP's at my branch can discover it's master Controller? Could any please help me with the command we need to enter in the Cisco router?

Here is an example of DHCP pool

ip dhcp pool wireless

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

lease 5

also if you need to exclude certain ips use

ip dhcp excluded-address 192.168.1.1

Please click here for more information on Cisco IOS DHCP server.

Please click here for more information on "DHCP OPTION 43 for Lightweight Cisco Aironet Access Points Configuration Example"


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, October 3, 2011

Cisco Sup720 not able to boot

We are working on Cisco 6505 with Supervisor 720. In the configreg we somehow deleted or corrupted the IOS Image. Now When switch on my Switch its going to Rommon mode. We downloaded image in flash disk(disk0). When we try to boot from that image its giving following error -

rommon 11 > dir disk0:

Initializing ATA monitor library...

Directory of disk0:

2 49141220 -rw- s72033-ipservicesk9-mz.122-33.SXH2.bin

---------------------------------------------------------------------------------------------------------------------------------------------

rommon 10 > boot disk0:s72033-ipservicesk9-mz.122-33.SXH2.bin

Loading image, please wait ...

Initializing ATA monitor library...

*** TLB (Load/Fetch) Exception ***

Access address = 0x0

PC = 0x0, Cause = 0x8, Status Reg = 0x30409003

monitor: command "boot" aborted due to exception
  1. This issue can be caused by a software image with a bad checksum. Re-download the Cisco IOS Software image from the TFTP server.
  2. If a re-download does not resolve the issue, format the Flash card and re-download the Cisco IOS Software image.
Please click here for documentation from Cisco on Trouble shooting issues on CAT 6500 / 6000.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Sunday, October 2, 2011

Top 5 Tech Support questions on Cisco System's products - Weekly Update Sept 25th

The most actively discussed Tech Support questions on the web for Cisco System's products (Week of Sept 25th 2011)
  1. Flowcontrol on trunk ports
  2. How do you connect catalyst 3750 to Procurve 2910
  3. How do you configure vlan routing through 871 router
  4. How do you configure more private vlans on a Cisco 3750G switch
  5. What are the differences between clear arp-cache and clear ip arp

Ask your question to Cisco Experts and get a free answer at www.qsolved.com

How do you connect catalyst 3750 to Procurve 2910


If the connecting port on 3750 to procurve 2910 belongs vlan 10, does the connecting port on procurve 2910 has to belong to the same vlan?

Would both switches be connected if their connecting ports do not have the same vlan number? Do both connecting ports have to be tagged or untagged or does not matter?

In general, without being vendor-specific, if you are interconnecting two switches, they should be conected by ports that are either both placed into the same and single untagged VLAN only (we call them access ports), or they are members of the same set of VLANs (we call them trunk ports in Cisco parlance).

Connecting two access ports that belong to different untagged VLANs on each switch is incorrect. That would make the two VLANs leak into each other and effectively merge.

Also, connecting an access port on one switch with a trunk port on another switch is incorrect. A trunk ports expects to be able to carry data from multiple VLANs, while the access port is capable of carrying a single VLAN only. This would lead to connectivity issues.

Tagging mode must be identical on both ends of the link - the set of tagged and untagged (native VLANs) should be identical.

Interconnect switches using trunks unless there is a particular special need to have the neighboring switch as a whole placed into a single VLAN only. This would mean that the configuration on the Cisco port would be:

interface Fa0/1
switchport trunk encapsulation dot1q ! Not necessary/supported on many switches
switchport mode trunk
switchport trunk native vlan 1


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Flowcontrol on trunk ports


Based on port capabilities can flowcontrol can be enabled on a trunk port?

TenGigabitEthernet1/1/1
Model: WS-C3750X-48
Type: SFP-10GBase-SR
Speed: 10000
Duplex: full
Trunk encap. type: 802.1Q,ISL
Trunk mode: on,off,desirable,nonegotiate
Channel: yes
Broadcast suppression: percentage(0-100)
Flowcontrol: rx-(off,on,desired),tx-(none)

What will be the behavior when a pause frame is received? This is a dot1q trunk - will all traffic for all vlans be paused, or just particular sessions? We are concerned that one server, for example, on vlan 10 could pause traffic on another vlan by sending the port a pause frame. This is a 10Gb link to a hosting environment, that has several different SAN vlans on it.

It will pause all the traffic. Not just one session. A Iscsi san will pause to a nexus 5000 and the 5000 started dropping packet on it's uplinks. DCB can help if your san can support it. (equalogic for now) Unfortunately Flowcontrol is a no go.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Friday, September 30, 2011

How do you configure vlan routing through 871 router

We have a 2960 switch with three vlans connected to an 871 router. Vlan10 for servers, Vlan20 for workstations and Vlan30 for testing purpose. How can we get all three Vlans to go out the internet and have Vlan's 10 and 20 to talk to each other.

You need to do two things.

1) Configure the port on the SWITCH you are using to link to the router as a trunk port, encapsulation 802.1q and allow the required VLAN's - the following command should do it

conf t
int
switchport mode trunk
switchport trunk allowed vlan 10,20,30
end
copy run start

Enter your interface number as appropriate

2) Configure the port on the ROUTER you are using to link to the switch with some sub interfaces in dot1q mode by doing something like this (I've assumed you're using interface f0/1 - put in the one you're actually using).

conf t
int f0/1.10
encapsulation dot1q 10
description VLAN 10 Servers
ip address

exit
int f0/1.20
encapsulation dot1q 20
description VLAN 20 Workstations
ip address

exit
int f0/1.30
encapsulation dot1q 30
description VLAN 30 testing
ip address

end
copy run start

Again, use your own interface designation - this means you only have to run one connection between router and switch.

You may also have to fiddle with routing tables/NAT configurations if you are using your router to do NAT for your internet connection.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.
 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */