WAN Redundancy on G2 ISR Router?

Question:

I'm currently looking over Catalyst Switches  different models of ISR G2s for my company, and am thinking between the 3925 and 2911... We plan on having 2 WAN connections hooked up to the router, and use the 3rd port for the LAN. One ISP is a cable connection, and the other a fiber optic... Both have ethernet drop offs at the demarc, so I plan on using the GigabitEthernet ports.

Is it possible to setup WAN Redundancy without any protocols like BGP? What would the config look like, I couldn't find any articles on the subject, just for BGP.

Main WAN Link--------------------

                                            (ROUTER) -------------------LAN

Backup WAN Link----------------                 

Crude drawing for what I'm trying to achieve. There won't be any hosted services or any Static NAT going on either.

Answer:

You should use floating static route.

Configure static default route with high admin distance via backup link:

ip route 0.0.0.0 0.0.0.0 backup_interface 250 name floating_static_route

Than configure IP SLA with tracking if primary link is UP. If primary link is working, default route will be instaled into routing table and this link will be used. If primary link fail, default route will be removed from routing table and default route with admin distance 250 will be used via backup link.

ip sla 1

icmp-echo IP_address

ip sla schedule 1 start-time now life forever

track 1 ip sla 1 state

ip route 0.0.0.0 0.0.0.0 primary_interface Cisco 3560 Price track 1

Sampled netflow from Nexus 7000 questions

Question:

We have Nexus 7000s configured WS-C3560X-24T-S for sampled netflow. We have tools that should reconstruct the sampled flow records for management displays. Most tools require the flow record, option and template to be sent in order to reconstruct the sampled flow record. We have captured some of this traffic and noticed that the template contains "SamplerMode": Unknown (1) [See Nexus 1-1.png]. Is this usual or have we not include commands required for proper operation?

fearure netflow

flow timeout active 60

flow timeout inactive 15 (default)

flow session

flow timeout agreesive threshold 80

flow exporter flow_exporter

destination x.x.x.x use-vrf management

transport udp 9996

version 9

  template data timeout 30

  option exporter-stats timeout 30

  option sampler-table timeout 60

flow record flow_record

match ipv4 source address

! {many statments}

sampler netflow_sampler-2

  mode 1 out-of 100

flow monitor flow_monitor

    record flow_record

    exporter flow_exporter

interface VLAN 150

ip flow monitor flow_monitor output sampler netflow_sampler-2

Answer:

You are correct regarding "Most tools require the flow record, option and template" and they also require the definitions of all elements used in the export.

We maintain constant communication with Cisco for their latest element IDs and definitions (I.e. description, type, length, etc.).  It looks like your collector may need the definitions.  Once updated, the front end will then need to be updated to make use of the new element(s) if you want to make use of it.

If you send a packet capture of the flows to Plixer the will give you a more complete diagnosis. Make WS-C3560X-48T-L Price sure you include the templates.  

1 Internet Connection - 2 cascaded routers

Question:

II have a problem reaching Catalyst Switches the internet from my second cascaded network 10.1.1.0 on Cisco 3550.

I  can reach the internet while I'm using the network 192.168.1.0, but  when ever I try from 10.1.1.0 I always get request timed out.

Here is the configuration:

 Linksys X300:

Not much on it 2 static routes.

ip route 10.1.1.0 255.255.255.0 192.168.1.3

ip route 41.68.42.89(public) 255.255.255.255 172.31.1.122(first hop)

Linksys E900: >> IP address only

Cisco 3550:

Enabled ip routing

default route >> ip route 0.0.0.0 0.0.0.0 192.168.1.1

Ip default-gateway 192.168.1.1

ip name-server 192.168.1.1

SVI interface vlan 10

ip add 10.1.1.3 255.255.255.0

int fa 0/24

no switchport

ip add 192.168.1.3 255.255.255.0

Tests

I can ping from 10.1.1.0 to 192.168.1.0 and vise versa

I can reach the internet from 192.168.1.0

When  I ping yahoo.com from 10.1.1.0 (computer) the dns work!! I mean it  translates yahoo.com to 206.190.36.45 but it gives me request timed out.

Lastly  I tried to ping from the cisco 3550 to 172.31.1.122 with source ip  10.1.1.3 and it also gave me the same request timed out.

Can you please help me guys I know I'm missing something and I dont know it and it is driving me nuts.

Answer:

Are you NATing the affected subnet?

Sent from Cisco Technical Cisco 3560 Price Support Android App

Connecting 2 routers with only FastEthernet

Question:

I have a home lab.WS-C3750X-24S-S Price I am trying to connect a 1710 to a 2610 with just using the fast ethernet ports.  I understand that serial connections and t1 csu/dsu connections use clocking, etc.  How can I configure FA ports to do the same AND be routable?

Answer:

Hello monte, you do not need to set clocking on fastethernet interfaces. If you want this particular link to be routable all you have to do is ensure that both ends are within the same ip range, e.g.

Router 1

Interface fa0/0

IP address 10.0.0.1 255.255.255.252

Speed auto

Duplex auto

No shut

Router 2

Interface fa0/0

IP address 10.0.0.2 255.255.255.252

Speed auto

Duplex auto

No shut

This should allow you to 'ping' the other side, if you are able to, then there is connectivity.

If you want to achieve routing for different subnets you can use static routing or a dynamic WS-C3750X-12S-S  routing protocol.

7606 Router cpu utilization is hitting 99%!

Question:

7606-IGW-1#more bootdisk:crashinfo_WS-C3750X-48P-L Price 20100824-055939-UTC

Writing crashinfo to bootdisk:crashinfo_20100824-055939-UTCYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 4921508  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "IP Input", ipl= 0, pid= 202

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F8D4 946B154 942F720 B065610 B065798 8B91528 8B91BC4 8B92338 8B94CFC 8B8F8A8 8B73080

004120: *Aug 23 13:38:22.446 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004121: *Aug 23 13:38:32.450 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004122: *Aug 23 13:38:42.466 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004123: *Aug 23 13:38:44.426 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 4683836  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F7E8 942F530 A7D5BE4 A7CB838

004124: *Aug 23 13:38:52.470 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004125: *Aug 23 13:39:02.482 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004126: *Aug 23 13:39:12.490 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004127: *Aug 23 13:39:14.426 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 5064576  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "IP Input", ipl= 0, pid= 202

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F8D4 946B154 942F720 B0655AC B065798 8B91528 8B91BC4 8B92338 8B94CFC 8B8F8A8 8B73080

004128: *Aug 23 13:39:22.506 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004129: *Aug 23 13:39:32.506 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004130: *Aug 23 13:39:42.506 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004131: *Aug 23 13:39:44.426 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 5399612  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "IP Input", ipl= 0, pid= 202

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F8D4 946B154 942F720 B0655AC B065798 8B91528 8B91BC4 8B92338 8B94CFC 8B8F8A8 8B73080

004132: *Aug 23 13:39:52.506 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004133: *Aug 23 13:40:02.522 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004134: *Aug 23 13:40:12.522 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004135: *Aug 23 13:40:14.426 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 5001240  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "IP Input", ipl= 0, pid= 202

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F8D4 946B154 942F720 B0655AC B065798 8B91528 8B91BC4 8B92338 8B94040 8B8F7B4 8B73080

004136: *Aug 23 13:40:22.530 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004137: *Aug 23 13:40:32.554 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004138: *Aug 23 13:40:42.578 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004139: *Aug 23 13:40:44.430 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 4847268  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F7E8 942F530 A7D5BE4 A7CB838

004140: *Aug 23 13:40:52.606 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004141: *Aug 23 13:41:02.614 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004142: *Aug 23 13:41:12.626 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004143: *Aug 23 13:41:14.446 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 4596772  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "IP Input", ipl= 0, pid= 202

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F8D4 946B154 942F720 B0655AC B065798 8B91528 8B91BC4 8B92338 8B94040 8B8F7B4 8B73080

004144: *Aug 23 13:41:22.630 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004145: *Aug 23 13:41:32.638 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004146: *Aug 23 13:41:42.638 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004147: *Aug 23 13:41:44.462 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 5020716  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F7E8 942F530 A7D5BE4 A7CB838

004148: *Aug 23 13:41:52.646 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004149: *Aug 23 13:42:02.658 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004150: *Aug 23 13:42:12.674 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004151: *Aug 23 13:42:14.478 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 5479568  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F7E8 942F530 A7D5BE4 A7CB838

004152: *Aug 23 13:42:22.690 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004153: *Aug 23 13:42:32.694 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004154: *Aug 23 13:42:42.706 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004155: *Aug 23 13:42:44.478 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 5044544  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F7E8 942F530 A7D5BE4 A7CB838

004156: *Aug 23 13:42:52.710 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004157: *Aug 23 13:43:02.730 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004158: *Aug 23 13:43:12.730 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004159: *Aug 23 13:43:14.502 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x9469914, alignment 8

Pool: Processor  Free: 4698184  Cause: Memory fragmentation

Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 9430154 9439D64 9469918 942F7E8 942F530 A7D5BE4 A7CB838

004160: *Aug 23 13:43:22.746 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004161: *Aug 23 13:43:32.754 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

004162: *Aug 23 13:43:42.778 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat localtre. No memory available -Process= "Chunk Manager", ipl= 2, pid= 1

-Traceback= 8553BAC 85542B0 942F578 A7D5BE4 A7CB838

Answer:

According to these messages, your router was not able to allocate more memory for internal IOS processes including NAT. There are various possible reasons for that:

Your router is low on memory with respect to the amount of services and clients it is serving

Your router has been running for an extended period of time without restart and the memory allocation became so fragmented that the IOS is unable to find an unfragmented section of free RAM for the requesting process

Your NAT configuration results in too many translation entries being created and maintained

You have experienced an IOS bug

Does this problem steadily reappear after restarting the device? If yes, I suggest considering upgrading the IOS and verifying the configuration for obvious memory-hungry processes WS-C3750X-24S-S that could be optimized. Extending the RAM may also be recommendable.

RIPv2 Auto-summary

Question:

i have configured in my Cisco 3560V2  lab the following scenario:

R1 (10.1.12.1)<->(10.1.12.2)R2(10.1.23.2)<->(10.1.23.3)R3(10.1.34.3)<->(10.1.34.4)R4

R1, R2 and R3 are all configured with RIPv2 and with the commands version 2 and no auto-summary, the network statement are as follow:

R1: network 10.1.12.0

R2: network 10.1.12.0 and 10.1.23.0

R3: network 10.1.23.0

Despite this configuration R3 is advertising also network 10.1.34.0 and under RIP database i can see these addresses with auto-summary.

what is the reason for this behavior and why R3 is advertising a network which i don't want?

Answer:

The behavior you have observed is correct. Even though you configured each router with a particular network statement, the RIP configuration now contains only the network 10.0.0.0 statement - check your running-config. Cisco's RIP implementation always masks the address in the network command by the corresponding classful mask before entering it into running configuration. The roots of this behavior lie in RIPv1 and the behavior was not changed for RIPv2. This means that even if you configure each RIPv2 router using a particular subnet of the 10.0.0.0/8 range, the RIP on each router is running over all interfaces that lie in the 10.0.0.0/8 range. This is the reason why R3 advertises the 10.1.34.0/x network even though you have not explicitly added it to RIP. There is nothing you can do about it - in other words, Cisco's RIP implementation can not be configured to run only over a selected subnet of a classful network. The automatic summarization is not related to this behavior at all.

The auto-summary networks in the RIP database are always created by the RIP process. However, they are not advertised until the condition for their advertisement is met: a network from one particular classful network is going to be advertised out an interface that Cisco 3560X Price itself lies in a different classful network.

NAT Inside command CCNA practice question

Question:

I was taking Catalyst 3560V2 a practice CCNA exam and had a question on NAT. I was just curious if anyone could help clarify if this is the correct answer and why?

The question was on how many interfaces of R1 need the "ip nat inside" command to grant external internet access to the entire network. I've attached a screen shot but, the topology was R1 with 4 ports. FA0/1 - 3 and a s0/0/0 port. the s0/0/0 port was going out to the ISP. The other three ports each had a switch and some pc's connected...

My answer was the command would need to go on the 3 Fast Ethernet ports... but the answer was all 4 ports.


Answer:

if your next hop of ser0/0 is to an isp (public addtessing) then yes i would agree with you.

unfortunately i am not able to see your topology Catalyst 3560X Price to check .

Cisco 3750Upgrade from SMI to EMI image procedure

Question:

I have a cisco "WS-C3750G-24TS-S" WS-C3750X-48T-S Price switch with an SMI image. I want to use as an L3 device to support full routing features. According to the cisco documentation I need to purchase an upgrade kit (part code : CD-3750G-EMI=). I wanted to know the following.

1)What is included in this kit?

2)What is the procedure for the upgrade?

3)What cisco ships a SMI image is there a license that is used that will support only the SMI images?

4)Once the switch is upgraded will the show inventory output start showing "WS-C3750G-24TS-E" instead of "WS-C3750G-24TS-E" ?

Answer:

1)What is included in this kit?

Right to use.

2)What is the procedure for the upgrade?

Once your license has been OK-ed by Cisco, download the IP Services IOS and upgrade the IOS of the switch.

4)Once the switch is upgraded will the show inventory output start showing "WS-C3750G-24TS-E" instead of "WS-C3750G-24TS-E" ?

Does this also mean that if a do not buy the license but upgrade the device I have to an EMI image the upgrade will happen without any issues,

If you run into trouble and you'll need TAC Support, they'll not like it.

but the device will now remain WS-C3750X-48T-L unlicensed or illegal.

Rate limiting using QoS policing and shaping

Question:

I have a requirement to rate-limit Cisco 3560V2 Price traffic to 10MB over a metro Ethernet connection.  All traffic from the remote site to corporate should be limited to 10MB and the traffic from corporate to the remote network should be limited to 10MB as well.

I have the configuration as follows and my question is whether I need to shape the traffic outbound from the switch since policing is not an option.  It's probably a better idea to police closer to Corp but we would rather keep the config off of that equipment.  Does anyone have any comments on whether this is viable solution or suggestions for improving/simplifying?

Answer:

Your commands syntax is the generic IOS, be aware it varies depending on the platform.

You are using a ME-3400 - I don't have any available so please test before deploying.

But in general,Cisco 3560V2  it should work if the commands are accepted.

Back to Back BRI using WIC-1B-S/T-V3

Hello Experts

I am setting up my lab using two 2901 routers which WS-C3560X-24P-L is running on 15.2 IOS.

I am trying to simulate a back to back BRI.

BRI Module: WIC-1B-S/T-V3 (x2) one of each router.

I followed this amazing document to understand the concept of BRI and configuration.

http://www.cisco.com/en/US/tech/tk801/tk133/technologies_configuration_example09186a0080094cd6.shtml

but it never says if i can use the module that i have mentioned.

Q1. Could anyone explain what cabling i need to use to setup back to back BRI using 2x 2901 routers with these modules?

Q2. What cabling do i need to use.

Q3. Is it actually possible to use these 2 modules alone to simulate a back to back BRI..?

The supplier 3Anetwork.com can help but their technical support charge is a bit high, so I would prefer to do by myself.

Thanks for your help.

more information ,you can visit  http://www.3anetwork.com/cisco-ws-c3560x-24p-s-price_p51.html

SNMP configuration issue

Question:

i have some issue while adding Cisco 3560 Switch cisco switches on solarwinds.......from my switch i can ping solarwinds server but when i put the snmp community credentials in solarwinds and test it, i'm not able to test it successfuly

snmp-configuration on switch

snmp-server community V!3w#r RO 80

snmp-server community wR!t#r RW 80

snmp-server trap-source Vlan1111

Answer:

I see that you have an access-list 80 applied to your community strings... So only the IP's that are permitted in the ACL can access it properly.

snmp-server community V!3w#r RO 80

snmp-server community wR!t#r RW 80

Could you tell me what the ip address of the Solarwinds NPM - im guess its 192.6.14.196? And show us the access-list 80. You can do this like 'show ip access-list 80' - This IP should be permitted Cisco 3560.

cisco 2821 eigrp

Question:

i have a cisco 2821 router with Cisco 3560V2  c2800nm-advipservicesk9-mz.124-15.T9.bin. I want to connect it to a cisco 886va and run eigrp on both routers.

I want to ask if using eigrp requires any kind of license or it is supported by default..

Answer:

It is supported in the image Cisco 3560X  you have.

mls qos aggr policer burst

Question:

Is there a way to police an Cisco 3560X  interface CIR to 1 megabit but be burstable up to 3 megs using MLS policer. From what I read the normal and max burst bytes must match and cisco uses a TC or .00025 however when I configure this I can have different normal and max burst but I can never get the desired effect of the CIR going up to the max burst no matter how high I set the max burst which leads me to believe its not possible and the policer is only taking the cir and normal burst into account.

I have successfully configured mls policer to offer the CIR I want but I can never seem to get bursts beyond the CIR to work, not sure if that is even possible with mls qos aggr.

Answer:

Mls aggregation is for multiple links to share the total aggregate BW value, meaning if the other links are idle then the active link will utilise the whole of the BW for it self.

However you are trying to police to a define value and  then burst over that value which isnt what policing does, To allow for bursting of traffic you would need to Catalyst 3560V2 shape.

Problem NAT inside

Question:

a have a router CISCO 1841 WS-C3560V2-24TS-S and I configured a NAT inside from the router to the firewall like this :

ip nat inside source static firewall_adresse  public_adresse and its work fine and when a added it I do this command "wr" to save the configuration and I restarted the router many times and it still work fine

but in the last five months this NAT does not exsit twice and I must add it a gain

can you help please or explain why happened this

Answer:

This look like a software issue. Check if your IOS is hitting the following software defect -

CSCsi30964  

Static NAT statement disappears from running-configuration

tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi30964

Also please post the output of show run, sh ver and which NAT statement observed issue.

Please rate the helpful posts.

Here are the bug details -

+++++++++++++++++++++++++++

Symptoms:

On a Cisco router performing NAT, static NAT statements may disappear from the running-configuration during operation. Any new flows requiring translation via the missing statement may fail.

Conditions:

- This problem was first experienced in IOS 12.4(9)T.

- It has only been reported for extendable, inside source static NAT statements

for TCP ports 80 (HTTP) and 25 (SMTP), with and without a route-map:

Examples:

ip nat inside source static tcp x.x.x.x 25 y.y.y.y 25 extendable

ip nat inside source static tcp x.x.x.x 25 y.y.y.y 25 extendable route-map nonat

ip nat inside source static tcp x.x.x.x 80 y.y.y.y 80 route-map nonat extendable

- After the statement disappears from the running-configuration, it is still

visible in the startup-configuration.

- Existing translations created before the disappearance are cached in the NAT

translation table and continue to work correctly.

Workaround:

Reload the router.

+++++++++++++++++++++++++++

Could you confirm following : Was the NAT translation there in startup-config, once it was not seen in running-config ?

You are using 124-11.XJ4 IOS. I don't think the defect is resolved in this IOS.

In mainline train the defect is fixed from 12.4(18b) onwards.

Please check the Release notes and features in use available in the mainline release if you are planning for upgrade.

<> 

Cisco 1841 (revision 7.0) with 115712K/15360K bytes of memory.

<> 

You have 128 Mb of DRAM on this router.

Please rate the helpful posts.

I'm not sure if I understand your question correctly..

Are you telling when the VPN traffic is going via this Router, then when you type show run it doesn't show you the output.

and when the VPN traffic is blocked, you are able to see the output.

If that is the case, you may need to check CPU & Memory Utilization, Interface counters on the Router when the issue is happeneing to determine the exact cause.

sh proc cpu sorted | ex 0.00

sh mem stat WS-C3560V2-48TS-S

sh interface

877 default route using track command

Trouble with P to P fiber utilizing 2901 WS-C3750X-24P-S ISR and 2924XL switch

Hello experts,

I am having a bit of trouble with the following scenario; I have two 2901 ISRs from 3Anetwork.com and a 2924XL setup in the following fashion.
2924XL--->P2P-Fiber--->2901ISR--->P2P-Fiber--->2901ISR
I  need to be able to reach the LAN 192.168.1.0 from 192.168.3.0 for TS  but cannot get this to work.  I can ping from within the switch all  around and i can ping from within the woodlawn router all around but  cannot ping host to host.   Any help would be much appreciated as i am  sure i have missed something obvious.

The supplier 3Anetwork.com can help but their technical support charge is a bit high, so I would prefer to WS-C3750X-24P-L do by myself.

Thanks for your help.

When VPN'd in unable to access networks outside of datacenter?

Question:

I have been asked to take Cisco 3560 Switch a look at correcting a configuration that I am unfamiliar with. Previously here when VPN'd in they were able to reach sites at other locations in other subnets via the WAN. Currently, they have to remote a PC in the data center's subnet then access a site on the WAN that way. I am not sure if the problem is in the ASA or with the routing at either the data center or the remote site. Would anyone be kind enough to give me a sample ASA config that will pass that VPN traffic or can you direct me to a resource that I can do some comparison to?

Answer:

*Assuming we are talking about remote-access VPNs

Start at the top.  In the ASA's configuration, there will be an access list refered to in the VPN's group-policy attributes.  Verify that the access list contains the correct subnet information.

Example:
access-list VPN_ACL standard permit 1.1.1.0 255.255.255.0
access-list VPN_ACL standard permit 2.2.2.0 255.255.255.0
(where 1.1.1.1 is your datacenter and 2.2.2.2 is the remote network)

Once that is verified, connect to the VPN via a remote workstation and look at the local machine's routing table (Start > Run > netstat -r)

Are the remote site's subnets in the workstation's routing table when VPN'd?

If so, perform a traceroute from the VPN'd workstation to an IP address on one of the remote sites WS-C3560X-24T-L  to see where the failure is.