Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Trouble Shooting Catalyst 4000 Series Switches with Cisco expert Erum Frahim. Erium is a Customer Support Engineer working for the Technical Assistance Center at Cisco Systems. She is responsible for handling customer issues concerning Catalyst 4000 and 6000 Series Switches. Feel free to post any questions relating to Trouble Shooting Catalyst 4000 Series Switches.
Erium might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through September 27. Visit this forum often to view responses to your questions and the questions of other community members.
I've noticed a very strange Cat4006 boot behaviour:
After switching it off/on there was an old config version loaded. It seemed like not all config changes I've made
during some time were saved. I'm running CatOS 7.2(1), Bootstrap 5.4(1).
sh boot output is following:
BOOT variable = bootflash:cat4000-k8.7-2-1.bin,1;bootflash:cat4000.6-1-1.bin,1;
CONFIG_FILE variable =
Configuration register is 0x2
console baud: 9600
boot: image specified by the boot system commands
The lost changes were some VLAN assignments (maybe something else, I've had to fix it quickly, so I copied the
backed-up config to flash, set boot auto-config to that file ant resetted the switch - everything was OK then).
I'vo noticed something similar in the past with CatOS 5.4.2 - after power failure the switch loaded without any config,
only the sc0 IP address was correct. But this was something else.
I've also noticed with CatOS 6.2.2 that after quick enabling/disabling HTTP server on the switch flash became
unavailable. But again, this is something else.
Maybe setting config mode to text would prevent this problem in the future.... BTW, when I set config mode to text on Cat4000 running CatOS is then the config behavior exactly the same as IOS one? I.E. the "set" command changes the running config only but not the startup one and to change the startup config the "write" command is necessary?
I opened this problem on this forum in June already but no reasonable response yet.
Thanks in advance,
In 5-4-2, if you enable http server, the switch lost the part of the config and here is the field notice. This si the known issue
Regarding losing the config after power on and off in software version 7-2-1, are your runnning the http command on the switch. Is this happening on all switches or only one particular switch. Is this reproducible.
If yes, can you please post the sh ver, sh config and sh boot before/after the reload and capture everything while the switch booting up from the console.
Regarding the config mode to text, you are correct. You have to do write mem to save the config to the NVRAM..
"User settings are not immediately saved to NVRAM. To save user settings you must enter the write memory command to store the configuration in nonvolatile storage. "
Hope this helps.
the problem is not reproducible, as usually. I've noticed it twice a year, always after a power failure. The first time the whole config was default except of sc0 IP address. The CatOS version was 5.4.1. The second case I described in details in my previous message.
Trying to switch off/on my test device I was not able to get any trouble.
The http sever was enabled the second time but not the first time.
I know that it's almost impossible to fix an unreproducible problem, I just wanted to know if you ever heard about something like this.
I have seen this behaviour if somehow when the switch tries to save its config to the NVRAM and it got corrupted the switch will lose it config at the reload. You can check the sh ver and see if you can see " global checksum failed" at the end of sh ver before rebooting. This alarms that, the switch will lose its config at the next reload. Here is the bug ID, but this behaviuour is common across all CATOS. The bug is CSCdx87646. It 'll be fixed in 7-5-1 and above.
Hope this helps.
I have some queries:
1.On the SUP III if I have the following config will I get line rate/hardware ACL's
interface vlan 1
ip address 184.108.40.206 255.255.255.0
ip access-group 101 in
2. Is there some documentation on how CEF and ACL's interact with the HW
and how to troubleshoot same ?
3. Is there any presentation on the architecture of the SUPIII ?
4. Any plans for IPX support on the SUPIII's
Thanks & Regards,
1. The ACl is done in HW in Sup3 if it is under the specfication that should not cause any performance issue and will do at the line rate.. Here is the good URL that will tell you what is supported in hardware or not--
2. Sorry but at this point there is not a good doc that I am aware off- But there will be soon. Hope this helps in the meantime
3. Sorry if there is also not a good white paper on the architecture and these will be soon posted. Here are some I know Hope this helps
4. It will be next release which is expected to release end of this week or so. 12.1.12.
Hope this helps
Thanks for that 12.1.12 sounds like it should fix a lot of problems
only availble as interim fixes, fingers crossed :o).
One more question is DECNet and or any of the other non ip
protocols supported in 12.1.12 ?
So far 12.1.12 is another major release for the Cat4000 sup3/sup4. Will be supporting redundancy- New chassis with inline power capabilities.
In non desktop protocols only IPX and AT are supported at this point.
Hope this helps.
I have a strange problem on an Cat4006/Sup III.
I only have 3 ws-x4148-rj in it.
It is running 12.1(8a)EW1.
On 2 seperate ws-x4148s I get the same problem:
One or more ports on each blade does not work.
If you connect a device to the port you will get link and both the input and
output interface counters are ticking, but I get no macaddress in the mac table
and I do not get any packets to the device from the switch.
There is no problem when you connect it to any other port on the blade that
has exactly the same configuration.
Yes, all cables are checked and changed and I have tried with different pcs.
Is this a hardware problem or is it something else I could try?
There are different types of bug that can cause the switch to stop forwarding packet-
Here is the Field Notice on the Cat4000/sup3
But if you are seeing only one or two ports stop forwarding trafffic, if those ports are connecting as the halp duplex, then it could be software issue that will be fixed in the next release which is expected to come out end of this week or so- 12.1.12. To recover those bad ports, you have to reboot the switch-
Hope this helps
Hi, I am doing a project in school where I have to set up a LAN using a Catalyst 4000. I have no information on how to configure it or how to connect computers to it. I do not have any information how to go about doing this. Please help me. Thanks very much.
Please let me know what types of supervisor you have.
Is it catalyst 4000- supervisor 1,11 or 111
Are you doing any vlans. and little description how you want to implement it.
Here are some ref. Doc on the following website, that will help to start--
Hope this helps
I am extremely sorry.. On close supervision of the box i found it says Cisco 4000 series. I guess this is different from a Catalyst ? The one that we have is the same one as shown in the picture on the url http://www.cisco.com/warp/public/cc/pd/rt/4000m/index.shtml
Our project involves setting up a wired LAN using the Cisco 4000 series. Initially we are to set up 2 computers. After we are done with this we need to connect Access Points to this Cisco 4000 series. We then need to configure some terminals to talk to these Access points. I 'd appreciate all your help. Thanks.
We're in the process of testing two C4006-S3 before implementing a Token-Ring to Ethernet conversion. We have the latest IOS, 12.1(11)EW1.
We ran a port scanning utility called ScanPort from http://www.dataset.fr and the C4006 rebooted. We can duplicated this anytime.
Another utility, LANguard Port Scanner from http://www.languard.com scans properly and completes with no network interruption. Any comments on what the first utility does?
Also we are delivering IP to each VLAN via DHCP. We can can ping from either VLAN to the PIX on VLAN1. We cannot get Internet traffic back from the PIX on any VLAN other than VLAN1. Any Comments would be appreciated.
I don't know what other software doing but In any case, switch shouldn't be crashed. If the switch is crashing, then it must be creating the crashinfo- file. You can capture the crashinfo file by doing "more crashinfo:data" and sh tech and sh log and open up the TAC case for furhter investigation.
Just FYI- 12.1.12 is releasing this week, please do try to test that too if possible, since it has some major bugs fixed and sometime fixing one bug, fix the other bugs too.
Just downloaded IOS 12.1.12 and applied to both C4006-S3. Except for the default config on the S3 uses a boot system bootflash command and it didn't booting the new release until I deleted the older flash image and reset the confreg to 1. Both systems up and running. Nice to have IPX as we have four older printservers on IPX. Will be doing further testing this new IOS. Any comments on what is improved with this IOS?
As for the routing issue with the PIX, I'll further investigate that on CCO. Thanks
Regarding the PIX issue. it seems like PIX issue. If you have the default gateway pointing towards the PIX and on the PIX, you have the inside route defined from the other vlans and from the PIX you can ping the other vlans host, then the problem seems more likely with the PIX configuration.
Hope this helps
Silly me, forgot to add the new VLAN IP's to the NAT command. Added the required NAT command and everything is working as exspected.
Here is a LAN switching issue. I have a customer who wants to do 3 tiered switching design. Got 6509 with MSFC at core, 3550-12T as Distribution Layer, and 3550-48 as access switch with IP and IPX clients. Since 3550-12T can only do IP routing, I am thinking two options:
1. use 3550-12T for Layer 3 IP only and IPX will be bridged to 6509 for IPX routing. I am thinking of fallback bridging feature on 3550. However, does not know how IPX will be bridged since it is a routable protocol. If you like it this way, any additional link available for this config example?
2. use 3550-12T as pure layer two aggregration and use 6509 cores to provide both IP IPX routing.
Which way will you prefer?
Thanks in advance.
Both should be working.
1. First one is little more complicate, like you 'll be routing IP and briding IPX across different VLANS. So different IP domain but one IPX domain so lots of traffic since IPX is very chatty protocol.
2. Second is very simple design.
There is no preference, both should be working. Here is the URL that will help you
Are there an plans for a NAM solution for the Catalyst 4000 series switch?
Will this solution only be available with the SUPIII card?
I would say eventually yes but so far there is no plans or target date. You have to contact your Account team if they come up with any date.
Hope this helps
i have two 4006 distribution switch with 16 3550 switch under them and i want to link the 16 access switches to the 4006 switch redundantly and i am confused on how to do it with the best performance ...
1- connect the 2 GBIC of the 3550 switches one to the 4006 (ws-x4318 module ) and the other to the GBIC port to the other 4006 ( (ws-x4318 module)
2- connect any fast eathernet port from the 3550 switch to both 4006 switches in the (ws-x4124 fx mt module) wihout the need to use GBICs ports and also without the need to have the (ws-x4318 18 GBIC port module).
Can You please advice me what is the right solution ...
and another question ... can i use the ws-x4232-RJ L3 in layer 3 operations instead of using the supervisor engine III
i ll appreciate your help
I would say the first option is better, because of the high bandwidth. That 'll also better for your future if you want to expand. It is recommended to connect the GBICS ports to the distribution switches, because these ports will def. be carring whole switch traffic to the core
Regarding your L3 solution, you have two option
1. Sup2 with ws-x4232-l3
2. Sup 3 or sup 4
I would say Sup3 or Sup4, because there are new modules that will later have the support for wan or other module and expanding just like Cat6000.
Here are some ref. URL
Hope this helps
Thank you very much Erum ... and i will take your advice , but the thing that i am not sure about is that i will have to buy about 64 GBIC modules (32 for 3550 switches & 32 for the 4006) which is so costly .... am i right .... will i have to buy all this quantity of GBICs .
If you are using the Fiber with 1000SX, then you have to use the GBICS, and yes 64 GBICS for 32 switches-- But I don't think they are very expensive and one time cost but you can always look your budget.
When you configure span ports on the 6k's you have the
option of making the destination port a workable port using
the "inpkts " option.
This doesnt seem to be availble on the SupIII's even
with the addition of the "both" option in 12.1.12 or
am I doing something stupid ?
It is not supported on Sup 3 or Sup4 at this point but this feature request is already opened for next major release. So may be end of end of this year or early next year.
Hope this helps
What L3 routing protocol would you recommend for a Campus - I am designing a campus with 2 cat 6513 and 2 cat 4006 - dual gigabit links to each switch - do I use EIGRP or OSPF. Must I configure OSPF for the gig L3 links and EIGRP for the access (other vlans). Do I configure the entire network on OSPF - I would like to use EIGRP on the network - easy to configure - I will be summarising my routes on all switches example 6513 - 10.1.X.X , 6513 - 10.2.X.X , 4006 - 10.3.X.X and 4006 10.4.X.X. Each switch will be on its own VTP domain , own vlan structure and IP addressing structure.