Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-X, 3560-X, and 2960)

With Nikolay Karpyshev

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about architecture and troubleshooting Access LAN Switches such as Cisco Catalyst 4500E, 3750-X, 3560-X, and 2960 with Cisco Expert Nikolay Karpyshev.

 

Nikolay Karpyshev is a Customer Support Engineer in the high touch technology support  team (HTTS)  at Cisco specialized in LAN Switching. Karpyshev supports the Cisco Switches Nexus 7000, Catalyst 6500, 3750, 3560, 4500, 2900, among others, and works as senior and escalation engineer. He was previously a part of Cisco Sales Associate program. He holds a specialist degree in Mathematics and Mechanics from Novosibirsk State University in Russia. Nikolay also holds these Cisco Certifications:  CCNP, CCSP, and CCDP.   

 

Remember to use the rating system to let Nikolay know if you have received an adequate response. 

Nikolay might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Infrastructure sub-community discussion forum shortly after the event. This event lasts through July 27, 2012. Visit this forum often to view responses to your questions and the questions of other community members.

81 REPLIES

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Nikolay,

Are there any plans to release a 40 Gbps blade for the 4500E now that the technology is available for the Nexus 7K and 6500 range of switches?

Thanks

Sean

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Sean,

It is planned yes, but unfortunately I have no exact products or dates to share. Current fabric provides 48 G per slot so for 40G port we can provide only single non-blocking port. I guess it will come with next fabric to have at least 2 non-blocking 40G ports in same card.

Nik

VIP Super Bronze

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Nikolay,

This question has come up here several times, and we have had different dates from Cisco as to when and what IOS will support VSS for the 4500 series. So, can you provide us the latest on this?

Thanks,

Reza

Hall of Fame Super Gold

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

when and what IOS will support VSS for the 4500 series.

Hi Reza,

I've seen a Cisco presentation that states that end of 2012 to mid-2013. 

VIP Super Bronze

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Leo,

Thanks!

Do you know what version of software?

Reza

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hello Guys,

It is planned in  new feature release 15.1(2)SG, XE 3.4.0SG along with ISSU. Unfortunately no exact date set and I agree with Leo that those should be in range end of 2012 to mid-2013. We just had one new release  XE 3.3.0SG, 15.1(1)SG on CCO.

Nik

Hall of Fame Super Gold

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Do you know what version of software?

Sorry Reza, I ain't THAT good.

Nik's probably the best source.

I'm suspecting it could be a 4.X.X IOS number.

Alot of people who's purchased the Sup7E and the 4500X would be keen to know the release date.

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Nik,

I have another future release question.

When searching for an IOS for the 4510 I couldn't find any that supported OSPFv3 authentication with IPSEC.

Did I miss one or is this a feature that will be released in the future? If so do you have a timeframe?

Thanks

Sean

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

New Member

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Nikolay,

We work on a huge LAN, and one of the responsibilities I have is port security. 

If I go through one of our switches and any port isn't connected my job is to shut it down.

Currently I use #sh int count to verify that nothing is on that port, and it is safe to shut down with interfering with a user, (who just happens to have their computer off)

The problem I am running into is that I have not found a proficient way for me to see only ports that have 0s only on their In and Out packet count.

The pipe command hasn't proved to be very useful in this case, and I was just hoping for a very practical tip in this.

Thank you

V/r

Chai

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hello Chai,

Not sure if I understood your question correctly but I think you need a command which will show you only the interfaces with 0 In and Out packets.

Well pipe should be working here. The only thing is to build the best expression for it. After pipe you can use different regular expressions. See more about it here:

http://www.cisco.com/en/US/docs/ios/12_2/termserv/configuration/guide/tcfaapre_ps1835_TSD_Products_Configuration_Guide_Chapter.html

I was just playing in my lab and came with the following one which match 0 in the middle coulmns of "show int counter":

sh int count | i _0_.|In|Out

it gives smth like:

HTTS-VSS#sh int count | i _0_.|In|Out

Port                InOctets   InUcastPkts   InMcastPkts   InBcastPkts

Te1/1/1                    0             0             0             0

Te1/1/2                    0             0             0             0

Te1/1/3                    0             0             0             0

Te1/1/4                    0             0             0             0

Gi2/2/1                    0             0             0             0

Gi2/2/2                    0             0             0             0

Gi2/2/3                    0             0             0             0

Port               OutOctets  OutUcastPkts  OutMcastPkts  OutBcastPkts

Te1/1/1                    0             0             0             0

Te1/1/2                    0             0             0             0

Te1/1/3                    0             0             0             0

Te1/1/4                    0             0             0             0

Gi2/2/1                    0             0             0             0

Gi2/2/2                    0             0             0             0

Port               OutOctets  OutUcastPkts  OutMcastPkts  OutBcastPkts

Gi2/2/3              2013885             0          4840             0

It is at least excluding interfaces which had 0 only in last column. You can play with expression to build your own which matching your needs better.

Nik

New Member

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

That's perfect thank you!

V/r

Chai

New Member

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Nikolay

.

I have some problem with my cisco asa 8.2. I have to know how shoud i connect 2 inside interfaces. I am writing what i have.

I have 5 network connection on Cisco ASA.

1. Interface Ethernet 0/0 - outside 200.200.200.200 255.255.255.240

2. Interface Ethernet 0/1 - 1_firm 10.0.1.1 255.255.255.0

3. Interface Ethernet 0/2 - 2_firm 192.168.1.1 255.255.255.0

4. Interface Ethernet 0/3 - DMZ-Server 10.10.10.1 255.255.255.0 (Just one Server)

5. Management -  no need

I have to connect 2 Interfaces, (1_firm) with Interface (2_firm). I've tried

route 1_firm 192.168.1.0 255.255.255.0 10.0.1.1 ,

but i resiving following error "Cannot add route,connected route exists".

But i have no route configuration. What i have cheking? Or maked i some wrong?

Thanks for your help

Cisco Employee

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Elguen,

Basically you will not be able to add static route for this subnet because you have alredy that network configured on the interface Ethernet0/2. This automatically adding that route as connected to the routing table.

I'm not the expert in ASA thus might not be the best resource to answer you in more details. I recomend you to open you query in our Security forum:

https://supportforums.cisco.com/community/netpro/security/firewall

HTH

Nik

New Member

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Nikolay,

Thank you for your answer.

Have a nice day.

Elguen

New Member

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Nikolay,

I have a customer having a VDI server infrastructure. He is connecting his VDI servers to a Catalyst 6500 switch with WS-X6548 module.  With this setup, he is having some performance issues where the VDI application is functioning very slowly. This happens in any of WS-X6548 modules we have in our network.

We changed these servers to connect to our Catalyst 4500 switches in their Ws-X4248 module. After this there was no application issues.

Do you have any difference in terms of the buffer size or the througput capacity of these line cards. If yes, what are those values?  Please revert.

Thanks,

Manu

Hall of Fame Super Gold

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

I have a customer having a VDI server infrastructure. He is connecting his VDI servers to a Catalyst 6500 switch with WS-X6548 module. 

Servers connected to a 6548 line card????

The 6548 was NOT designed to be used by servers.  The 6548 was designed as a desktop line card (hence the PoE daughter card module as an option).  Servers are recommended to use the 6748 line cards.

The use of 6548 connected to servers will cause the line cards to drop packets due to buffer overflow.

*** Sorry Nikolay for hijacking this post. ***

New Member

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi leolaohoo,

Thanks for the reply. I got your inputs already from a Cisco URL. I understand that the buffer size of the 6548 line cards is 1MB per 8 ports.

I want the same parameter for  4500 line cards., ie buffer size of each of the ports in WS-X4248 line cards. I am not getting this informatiom from any of the Cisco documents?

Thanks,

Manu

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Manu,

I'm a bit confused. Afaik the 4248 card provide only 10/100 speed for ports. And the buffer of 1MB per 8 port you talk about are specific to 1 GB per port 6548 line cards only. 100Mb 6548 line cards have different buffer specifications. Did you have a server on 1GB port having a problem and then moved to 100MB port solving the issue?

Can you specify exact line cards you used for me to come with the correct answer for you.

Nik

New Member

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Nikolay,

This is the setup.

I have some set of servers. If we connect to 4248 module, there is no issue with the application.

If I connect to 6548 module, the application is slow.

From one technote related to WS-X6548 module, I understand that 6548 modules are not suitable to connect the servers, but only end computers.

I would like to know the technical reasons behind this in terms of some values (say some buffer sizes) so that I can convince my customer to go for some higher module for server connectivity.

Thanks,

Manu

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Manu,

If you talk about 10/100 6548 LC like WS-X6548-RJ-45 then it has 1.2MB of buffer per port and is designed for Server Farms.

If you talk about 10/100/1000 card like WS-X6548-GE-TX then it has 1MB per 8 ports as you said above and is designed for Gig to desktop. Other thasn buffer restriction this card has 8:1 oversubscription to fabric and that is a major problem for servers.

http://www.cisco.com/en/US/partner/prod/collateral/switches/ps5718/ps708/product_data_sheet0900aecd8017376e.html

The reason why this card is recomended for desktop or IP Telephony is that those end stations rarely goes up to the line speed thus usually don't need to queue traffic and use the buffers. They also can share this speed easily with other ports as desktops and Ip Phones rarely start to talk all at same time at big speed.  Thus buffers are quite small here and oversubscription is present.

In case of servers -those can get multiple connections and easily reach the line speed - thus queueing will be needed and so Higher buffers are requirement and also non-blocking connection to fabric.

Thus all depends about the type of card you talk which I still did not get

Nik

New Member

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hi Nikolay,

Thanks for the response.

I understood the limitations on 6548-GE-TX module.

Can you tell me what is the buffer size per port for WS-4248-RJ-45 module and the subscription rates?  I am not able to see this values in any of the Data Sheets.

Thanks,

Manu

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

                   Hi Manu,

Afaik 4500 use different buffering model. Supervisor provides a certain buffer space (depending on SUP version) for all line cards and ports. Thus that buffer space will be dynamicaly spread among all line cards/ports. So single port can get from few hundreds of bytes up to several MB if no other need it.

In regards to oversubscription - 4248 10/100 MB LC has 6 GB connection to SUP thus not oversubscribed at all.

Thus to your situation. It can be that you connected server to 6548-GE card first which has already some servers connected to the same port-group. Those servers might have eaten the 1GB badwidth already thus the new one had to compete even for fw megs.

When you moved to 4248 you provided dedicated 100MB link which solved a problem. So it may be related to over-subscription to backplane only and did not come to buffers yet.

That is just  guess and one of the posibilities based on the symptoms discibed.

HTH

Nik

New Member

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Nikolay,

I have another question. We have a computer that is going into error-disable due to a link flap.

The thing that is confusing us is the port security only trips on Monday evenings. This has been ongoing for over a month now.

Cables have been replaced, but it still confuses me as to why the error only happens every Monday.

We have automatic updates, could that be a cause? Or perhaps a misconfiguration of IPv6?

Any help would be greatly appreciated.

Thank you

V/r

Chai

Silver

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Hi Nikolay,

What can you tell us about the future of the current 10/100 2960 series switches?

It's has a good lifespan already, so any plans you can share with us?

Many Thanks,

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3

Hello,

2960 is still in and developing. 2960-s is one of the new platforms which will be there on market for a while. Here you can find a list of Q&A for this platform:

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps6406/qa_c67-577519.htmlhttp://www.cisco.com/en/US/partner/prod/collateral/switches/ps5718/ps6406/qa_c67-577519.html

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps6406/prod_qas0900aecd80322c37.html

And the plans are to grow further. Let me know if you have any specific question and I will help you with it.

Nik

Cisco Employee

Re: Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3


Hi Chai,

The thing to start with  - please tell me what is the switch you have a problem on. Also here port is error-idsabled not by port-security but by the non-stable link factor to keep switch control protocols safe of it. The next thing to consider - what is connected to that port and what kind of traffic going through it at that time. Is it copper or optical port? Is there any patch pannel in between?

For the first tests to do I would recomend following:

- Try different speed/duplex settings on that port:

--- speed/duplex hardcoded to 100 ro 1000 (if supported)

--- spped/duplex configured to auto

--- speed negotiation disabled

Nik

Hall of Fame Super Gold

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Nikolay Karpyshev wrote:


Hi Chai,

The thing to start with  - please tell me what is the switch you have a problem on. Also here port is error-idsabled not by port-security but by the non-stable link factor to keep switch control protocols safe of it. The next thing to consider - what is connected to that port and what kind of traffic going through it at that time. Is it copper or optical port? Is there any patch pannel in between?

For the first tests to do I would recomend following:

- Try different speed/duplex settings on that port:

--- speed/duplex hardcoded to 100 ro 1000 (if supported)

--- spped/duplex configured to auto

--- speed negotiation disabled

Nik

How about doing a TDR to check if Chai has a Layer 1 issue?

Cisco Employee

Ask the Expert: Access LAN Switches (Cisco Catalyst 4500E, 3750-

Thats is a good idea Leo.

However we still first need to find out what is the switch used and if it has TDR in built. If we consider external TDR then that wont be of much use I guess as the cable was replaced already. Anyway that will be still good to have the results of such tests during the problem and normal work.

So Chai - you can talk to your site team to include these tests on their radar.

Nik

22779
Views
57
Helpful
81
Replies