Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Catalyst 6500 Series switches with Cisco expert Jeff Raymond. Jeff is a Technical Marketing Engineer for the Catalyst 6500 Series of switches. His focus is on switching architectures and performance testing. Feel free to post any questions relating to Catalyst 6500 series switches.

 

Jeff may not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through January 18. Visit this forum often to view responses to your questions and the questions of other community members.

 

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Jeff,

Can you confirm a switch design scenario I'm developing for a customer. Can a 6509 with MSFC2 run as an MLS-RP and populate the multicast cache to external switches that are;

1. 5509's directly attached running NFFC ( WS-F5521)

2. 5509's attached via a L3 RSM routed connection then L2 uplink to a 5509 running NFFC

Best Regards

Stuart

Dimension Data

68 REPLIES
New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

I want to know when Cat6K MSFC IOS support IPv6?

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Thanks for the question.

IPv6 software support in Catalyst 6500 MSFC IOS is targetted for release in the late 2nd quarter, 2002 timeframe.

Hope this helps.

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi,

What is the best method to upgrade a supervisor 1A with MSFC1/PFC with a redundany supervisor, (with min downtime). Is it best to upgrade the redundant first then switch or is there a better way? I have tried upgrading from cat6000 5.5.1 to cat6000 6.3.1 by upgrading the redundant first. The switch fails to see the gigabit uplinks on the 2nd card and seems to take an age to upgrade the software

thanks

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi and thanks for the question.

It is best to upgrade the standby Supervisor first. Then, once that module is online running the new software version, you can upgrade the active supervisor.

The following white paper might be helpful as it provides an upgrade procedure.

http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/hafc6_wp.pdf

Pages 10 and 11 refer to the redundant Supervisor upgrade procedure.

One note - the document refers to verifying HA compatibility between the images (step 11). If you are upgrading from the 5.x train to the 6.x train, then the images will not be HA compatible. This means that the switchover from standby to active supervisor can still be done, but it will not be stateful (i.e. greater than 3 seconds failover).

Re: the gigabit uplinks on the 2nd Supervisor. Are you sure that the 2nd card is online? (Try a show module to see if it is "ok") If it is not online, then the 2nd Supervisor might be in Rom Monitor mode. If so, post what you see and I'll provide some more detail. If it is online, then the gigabit uplinks should be available. If they are still not available, then I would recommend opening a TAC case on this issue. They would be able to give you more direct assistance in troubleshooting.

Hope this helps.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi Jeff,

I have some question about 6500 and hope you can help me.

1. Can CSPM manage the IDS module of 6500?

2. Can IDS module work with MLS? Or I should disable the MLS feature in 6500?

3. Can you refer me some document or URL for 6500 internal structure?

Thanks

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi Michael,

Here are some answers to your questions...

Question 1:

Cisco Secure Policy Manager can indeed manage the IDS Module for the Catalyst 6500. Check CCO for the latest image.

Question 2:

The IDS module works fine with MultiLayer Switching (MLS) enabled - no need to disable MLS. MLS is a Layer 3 forwarding architecture used to route traffic via the Policy Feature Card (PFC). Traffic is sent passively to the IDS - i.e. a copy of the original packet is sent to the IDS while the real traffic is switched/routed to the destination. The method for sending traffic to the IDS is either via the Switch Port ANalyzer feature (SPAN) or via the VLAN Access Control List Capture feature. Both of these features send copies of the original packet to the IDS.

SPAN in Catalyst Software:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_7_1/conf_gd/span.htm

VLAN ACL Capture in Catalyst Software:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_7_1/conf_gd/acc_list.htm

SPAN in Cisco IOS software:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/121_8aex/swconfig/span.htm

VLAN ACL Capture in Cisco IOS Software:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/121_8aex/swconfig/secure.htm

Question 3:

Here is a document the describes the 6500 architecture.

http://www.cisco.com/warp/customer/cc/pd/si/casi/ca6000/tech/k6kfy_wp.pdf [requires CCO login]

Hopefully this answers your questions.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Another Q...

We have a number of new servers (win2k) which we are having problems with, one is active and another acts as a backup each with their own ip address and each supporting a virtual 3rd ip address. When they turn one server off the other server is supposed to takeover the virtual ip address. We can see this on the routers happening, the MSFC1 sees a different mac address for the ip address ok, but the server is unable to ping any device outside of it's subnet. It is either a "clear ip arp" or wait approx 28 mins and the new server responds fine. We are running cat6000 with dual supervisors and MSFC1 and are also are multilayer switching.

My Q is does the clear ip arp also clear the MLS tables as the router sees the new mac address straight away and otherwise works fine for othe dual homed servers. Thanks

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi.

When the mac-address changes for a given IP address, we are supposed to flush the MLS entries for any flows to that destination IP address as now the rewrite for the destination mac-address has changed. Looks like this is not happening. We may be rewriting with the old mac-address in the mls-cache - in which case, the packet will not get to the new server as it's mac-address is different. This is not correct operation.

This seems to be the case, as when you do a 'clear ip arp' you do see that everything is working (because the MLS entry gets purged for that destination IP).

A quick way to verify if indeed they are running into this problem is to get the output of 'show mls rlog l3' from CatOS side when there is a change in mac-address for the vertual ip. You should see a message from the MSFC to purge flow for the virtual IP. If not, it is a bug. You should try a more recent release of software (IOS/CatOS) or contact the TAC. [Note that 'show mls rlog l3' is a hidden command and not intended for normal use.]

Hope this helps.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Thanks

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

What version code are you running. We had a problem that sounds like this with the 6509 MSFC1 running Native Code 21.1(3a)E4. It was a bug with CEF that would not allow a server to talk off its' subnet for about 30mins after powering up. And since you cannot disable CEF in Native, Cisco provided a work-around and we just finished upgrading to 12.1(7a)E1 which fixes this bug.. Bug ID#: CSCds36857

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Jeff, Any plans to roll the SFM functionality into the supervisor module ?

Thanks

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi Jack,

This is something that we are considering, but no definite plans yet.

Thanks for the question.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

What commands need to be set on the MSFC in order to boot the system image from the PCMCIA card in slot0:

I read on CCO that the bootldr had to be changed using the below for PCMCIA card:

boot bootldr bootflash:boot_loader_image

boot sup-slot0:system_image

Not sure if this is the way it is done? Does not look right. What is changing on the boot loader for slot0: ? And I would think the boot command would be

boot system slot0:system_image_name

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi.

The correct way of booting the MSFC IOS from sup-slot0: is:

boot system flash sup-slot0:

boot bootldr bootflash:

There have been some old bootldr image issues, but newer softwares should have no problem, if you follow the above.

I would consider, however, that booting from slot0: is not foolproof - as someone can walk away with the pcmcia card unknowingly and after 3 months if the box crashes (or) reloads for some other reason, there is no valid image to boot from.

Hope this helps.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

You would think the bootldr would need to load first?

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi,

This is just syntax. The order that you type them is not important.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hello, I would like to know what is the best way to implement the following solution.

We have 2 6509's running a collapsed core setup. #1 has redundant MSFC's. The other has a single MSFC(planned upgrade to 2 msfc's for 2k2). Both are running the set based IOS. At the access layer we implement clusters of 3534xl switches. We have 4 VLAN's at this location.

Here is the way I currently am setup.

1. Set vtp root for vlan10/50 on 6509 #1

2. Set vtp root for vlan60/70 on 6509 #2

3. Setup HSRP so that MSFC#1 in 6509 # 1 is routing traffic for subnets in relation to vlan10/50.

4. Setup HSRP so that MSFC#1 in 6509 # 2 is routing traffic for subnets in relation to vlan60/70.

----6509#1 MSFC#2 is HSRP backup for everything.

5. Each 3524xl cluster has 1 connection to 6509 #1 and 6509 # 2 via 1000bsx fiber connection.

My question is, is this the correct way to go about doing this, and what would be the correct way to physically connect the 2 6509's together to provide adequate speed between the two. The main reason for the separation is an attempt to load balance. I am placing half of the servers on one 6509 and half on the other... ANY RECOMMENDATIONS APPRECIATED!!!

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi.

Yes - your description is the correct way to configure for L2/L3 load-balancing out of the access layer. (I assume you meant to say "Set the STP root", etc).

You can read more about this Campus Design recommendations here:

http://www.cisco.com/warp/public/779/largeent/design/campus_index.html

Specifically, this paper...

http://www.cisco.com/warp/public/cc/so/neso/lnso/cpso/gcnd_wp.htm

Thanks.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

As you are enableing HSRP You can physically connect 2 6509s back to back. But This will increase the process overhead as it's collapsed core. Adequate speed is not guaranteed at all times.

Instead You can go for dual core which provides both load balancing & good failover capability.

Also it drastically reduces the processing overhead.

Hope it helps ....

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

What CiscoWorks LMS tools do you recommend for monitoring the performance of the Catalyst 6500? Do any of the other CiscoWorks products provide additional visibility into switch performance?

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi.

There are three tools provided in the LMS bundle that provide performance monitoring capability. (1) CiscoView provides a device GUI that gives real time port and system parameters like utilization, error rate, CPU util, temp, backplane util, etc.

(2) Device Fault Manager provides alerting when above parameters pass thresholds, etc.

(3) Real Time Monitor provides up to 31 days of performance data from Catalyst switch ports.

Hope this answers your question.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Jeff, Are there plans on a firewall module for the 6500 ?

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi Jack,

Yes, there are plans for a Firewall module for the 6500. It is targeted for release in the middle of 2002.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

I connect two 6509 with two 100M fastethernet using etherchannel.But the port of one 6509 will report

errdisable.It can work normal if I reenable it. But after a while,console will report:

%SPANTREE-2-CHNMISCFG: STP loop - channel 3/1-2 is disabled in vlan 11.

and the port will become errdiable.

So I verify the configuration of the port 3/1-2:

1.all port belong to vlan1

2.etherchannel mode is set to on

3.the UTP 5 is correct.

I don't know why,pls help me,thanks!

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi.

Take a look at the following document:

http://www.cisco.com/warp/public/473/20.html

EtherChannel Misconfiguration

For EtherChannel to work, the ports involved must have consistent configurations; the same VLAN, same trunk mode, same speed, same duplex, and so on. Most of the configuration differences within a switch will be caught and reported when you create the channel. In some situations, usually when you are using the on mode (as opposed to auto or desirable), everything may be consistent on one switch so that switch will start channeling. But, the connected neighboring switch may not be set the same and can cause the first switch to become error-disabled. If both of the switches support Port Aggregation Protocol (PAgP), you can avoid this problem by configuring the channel modes on each switch to be desirable instead of on.

Hope this helps.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi

I set the channel modes on each switch to be desirable instead of on ,but the result is same

(%SPANTREE-2-CHNMISCFG).Following is output of two switch 6509a and 6509b,pls help me! thanks!

6509A> (enable) sh channel 833 sta

Port Channel PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts

id Transmitted Received InFlush RetnFlush OutFlush InError

----- ------- ----------- --------- --------- --------- --------- ---------

3/1 833 82 81 0 0 0 0

3/2 833 53 28 0 0 0 0

6509A> (enable) sh port channel

Port Status Channel Admin Ch

Mode Group Id

----- ---------- -------------------- ----- -----

3/1 connected desirable silent 188 833

3/2 connected desirable silent 188 833

----- ---------- -------------------- ----- -----

6509B> (enable) sh channel 833 sta

Port Channel PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts

id Transmitted Received InFlush RetnFlush OutFlush InError

----- ------- ----------- --------- --------- --------- --------- ---------

3/1 833 116 116 0 0 0 0

3/2 833 107 57 0 0 0 0

6509B> (enable) sh port chan

Port Status Channel Admin Ch

Mode Group Id

----- ---------- -------------------- ----- -----

3/1 connected desirable silent 420 833

3/2 connected desirable silent 420 833

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi,

Hmm. The configuration looks correct. You might want to do a 'clear trunk mod/port 1-1000' on all ports individually and then do a 'set trunk mod/port ' and see if the channel is forming with 'desirable' mode. There may be an entry that needs to be cleared.

If that doesn't work, the next step would be to open a TAC case. They would be able to provide more direct feedback on your problem than I am able to in this forum.

Thanks.

Jeff Raymond

Catalyst 6500 Product Team

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

Hi,

The port *errdisable* condition may be coz. of the flg. facts.

1. Mismatching configurations like duplex,speed,autonegotiation on both sides.

[ You can very well notice that the error message is shown as %SPANTREE-2-CHNMISCFG gives the info that *Channel misconfiguration*.

This caused the spantree loop & forces the port to *errdisable state*. ]

2. Caused by a cable that is not to specification (too long, wrong type, defective), a bad network interface card (NIC) card (with physical problems, or driver problems).

3. More collisions. Only half-duplex connections should ever have collisions in a LAN; due to the Carrier-Sense Multi-Access (CSMA) nature of Ethernet, collisions are normal for half-duplex, as long as they do not exceed a small percentage of traffic

Please check all the above conditions. To refer more follow the flg. link

http://www.cisco.com/warp/public/473/20.html

Hope it helps...

Thanks,

-Kanchi

New Member

Re: ASK THE EXPERT- CATALYST 6500 SERIES SWITCHES

How do I tell on the 6509 what session number the MSFC is on and what version the MSFC is. I would also like to know how to upgrade an IOS on a switch or router (I have 2 to play with) and I would like to know what pre-requistes are along the way. Like how to setup a tftp server to download the image from....etc.....thank you....

THANKS VERY MUCHLY!!!

1382
Views
5
Helpful
68
Replies