Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

24 port restriction with certain Catalyst modulesin 12.2 IOS

Symptom:

Isolated ports on the same private VLAN are not isolated from each other. Data can switch between these ports.

The workaround on other 6500's in the site for the above listed bug was to migrate to 12.2(18)SXD5. This fixed the above bug along with the 'span' port limitations we faced in 12.1. However, in 12.2 a "24-port restriction" for certain modules was introduced that seems pretty wasteful from a port perspective:

24-Port Restriction:

In all releases, this “24-port restriction” applies to the WS-X6548-GE-TX and WS-X6148-GE-TX 10/100/1000 Mb Ethernet switching modules. Within groups of 24 ports (1–24, 25–48), do not configure ports as isolated ports or community VLAN ports when one port within the group of 24 ports is any of these:

– A trunk port

– A SPAN destination port

– A promiscuous private VLAN port

Based on the above in 12.2, we have to reserve a 24-port range for promiscuous ports and regular vlan ports. This seems like a waste of ports if the majority of your hosts are p-vlan host ports?

So, the question is - Is there a version where we can get the best of both worlds? In 12.1 there was a 12-port restriction which seems much more reasonable, but not for our WS-X6148-GE-TX module.

Any help would be appreciated.

1 REPLY
Silver

Re: 24 port restriction with certain Catalyst modulesin 12.2 IOS

I think in all releases, this "24-port restriction" applies to the WS-X6548-GE-TX and WS-X6148-GE-TX 10/100/1000 Mb Ethernet switching modules: within groups of 24 ports (1-24, 25-48), do not configure ports as isolated or community VLAN ports when one port within the 24 ports is a trunk or a SPAN destination or a promiscuous private VLAN port. While one port within the 24 ports is a trunk or a SPAN destination or a promiscuous private VLAN port, any isolated or community VLAN

configuration for other ports within the 24 ports is inactive. To reactivate the ports, remove the isolated or community VLAN port

configuration and enter shutdown and no shutdown commands.So, you may have to readjust your setup accordingly.

102
Views
0
Helpful
1
Replies