Re: Troubleshooting Upgrade Cisco Catalyst 6500 !

fschneebeck · ‎12-09-2003

I`m looking for tips and help to upgrade your Catalyst 6509 Sup2/MSFC2 for some

additional features like : automatic QoS for Citrix Protocol ICA and Multilayer Switching IP directed broadcast from one Vlan to another one !

Last time I wanted to do so, in May this year, (Upgrade to CatOS Version 7.5.1) it arise some difficult problems to me, discussed in Tac Case.

After Upgrade to the 7.5(1) code I have cam table aging issues on some server connected gigabit ASIC`s in default Vlan 1 only !

In Case Cisco Engineer told me :

The code you are running does have several newly opened bugs dealing with CAM issues and on related to traffic issues on gigabit port ASICs (CSCdz66020). Is there a particular reason you upgraded to this code? Can you downgrade to the recommended 6.3(7) code?

After this happens to me, I downgrade to the old version 6.2(2a)

Now the Cisco online software advisor told me to upgrade to the 7.2(2) code for MLS IP-directed broadcast and 7.5(1) code for Auto QoS. I also wanted to implement 802.1x features in future time.

Now I do not know exactly which software supports this features to my existing Hardware and my running configuration on system, because I don`t have enough access with partner status on cisco web side.

Last week I started configuration “mls rp ip” on Catalyst 6500 and I got my next problem.

The router currently aware of following 0 switch(es):

no switch id's currently exists in domain

VS01650901RSM1#sh mls rp

ip multilayer switching is globally enabled

ipx multilayer switching is globally disabled

ipx mls inbound acl override is globally disabled

mls id is 0008.7ca6.9b80

mls ip address 172.18.20.114

mls ip flow mask is destination

mls ipx flow mask is unknown

number of domains configured for mls 1

vlan domain name: mho

current ip flow mask: destination

ip current/next global purge: false/false

ip current/next purge count: 0/0

current ipx flow mask: destination

ipx current/next global purge: false/false

ipx current/next purge count: 0/0

current sequence number: 2222797850

current/maximum retry count: 0/10

current domain state: no-change

domain uptime: 3d05h

keepalive timer expires in 9 seconds

retry timer not running

change timer not running

fcp subblock count = 2

1 management interface(s) currently defined:

vlan 1 on Vlan1

1 mac-vlan(s) configured for multi-layer switching

0 mac-vlan(s) enabled for ip multi-layer switching:

0 mac-vlan(s) enabled for ipx multi-layer switching:

router currently aware of following 0 switch(es):

no switch id's currently exists in domain

VS01650901RSM1#debug mls events

Dec 8 16:25:13.360: FCP: keepalive timer expired for mho domain

Dec 8 16:25:13.360: FCP: stopped keepalive timer for mho domain

Dec 8 16:25:13.360: FCP: started keepalive timer for mho domain

Dec 8 16:25:13.360: FCP: no switch id tlv sent in this database message

Dec 8 16:25:13.360: FCP: number of mac vlan tlv entries are 1

Dec 8 16:25:13.360: FCP: number of purge tlv entries are 0

Dec 8 16:25:13.360: FCP: number of ipx purge tlv entries are 0

Dec 8 16:25:13.360: FCP: hsrp tlv size is 14

Dec 8 16:25:13.360: FCP: building vmac tlv

Dec 8 16:25:13.360: FCP: building vmac tlv for Vlan1

Dec 8 16:25:13.360: FCP: put virtual mac 0000.0c07.ac01 in vmac tlv

Dec 8 16:25:13.360: FCP: put group number 1 in vmac tlv

Dec 8 16:25:13.360: FCP: put vlan id 1 in vmac tlv

Dec 8 16:25:13.360: FCP: hsrp tlv size is 14

Dec 8 16:25:13.360: FCP: packet queue for mho freed

Dec 8 16:25:14.732: %SEC-6-IPACCESSLOGP: list 113 denied udp 91.0.31.13(1046) -> 255.255.255.25

5(2904), 1 packet

After this I phone the support engineer of my distributor which told me about similar problems by other customers which has upgrade to solve this problem.

So I will do the same with help to turn away my next problem !

But Cisco TAC said :

Here in TAC, we don't actually give code recommendations because we are not familiar with every aspect of your network.

We use Cat6509 with Sup2/MSFC2 in mixed mode, Crossbar-fallback: bus-mode CatOS 6.2(2a) and C6MSFC2-JSV-M IOS 12.1(8b)E11

In Slot 1 WS-X6K-S2U-MSFC2

In Slot 2 WS-X6K-SUP2-2GE

system highavailability enable

Both router engines configured with EIGRP and HSRP !

So can anyone told me which software best supports my configuration and the new features

which I will upgrade for ?

Or has anyone similar configuration with newer Software running !

Thank you for help

Best regards

F. Schneebeck (Field Engineer)

ETe-Datentechnik GmbH

preddyi · ‎12-09-2003

Regarding MLS I think your switch is working normally.

In 6500 MLS ( It works by CEF using hardware based ASICs)

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/mls_all.htm#1051876

fschneebeck · ‎12-09-2003

Thanks !

I think so too ! But after showing mls rp on Router-Engine :

VS01650901RSM1#sh mls rp

ip multilayer switching is globally disabled

ipx multilayer switching is globally disabled

ipx mls inbound acl override is globally disabled

mls id is 0008.7ca6.9b80

mls ip address 172.18.20.114

mls ip flow mask is destination

mls ipx flow mask is unknown

number of domains configured for mls 0

I configure mls rp ip globally on the router and

than on the Vlan interfaces.

I think it only worth for the MSFC !

If this is not correct, how can I verify mls is running on the Router ?

robho · ‎12-10-2003

Try this link below. It has many useful T/S techniques.

http://www.cisco.com/warp/public/473/35.html

glen.grant · ‎12-09-2003

You don't need to configure mls on the 6500's it is on by default . The command you are trying to use does not pertain to the 6500's and is really a leftover from the 5500's with an RSM and supervisor setup, while it accepts these commands it doesn't really do anything, something I have seen more and more of lately in the code . To verify mls is working just do a "show mls" on the Cat side or show mls entry to verify it is indeed do mls switching ok ,if it is you will see hundreds if not thousands of entries depending on how vlans you have defined . Nothing is needed to be configured to have this work on a 6500 , on by default .

fschneebeck · ‎12-09-2003

Thank you very mutch !

This was the message I wanted to know. I had a quiet

suspicion after reading some configuration examples.

So I think this is correct :

VS01650901DSW1> (enable) sh mls

Total packets switched = 4716895187

Total bytes switched = 336791654033

Total routes = 921

IP statistics flows aging time = 256 seconds

IP statistics flows fast aging time = 0 seconds, packet threshold = 0

IP Current flow mask is Destination-source flow

Netflow Data Export version: 7

Netflow Data Export disabled

Netflow Data Export port/host is not configured.

Total packets exported = 0

IPX statistics flows aging time = 256 seconds

IPX flow mask is Destination flow

IPX max hop is 255

Module 15: Physical MAC-Address 00-05-74-97-3c-fc

Vlan Virtual MAC-Address(es)

---- -----------------------

1 00-00-0c-07-ac-01

3 00-00-0c-07-ac-01

4 00-00-0c-07-ac-01

20 00-00-0c-07-ac-01

186 00-00-0c-07-ac-01

Isn`t it ?

Hundreds of entries in "show mls entry table",

some received, most resolved !

Can I disable mls rp ip on router engine without any risk ?