Solved

Help with Cisco 2924 (setting up 2 in cluser)

Posted on 2001-07-26
12
770 Views
Last Modified: 2008-03-17
Greetings, I have 2 Cisco Catalyst 2924 switches that I'm trying to cluster.  I have nammed them Tus_Switch1 and Tus_Switch2.  Tus_Switch1 is the cluster commander of the two.  The cluster name is cls_tus.  Anyway, Tus_Switch1 has an ip address of 10.0.0.250 and Tus_Switch2 has an IP address of 10.0.0.249 (I tried setting up Tus_Switch2 with out an IP address, but was unsuccessful).  I'm using the Java Web Interface to configure these switches along with telnet.  Here's my problem.  All computers that are plugged in to Tus_Switch1 can access all resources and subnets.  However, computers that are plugged in to Tus_Switch2 can only access computers on the local subnet (10.0.0.0).  We have several subnets (192.168.2.0, 192.168.3.0, 192.168.4.0, and 192.168.6.0).  Our default gateway for the local subnet is 10.0.0.12 (router ethernet interface).  Like stated, people plugged in to the first switch can do everything just fine. The people plugged in to the 2nd switch can only access the 10.0.0.0 subnet. For some reason, packets are not going to the default gateway (10.0.0.12) and out to the other subnets and returning on the second switch.  The default gateway has been entered in to the second switch as written here.  Here's a config script of the second switch:

TUS_SWITCH2#show config
Using 1490 out of 32768 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TUS_SWITCH2
!
enable secret 5 $1$vu2t$/IL.0d8/6WImcFs3xocpm/
!
!
!
!
!
!
ip subnet-zero
!
cluster commander-address 0006.5326.a180 member 1 name cls_tusc
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
 description loansupervisor
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface VLAN1
 ip address 10.0.0.249 255.255.255.0
 no ip directed-broadcast
 no ip route-cache
!
ip default-gateway 10.0.0.12
snmp-server engineID local 00000009020000065326A2C0
snmp-server community public@es1 RO
snmp-server community private@es1 RW
snmp-server community private RW
snmp-server community public RO
!
line con 0
 exec-timeout 0 0
 no vacant-message
 transport input none
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end

What must I do to get the people on Tus_Switch2 like people on Tus_Switch1??  Please help, been stumpped all day.

Joe
0
Comment
Question by:jguy07
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 6324081
Where does rhe router come in?  are the switches directly connected to each other in any way?  Can you post the config for the first switch?  I would guess that you have a VLAN problem.
0
 

Author Comment

by:jguy07
ID: 6324254
The router is where all subnets (via Serial) and Internet Access is gained.  Yes, the switches are connected via CrossOver Cable (port to port).  Here's the config file for the Tus_Switch1:

TUS_SWITCH1>enable
TUS_SWITCH1#show config
Using 2169 out of 32768 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TUS_SWITCH1
!
enable secret 5 $1$h3x1$0SPKotpebaMqJlwlu4JHM.
!
!
!
!
!
!
ip subnet-zero
cluster enable cls_tusc 0
cluster member 1 mac-address 0006.5326.a2c0
!
!
!
interface FastEthernet0/1
 description system-admin
!
interface FastEthernet0/2
 description control
!
interface FastEthernet0/3
 description reception2
!
interface FastEthernet0/4
 description loanoff2
!
interface FastEthernet0/5
!
interface FastEthernet0/6
 description reception
!
interface FastEthernet0/7
 description presidentpc
!
interface FastEthernet0/8
 description collsupervisor
!
interface FastEthernet0/9
 description acc1
!
interface FastEthernet0/10
 description acct2
!
interface FastEthernet0/11
 description memrep
!
interface FastEthernet0/12
 description collect-1
!
interface FastEthernet0/13
 description loanoff1
!
interface FastEthernet0/14
 description Router Ethernet TUSC
!
interface FastEthernet0/15
 description Back Office Laser Printer
!
interface FastEthernet0/16
 description DEC 700 Serial Hub For EDS
!
interface FastEthernet0/17
 description ALPHA Server
!
interface FastEthernet0/18
 description teller
!
interface FastEthernet0/19
 description trans_pc
!
interface FastEthernet0/20
 description AMHCU01 Server
!
interface FastEthernet0/21
 description AMHDEX
!
interface FastEthernet0/22
 description administrative assistant
!
interface FastEthernet0/23
 description EDS Ethernet Router Link
!
interface FastEthernet0/24
 description 24 Port Hub For Printers
!
interface VLAN1
 ip address 10.0.0.250 255.255.255.0
 no ip directed-broadcast
 ip nat outside
!
ip default-gateway 10.0.0.12
ip nat inside source list 199 interface VLAN1 overload
access-list 199 dynamic Cluster-NAT permit ip any any
snmp-server engineID local 00000009020000065326A180
snmp-server community private RW
snmp-server community public RO
snmp-server community private@es0 RW
snmp-server community public@es0 RO
!
line con 0
 exec-timeout 0 0
 transport input none
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end


Hope the above helps.  I will check this post every 3-5minutes to see your response.  Thank you so much for trying to help me.


0
 

Author Comment

by:jguy07
ID: 6324329
The router is where all subnets (via Serial) and Internet Access is gained.  Yes, the switches are connected via CrossOver Cable (port to port).  Here's the config file for the Tus_Switch1:

TUS_SWITCH1>enable
TUS_SWITCH1#show config
Using 2169 out of 32768 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TUS_SWITCH1
!
enable secret 5 $1$h3x1$0SPKotpebaMqJlwlu4JHM.
!
!
!
!
!
!
ip subnet-zero
cluster enable cls_tusc 0
cluster member 1 mac-address 0006.5326.a2c0
!
!
!
interface FastEthernet0/1
 description system-admin
!
interface FastEthernet0/2
 description control
!
interface FastEthernet0/3
 description reception2
!
interface FastEthernet0/4
 description loanoff2
!
interface FastEthernet0/5
!
interface FastEthernet0/6
 description reception
!
interface FastEthernet0/7
 description presidentpc
!
interface FastEthernet0/8
 description collsupervisor
!
interface FastEthernet0/9
 description acc1
!
interface FastEthernet0/10
 description acct2
!
interface FastEthernet0/11
 description memrep
!
interface FastEthernet0/12
 description collect-1
!
interface FastEthernet0/13
 description loanoff1
!
interface FastEthernet0/14
 description Router Ethernet TUSC
!
interface FastEthernet0/15
 description Back Office Laser Printer
!
interface FastEthernet0/16
 description DEC 700 Serial Hub For EDS
!
interface FastEthernet0/17
 description ALPHA Server
!
interface FastEthernet0/18
 description teller
!
interface FastEthernet0/19
 description trans_pc
!
interface FastEthernet0/20
 description AMHCU01 Server
!
interface FastEthernet0/21
 description AMHDEX
!
interface FastEthernet0/22
 description administrative assistant
!
interface FastEthernet0/23
 description EDS Ethernet Router Link
!
interface FastEthernet0/24
 description 24 Port Hub For Printers
!
interface VLAN1
 ip address 10.0.0.250 255.255.255.0
 no ip directed-broadcast
 ip nat outside
!
ip default-gateway 10.0.0.12
ip nat inside source list 199 interface VLAN1 overload
access-list 199 dynamic Cluster-NAT permit ip any any
snmp-server engineID local 00000009020000065326A180
snmp-server community private RW
snmp-server community public RO
snmp-server community private@es0 RW
snmp-server community public@es0 RO
!
line con 0
 exec-timeout 0 0
 transport input none
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end


Hope the above helps.  I will check this post every 3-5minutes to see your response.  Thank you so much for trying to help me.


0
 

Author Comment

by:jguy07
ID: 6324382
The router is where all subnets (via Serial) and Internet Access is gained.  Yes, the switches are connected via CrossOver Cable (port to port).  Here's the config file for the Tus_Switch1:

TUS_SWITCH1>enable
TUS_SWITCH1#show config
Using 2169 out of 32768 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TUS_SWITCH1
!
enable secret 5 $1$h3x1$0SPKotpebaMqJlwlu4JHM.
!
!
!
!
!
!
ip subnet-zero
cluster enable cls_tusc 0
cluster member 1 mac-address 0006.5326.a2c0
!
!
!
interface FastEthernet0/1
 description system-admin
!
interface FastEthernet0/2
 description control
!
interface FastEthernet0/3
 description reception2
!
interface FastEthernet0/4
 description loanoff2
!
interface FastEthernet0/5
!
interface FastEthernet0/6
 description reception
!
interface FastEthernet0/7
 description presidentpc
!
interface FastEthernet0/8
 description collsupervisor
!
interface FastEthernet0/9
 description acc1
!
interface FastEthernet0/10
 description acct2
!
interface FastEthernet0/11
 description memrep
!
interface FastEthernet0/12
 description collect-1
!
interface FastEthernet0/13
 description loanoff1
!
interface FastEthernet0/14
 description Router Ethernet TUSC
!
interface FastEthernet0/15
 description Back Office Laser Printer
!
interface FastEthernet0/16
 description DEC 700 Serial Hub For EDS
!
interface FastEthernet0/17
 description ALPHA Server
!
interface FastEthernet0/18
 description teller
!
interface FastEthernet0/19
 description trans_pc
!
interface FastEthernet0/20
 description AMHCU01 Server
!
interface FastEthernet0/21
 description AMHDEX
!
interface FastEthernet0/22
 description administrative assistant
!
interface FastEthernet0/23
 description EDS Ethernet Router Link
!
interface FastEthernet0/24
 description 24 Port Hub For Printers
!
interface VLAN1
 ip address 10.0.0.250 255.255.255.0
 no ip directed-broadcast
 ip nat outside
!
ip default-gateway 10.0.0.12
ip nat inside source list 199 interface VLAN1 overload
access-list 199 dynamic Cluster-NAT permit ip any any
snmp-server engineID local 00000009020000065326A180
snmp-server community private RW
snmp-server community public RO
snmp-server community private@es0 RW
snmp-server community public@es0 RO
!
line con 0
 exec-timeout 0 0
 transport input none
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end


Hope the above helps.  I will check this post every 3-5minutes to see your response.  Thank you so much for trying to help me.


0
 
LVL 11

Expert Comment

by:geoffryn
ID: 6324461
I see two issues that need some explaination.  One, why the NAT entries on the switch? Two, what is access-list 199 and where is it defined?  I don't see any defined lists in you configs.  This config looks much too complicated, are doing layer 3 switching?
0
 

Author Comment

by:jguy07
ID: 6324514
The switch doesn't need the NAT entries.  I guess that they were on there by default.  How to remove?  I also have no idea what access list 199 is and do no see any definition.  All I want to do is to make both of these switches work in harmony in a cluster.  Simple network set up, two switches on same subnet.  How can I make this simple, and what do you suggest?  THanks for the rapid response.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 11

Expert Comment

by:geoffryn
ID: 6324641
I would reset both switches to default, uplink them togather and then setup the cluster.  Don't put ant NAT entries or access lists on unless you need them.
0
 
LVL 4

Expert Comment

by:svindler
ID: 6324649
I just went through a description of switch clustering:
http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35wc/sc/swgclust.htm
The access list is apparently created when you designate a command switch.
From you config, I can see that ALL ports are in vlan1, so it shouldn't be a vlan problem.
As for your problem, I don't think your problem is related to the clustering; I guess it is a more basic question.
I have therefore listed a number of questions you should go through to do some basic troubleshooting. Providing us with the answers will aid us in helping you out.

When you ping, please use the ip addresses. Do not try to use machine names, as this could be an issue in itself.

Do you have link on the ports where the switches are connected to each other?
Can you ping the router from any machine on tus_switch2?
If not, can you move a machine from tus_switch2 to tus_switch1 and THEN ping the router?
Can you ping any machine on tus_switch1 from any machine on tus_switch2?
Can you ping tus_switch2 from the machines connected to it?
Can you ping tus_switch1 from machines on tus_switch2?
Can you ping tus_switch2 from tus_switch1?
0
 

Author Comment

by:jguy07
ID: 6324803
Agreed. I CAN NOT reset the switches to default and start over!  

svindler,
Yes, I have link on the ports where the switches are connected together (PC on switch 2 can ping 10.0.0.1 that's on switch 1 and vise versa)

Yes, on PC connected to Switch2, I can ping the Router (10.0.0.12) and get replies.

Yes, I can ping a PC on Tus_Switch2 from a PC on Tus_Switch1 and vise versa.

Yes, I can ping Tus_Switch2 (10.0.0.249) from any machine connected to it.

Yes, I can ping Tus_Switch1 (10.0.0.250) from the machines connected to Tus_Switch2 (10.0.0.249).

And finally, yes, I can ping tus_switch2 from tus_switch1...  

As you can see, I'm very confused now.  please advise.

0
 
LVL 4

Expert Comment

by:jwalsh88
ID: 6325360
How bout you post the results from ipconfig in both a machine from switch one and a machine from switch 2.  I noticed you stated that you put the correct default gateway on switch two but that would have nothing to do with your problem since this is only used by the switch to communicate directly.  All the devices on the network still need to have the router interface ip address as their default gateway, including the pcs connected to switch 2.  I don't see any benifits to a switch cluster here so I would just reset both devices to factory defaults and start from there.  I would bet that as long as you have all clients correctly configured that as soon as you reset both switches all your problems will go away.
0
 
LVL 4

Accepted Solution

by:
svindler earned 100 total points
ID: 6325811
From your post, I don't think you have any layer 2 problems and resetting the switches will make no difference.

I agree with jwalsh88 that it looks like a routing setup problem, probably on the clients.
To confirm this, verify that you can ping a specific machine, A, on one of the 192.168.x.0 networks from a machine, B, on tus_switch1. Verify that you cannot ping machine A from a machine, C, on tus_switch2. Move machine C to the port of machine B and ping A from C again. Post the result here.

If you can ping A from C AFTER the move but not before, then it is likely layer 2 related (ie, switch related). If you still can't ping A from C after the move then it is layer 3 related (routing/IP related).

For further analysis you might want to plug in B in the port on tus_switch2, where C was before and verify whether you can ping A now.
0
 

Author Comment

by:jguy07
ID: 6326668
O.k., I figured it out.  It's a windows 95 problem.  I plugged in a PC (windows NT) into switch2 and could ping everything.  Thanks for the feedback guys.  I will award the points to svindler.  Thanks!

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now