Switches / Hubs

21K

Solutions

17K

Contributors

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a potentially stupid question.

I have only worked with Cisco ASA 5505 appliances and SG/SF 300  series Cisco switches.  Recently I picked up a Catalyst 3560CX 8 TC model switch, and have been having nothing but trouble trying to configure it.

On my bench I was able to assign ports 1-8 a basic 'switch' management IP of 192.168.0.253.  Seemed to work fine.  The PC I plugged into port 1 had no issues pinging it, connecting to it, allowing me to configure it.

I then took the unit onsite and plugged port 1 into a Cisco SG300 series switch.
The port light on the C3560CX went green, switched immediately to amber, and stayed solid amber.  The switch port on the SG300 went dead as though nothing was connected.  I disconnected the cable but the C3560CX still showed a solid amber light for that port.  Just for fun I plugged the cable into port 3.  Exactly the same outcome.

I checked the port on the SG300.  I ensured it was set to Trunk.  I turned off Auto SmartPort for the SG300 interface (GE30).  No change.  
Rebooted C3560CX and waited the 5 minutes for it to come backup - did exactly the same thing = dead amber port.

I disconnected the C3560CX, moved it to a PC, static assigned an IP to the PC, and hooked it up a switch port.  Now I can ping 192.168.0.253 no problem. I can log into the web console no problem.  Everything seems fine.

Everything is VLAN1 - default.  Ports set to trunk.  

Hook it back up to the network by uplinking to SG300 - dead port.

0
Keep up with what's happening at Experts Exchange!
LVL 12
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Hi All,

Trying to copy a config from a Production switch to Backup switch that will act as a backup hot spare. I matched the ios correctly and was able to back up the config from Production, however when I restore the config to the backup switch it gives some errors because I am connecting via tftp on port 1 of the backup switch and assigned an address to connect.

Do I have to fix manually or is there a clean way of connecting via tftp and restoring. There is no usb or other connection ports in that back such as using a cross-over. Thanks in advance for you assistance
0
Set up CCIE LAB on GNS 3

Setting up CCIE LAB  in GNS3 is possible for routers but not switches.
I would like to know if I can use Physical Switches and connect them to the Laptop where GNS3 is running and get the Lab Setup ?
if so , What are the components needed to get this Lab Setup ?

Thank you
0
Hi a server is losing connection with its switch. command show ip int bri indicates down down. Command "show interface" output is attached picture. it has some error message. is this cable issue or switch port issue? Thank you
Capture.PNG
0
Limit host connections to a Switch port

sI have the topology above.  I have configured the switch SW  interface e0/0 as shown below

CiscoSwitch(config)#interface e0/0
CiscoSwitch(config-if)#switchport port-security maximum 1
CiscoSwitch(config-if)#

Open in new window


however when I clear the Mac address table  of the Switch, then shutdown the interfaces of H1 and H2 , then bring them back up, the switch will show both Mac addresses of H1 and H2 on the Switch , it should allow just one.

CiscoSwitch#show mac address-table 
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    aabb.cc00.0100    DYNAMIC     Et0/0
   1    aabb.cc00.0200    DYNAMIC     Et0/0
Total Mac Addresses for this criterion: 2
CiscoSwitch#

Open in new window



Thank you


----OK now after a while  I can see one of the Mac addresses disappearing from the table,  then it will show up again on the table,  then the other Mac address will disappear from the table for a while then will show up again.
I guess this happens after aging time .
however the issue of having 2 Mac addresses on the table is still not resolved
0
Cisco Switch Security

s
I would like to know the risk that can be caused by users who can bring a cheap switch and connect it to the Network, as shown in the diagram above.

Thank you
0
p
R1#sh run 
Building configuration...

Current configuration : 1894 bytes
!
! Last configuration change at 01:14:56 CET Thu Jun 28 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
 load-interval 30
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!         
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface 

Open in new window

0
Would it be beneficial mixing up different switches models in the same office.  For example we're using C3850 access switches and need to add few more to cover the entire office.
Cisco recommends going with new C9300 for the access layer.  Would it create some operational issues?  I like to keep a consistency but like to evaluate a potential upgrade.
Advice?
0
GLBP Configuration


gl
I have configured GLBP on R3,R4,R5 shown in the topology above.
I would like to know why,in the output below, the Standby Router is showing the R5 instead of R4 , they have the default priority. I wonder if the Highest Mac address factors in the election if Standby Router.
another thing that I want to understand is the keyword "Preempt" in the configuration routers that are not AVG.
I know that Priority will determine which router will be the AVG now and which router will take over as AVG if the current AVG is down, but the keyword "Preempt" is still not clear to me when it should factor in




R3#sh run | sec glbp
 glbp 1 ip 192.168.1.254
 glbp 1 priority 150
 glbp 1 preempt
R3#

Open in new window


R4#sh run | sec glbp
 glbp 1 ip 192.168.1.254
 glbp 1 preempt
R4#

Open in new window


R5#sh run | sec glbp
 glbp 1 ip 192.168.1.254
R5#


R3#sh glbp brief    
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Gi0/0       1    -   150 Active   192.168.1.254   local           192.168.1.15
Gi0/0       1    1   -   Active   0007.b400.0101  local           -
Gi0/0       1    2   -   Listen   0007.b400.0102  192.168.1.14    -
Gi0/0       1    3   -   Listen   0007.b400.0103  192.168.1.15    -
R3#

Open in new window


*** another issue that I cannot figure out  the cause is the Traceroute from Hosts. if it goes through R3( the AVG) , it will make it to R2, but when Traceroute goes through R4 or R5 it displays the Exclamation Mark with H letter, as shown below:

Host#traceroute 192.168.23.2

Type escape sequence to abort.
Tracing the route to 192.168.23.2

  1 192.168.1.15 12 msec 12 msec 12 msec
  2 192.168.1.15 !H  !H  !H
Host#clear arp              
Host#traceroute 192.168.23.2

Type escape sequence to abort.
Tracing the route to 192.168.23.2

  1 192.168.1.13 1016 msec 12 msec 8 msec
  2 192.168.23.2 44 msec 20 msec 24 msec
Host#
0
Hello All.

I like to see if I can get this worked out.

first question is can an SFP connector pass VLAN information? If the answer is no, then disregard the rest of this question and I then have my answer, if the and is yes  please read on.

So I have a edgerouter eth0 is config for ISP, eth1 -8 are all briged .
I have config a DHCP for eth1 and I connected a cable from eth1 to port 1 on the EdgeSwitch 24 ports PEO 250w.
All works correctly, not problem whatsoever.

A week later I created a VLAN2 to separate my wireless traffic, this is my config

on Router created a VLAN2, with its DCHP IP 10.10.5.0/24
 
 

On the EdgeSwitch I config the ports like this
 

So far everything works correctly, I get an IP for my LAN 192.168.5.x and an IP for my Wireless 10.10.5.x

Now , remember I have a cable connected from port eth01 to port 1 on the switch.

My problem is when I disconnect the cable from the eth01 to the switch port 1 I can only get lan traffic, the wireless traffic dies
0
Cloud Class® Course: Microsoft Windows 7 Basic
LVL 12
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

Can someone explain me on high level Cisco licensing differences?  I understand there are lanbase, ipbase, and ip services.
For some reason Cisco sold me core switches 3850 with lanbase, but access switches with ip base licensing.  Not a production impact but Cisco TAC  raised a concern.
I need to buy more access switches.  What licenses should I get for those?  And is there a pricing difference?

Thanks in advance.
0
I have one switch that is giving me a problem, randomly, once or twice a week, the trunk ports just shuts down.  I noticed all the ports have lights on them, except the trunk port.
I have restarted the switch and the port still doesn't come up.  If I unplug the cable and plug it into another port, then plug it back into the trunk port, then it comes back up.

I reviewed the config and as far as I can see, it's all the same except one switch is using the: spanning-tree portfast default  command.
I wonder if I should even be using that command, as I noticed some switches have the command and some do not.  
Besides that, the config is the same, so I wonder what is causing port 28 on switch .38 to shut down.  So port 28 on switch .38 is connect on port 50 switch .39.

I have attached the configs, if anyone has an idea's, I'm all open to hear them.
crack.txt
whub.txt
0
Can't access GUI on Cisco 2960S. Any ideas?

This is what I get when I try to use the GUI.
html
VoIPSwitch#sh flash

Directory of flash:/

    2  -rwx    10893632   Jan 1 1970 00:01:22 +00:00  c2960s-universalk9-mz.122-55.SE2.bin
    3  -rwx         676   Mar 1 1993 00:42:04 +00:00  vlan.dat
    4  drwx         512   Mar 1 1993 00:03:02 +00:00  online_diag
    5  -rwx        3096   Mar 1 1993 00:18:29 +00:00  multiple-fs
    6  -rwx        1915   Mar 1 1993 00:18:29 +00:00  private-config.text
    8  -rwx        7582   Mar 1 1993 00:18:29 +00:00  config.text


System image file is "flash:/c2960s-universalk9-mz.122-55.SE2.bin"



cisco WS-C2960S-48LPS-L



Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 52    WS-C2960S-48LPS-L  12.2(55)SE2           C2960S-UNIVERSALK9-M


Configuration register is 0xF

VoIPSwitch#
Here is the running config
VoIPSwitch#sh run
Building configuration...

Current configuration : 7582 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname VoIPSwitch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$7zA0
enable password 7 0000GqN8z/tU
!
username admin password 7 104359121112104359121112104359121112104359121112

!
no aaa new-model
switch 1 provision ws-c2960s-48lps-l
!
!
no ip …
0
Hi Anyone can explain two commands and its difference ? Thank you

aaa  authorization commands 5 login group tacacs+ none
aaa authorization commands 15 login group tacacs+ none
0
On a cisco Nexus 3172 Chassis - if I enable flow control in and then out on an existing up/up port, will there be
an interruption in traffic flowing over the port? Generally these ports are part of an Etherchannel group. TY
0
i have 2 HP Procurve Switches 2510G-24 (J9279A).  i'm more of a cisco guy, and this was just thrown at me.  these HP switches have ports on them that i have been unable to "revive" for lack of a better word.  when i do a "show int brief" on one of them (see text paste below), the ports in "Down" mode below will not give me a link light.  i've gone into "enable" mode and tried "int 4 enable" and have also tried to set the other params to auto, but i can't get these ports to work.  most of the switch is populated so the switch itself works, just these ports.  i'm testing with a laptop that works fine on other equipment and i have it configured with appropriate addresses.  it works fine in another port on the switch, but not those labelled as "Down" below.

is there a way to determine if these ports are simply dead and unusable?  can they be made usable?  how?

i checked the logs (log -r) and don't see anything out of the ordinary.

  Port  Type      | Alert     Enabled Status Mode       Mode  Ctrl  Limit
  ----- --------- + --------- ------- ------ ---------- ----- ----- ------
  1     100/1000T | No        Yes     Up     1000FDx    MDIX  off   0
  2     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  3     100/1000T | No        Yes     Up     100FDx     MDIX  off   0
  4     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  5     100/1000T | No        Yes     Up     1000FDx    MDI   off   0
  6     100/1000T | No        Yes     Down  …
0
I have a couple Cisco 3650's in a stack that act as my core switching in datacenter.  They do both L2/L3 for remote locations connected by a muni ring fiber deployment.  We also have several IDF is the same building but due to all the SFP slots in the core stack being populated, there isn't any room to run 10gb uplinks back to the core stack from all the other 3650's in the IDFs.. There also isn't enough available ports to do port channel back to the 3650, so what i was thinking was adding something else to the core stack that would accomodate the additional 8-10 SFP's we would need.  Looking for recommendations..obviously don't need another 48 port switch, was wondering if there was something specialized that could stack with the 3650s that could give me the additional capacity?
0
Our company has a pair of Cisco 2960x switch running in stackable mode (FlexStack plus). We already configured each and everyone of the switch ports to its corresponding VLAN, portfast, switch port mode access.   We have a new configuration requirement of configure two ports in a etherchannel group. We use the Channel-Group xx mode active to create the etherchannel group.

I try to do a "show run" but did not see the portfast, vlan etc. information on the newly created port channel interface. My question is do we have to goto the newly create port-channel interface to config the portfast, switch port, vlan information once again ? Also, moving forward, all the configuration of this channel-group bundled interface should be configured on the port-channel interface instead of the individual interface I assume ?

I am a bit new to the etherchannel setting so bare with me and your kind advice is appreciated.

Thanks & Regards
Patrick
0
when we are trying to access router/switch, after logging in successfully, sometimes it requests enable password, while other time it does not request enable password and then directly enter privilege mode. Why does it happen?
0
Cloud Class® Course: Certified Penetration Testing
LVL 12
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Any recommendations on this Cisco Switch?
Cisco Cisco Catalyst 3650-48FS-S - Switch - L3 - Managed - 48 x 10/100/1000 (PoE+) + 4 x SFP - desktop, rack-mountable - PoE+ (775 W)
It is reasonably priced

I need 2 of them and also do I require just of these to link both switches?
Cisco Catalyst 3650 Stack
0
Line password question.
Can I say line password include vty, aux and console password?

If we use the below command:
R4(config)#aaa authentication login default line

the line could be any one of the three line password if these three are different?
Thank you
0
I have a Mikrotik CCR 1009-8G 1S-1S+ and 5 Cisco Switches WS-C2960-24TC-L that were provided by the customer for our use in this network. I have a question on how to setup the VLANS so no Tenant in the building can access any other Tenants network. There is a mix of Static IP tenants and DHCP Tenants. I have the Mikrotik Setup with all the needed VLANS for each DHCP Tenant. I have also assigned each port for VLAN access to only one Tenant. My issue is how to secure the VLANS.

I know this is a vague description of what I have to work with so I have attached a PDF of the network. If any other information is needed please message me and I will attempt to comply.

Thanks in advance for any and all help.

Seven-Floor-Multi-Tenant-Building-De.pdf
0
Hello,

  My question is angled from a purchasing perspective.
  Cisco Brand SFP & SFP+ modules are priced more than a hundred times than 3rd party SFP/SFP+ modules.
  I'm also aware that even Cisco brand SFP/SFP+ modules don't work in just any Cisco Brand Switch.
  My question is:  How picky are Cisco Switches such as the IE4000, IE5000 Series with 3rd party SFP/SFP+ (such as FS, Axiom, SmartOptics).  
These 3rd party vendors like to use the same model number as the Cisco Brands, so they are assumedly close in operation to the Cisco Brand SFPs.  They've been 'tested' and work interchangeably in some models of switches.  How safe it is it to assume that they will work
  At the relative price points, it's worth a buy and try approach, but I'm looking for some insight or experience from others as a benchmark.
Thank you,
0
I currently have a Watchguard Firebox in place and have recently purchased a Cisco Catalyst 2960 to server as our primary switch. Our Watchguard currently manages our WAP's (also Watchguard) which have a private and public wifi network which is segmented through the use of VLAN's.

I'm extremely new to Cisco and I'm trying to determine how I would go about configuring the ports on the switch to pass along all VLAN traffic which should allow the WAP's to continue functioning.
0
good day all,

I have an issue where my core switch with all my VLANs Sub interfaces assigned, in the logs i am getting  the below from one of my VLANs

"W 06/06/18 14:03:15 02581 ip: IPv4: Duplicate IPv4 address 10.0.0.250 is
            detected on VLAN 6 with a MAC address of XXXXXX-XXXXXX (this mac address is my core switch) (17 times in
            60 seconds)"

I have a trunk link from my core switch to the VLAN in question. I was thinking of changing it to an access port instead as it is the only VLAN i will utilize.
0

Switches / Hubs

21K

Solutions

17K

Contributors

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.