A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

I have a question on SFPs, the customer's switch is DEell S4048, I heard that it is 10G Dist. sw Does it always need to have 10G Transceiver for connecting to site WAN router (Cisco ISR) ?
I have Cisco 3750 switch. I configured 3 Vlans on it. VLAN 10,20,and 30. Is there anyway that I can give VLAN 10 access to  VLAN 20 and deny it from access VLAN 30? I mean I want network of VLAN 10 and 20 to see each other and communicate but can not access network of VLAN 30

VLAN 10 network
VLAN 20 network
VLAN 30 network

Hello fellow Experts Exchange members:

I request assistance with a confounding problem.

I have an office that uses Cisco Meraki access points all connected to a Cisco SG300-52P switch.

The office uses a separate vendor for their VoIP phone system.

The event log on the Meraki cloud controller is filled with entries that read "Multiple DHCP servers detected."

The entries state that the second DHCP server has an IP address that is not on any of our equipment with a MAC address that identifies it as a Cisco device.

When I put a secondary IP address on one of our devices in the same subnet as the unidentified device, the unidentified device responds to pings.  Using telnet to connect on port 22 brings up the text "SSH-2.0-Cisco-1.25" but typing any character immediately results in "Connection to host lost."

The unidentified device does not respond on port 80 or 443.

Reviewing the MAC address tables on our Cisco switch, the MAC address of the unidentified device is seen on a port that is physically connected to the VoIP phone system vendor equipment.

(There are multiple MAC addresses listed in the MAC address table for this port besides the unidentified device.)

However, when troubleshooting with the VoIP phone system vendor, their technician reports they cannot detect the MAC address of the unidentified device on any of their equipment.

The first part of my question is if it is possible for a MAC address to appear on the MAC address tables in a …
Dear Experts,

I've completed my basic home network setup by configuring VLAN with router and switch. I was able to make it happen with ubiquiti Edgerouter and cisco Sg200 switch. I setup the Vlan10, 20, and 30. I am able to communicate between the vlan as well. I will later setup the rules in the router to restrict the access between the vlans. The funny thing is that I've configured my router under and my switch under I was able to access my router via the IP but I cannot see my switch. My computer is on The setting of the switch port that my computer connected to has this setting:
 switchport #20:
 vlan 10
switch port mode: access, untagged (excluded from other vlan)

I can set my PC's IPv4 configuration to auto which I will be assigned to one of the IP under 192.168.10.x/24 I can see other devices on the same network and have the access to internet as well. I just can't access the switch portal on IP and I cannot ping it.

If I connect to a different switch port with a different setting like this:
switchport: #24:
vlan 1 (default vlan)
switch port mode: trunk, untagged (excluded from other vlan)

I will need to configure my PC's IP in Windows10 to IP:, submask, gateway: then I will be able to access the switch portal at If I don't manually configure my window's IP then I will not be assigned into an IP under range.  Under this …
Can we setup VPC for out of band in Nexus7K?  or can you send some link for that? Thank you
I want to replace several WS-C3560X-48PF-E Cisco switches with 2960X. I want the same features enabled and configuration for the ports, the VTY, AAA - everything. What would be the fastest way to clone the old with the new? Copy/paste would need to consider encrypted secrets go to clear text, the self-signed cert section I think should just be omitted and leave what comes with the box. Any other thoughts on speeding the process but not missing anything?
What is the difference between these flavors of the Cisco 2960-X switch:

I need to use PuTTY to TelNet to multiple timing systems, each with their own ip address, but daisy chained to one another as well.  How can I do that?  I need live streaming to happen from each timing box to a local file (different file for each timing system).  I have hardly used PuTTY but it looks like I can only connect to one ip address with PuTTY.  Can I run multiple instances of PuTTY simultaneously?

Thanks in advance!
I have a question on setting up distribution switches, the LAN  network connects to two L2 distribution running VLT (Virtual link Trunk). Both switches are connected to Routers (Pri MPLS and backup Internet). The customer plans to run HSRP between the two ISP routers and use RFC 1918 for the IP Addressing (Physical and virtual addresses for the routers). Do you see any spanning tree issues here, esp. during the failover? I am quote new to VLT and that's why asking this question.

I am planning on replacing an amount of Cisco WS-C2960S-48FPS-L switches in out environment. My basic plan is as follows;
1. Upgrade new switches to latest recommended software
2. Install stack modules where appropriate
3. tftp the config from the existing switch(es) to tftp server
4. tftp the config to the replacement switch(es) from tftp server
5. physically swap old/new (paying attention to VLAN/significant connections)
1, Does this sound like a good approach?
2. How best to handle instances where switches are stacked? Do I need to tftp the image to each switch in stack or just the first (ie will stacked switches adopt the config from the first)?
3. In instance of stacked switch upgrade do I need to replace all switches in the stack at the same time (to ensure hardware/software compatibility)?
4. Is there anything I am missing or need to pay attention to?
This is the first time I have had to go through this process so your expert advice would be appreciated.
Need to VLAN a flat network.  
I currently have a network and it is one large flat network with one subnet of with a range of IP's -
All of my servers, routers firewalls, printers , copiers  and switches are within -
My Workstations (Windows 10 )  are all receiving IP addresses from DHCP server and in the range of -

I have been tasked with setting up vlan's for the entire network to improve security and performance

I currently have a 5 switches which are all 48 port switches and in  a stacked configuration with 40 GB uplink to a "Central" Switch. These 5 switches are considered our user segment which has workstations and Printers connected.

The Central switch is actually two 48 port switches that are stacked and have the Servers, routers and firewall connected.

my default gateway is a cisco Switch .

I'm looking for some guidance in multiple areas,
1. design ? how many Vlans , do I use vlan 1 ? I think my current configuration would mean everything is VLAN 1
2. Will I need to change my IP addressing of my enire network ? if so what would my new IP addressing look like. how would I g about changing without taking down the whole network.
3. Can the job be done slowly ?
4. Can a server ( DHCP ) on one Vlan provide IP Addresses toWorkstations on a separate Vlan ?

Thanks for any feedback
I tried to restrict SSH access to one of my Cisco Nexus 9508. Earlier I was permitting all RFC 1918 to SSH
and now it's limited to two bastions. BUT after modifying my ACL to have just two bastion hosts I am
still able to ssh to the 9508 at its management address from my desktop machine which shouldn't
be possible. What am I missing?

line vty
  exec-timeout 15
  access-class 5 in

core11-las# sho access-list 5

IP access list 5
        40 permit ip any
        50 permit ip any

core11-sf# sho users
NAME     LINE         TIME         IDLE          PID COMMENT
babadoo  pts/3        Feb 28 16:01   .          5121 ( session=ssh *
Just met with carrier tech.  He left me bunch of blue sc-lc fiber cables.
 Mentioned blue is a new yellow and aqua is a new orange.   Better throughput and better flex.
 is there a specs somewhere to learn about these new cables?
HP 2930 switches use VSF for stacking. Documentation describes "chain" and "ring" configurations.  Is it possible to use VSF in a "star" configuration?
Switchport in an err-disable state due to MAC Adress conflict.

Have cleared the DHCP bindings which cleared the err-disable error, but now have no connectivity.
Computer showed err-disabled in the switch port.

Cleared the error.

Device shows connected in the switch.

Can ping the loopback of the PC.

Gateway shows "destination unreachable" message.

Can ping the PC from the shop PC.
Hi everyone,

This may be a DNS issue - maybe not.

I had a user who was encountering some printing problems yesterday.  I got the printing problem solved but in doing so discovered that I was able to ping the PC using two different hostnames, but having only one IP address.  I've verified that the inaccurate hostname belonged to a workstation I've already removed from the network 30-45 days ago.

On a side note, I've since upgraded the OS from WIN 7 to WIN 10.

Now, 24 hours later, I'm still able to ping the one workstation by the two different hostnames.  Is there something else I need to take a look at?  We do have some special vlans that live in our enviornment.  Is it possible that, maybe, the MAC of the PC got assigned on a vlan and is somehow associated to the old PC name - or is that really thin possibility?  Just tossing ideas around.

We have an HP 2530-24G-PoE+ (J9773A) where our port 11 keeps going on-line and then off-line. The device that we have connected to it is a wireless AP that uses POE. When I go into the logs of the switch all it says is that Port 11 is now on-line and then the next line is that it has gone offline. With no other information. What can I do to find out what's wrong with that port? I'm still very new to programming on a switch.
I need help with how to enter a IPHELPER address for a VLAN on my Cisco 9300 switch.  it is currently set to an address, and I want to change it.
I am a network admin and looking at our switching infrastructure. I feel like it is not efficiently built, and it is aging. It consists of HP Procurve switches, some of them are V1910's, newer ones are 2530's. (Several were purchased to support a VoIP phone system). All switches are connected with trunks- this takes up 4 ports per trunk and only communicates at linespeed. What I think needs to happen is I need to build a new core switch infrastructure, remove the aging equipment, relegate the newer switches to edge roles for client connections, and select adequate infrastructure for the core equipment... whatever I get, I am planning to use cascades so we don't end up using half the ports to trunk and get better performance. Our network is not complex- we have an MPLS, an inter-building fiber link, 2 VoIP VLANs, and 3 subnets at this location. so we wouldn't need more than 8 VLAN's- right now everything except the fiber and the phones are on the same VLAN and separated by routers- I think that using the VLAN capabilities of the new infrastructure could replace routing equipment and optimize the network further. So my question is, assuming we are keeping the newer HP Procurves (The newest are actually Aruba's), which have GBIC's but no cascade ports, should we use Cisco's for the core switches, or stay brand-consistent with HPe/Aruba, which will become the edge switches? Any model or feature recommendations?
Thanks for the help!

I need to set QOS on my Cisco switches for a new UCASS phone system.  I have not used QOS before and want to make sure I do it correctly.   The phones will be on their own VLAN so I am not sure if I can set this at a level that everything on that VLAN uses this QOS.    What I need to set is DSCP 46 and L2P 5.  and will this need to be set on all switches or just the ones that the phones physically plug into.  Thank you for any assistance you can provide.
EIGRP Equal Cost Load-Balancing

in the display below, I would like to know if R1 will reach network  in Load-balancing way.. I mean one packet will go out of fa0/0 and another fa0/1.
How is  load-balancing done in the equal cost ?

Thank you

R1#sh ip eigrp topology 
EIGRP-IPv4 Topology Table for AS(1)/ID(
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status 

P, 1 successors, FD is 30720
        via (30720/28160), FastEthernet0/0
P, 1 successors, FD is 30720
        via (30720/28160), FastEthernet0/1
P, 1 successors, FD is 28160
        via Connected, FastEthernet0/0
[b]P, 2 successors, FD is 158720
        via (158720/156160), FastEthernet0/0
        via (158720/156160), FastEthernet0/1

Open in new window

BGP Configuration to Receive Directly-Connected Routes

I am looking at BGP example from this Link: https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/23675-27.html

when it gets to this step : Configuration to Receive Directly-Connected Routes

It is not clear about what the step achieves.

Any Expert to explain  it with comments after each command ?

Thank you
Multiple Internet Connections to Multiple ISPs

when planning to have internet connections to Multiple ISPs, initially I thought it can be just as having Internet Connections at home, but you will have 2 routers connecting to 2 different providers , for instance Comcast and ATT.

I know in Work environment you need redundancy, if one ISP is not available  the other ISP should be.. or if one of Customer routers is not available , internet connection will be available through other Customer router...

-- In the diagram below, we have 2 company Sites :Site 1 and Site 2 connected between each other , either through WAN or Ethernet.

Site 1 is connected to ISP1 and Site 2 is connected to ISP 2

I would like to have a configuration example based on the diagram below , that will enable Site 1 and Site 2 to have always Network connection.
I know that BGP will be involved to accomplish this Goal.

I would like an expert to paste a configuration example with comments detailing what each line of the configuration is intended to achieve.

Thank you

I have new c9300 switches (pair), When I program an interface, the interface auto adds:

 ipv6 address dhcp
 ipv6 address autoconfig
 ipv6 enable
 ipv6 dhcp client request vendor
I have tried the 'no' cmd to all these entries - no luck
I have also tried the global no ipv6 unicast-routing
Am I missing something?

