Archive | LAN RSS for this section

Classification and Marking on Catalyst 6500

Here is a link : http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008014a29f.shtml with a lot of information regarding Classification and Marking on Catalyst 6500.

Spanning-tree port-priority

When you’re using spanning-tree the device is following :
-lower Root Bridge ID.
-lower path cost to the Root.
-lower Sending Bridge ID.
-lower Sending Port ID.

If a switch has two connection to another switch, option 4 takes place.

Here you’ll see an example of SwitchA connected with 2 cables to SwitchB and just a default configuration :
W2960_Standalone#sh spanning-tree vlan 145

VLAN0145
Spanning tree enabled protocol ieee
Root ID Priority 4241
Address 001e.499b.5080
Cost 38
Port 7 (FastEthernet0/7)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32913 (priority 32768 sys-id-ext 145)
Address 0023.05e5.2180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa0/7 Root FWD 19 128.7 P2p
Fa0/8 Altn BLK 19 128.8 P2p

As you can see fa0/8 is blocking, because the port priority is higher.

If you want the traffic of a certain vlan is crossing over f0/8 instead of f0/7, you can configure port-priority AT THE UPSTREAM Switch.. (So SwitchA instead of SwitchB…)

SW2960_1(config-if)#spanning-tree vlan 145 port-priority 16
SW2960_1#
int f0/2

Vlan Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
VLAN0001 Desg FWD 19 128.2 P2p
VLAN0020 Desg FWD 19 128.2 P2p
VLAN0145 Desg FWD 19 16.2 P2p
VLAN0146 Desg FWD 19 128.2 P2p
VLAN0147 Desg FWD 19 128.2 P2p
VLAN0148 Desg FWD 19 128.2 P2p
SW2960_1#

And at SwitchB we’ll see :
SW2960_Standalone#sh spanning-tree vlan 145

VLAN0145
Spanning tree enabled protocol ieee
Root ID Priority 4241
Address 001e.499b.5080
Cost 38
Port 8 (FastEthernet0/8)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32913 (priority 32768 sys-id-ext 145)
Address 0023.05e5.2180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa0/7 Altn BLK 19 128.7 P2p
Fa0/8 Root FWD 19 128.8 P2p

IOS : Configure Replace

Where have I been ????
I didn’t know the command : configure replace, but that’s working fine.

First, save your config to flash:
copy run flash:running_dec.txt
the do your thing on the switch/router
conf t
int g 2/1
Desc ROLLBACK

and if you want to revert back to the old config, without rebooting :

Wifi_6503#configure replace disk0:running_dec.txt
This will apply all necessary additions and deletions
to replace the current running configuration with the
contents of the specified configuration file, which is
assumed to be a complete configuration, not a partial
configuration. Enter Y if you are sure you want to proceed. ? [no]: yes

00:25:30: Rollback:Acquired Configuration lock.
Total number of passes: 1
Rollback Done

Option 7 at IOS DHCP

Ofcourse you want all logging goto a syslog server. (It’s also a Cisco recommendation. See WLC Configu Guide)
You can configure a IOS DHCP Scope like :

ip dhcp exclude 192.168.1.1
ip dhcp pool VLAN1
network 192.168.1.0 /24
option 7 ip
option 43 hex f1040a0a0a0a

In my own lab the option 7 wasn’t working !
I had tested the WLC with versions 4.2.130 and 4.2.176.

Then I saw :
%LWAPP-3-CLIENTEVENTLOG: Did not get any DNS options from DHCP.
That’s not good..

After changing it to 4.2.209 the option 7 is working and you’ll see at the LWAPP :

%LWAPP-3-CLIENTEVENTLOG: Got log server settings(192.168.1.10) from DHCP.

Spanning-tree Cost

You can define different cost at a port/vlan to manipulate the spanning-tree flow.

Here we see a default spanningtree :

SW2960_1(config-if)#do sh span vl 145

VLAN0145
Spanning tree enabled protocol ieee
Root ID Priority 4241
Address 001e.499b.5080
Cost 19
Port 8 (FastEthernet0/8)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32913 (priority 32768 sys-id-ext 145)
Address aca0.166c.2600
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa0/7 Altn BLK 19 128.7 P2p
Fa0/8 Root FWD 19 128.8 P2p

Not I want that the spanning-tree blocks port f0/8 instead of 0/7

We’re using :

SW2960_1(config-if)#int f0/7
SW2960_1(config-if)#spanning-tree vlan 145 cost 1
SW2960_1(config-if)#do sh span vl 145

VLAN0145
Spanning tree enabled protocol ieee
Root ID Priority 4241
Address 001e.499b.5080
Cost 19
Port 8 (FastEthernet0/8)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32913 (priority 32768 sys-id-ext 145)
Address aca0.166c.2600
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa0/7 Altn BLK 1 128.7 P2p
Fa0/8 Root FWD 19 128.8 P2p

The interface is still not forwarding the VLAN 145 traffic….

SW2960_1(config-if)#int f 0/8
SW2960_1(config-if)#spanning-tree vl 145 cos 21
and now we’ll see :

VLAN0145
Spanning tree enabled protocol ieee
Root ID Priority 4241
Address 001e.499b.5080
Cost 20
Port 7 (FastEthernet0/7)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32913 (priority 32768 sys-id-ext 145)
Address aca0.166c.2600
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa0/7 Root FWD 1 128.7 P2p
Fa0/8 Altn BLK 21 128.8 P2p

The default path cost is computed from the interface bandwidth setting. These are the IEEE default path cost values:
•1000 Mbps—4
•100 Mbps—19
•10 Mbps—100

As you can see I’m using a 100 mb switch….

DHCP Pool for one client

It’s possible to have DHCP pools with a reservation for a client.

You don’t have to exclude the ip dhcp range, but to be sure :
ip dhcp exclude 10.10.10.1

Create a DHCP Pool with the reservation :
ip dhcp pool CLIENT1
host 10.10.10.2 /24
hardware-addres 00:25:22:70:11:02

To verify :
Wifi_6503#sh ip dhcp bin
IP address Client-ID/ Lease expiration Type
Hardware address
10.10.10.2 0025.2270.1102 Infinite Manual

Wifi_6503#ping 10.10.10.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Marking at a Switch for Voice

At the 7921 Deployment Guide you’ll see at page 19 some Qos Examples for Voice at the Network.

It’s possible to narrow the flow if you know the CUCM and the VoiceVlan.

Port SCCP (2000) is always src and dst of the CUCM.
RTP is the src and dst of the phones with the range of port 16384 – 32767

access-list 101 permit tcp host CUCM IP eq 2000 DST VoiceVlan
access-list 102 permit udp SRC VoiceVlan range 16384 32767 DST VoiceVlan 16384 32767

class-map match-all SCCP
match access 101
class-map match-all RTP
match access 102

policy-map Voice
class SCCP
set dscp cs3
class RTP
set dscp ef

interface f 0/4
service-policy input Voice

If you try a
service-policy output Voice
at a 3560 switch, it won’t accept the command :

SW3560(config-if)#service-policy out Voice
Warning: Assigning a policy map to the output side of an interface not supported

At a 6500 switch you can do Service-policy input and output…..