[c-nsp] Cisco ACE Context

Teller, Robert RTeller at deltadentalwa.com
Fri Aug 22 13:55:18 EDT 2008


So it looks like the problem is that the interface associated to the ace
is configurable. Does anyone know how to remove it without rebuilding
the chassis?

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Teller, Robert
Sent: Friday, August 22, 2008 9:08 AM
To: Tony Varriale; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Cisco ACE Context

So on Chassis-B interface tengig 7/1 is configured differently then
chassis-A. And I can't even get into chassis-a tengig 7/1 to make any
changes to it.

interface TenGigabitEthernet7/1
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan
100,120,138,150,190,200,210,235,238,555,575
 switchport trunk allowed vlan add 801-804,999
 switchport mode trunk
 switchport nonegotiate
 mls qos trust cos
 flowcontrol receive on
 no cdp enable
end

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tony Varriale
Sent: Thursday, August 21, 2008 5:22 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Cisco ACE Context

I'm partially confused as you are missing a number of vlans not just
138.

Can you remove it and reapply?

The only other thing I can think of is sh int trunk and see if the vlan
is 
getting pruned back.

tv
----- Original Message ----- 
From: "Teller, Robert" <RTeller at deltadentalwa.com>
To: "Christian Koch" <christian at broknrobot.com>
Cc: "Tony Varriale" <tvarriale at comcast.net>; <cisco-nsp at puck.nether.net>
Sent: Thursday, August 21, 2008 6:53 PM
Subject: RE: [c-nsp] Cisco ACE Context


Sea-6509-B#sh svclc vlan-group
Display vlan-groups created by both ACE module and FWSM commands

Group    Created by      vlans
-----    ----------      -----
 9706          FWSM
100,120,138,150,190,200,210,235,238,555,575,801-804,999

-----Original Message-----
From: Christian Koch [mailto:christian at broknrobot.com]
Sent: Thursday, August 21, 2008 4:53 PM
To: Teller, Robert
Cc: Tony Varriale; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Cisco ACE Context

what do you see when you do a 'sh svclc vlan-group' on the  6500 that
ace-b is installed in?


On Thu, Aug 21, 2008 at 7:32 PM, Teller, Robert
<RTeller at deltadentalwa.com> wrote:
> That is correct. But if I do show vlan on the ace module it doesn't
show
> up even though it is associated to vlan group 9706
>
> Sea-ACE-A/Admin# show vlans
> Vlans configured on SUP for this module
>  vlan100  vlan120  vlan138  vlan150  vlan190  vlan200  vlan210
vlan235
> vlan238  vlan555  vlan801-803  vlan999
>
> Sea-ACE-B/Admin# show vlans
> Vlans configured on SUP for this module
>  vlan100  vlan200  vlan210  vlan235  vlan238  vlan555  vlan801-803
>
>
>
> -----Original Message-----
> From: Tony Varriale [mailto:tvarriale at comcast.net]
> Sent: Thursday, August 21, 2008 4:16 PM
> To: Teller, Robert; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Cisco ACE Context
>
> Would you do a sh vlan b on sup-b?
>
> Is 138 there?
>
> tv
> ----- Original Message -----
> From: "Teller, Robert" <RTeller at deltadentalwa.com>
> To: <cisco-nsp at puck.nether.net>
> Sent: Thursday, August 21, 2008 5:47 PM
> Subject: [c-nsp] Cisco ACE Context
>
>
>>I have two cisco 6509 chassis with ace and fwsm modules. I have
>> configured the ace blades to use an internal and external conext. On
>> ACE-A I am able to bring up both contexts and everything talks just
> fine
>> but on ACE-B I can't bring up vlan 138. Is there something I'm
> missing?
>>
>>
>>
>>
>
------------------------------------------------------------------------
>> -----------------------------------------
>>
>> svclc autostate
>>
>> svclc multiple-vlan-interfaces
>>
>> svclc module 7 vlan-group 9706,
>>
>> firewall autostate
>>
>> firewall multiple-vlan-interfaces
>>
>> firewall module 3 vlan-group 9706,
>>
>> firewall vlan-group 9706
>> 100,120,138,150,190,200,210,235,238,555,575,801-804
>>
>> firewall vlan-group 9706  999
>>
>>
>
------------------------------------------------------------------------
>> -----------------------------------------
>>
>>
>>
>> ADMIN Context
>>
>>
>
------------------------------------------------------------------------
>> -----------------------------------------
>>
>> ft interface vlan 801
>>
>>  ip address XXX.XXX.XXX.145 255.255.255.252
>>
>>  peer ip address XXX.XXX.XXX.146 255.255.255.252
>>
>>  no shutdown
>>
>>
>>
>> ft peer 1
>>
>>  heartbeat interval 300
>>
>>  heartbeat count 20
>>
>>  ft-interface vlan 801
>>
>> ft group 1
>>
>>  peer 1
>>
>>  priority 200
>>
>>  associate-context Admin
>>
>>  inservice
>>
>>
>>
>> context WDS-External
>>
>>  allocate-interface vlan 138
>>
>> context WDS-Internal
>>
>>  allocate-interface vlan 238
>>
>>
>>
>> ft group 2
>>
>>  peer 1
>>
>>  priority 200
>>
>>  associate-context WDS-Internal
>>
>>  inservice
>>
>> ft group 3
>>
>>  peer 1
>>
>>  priority 200
>>
>>  associate-context WDS-External
>>
>>  inservice
>>
>>
>
------------------------------------------------------------------------
>> -----------------------------------------
>>
>>
>>
>> context WDS-External
>>
>>
>
------------------------------------------------------------------------
>> -----------------------------------------
>>
>> interface vlan 138
>>
>>  ip address XXX.XXX.XXX.150 255.255.255.192
>>
>>  alias XXX.XXX.XXX.188 255.255.255.192
>>
>>  peer ip address XXX.XXX.XXX.189 255.255.255.192
>>
>>  access-group input any
>>
>>  service-policy input REMOTE_MGMT_ALLOW_POLICY
>>
>>  no shutdown
>>
>>
>>
>> vlan138 is down, VLAN not assigned from the supervisor
>>
>>  Hardware type is VLAN
>>
>>  MAC address is 00:1f:6c:89:0c:33
>>
>>  Mode : routed
>>
>>  IP address is XXX.XXX.XXX.150 netmask is 255.255.255.192
>>
>>  FT status is standby
>>
>>  Description:not set
>>
>>  MTU: 1500 bytes
>>
>>  Last cleared: never
>>
>>  Alias IP address is XXX.XXX.XXX.188 netmask is 255.255.255.192
>>
>>  Peer IP address is XXX.XXX.XXX.189 Peer IP netmask is
255.255.255.192
>>
>>  Not assigned from the Supervisor, down on Supervisor
>>
>>  Service-policy download failures : 3
>>
>>     0 unicast packets input, 0 bytes
>>
>>     0 multicast, 0 broadcast
>>
>>     0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops
>>
>>     0 unicast packets output, 0 bytes
>>
>>     0 multicast, 0 broadcast
>>
>>     0 output errors, 0 ignored
>>
>>
>
------------------------------------------------------------------------
>> -----------------------------------------
>>
>>
>>
>> Robert Teller
>> Washington Dental Service
>> Network Administrator
>> (206) 528-2371
>> RTeller at DeltaDentalWa.com <mailto:RTeller at DeltaDentalWa.com>
>>
>>
>>
>>
>> #########################################################
>> The information contained in this e-mail and subsequent attachments
> may be
>> privileged,
>> confidential and protected from disclosure.  This transmission is
> intended
>> for the sole
>> use of the individual and entity to whom it is addressed.  If you are
> not
>> the intended
>> recipient, any dissemination, distribution or copying is strictly
>> prohibited.  If you
>> think that you have received this message in error, please e-mail the
>> sender at the above
>> e-mail address.
>> #########################################################
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list