1. Home
  2. Cisco Systems
  3. Cat 2924

Cat 2924

here is a sho ver;

Cisco Internetwork Operating System Software IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5)WC10, RELEASE SOFTWARE (fc1) Copyright (c) 1986-2004 by cisco Systems, Inc. Compiled Fri 28-May-04 09:52 by antonino Image text-base: 0x00003000, data-base: 0x00351754

ROM: Bootstrap program is C2900XL boot loader

internal_sw uptime is 3 hours, 35 minutes System returned to ROM by power-on System image file is "flash:c2900xl-c3h2s-mz.120-5.WC10.bin"

cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) with 8192K/

1024K bytes of memory. Processor board ID FAB0503M0K4, with hardware revision 0x01 Last reset from power-on

Processor is running Enterprise Edition Software Cluster command switch capable Cluster member switch capable

20 FastEthernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address: 00:04:DD:3F:E3:80 Motherboard assembly number: 73-3382-08 Power supply part number: 34-0834-01 Motherboard serial number: FAB050283L0 Power supply serial number: PHI043401CL Model revision number: A0 Motherboard revision number: C0 Model number: WS-C2924-XL-EN System serial number: FAB0503M0K4 Configuration register is 0xF

sho run:

internal_sw#sho run Building configuration...

Current configuration: ! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname internal_sw ! enable secret 5 x ! ! ! ! ! ! ip subnet-zero no ip domain-lookup ! ! ! interface FastEthernet0/1 shutdown no cdp enable ! interface FastEthernet0/2 shutdown no cdp enable ! interface FastEthernet0/3 shutdown no cdp enable ! interface FastEthernet0/4 shutdown no cdp enable ! interface FastEthernet0/5 no cdp enable ! interface FastEthernet0/6 no cdp enable ! interface FastEthernet0/7 no cdp enable ! interface FastEthernet0/8 no cdp enable ! interface FastEthernet0/9 no cdp enable ! interface FastEthernet0/10 no cdp enable ! interface FastEthernet0/11 no cdp enable ! interface FastEthernet0/12 no cdp enable ! interface FastEthernet0/13 no cdp enable ! interface FastEthernet0/14 no cdp enable ! interface FastEthernet0/15 no cdp enable ! interface FastEthernet0/16 no cdp enable ! interface FastEthernet0/17 no cdp enable ! interface FastEthernet0/18 no cdp enable ! interface FastEthernet0/19 switchport access vlan 10 no cdp enable ! interface FastEthernet0/20 no cdp enable ! interface FastEthernet0/21 no cdp enable ! interface FastEthernet0/22 no cdp enable ! interface FastEthernet0/23 no cdp enable ! interface FastEthernet0/24 no cdp enable ! interface VLAN1 ip address 192.168.42.251 255.255.255.0 ip directed-broadcast no ip route-cache ! ip default-gateway 192.168.42.1 no cdp run ! line con 0 exec-timeout 0 0 transport input none stopbits 1 line vty 0 4 password 7 x login line vty 5 15 password 7 x login ! end

and a sho mem;

internal_sw#sho mem Head Total(b) Used(b) Free(b) Lowest(b) Largest(b) Processor 4D6540 3316416 1886408 1430008 1233512

1232188 I/O 70000000 1048576 559812 488764 328148 445024

I have a few questions;

1: Is this a layer 3 switch, I am planning to use this for a lab (I manage several routers, but we have switches otw with those fiber trunks, so I need to learn and quick)

  1. Question on sho post; Below means ports 1 - 4 are dead right? The 4 lights are solid. But I've not tried to plug in to them

internal_sw#sho post POST FAILED: FastEthernet0/1 failed front-end loopback test POST FAILED: FastEthernet0/2 failed front-end loopback test POST FAILED: FastEthernet0/3 failed front-end loopback test POST FAILED: FastEthernet0/4 failed front-end loopback test

can I replace the entire bank ? or is that just how it is..

  1. For each port, I need to issue switchport access vlan 1; or it seems like the port cant ever pass traffic; even though the command never shows up (which implies a default setting), is this normal ? Can I do it via a range of ports?

  1. Is there any way to preform a stress/hardware test on the ports, see if any others are ready to fail?

  2. Does anyone have a current IOS image for this thing I can bum? I've seen it asked before on this list, but if it's against the rules I apologize, I would just like to have the most current IOS to learn from.

  1. Suggestions, I need to learn this thing in and out, I plan to move some policy-maps from my 4700 to this thing to limit traffic for the 3 servers I have jacked into it, I was also thinking of setting up that mac port security deal, so that if you connect an un-trusted PC it shuts down the port. Again I just need to learn, would love for some suggestions, again I have a wireless network, 3 servers and 6 PC's (servers and PC's are in the same network), could not do vlan because the upstream 4700 only has a 10 meg con and doesn't support the encapsulation type.

This was 50$ on ebay, I don't care about the 4 dead ports, If I can verify the others are good ill probably leave at my house. It blows away my netgear.

Again this is for learning, breaking something is not a problem and almost welcome so I can learn.

Thanks in advance

Reply to
turnip
Loading thread data ...

Greetings,

... chop ...

Note, be careful with any searches you do, the C2924 is a DIFFERENT BOX in both H/W and S/W, compared to a C2924-XL Switch... The XL tail is important!

No, the C2924-Xl is a Layer 2 ONLY switch. However it DOES have Layer

3 operations available for MANAGEMENT functions only. It does not PROCESS any Layer 3 traffic...

Yes... From memory, I think 4 adjacent ports are all handled by one chip, so it sounds like that chip has failed.

The C2924-XL is a single motherboard box, so I doubt it as that would require changing the chip on the motherboard (no user pluggable parts).

The DEFAULT VLAN for a switch is VLAN 1, although this can be changed.

As a layer 2 Switch, the ports can have 2 main Modes, TRUNK mode and ACCESS mode. The default is ACCESS mode, however its not obvious, but to make the port configuration "visible", you need to apply 2 commands

- switchport mode access to select the port operating mode, then switchport access vlan 1 to say which vlan it is to use. Without these the switch tries to determine things automatically (look up BPDU and Spanning-Tree).

I don't think the C2924-XL supported it but you can see if the command

- interface range fa0/1 - 24 is accepted to change a range of ports in one command... Possibly not on these series switches.

The POST (Power On Self Test) is usually fairly good at finding these, however you can also start the POST tests manually if you wish (I can't remember the exact command just now). You need to request this during the IOS startup if I remember correctly... Search Cisco on running IOS POST for C2924-XL There are 2 main Cisco Switch OS's for the C2924-XL series available, IOS and CATOS. I never saw CATOS on a C2924-XL, but did on other Cisco Switches. Make sure you specify IOS for your searches as the syntax is very different.

You should still be able to pick up the latest IOS version for this device from the Cisco Web Site, HOWEVER you would need a Smartnet Contract to do this legally....;-) Providing a different IOS is "against the rules", HOWEVER the 2924-XL series have been EOL for a while now so your current version [12.0(5)WC10] is still pretty near the latest........;-)

You will be severely limited in what you can do here, the C2924-XL was a fairly basic level of switch. Its one redeeming feature is that it can do both ISL and Dot1Q trunking (if you still need ISL), the replacement C2950 series cannot do ISL...

I can confirm that Port Security works fine on these, too well for some people.......;-) You need to READ the manual carefully to understand the various Security "modes" otherwise you may get frustrated............;-)

Cisco did enable Trunking on some 10MB ports, but you needed specific H/W and IOS versions for this. These days its just easier to go

100Mb...

If they don't fail POST then they are probably fine. My only other warning is to watch out for Port Auto-Negotiation. Cisco does it by the book, and many early H/W suppliers skimped on what they implement...

In its day the 2924-XL was good for what it was, but these days it is severely lacking things like decent QoS for IPT (VoIP).

Cheers.............pk.

Reply to
Peter

Thank you so much for the answers..

You gotta love it man, I have a layer 2 switch to learn on here and 3 layer 3 switches on the way to work.... I love my boss.

I did get the port security working on one single port here, granted I spent 2 hours with no internet here, but it works!. LOL I cant see the value in it, you can just plug into an alternate port. So you're stuck configuring every port.... yay.. There is no range command in this router, i've tried every combo I found, no biggie.

I did see policy-map is available, I "assume" class-map is as well, which means I can do LLQ (QoS) on ports ? I hope.. Yeah service-policy is available on each interface. What QoS functions are missing? rate- limit ? It almost doesnt matter, I use policy-maps in our router at work, I can't wait to move them to a switch ( well a few anyway ).

Can I trunk 2 ports into my 4700 ?

cerberus(config)#exit cerberus#sho ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-IK2S-M), Version 12.1(5)T9, RELEASE SOFTWARE (fc1) TAC Support:

formatting link
(c) 1986-2001 by cisco Systems, Inc. Compiled Sat 23-Jun-01 08:58 by cmong Image text-base: 0x60008968, data-base: 0x60DD0000

ROM: System Bootstrap, Version 5.3(16) [richardd 16], RELEASE SOFTWARE (fc1) BOOTFLASH: 4500 Software (C4500-BOOT-M), Version 11.2(18), RELEASE SOFTWARE (fc1)

cerberus uptime is 8 weeks, 4 days, 13 hours, 34 minutes System returned to ROM by power-on System image file is "flash:c4500-ik2s-mz_121-5_T9.bin"

cisco 4700 (R4K) processor (revision E) with 32768K/4096K bytes of memory. Processor board ID 03460126 R4700 CPU at 133Mhz, Implementation 33, Rev 1.0, 512KB L2 Cache G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 3.0.0.

8 Ethernet/IEEE 802.3 interface(s) 4 Serial network interface(s) 128K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write)

Configuration register is 0x2102

bridge-group on the router is there, but not encap.. That seems like you make one interface (BVI1) out of two (router side). Yeah in looking the encap function is not there on the Ethernet interfaces, just serials. Oh well... I've got 8 ethernet ports, if I take 4 and make 2 nested bridges out of them BVI1 & BVI2, can I then trunk them up to the switch ?

These are stupid questions, I know... I am someone who has never learned cisco; I was hired as a Solaris/Linux admin and then then I had 2 routers dumped in my lap, 1 for a T1 and point to point T1 link,

1 for the other end of the point to point, then I had to do ip nat, traffic policies, snmp and access-lists. It was a real blast heh..

It looks like on the 4500-4700 it's supported if I have a 10/100 card, which sucks. Those are not cheap. After owning a 4000 series, setting up those 2 2600's was easy.. The T1's gave me a little trouble, but we got through it...

It's too bad man, I would have loved to use this to learn.. After setting up port security; I am at a loss, other then trunking 2 ports into my server here, I got no more ideas. I'd love to link the router and the switch, but it sounds like that just wont happen. Which means I am at an end of my learning with this switch.

Bridging 2 enets into 1 is not a bad idea. I just might do that. Otherwise, This sucks; I kinda wish I had more I could do with this switch..

Thank you so very much for the reply. It helped a lot.

Reply to
turnip

Ok I have another question

Let me preface this with this comment: I think what I am trying to do is not intended to be done this way...

On my 4700 I did this

bridge irb

E0 bridge-group 1 ; E2 bridge-group 1 ; bridge 1 protocol ieee bridge 1 route ip

I then plug both ports into my switch. This has issues, one port blocks but the other works..

If I add bridge-group 1 spanning-disabled to E0 and E1 it works for 10 seconds, then it looks like we end up with an ether loop (activity lights are pegged) I get the feeling, what I am trying to do is just not intended or supported... I am betting E0 is supposed to go to one switch and E1 to a different one (assuming both switches are not trunked together).

These (the E0 and E1) are 10 meg interfaces on a Cisco 4700-m; Can this be done ? I was under the impression spanning tree protocol was for multiple links to the same device (which is why maybe one blocks, I dunno) Can I trunk these two ports on the switch? Will that fix the loop problem? Or is this just not possible ?

Again thank you in advance

Reply to
turnip

Greetings,

It depends what you wish to use port security for, and then you need to use it on ALL ports to prevent port swapping... Also investigate things like Sticky MAC's... EG, we used Port security on 2950's to prevent use of a Hub or Switch on that port, it made DHCP Scope management better.

I thought so........;-(

It only has very basic QoS, dont expect too much from it...

Yes.

A BVI is used to tie PHYSICAL Bridged interfaces to a Virtual Routed interface, so the Bridge interfaces must operate in Layer 2 mode....

You can, but I would prefer to use Port Channels to aggregate Trunks, as opposed to Bridging, simply for efficiency.

Cheers...............pk.

Reply to
Peter

Greetings,

Which is not at all surprising, because you are bridging. See if you can use Port Channels instead, however you may be limited in this area by what the 4700 can do (I am not familiar with 4700 series)...

Your issue is in using Bridging, you need to use TRUNKing on all interfaces, and Bridging Trunks is not a good move.

Cheers...........pk.

Reply to
Peter

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.