This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ
- Extreme Networks
- Community List
- Switching & Routing
- ExtremeSwitching (EXOS/Switch Engine)
- RE: Migrated to X440G2-48t-10G4 and some PCs can n...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Migrated to X440G2-48t-10G4 and some PCs can no longer connect to the network
Migrated to X440G2-48t-10G4 and some PCs can no longer connect to the network
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
ā01-13-2019 06:08 PM
Yesterday, we moved from a stack of x440-48t switches to a stack of X440G2-48t-10G4 switches and a large number of systems are unable to connect to the network. They are a mix of IPs set statically via DHCP reservations and others that just use whatever address they pull. They cannot be woken up via a WoL broadcast. The systems that don't wake up can be manually powered on and then need to have the IP address set in Windows to what it is statically set to in DHCP, rebooted, then set to use DHCP again and they can then connect to the network. The switches are running 22.4.1.4 patch1-2. All systems with issues are running Windows 10 and are on a mix of hardware.
We also replaced the core switch that this stack is connected to with a X460G2-24t-10G4 22.4.1.4 patch1-2. A number of months ago, we had attempted to replace just the core switch and we saw this same behavior with systems not being able to connect, so we went back to the old hardware and hoped that replacing the core and the desktop switch would avoid the issue but it did not.
Has anyone heard of this? Is there some setting that we are missing? We do have a policy in place to send traffic on port 4000 (used to WoL) to the correct VLAN which is working, since most systems wake.
We also replaced the core switch that this stack is connected to with a X460G2-24t-10G4 22.4.1.4 patch1-2. A number of months ago, we had attempted to replace just the core switch and we saw this same behavior with systems not being able to connect, so we went back to the old hardware and hoped that replacing the core and the desktop switch would avoid the issue but it did not.
Has anyone heard of this? Is there some setting that we are missing? We do have a policy in place to send traffic on port 4000 (used to WoL) to the correct VLAN which is working, since most systems wake.
20 REPLIES 20
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
ā01-17-2019 06:37 AM
I would recommend to disable broadcast forwarding. this is not required for dhcp-relay function.
If this is not enough, try to disable dhcp-snooping.
If this is not enough, try to disable dhcp-snooping.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
ā01-15-2019 08:25 PM
I had tried to post the configs and at least the one for the desktop stack was over 30,000 characters. I will try and post the config for the core at least, since that switch was replaced this time and is the same one with the same config that we had attempted to replace a couple of months ago and caused the same issue (which makes it seem like it must be something with it, since it was the only commonality between the two upgrade attempts).
code:
#
# Module devmgr configuration.
#
configure snmp sysName "Summit-CV-Core"
configure snmp sysLocation "Calverton, MD"
configure snmp sysContact ""
configure diagnostics privilege admin
configure timezone name EST -300 autodst
configure sys-recovery-level switch reset
#
# Module vpex configuration.
#
#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-34
configure vr VR-Default add ports 1-34
configure vlan default delete ports 1-5,8,11-20,22-24
create qosprofile "QP2"
create qosprofile "QP3"
create qosprofile "QP4"
create qosprofile "QP5"
create qosprofile "QP6"
create qosprofile "QP7"
configure ports group "Default (TXQ.0)" add 1-23,25-34
create vlan "Desktops"
configure vlan Desktops tag 16
create vlan "Internal_Appliances"
configure vlan Internal_Appliances tag 667
create vlan "VoIP"
configure vlan VoIP tag 224
enable diffserv examination port 1
disable dot1p examination port 1
configure ports 1 display-string CenturyLink-MPLS
enable diffserv examination port 2
disable dot1p examination port 2
configure ports 2 display-string ESXi-CV-SRV-01-Mirro
enable diffserv examination port 3
disable dot1p examination port 3
configure ports 3 display-string ESXi-CV-SRV-02-Mirro
enable diffserv examination port 4
disable dot1p examination port 4
configure ports 4 display-string Mirror-Loopback
enable diffserv examination port 5
disable dot1p examination port 5
configure ports 5 display-string Axis_Camera
enable diffserv examination port 6
disable dot1p examination port 6
configure ports 6 display-string ESXi-CV-SRV-01-1
enable diffserv examination port 7
disable dot1p examination port 7
configure ports 7 display-string ESXi-CV-SRV-01-2
enable diffserv examination port 8
disable dot1p examination port 8
configure ports 8 display-string ESXi-CV-SRV-01-SP
enable diffserv examination port 9
disable dot1p examination port 9
configure ports 9 display-string ESXi-CV-SRV-02-1
enable diffserv examination port 10
disable dot1p examination port 10
configure ports 10 display-string ESXi-CV-SRV-02-2
enable diffserv examination port 11
disable dot1p examination port 11
configure ports 11 display-string ESXi-CV-SRV-02-SP
enable diffserv examination port 12
disable dot1p examination port 12
configure ports 12 display-string CV-Tempmon
enable diffserv examination port 13
disable dot1p examination port 13
configure ports 13 display-string Server_Room_Phone
enable diffserv examination port 14
disable dot1p examination port 14
configure ports 14 display-string Rack1_PDU1
enable diffserv examination port 15
disable dot1p examination port 15
configure ports 15 display-string Rack1_PDU2
enable diffserv examination port 16
disable dot1p examination port 16
configure ports 16 display-string Symmetra_RM
enable diffserv examination port 17
disable dot1p examination port 17
configure ports 17 display-string CrP
enable diffserv examination port 18
disable dot1p examination port 18
configure ports 18 display-string FeK
enable diffserv examination port 19
disable dot1p examination port 19
configure ports 19 display-string PoB
enable diffserv examination port 20
disable dot1p examination port 20
configure ports 20 display-string VOIP_Uplink
enable diffserv examination port 21
enable diffserv examination port 22
configure ports 22 display-string Crr-New
enable diffserv examination port 23
configure ports 23 display-string Uplink_1/2
enable diffserv examination port 24
configure ports 24 display-string Uplink_2/2
enable diffserv examination port 25
disable dot1p examination port 25
enable diffserv examination port 26
disable dot1p examination port 26
enable diffserv examination port 27
disable dot1p examination port 27
enable diffserv examination port 28
disable dot1p examination port 28
enable diffserv examination port 29
disable dot1p examination port 29
enable jumbo-frame ports 29
configure ports 29 auto off speed 10000 duplex full
enable diffserv examination port 30
disable dot1p examination port 30
enable jumbo-frame ports 30
configure ports 30 auto off speed 10000 duplex full
enable diffserv examination port 31
disable dot1p examination port 31
enable jumbo-frame ports 31
configure ports 31 auto off speed 10000 duplex full
enable diffserv examination port 32
disable dot1p examination port 32
enable jumbo-frame ports 32
configure ports 32 auto off speed 10000 duplex full
enable diffserv examination port 33
disable dot1p examination port 33
configure ports 33 auto off speed 10000 duplex full
enable diffserv examination port 34
disable dot1p examination port 34
configure ports 34 auto off speed 10000 duplex full
enable sharing 23 grouping 23-24 algorithm address-based L2
create mirror "CV-Mirror"
configure mirror CV-Mirror to port-list 2-3 loopback-port 4
enable mirror CV-Mirror
configure vlan Default add ports 6-7,9-10,21,25-34 untagged
configure vlan Desktops add ports 17-19,22-23 untagged
configure vlan Internal_Appliances add ports 6-7,9-10,23 tagged
configure vlan Internal_Appliances add ports 1,5,8,11-12,14-16 untagged
configure vlan VoIP add ports 13,20 untagged
configure vlan Internal_Appliances ipaddress 172.22.32.1 255.255.255.0
enable ipforwarding vlan Internal_Appliances
configure vlan VoIP ipaddress 172.22.36.1 255.255.254.0
enable ipforwarding vlan VoIP
configure vlan Desktops ipaddress 172.22.34.1 255.255.254.0
enable ipforwarding vlan Desktops
configure qosscheduler strict-priority ports "Default (TXQ.0)"
configure qosscheduler strict-priority ports 24
configure qosprofile QP1 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP2 maxbuffer 100 weight 1
configure qosprofile QP2 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP3 maxbuffer 100 weight 1
configure qosprofile QP3 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP4 maxbuffer 100 weight 1
configure qosprofile QP4 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP5 maxbuffer 100 weight 1
configure qosprofile QP5 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP6 maxbuffer 100 weight 1
configure qosprofile QP6 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP7 maxbuffer 100 weight 1
configure qosprofile QP7 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure qosprofile QP8 maxbuffer 100 weight 1 ports "Default (TXQ.0)"
configure dot1p type 1 qosprofile QP2
configure dot1p type 2 qosprofile QP3
configure dot1p type 3 qosprofile QP4
configure dot1p type 4 qosprofile QP5
configure dot1p type 5 qosprofile QP6
configure dot1p type 6 qosprofile QP7
configure diffserv examination code-point 8 qosprofile QP2
configure diffserv examination code-point 10 qosprofile QP2
configure diffserv examination code-point 12 qosprofile QP2
configure diffserv examination code-point 14 qosprofile QP2
configure diffserv examination code-point 16 qosprofile QP3
configure diffserv examination code-point 18 qosprofile QP3
configure diffserv examination code-point 20 qosprofile QP3
configure diffserv examination code-point 22 qosprofile QP3
configure diffserv examination code-point 24 qosprofile QP4
configure diffserv examination code-point 26 qosprofile QP4
configure diffserv examination code-point 28 qosprofile QP4
configure diffserv examination code-point 30 qosprofile QP4
configure diffserv examination code-point 32 qosprofile QP5
configure diffserv examination code-point 34 qosprofile QP5
configure diffserv examination code-point 36 qosprofile QP5
configure diffserv examination code-point 38 qosprofile QP5
configure diffserv examination code-point 46 qosprofile QP6
configure diffserv examination code-point 48 qosprofile QP8
configure diffserv examination code-point 56 qosprofile QP7
configure diffserv replacement priority 1 code-point 10
configure diffserv replacement priority 3 code-point 26
configure diffserv replacement priority 4 code-point 34
configure diffserv replacement priority 5 code-point 46
configure diffserv replacement priority 6 code-point 56
configure diffserv replacement priority 7 code-point 48
configure mirror CV-Mirror add port 1 ingress-and-egress
configure cos-index 8 qosprofile QP4 replace-tos 64
#
# Module mcmgr configuration.
#
#
# Module otm configuration.
#
#
# Module fdb configuration.
#
#
# Module rtmgr configuration.
#
configure iproute add default 172.22.32.4
enable ipforwarding broadcast vlan "Desktops"
enable ipforwarding broadcast vlan "Internal_Appliances"
#
# Module policy configuration.
#
configure policy profile 1 name "Failsafe" pvid-status "enable" pvid 4095
configure policy profile 2 name "Access Point" pvid-status "enable" pvid 4095 auth-override "enable"
configure policy profile 3 name "Administrator" pvid-status "enable" pvid 4095
configure policy profile 4 name "Deny Access" pvid-status "enable" pvid 0
configure policy profile 5 name "Guest Access" pvid-status "enable" pvid 4095 cos-status "enable" cos 1
configure policy profile 6 name "Enterprise Access" pvid-status "enable" pvid 4095 cos-status "enable" cos 3
configure policy profile 7 name "Quarantine" pvid-status "enable" pvid 0
configure policy profile 8 name "Server" pvid-status "enable" pvid 4095 cos-status "enable" cos 4
configure policy profile 9 name "Printer" pvid-status "enable" pvid 0 cos-status "enable" cos 1 untagged-vlans 667
configure policy profile 10 name "Unregistered" pvid-status "enable" pvid 0
configure policy profile 11 name "Enterprise User" pvid-status "enable" pvid 4095 cos-status "enable" cos 4
configure policy profile 12 name "VoIP Phone" pvid-status "enable" pvid 4095 cos-status "enable" cos 6
configure policy profile 13 name "Notification" pvid-status "enable" pvid 4095 cos-status "enable" cos 4
configure policy profile 14 name "Assessing" pvid-status "enable" pvid 0
configure policy profile 15 name "PCs" pvid-status "enable" pvid 4095 cos-status "enable" cos 4 untagged-vlans 16
configure policy profile 16 name "Thin/Zero clients" pvid-status "enable" pvid 4095 cos-status "enable" cos 4 untagged-vlans 16
configure policy rule 9 ipdestsocket 172.22.32.27 mask 32 forward
configure policy rule 9 ipdestsocket 172.22.116.6 mask 32 forward
enable policy
#
# Module aaa configuration.
#
configure radius mgmt-access 1 server 172.22.16.94 1812 client-ip 172.22.32.1 vr VR-Default
configure radius 1 shared-secret encrypted ""
configure radius mgmt-access 2 server 172.22.64.46 1812 client-ip 172.22.32.1 vr VR-Default
configure radius 2 shared-secret encrypted ""
enable radius
enable radius mgmt-access
disable radius netlogin
configure radius timeout 15
create account admin xmc-cli encrypted ""
configure account all password-policy min-length 8
configure account all password-policy lockout-on-login-failures on
configure account all password-policy lockout-time-period 5
configure account xmc-cli password-policy min-length 8
configure account xmc-cli password-policy lockout-on-login-failures on
configure account xmc-cli password-policy lockout-time-period 5
#
# Module acl configuration.
#
#
# Module bfd configuration.
#
#
# Module bgp configuration.
#
#
# Module cfgmgr configuration.
#
enable cli-config-logging
configure cli password prompting-only on
#
# Module dosprotect configuration.
#
#
# Module dot1ag configuration.
#
#
# Module eaps configuration.
#
#
# Module edp configuration.
#
disable edp ports 4
#
# Module elrp configuration.
#
#
# Module ems configuration.
#
configure log target memory-buffer alert percent-full 90
configure syslog add 172.22.16.9x:514 vr VR-Default local0
enable log target syslog 172.22.16.9x:514 vr VR-Default local0
configure log target syslog 172.22.16.9x:514 vr VR-Default local0 filter DefaultFilter severity Debug-Data
configure log target syslog 172.22.16.9x:514 vr VR-Default local0 match Any
configure log target syslog 172.22.16.9x:514 vr VR-Default local0 format timestamp seconds date Mmm-dd event-name none priority host-name tag-name
configure syslog add 144.202.234.13x:5020 vr VR-Default local0
enable log target syslog 144.202.234.13x:5020 vr VR-Default local0
configure log target syslog 144.202.234.13x:5020 vr VR-Default local0 filter DefaultFilter severity Debug-Data
configure log target syslog 144.202.234.13x:5020 vr VR-Default local0 match Any
configure log target syslog 144.202.234.13x:5020 vr VR-Default local0 format timestamp seconds date Mmm-dd event-name none priority host-name tag-name
#
# Module epm configuration.
#
#
# Module erps configuration.
#
#
# Module esrp configuration.
#
#
# Module ethoam configuration.
#
#
# Module etmon configuration.
#
#
# Module exsshd configuration.
#
enable ssh2
#
# Module hal configuration.
#
#
# Module idMgr configuration.
#
enable identity-management
configure identity-management add ports 1-19,21-34
#
# Module ipSecurity configuration.
#
enable ip-security dhcp-snooping vlan Desktops port 17 violation-action none
enable ip-security dhcp-snooping vlan Desktops port 18 violation-action none
enable ip-security dhcp-snooping vlan Desktops port 19 violation-action none
enable ip-security dhcp-snooping vlan Desktops port 22 violation-action none
enable ip-security dhcp-snooping vlan Desktops port 23 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 1 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 5 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 6 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 7 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 8 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 9 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 10 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 11 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 12 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 14 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 15 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 16 violation-action none
enable ip-security dhcp-snooping vlan Internal_Appliances port 23 violation-action none
#
# Module ipfix configuration.
#
#
# Module lldp configuration.
#
#
# Module mrp configuration.
#
#
# Module msdp configuration.
#
#
# Module netLogin configuration.
#
#
# Module netTools configuration.
#
configure dns-client add name-server 172.22.32.24 vr VR-Default
configure dns-client add name-server 144.202.234.252 vr VR-Default
configure sntp-client primary time-btp.imsweb.com vr VR-Default
configure sntp-client secondary time-st.imsweb.com vr VR-Default
configure sntp-client update-interval 3600
enable sntp-client
configure bootprelay add 172.22.32.27 vr VR-Default
configure bootprelay add 172.22.64.46 vr VR-Default
configure bootprelay add 172.22.16.94 vr VR-Default
enable bootprelay ipv4 vlan Desktops
enable bootprelay ipv4 vlan Internal_Appliances
enable bootprelay ipv4 vlan VoIP
configure vlan Internal_Appliances udp-profile WakePC
#
# Module nodealias configuration.
#
#
# Module ntp configuration.
#
#
# Module ospf configuration.
#
configure ospf vlan Desktops priority 0
configure ospf vlan Internal_Appliances priority 0
configure ospf vlan VoIP priority 0
#
# Module ospfv3 configuration.
#
#
# Module pim configuration.
#
#
# Module rip configuration.
#
#
# Module ripng configuration.
#
#
# Module snmpMaster configuration.
#
configure snmpv3 add user "v3admin" engine-id 80:00:07:7c:03:00:04:96:a1:a6:90 authentication sha auth-encrypted localized-key privacy aes 128 privacy-encrypted localized-key
configure snmpv3 add group "v3group" user "v3admin" sec-model usm
configure snmpv3 add access "v3group" sec-model usm sec-level priv read-view "defaultAdminView" write-view "defaultAdminView" notify-view "defaultAdminView"
configure snmpv3 add target-addr "TVv3admin" param "TV1v3admin" ipaddress 172.22.16.93 transport-port 162 tag-list "TVInformTag"
configure snmpv3 add target-params "TV1v3admin" user "v3admin" mp-model snmpv3 sec-model usm sec-level priv
configure snmpv3 add notify "TVInformTag" tag "TVInformTag" type inform
enable snmp access
disable snmp access snmp-v1v2c
enable snmp access snmpv3
disable snmpv3 default-group
configure snmp access-profile "snmpACL" readwrite
disable snmp access vr "VR-Mgmt"
#
# Module stp configuration.
#
#
# Module synce configuration.
#
#
# Module techSupport configuration.
#
#
# Module telnetd configuration.
#
disable telnet
#
# Module tftpd configuration.
#
#
# Module thttpd configuration.
#
disable web http
#
# Module twamp configuration.
#
#
# Module vmt configuration.
#
#
# Module vrrp configuration.
#
#
# Module vsm configuration.
#
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
ā01-15-2019 08:21 PM
If you just post the output of show config, that should be sufficient here.
The biggest help will be if you have a setup that isn't working that can be tested by GTAC. Hopefully something can be found that we can test in the lab.
The biggest help will be if you have a setup that isn't working that can be tested by GTAC. Hopefully something can be found that we can test in the lab.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
ā01-15-2019 08:09 PM
Unfortunately the files are too big to post and I don't currently know of a good fie hosting site to put them. I guess I'll start a GTAC case, even though they weren't able to help me when this occurred months ago when we tried to upgrade the core switch.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
ā01-15-2019 06:27 PM
This sounds like something GTAC would want to have a look at. There's something else going on with the config on that switch that isn't apparent here.
If you don't mind, maybe you can post a sanitized version of your configuration here (removing hashed passwords and any public IPs, etc.)?
I was also curious if it was related to the issue described by this article, but that doesn't sound likely: https://extremeportal.force.com/ExtrArticleDetail?n=000010555
If you don't mind, maybe you can post a sanitized version of your configuration here (removing hashed passwords and any public IPs, etc.)?
I was also curious if it was related to the issue described by this article, but that doesn't sound likely: https://extremeportal.force.com/ExtrArticleDetail?n=000010555
