06-01-2011 06:29 AM - edited 03-03-2019 06:17 AM
I have recently had to deploy a 1410 in a Root/Non-root bridge configuration to expand a terrestrial network across to an uncabled area.
All switches in play are 2960 series and the bridge is running with multiple Vlans.
Basic config as follows.
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname BRIDGE001
!
no logging console
enable secret 5 $1$.7AJ$AoOLhOVEOlBIr6fCGC/XU.
!
clock timezone WST 8
ip subnet-zero
no ip source-route
no ip gratuitous-arps
ip tcp synwait-time 10
ip domain name base.network.com
ip name-server 10.1.7.175
!
!
no aaa new-model
no dot11 igmp snooping-helper
!
dot11 ssid E5810BRIDGE
vlan 2
authentication open
authentication key-management wpa
!
dot11 ssid tsunami
authentication open
guest-mode
infrastructure-ssid
!
!
!
username cisco privilege 15 password 7 0625002F4A470E4831
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 2 mode ciphers tkip
!
ssid E5810BRIDGE
!
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root bridge
rts threshold 4000
cca 75
concatenation
distance 1
infrastructure-client
!
interface Dot11Radio0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 2
bridge-group 2 spanning-disabled
!
interface Dot11Radio0.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 3
bridge-group 3 spanning-disabled
!
interface Dot11Radio0.55
encapsulation dot1Q 55
no ip route-cache
bridge-group 5
bridge-group 5 spanning-disabled
!
interface Dot11Radio0.100
encapsulation dot1Q 100
no ip route-cache
bridge-group 4
bridge-group 4 spanning-disabled
!
interface Dot11Radio0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 6
bridge-group 6 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
hold-queue 80 in
!
interface FastEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet0.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 2
bridge-group 2 spanning-disabled
!
interface FastEthernet0.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 3
bridge-group 3 spanning-disabled
!
interface FastEthernet0.55
encapsulation dot1Q 55
no ip route-cache
bridge-group 5
bridge-group 5 spanning-disabled
!
interface FastEthernet0.100
encapsulation dot1Q 100
no ip route-cache
bridge-group 4
bridge-group 4 spanning-disabled
!
interface FastEthernet0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 6
bridge-group 6 spanning-disabled
!
interface BVI1
description MGMT
ip address 10.193.80.125 255.255.255.128
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
snmp-server community M1R!g&TF0O^ RO 1
snmp-server community T&#LeF*F(01 RW 2
snmp-server location Cabinet AG1
snmp-server contact ME
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps entity
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps authenticate-fail
snmp-server enable traps dot11-qos
snmp-server enable traps wlan-wep
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps cpu threshold
snmp-server enable traps aaa_server
snmp-server enable traps envmon
snmp-server host 10.1.141.211 version 2c M1R!g&TF0O^
!
control-plane
!
bridge 1 route ip!
line con 0
password 7 080243400F10024626
login
transport preferred telnet
transport output none
line vty 0 4
login local
transport preferred telnet
transport input telnet
transport output none
line vty 5 15
login local
transport preferred telnet
transport input telnet
transport output none
!
scheduler interval 500
end
the second endpoint of course is idential except for the management IP and the mode is NON-ROOT.
Only other things of note are the switches in the network are also managed on Vlan2 not sure if it would matter or not.
My problem seems to be when TACCACS kicks in I see some strange behaviour. I first may lose management of either the root or the non-root end of the bridge. I can ping one but not the other. yet i can see the switchs on both ends. Other times i cannot retrieve management of the switch on the non-root end. I can also not use cdp neighbors to report equipment on the far end of the bridge.
Does anyone have working experience with the 1410 that can advise what is happening or supply a sample config as a base for me to look at.
The sample for the 1310 has a few changes in the commands available as well.
06-01-2011 10:21 AM
Maybe post in Wireless forum instead ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide