03-25-2024 06:37 AM
i just swapped out a 3850 POE switch to a 3850 non-poe. i upgraded the OS to 16.6.9. then i copied the config back to the new non-poe switch. now i cant ping or access the switch via the network. constantly getting
%SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking TenGigabitEthernet1/1/4 on VLAN0101. Port consistency restored.ig in 27:10:0 recurring
both vlan0100 and vlan0101 are getting these errors. everything worked fine with this config when i had it on the poe switch. i just moved same config to different switch. nothing changed on the port my Ten gig port on the other switch.
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2024.03.25 09:17:59 =~=~=~=~=~=~=~=~=~=~=~=
sho run
Building configuration...
Current configuration : 28536 bytes
!
! Last configuration change at 02:21:41 EDT Mon Mar 25 2024 by admin
!
version 16.6
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service compress-config
no platform punt-keepalive disable-kernel-core
!
hostname BOE_IDF_Tech_3850
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 30000
enable password removed
!
aaa new-model
!
!
aaa authentication login LOGIN local
!
!
!
!
!
!
aaa session-id common
boot system switch all flash:packages.conf
clock timezone EST -5 0
clock summer-time EDT recurring
switch 1 provision ws-c3850-48t
!
!
!
!
--More-- !
no ip domain lookup
ip domain name removed
!
!
!
no ip dhcp snooping information option
login on-success log
!
!
!
!
!
udld enable
!
crypto removed
!
port-channel load-balance src-dst-ip
!
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree portfast default
spanning-tree portfast bpduguard default
spanning-tree extend system-id
no spanning-tree vlan 100
archive
path flash:
--More-- maximum 7
write-memory
time-period 38880
memory free low-watermark processor 79468
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause channel-misconfig
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause storm-control
errdisable recovery cause arp-inspection
errdisable recovery interval 900
!
username admin privilege 15 sremoved
!
redundancy
mode sso
!
!
transceiver type all
monitoring
lldp run
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description DHCP Snooping, EWLC control, EWCL data
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
--More-- description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any system-cpp-police-control-low-priority
description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-system-critical
--More-- description System Critical and Gold
!
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority1
class system-cpp-police-wireless-priority2
class system-cpp-police-wireless-priority3-4-5
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
!
!
!
!
!
!
!
--More-- !
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
switchport access vlan 100
speed 1000
storm-control action trap
spanning-tree portfast disable
!
interface GigabitEthernet1/0/2
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
--More-- ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/3
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/4
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
--More-- switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/5
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/6
--More-- switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/7
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
--More-- ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/8
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/9
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
--More-- storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/10
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/11
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
--More-- switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/12
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/13
switchport access vlan 100
--More-- switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/14
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
--More-- !
interface GigabitEthernet1/0/15
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/16
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
--More-- storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/17
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/18
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging
*Mar 25 02:26:25.183: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking TenGigabitEthernet1/1/4 on VLAN0101. Inconsistent local vlan. time 2
--More-- switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/19
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/20
switchport trunk native vlan 100
switchport mode trunk
--More-- spanning-tree portfast trunk
!
interface GigabitEthernet1/0/21
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/22
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
--More-- storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/23
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/24
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
--More-- switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/25
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/26
switchport access vlan 100
--More-- switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/27
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
--More-- !
interface GigabitEthernet1/0/28
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/29
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
--More-- storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/30
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/31
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
--More-- switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/32
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/33
switchport access vlan 100
switchport voice vlan 101
--More-- switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/34
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
--More-- interface GigabitEthernet1/0/35
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/36
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
--More-- spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/37
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/38
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
--More-- ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/39
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/40
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
--More-- switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast trunk
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/41
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/42
switchport access vlan 100
--More-- switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/43
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
--More-- !
interface GigabitEthernet1/0/44
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/45
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
--More-- storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/46
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/47
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
--More-- switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/0/48
switchport access vlan 100
switchport voice vlan 101
switchport port-security maximum 70
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
ip arp inspection limit rate 200
storm-control broadcast level pps 2k
storm-control action trap
spanning-tree portfast
ip dhcp snooping limit rate 300
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
--More-- !
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
description UPLINK
switchport mode trunk
ip arp inspection trust
logging event trunk-status
logging event bundle-status
ip dhcp snooping trust
!
interface TenGigabitEthernet1/1/2
description UPLINK
switchport mode trunk
ip arp inspection trust
logging event trunk-status
logging event bundle-status
ip dhcp snooping trust
!
interface TenGigabitEthernet1/1/3
description UPLINK
--More-- switchport mode trunk
ip arp inspection trust
logging event trunk-status
logging event bundle-status
ip dhcp snooping trust
!
interface TenGigabitEthernet1/1/4
description UPLINK
switchport trunk native vlan 500
switchport mode trunk
ip arp inspection trust
logging event trunk-status
logging event bundle-status
ip dhcp snooping trust
!
interface Vlan1
no ip address
shutdown
!
interface Vlan500
description mgmt
ip address 192.168.101.20 255.255.255.0
!
ip default-gateway 192.168.101.1
ip forward-protocol nd
ip pim rp-address 192.168.101.1
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.101.1
ip ssh version 2
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
--More-- ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
--More-- permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080
!
ip sla enable reaction-alerts
kron occurrence backup-conf
policy-list backup-config
!
kron policy-list backup-config
cli write
!
logging trap debugging
!
!
snmp-server community tpstech RO
!
!
!
control-plane
service-policy input system-cpp-policy
--More-- !
!
line con 0
exec-timeout 15 0
privilege level 15
logging synchronous
login authentication LOGIN
stopbits 1
line aux 0
stopbits 1
line vty 0 4
--More-- exec-timeout 15 0
privilege level 15
logging synchronous
login authentication LOGIN
length 0
transport input telnet ssh
line vty 5 15
exec-timeout 15 0
privilege level 15
logging synchronous
login authentication LOGIN
transport input telnet ssh
!
ntp server 10.1.0.201
!
mac address-table aging-time 172800
mac address-table aging-time 300 vlan 500
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
--More-- profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
end
BOE_IDF_Tech_3850#
Solved! Go to Solution.
03-25-2024 09:18 AM
No spanning tree portfast
No spanning tree bpduguard
In any port that go to error disable'
You run portfast in global so it apply to all ports with bpduguard' you need to hardcoded disable it.
MHM
03-25-2024 07:11 AM
I think the highlighted statement could be your problem.
03-25-2024 07:17 AM
that was there in the previous config. 500 is my management vlan.
03-25-2024 07:28 AM
03-25-2024 07:41 AM
yes only uplink. yes other side has it as well. when i issued the spanning-tree vlan 100 command i lost my ports then. not my uplink but all of my int gig ports.
03-25-2024 07:13 AM
Hello,
Any particular reason to have spanning-tree disabled for VLAN 100? Was it this way on the original switch?
03-25-2024 07:21 AM
hmmm. not sure. i missed that. i dont see that in old config backup.
03-25-2024 07:28 AM
That will most certainly cause stability problems...suggest allowing it.
03-25-2024 07:27 AM
how do i get rid of that command?
03-25-2024 07:35 AM
Just issue the same command without the "no"
"Spanning-tree vlan 100"
03-25-2024 07:39 AM
Share
show spanning vlan 100 & 101
Show interface status
Show vlan breif
Show interface trunk
Show spanning interface gx/x detail <- the interface appear in log message
MHM
03-25-2024 07:49 AM
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2024.03.25 10:43:22 =~=~=~=~=~=~=~=~=~=~=~=
sho spann
BOE_IDF_Tech_3850#sho spanning-tree vlan 100
Spanning tree instance(s) for vlan 100 does not exist.
BOE_IDF_Tech_3850#sho spanning-tree vlan 100 1
VLAN0101
Spanning tree enabled protocol rstp
Root ID Priority 32869
Address 10b3.c6ec.0500
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32869 (priority 32768 sys-id-ext 101)
Address 10b3.c6ec.0500
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 172800 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/24 Desg FWD 4 128.24 P2p Edge
Gi1/0/44 Desg FWD 4 128.44 P2p Edge
Te1/1/4 Desg FWD 2 128.56 P2p
BOE_IDF_Tech_3850#sho int status
Port Name Status Vlan Duplex Speed Type
Gi1/0/1 notconnect 100 auto 1000 10/100/1000BaseTX
Gi1/0/2 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/3 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/4 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/5 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/6 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/7 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/8 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/9 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/10 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/11 notconnect 100 auto auto 10/100/1000BaseTX
--More--
Port Name Status Vlan Duplex Speed Type
Gi1/0/12 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/13 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/14 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/15 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/16 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/17 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/18 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/19 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/20 notconnect 1 auto auto 10/100/1000BaseTX
Gi1/0/21 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/22 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/23 notconnect 100 auto auto 10/100/1000BaseTX
--More--
Port Name Status Vlan Duplex Speed Type
Gi1/0/24 connected 100 a-full a-1000 10/100/1000BaseTX
Gi1/0/25 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/26 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/27 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/28 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/29 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/30 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/31 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/32 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/33 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/34 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/35 notconnect 100 auto auto 10/100/1000BaseTX
--More--
Port Name Status Vlan Duplex Speed Type
Gi1/0/36 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/37 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/38 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/39 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/40 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/41 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/42 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/43 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/44 connected 100 a-full a-1000 10/100/1000BaseTX
Gi1/0/45 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/46 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/0/47 notconnect 100 auto auto 10/100/1000BaseTX
--More--
Port Name Status Vlan Duplex Speed Type
Gi1/0/48 notconnect 100 auto auto 10/100/1000BaseTX
Gi1/1/1 notconnect 1 auto auto unknown
Gi1/1/2 notconnect 1 auto auto unknown
Te1/1/3 UPLINK notconnect 1 auto auto unknown
Te1/1/4 UPLINK connected trunk full 10G SFP-10GBase-LRM
BOE_IDF_Tech_3850#sho vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/20, Gi1/1/1, Gi1/1/2
Te1/1/3
100 VLAN0100 active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/21, Gi1/0/22
Gi1/0/23, Gi1/0/24, Gi1/0/25
Gi1/0/26, Gi1/0/27, Gi1/0/28
Gi1/0/29, Gi1/0/30, Gi1/0/31
Gi1/0/32, Gi1/0/33, Gi1/0/34
Gi1/0/35, Gi1/0/36, Gi1/0/37
Gi1/0/38, Gi1/0/39, Gi1/0/40
Gi1/0/41, Gi1/0/42, Gi1/0/43
Gi1/0/44, Gi1/0/45, Gi1/0/46
Gi1/0/47, Gi1/0/48
101 VLAN0101 active Gi1/0/2, Gi1/0/3, Gi1/0/4
Gi1/0/5, Gi1/0/6, Gi1/0/7
--More--
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
Gi1/0/8, Gi1/0/9, Gi1/0/10
Gi1/0/11, Gi1/0/12, Gi1/0/13
Gi1/0/14, Gi1/0/15, Gi1/0/16
Gi1/0/17, Gi1/0/18, Gi1/0/19
Gi1/0/21, Gi1/0/22, Gi1/0/23
Gi1/0/24, Gi1/0/25, Gi1/0/26
Gi1/0/27, Gi1/0/28, Gi1/0/29
Gi1/0/30, Gi1/0/31, Gi1/0/32
Gi1/0/33, Gi1/0/34, Gi1/0/35
Gi1/0/36, Gi1/0/37, Gi1/0/38
Gi1/0/39, Gi1/0/40, Gi1/0/41
Gi1/0/42, Gi1/0/43, Gi1/0/44
Gi1/0/45, Gi1/0/46, Gi1/0/47
Gi1/0/48
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
BOE_IDF_Tech_3850#sho int trunk
Port Mode Encapsulation Status Native vlan
Te1/1/4 on 802.1q trunking 500
Port Vlans allowed on trunk
Te1/1/4 1-4094
Port Vlans allowed and active in management domain
Te1/1/4 1,100-101
Port Vlans in spanning tree forwarding state and not pruned
Te1/1/4 1,100-101
BOE_IDF_Tech_3850#sho span
BOE_IDF_Tech_3850#sho spanning-tree int ?
BDI Bridge-Domain interface
GigabitEthernet GigabitEthernet IEEE 802.3z
Port-channel Ethernet Channel of interfaces
TenGigabitEthernet Ten Gigabit Ethernet
Vlan Catalyst Vlans
BOE_IDF_Tech_3850#sho spanning-tree int te
*Mar 25 03:52:59.669: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking TenGigabitEthernet1/1/4 on VLAN0101. Inconsistent local vlan.
BOE_IDF_Tech_3850#sho spanning-tree int ten 1/1/4 detail
Port 56 (TenGigabitEthernet1/1/4) of VLAN0001 is designated forwarding
Port path cost 2, Port priority 128, Port Identifier 128.56.
Designated root has priority 32769, address 10b3.c6ec.0500
Designated bridge has priority 32769, address 10b3.c6ec.0500
Designated port id is 128.56, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 2
Link type is point-to-point by default
BPDU: sent 127, received 32
Port 56 (TenGigabitEthernet1/1/4) of VLAN0101 is broken (Port VLAN ID Mismatch)
Port path cost 2, Port priority 128, Port Identifier 128.56.
Designated root has priority 32869, address 10b3.c6ec.0500
Designated bridge has priority 32869, address 10b3.c6ec.0500
Designated port id is 128.56, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 2
Link type is point-to-point by default
BPDU: sent 126, received 19
BOE_IDF_Tech_3850#
*Mar 25 03:53:14.670: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking TenGigabitEthernet1/1/4 on VLAN0101. Port consistency restored.
BOE_IDF_Tech_3850#
03-25-2024 08:02 AM
the VLAN 500 not found in SW DB ?
try add VLAN 500 <<- which is native VLAN vai
vlan 500
then allow this VLAN in trunk
MHM
03-25-2024 08:28 AM
okay now i can ping the switch but cant ssh yet.
03-25-2024 08:34 AM
Ssh need generate new RSA key' add it and you can access via ssh
But I need to be sure now that STP work now after we add vlan500 which use by rstp as native vlan bpdu' are stp now ok?
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide