cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

273
Views
5
Helpful
21
Replies
Highlighted
Beginner

Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not workin

Hi I have just configured a 3850 switch for ip routing and have been through the configuration many times, but still no routing is taking place.  I have enable ip routing and setup several vlans with IP address (different subnets) added several trunk ports and switch ports to test my configuration.  I also have a Windows DHCP server with associated scopes for the various subnets, but not except the defualt vlan (which I set to 10) is working. 

 

Here is my configuration for the CoreSwitch

 


!
! Last configuration change at 15:47:07 UTC Sat Jul 20 2019 by admin
!
version 16.6
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core
!
hostname Core-Switch
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$wEUy$iJ.U37OqiVLaORCJ2n5GG0
!
no aaa new-model
switch 1 provision ws-c3850-24p
!
!
!
!
ip routing
!
ip domain name aaota.org
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-939288410
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-939288410
revocation-check none
rsakeypair TP-self-signed-939288410
!
!
crypto pki certificate chain TP-self-signed-939288410
certificate self-signed 01 nvram:IOS-Self-Sig#2.cer
!
!
!
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
username admin password 7 08751E1A5D4B5C46
!
redundancy
mode sso
!
!
transceiver type all
monitoring
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description DHCP Snooping, EWLC control, EWCL data
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold
!
policy-map system-cpp-policy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
shutdown
speed 1000
negotiation auto
!
interface GigabitEthernet1/0/1
switchport access vlan 10
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/3
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/4
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/5
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/6
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/7
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/8
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/9
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/10
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/11
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/12
switchport trunk native vlan 10
switchport mode trunk
!
interface GigabitEthernet1/0/13
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/22
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/23
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/24
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 172.16.0.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan100
ip address 172.16.10.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan110
ip address 172.16.12.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan200
ip address 172.16.20.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan210
ip address 172.16.22.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan300
ip address 172.16.30.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan310
ip address 172.16.32.254 255.255.255.0
ip helper-address 172.16.0.5
!
interface Vlan600
ip address 172.16.60.254 255.255.255.0
ip helper-address 172.16.0.5
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.16.0.1
ip ssh version 2
!
!
!
!
!
control-plane
service-policy input system-cpp-policy
!
!
line con 0
password 7 1443405F5856737A
logging synchronous
login
stopbits 1
line aux 0
password 7 1443405F5856737A
login
stopbits 1
line vty 0 4
password 7 135145465F5E5D7B
logging synchronous
login local
transport input all
line vty 5 15
password 7 135145465F5E5D7B
logging synchronous
login local
transport input all
!
!
mac address-table notification mac-move
!
!
!
!
!
end

Everyone's tags (2)
4 ACCEPTED SOLUTIONS

Accepted Solutions
VIP Expert

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

"Another good test would be from the server and from the Internet router are they able to ping the various SVIs configured on your new core switch."

You might also try pinging those hosts from your switch using an extended ping using a source interface or source IP from a SVI that they do not reside on. If your Windows (DHCP) server cannot communicate with the other SVIs, it won't be able to give out DHCP addresses.

As Rick notes, if a host can ping other SVIs, likely the L3 switch is routing correctly, and the problem is likely with the other hosts, most commonly, again as Rick notes, an issue with the default gateway. (For your DHCP server, also don't forget to provide your DHCP clients with their correct default gateway settings.)

Also BTW, on many Cisco switches, if there isn't any "up" port on a VLAN for a SVI, the SVI will be "down". If a SVI is down, of course, you won't be able to ping it.

Rick mentions the need for the Internet router to have routes to internal networks. He's correct. This might be accomplished by running a routing protocol between that router and your L3 switch, or using static routes. If the latter, also keep in mind you might be able to just use a summary prefix or prefixes. For example, rather than having all internal networks defined on your Internet router, you might just have 172.16.0.0/16. If the former, you can also be able to "source" the default route on the Internet router so that the L3 switch doesn't need a static for it.
Hall of Fame Expert

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Hello Bill,

you have been provided several good suggestions by Rick and Joseph and by Peter.

 

The first important key point is the default gateway settings on PCs that should be the new switch C3850 SVI interface IP address in all cases.

What is special about vlan 10?

Not the fact the vlan 10 is the native vlan in your trunk ports, this is an OSI layer 2 concept.

You have issues at OSI layer 3 IP routing level ( if any)

In vlan 10 subnet 172.16.0.0/24 you have:

the external internet facing router with IP address 172.16.0.1

the DHCP server with IP address 172.16.0.X

 a pair of hosts in same IP subnet.

 

Verify on the windows DHCP server what default gateway it has. If the DHCP server was already installed before introducing the new L3 switch, it is likely pointing to 172.16.0.1 instead of 172.16.0.254 (new switch).

Of course it can ping the directly connected 172.16.0.254 it is just a question of ARP resolution.

If the DHCP server cannot ping the other SVI interfaces on the new switch the possible issues are:

DHCP server has default gateway pointing to 172.16.0.1

the router at 172.16.0.1 has no knowledge of the new Vlans behind the new switch.

 

Check the ip routing table on the router.

If needed you should add static routes like

ip route 172.16.30.0 255.255.255.0 172.16.0.254.

 

This should fix your network about intervlan routing and capability to ping the router from different Vlans then vlan 10.

 

The question of the ip helper-address has to be troubleshooted later when inter Vlan routing is working as desired.

 

Hope to help

Giuseppe

 

 

Hall of Fame Master

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Bill

 

The symptom that you describe with the server strongly suggest that its default gateway is not set correctly to be the switch SVI. The symptom with the Internet router suggest that it does not have routes for the networks configured on the switch. At this point it sounds like the switch is configured pretty well and the issue is not on the switch but with the devices connected to the switch.

 

HTH

 

Rick

VIP Expert

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

" I was originally trying this route 172.16.0.0 255.255.255.0 172.16.0.254, thinking that it would cover ALL of the SVI's, but for some reason this never worked."

Or try 172.16.0.0 255.255.0.0 172.16.0.254
21 REPLIES 21
Hall of Fame Cisco Employee

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not workin

Hello @wmlarkin1,

At the first sight, there does not seem to be anything wrong with the configuration. Let's try to dig deeper.

  1. You said that the routing is not working. How did you test it? Can you share the outputs from your host that led you to believe the routing is broken?
  2. If you assign a static IP address, netmask, and gateway to your test host, then - from the host - can you at least ping the SVI of the switch that is in the same VLAN as the host?
  3. Following on the previous step, if you can ping your own VLAN's SVI from the host, can you ping other SVIs on the same switch from the host as well?
  4. Can the switch ping its own SVIs?
  5. Can you share the following extra outputs from your switch?
show vlan brief
show ip interface brief
show ip route
show ip cef

Thank you!

Best regards,
Peter

VS Beginner
Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not workin

Please paste output of "sh run all"

Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not workin


@VS wrote:

Please paste output of "sh run all"


Core-Switch#sh run all
Building configuration...

Current configuration with default configurations exposed : 104688 bytes
!
! Last configuration change at 16:38:18 UTC Sun Jul 21 2019
!
no issu config-sync policy lbl prc
no issu config-sync policy bulk prc
version 16.6
downward-compatible-config 16.6
no service log backtrace
no service config
no service exec-callback
no service nagle
service slave-log
no service slave-coredump
no service pad to-xot
no service pad from-xot
no service pad cmns
no service pad
no service telnet-zeroidle
no service tcp-keepalives-in
no service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service exec-wait
no service linenumber
no service internal
no service log-hidden
no service scripting
no service compress-config
service prompt config
no service old-slip-prompts
no service hide-telnet-addresses
no service pt-vty-logging
no service disable-ip-fast-frag
no service sequence-numbers
service counters max age 0
service dhcp
no service call-home
no platform punt-keepalive disable-kernel-core
platform urpf loose counter ipv4 supress asymmetric_only
platform urpf loose counter ipv6 supress asymmetric_only
!
hostname Core-Switch
!
shell processing
!
vrf definition Mgmt-vrf
no ipv4 multicast multitopology
no ipv6 multicast multitopology
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging discriminator
logging exception 4096
no logging count
no logging message-counter log
no logging message-counter debug
logging message-counter syslog
no logging snmp-authfail
no logging userinfo
logging buginf
logging queue-limit 1024
logging queue-limit esm 0
logging queue-limit trap 1024
logging buffered 4096 debugging
logging reload message-limit 1000 notifications
no logging persistent
logging rate-limit console 10 except errors
logging console guaranteed
logging console debugging
logging monitor debugging
logging cns-events informational
logging on
enable secret 5 $1$wEUy$iJ.U37OqiVLaORCJ2n5GG0
!
spd extended-headroom 10
spd headroom 1000
spd enable
ipc holdq threshold upper 20
ipc holdq threshold lower 1
ipc header-cache permanent 1000 100
ipc buffers max-free 8320
ipc buffers min-free 832
ipc buffers permanent 2496
no aaa new-model
ethernet cfm alarm notification mac-remote-error-xcon
ethernet cfm alarm delay 2500
ethernet cfm alarm packet 0
ethernet cfm alarm reset 10000
ethernet cfm logging alarm ieee
ethernet cfm logging alarm cisco
ethernet cfm logging ais
ethernet cfm logging lck
ethernet cfm ais link-status global
no disable
period 60
ppp hold-queue 262144
ppp packet throttle 20 1 30
process cpu extended history 12
process cpu autoprofile hog
cef table consistency-check IPv4 type lc-detect count 71 period 60
cef table consistency-check IPv4 type scan-lc-rp count 71 period 60
cef table consistency-check IPv4 type scan-rp-lc count 71 period 60
cef table consistency-check IPv4 type scan-rib-ios count 1000 period 60
cef table consistency-check IPv4 type scan-ios-rib count 1000 period 60
no cef table consistency-check IPv4 data-checking
no cef table consistency-check IPv4 error-message
cef table consistency-check IPv4 auto-repair delay 10 holddown 300
cef table consistency-check IPv6 type lc-detect count 26 period 60
cef table consistency-check IPv6 type scan-lc-rp count 26 period 60
cef table consistency-check IPv6 type scan-rp-lc count 26 period 60
cef table consistency-check IPv6 type scan-ios-rib count 1000 period 60
no cef table consistency-check IPv6 data-checking
no cef table consistency-check IPv6 error-message
cef table consistency-check IPv6 auto-repair delay 10 holddown 300
no cef table consistency-check Binding-Sid Label data-checking
no cef table consistency-check Binding-Sid Label error-message
cef table consistency-check Binding-Sid Label auto-repair delay 10 holddown 300
cef table vrf tree IPv4 type MTRIE short-mask-protection 4 stride-pattern 8-8-8-8 hardware-api-notify off
cef table vrf tree IPv6 type RTREE
cef table vrf tree Binding-Sid Label type MTRIE short-mask-protection 4 stride-pattern 8-8-8-8 hardware-api-notify off
cef table output-chain build favor default
cef table rate-monitor-period 5
cef table download recursive-dependents priority 1
cef table download default-route priority 1
cef table download connected-route priority 2
cef table download receive-route priority 2
cef table download route-in-vrf priority 3
cef table download catch-all priority 4
switch 1 provision ws-c3850-24p
system fnf bytes-count layer2
power xps 1 name
power xps 1 port 1 name
power xps 1 port 2 name
power xps 1 port 3 name
power xps 1 port 4 name
power xps 1 port 5 name
power xps 1 port 6 name
power xps 1 port 7 name
power xps 1 port 8 name
power xps 1 port 9 name
power xps 2 name
power xps 2 port 1 name
power xps 2 port 2 name
power xps 2 port 3 name
power xps 2 port 4 name
power xps 2 port 5 name
power xps 2 port 6 name
power xps 2 port 7 name
power xps 2 port 8 name
power xps 2 port 9 name
power xps 3 name
power xps 3 port 1 name
power xps 3 port 2 name
power xps 3 port 3 name
power xps 3 port 4 name
power xps 3 port 5 name
power xps 3 port 6 name
power xps 3 port 7 name
power xps 3 port 8 name
power xps 3 port 9 name
power xps 4 name
power xps 4 port 1 name
power xps 4 port 2 name
power xps 4 port 3 name
power xps 4 port 4 name
power xps 4 port 5 name
power xps 4 port 6 name
power xps 4 port 7 name
power xps 4 port 8 name
power xps 4 port 9 name
power xps 5 name
power xps 5 port 1 name
power xps 5 port 2 name
power xps 5 port 3 name
power xps 5 port 4 name
power xps 5 port 5 name
power xps 5 port 6 name
power xps 5 port 7 name
power xps 5 port 8 name
power xps 5 port 9 name
power xps 6 name
power xps 6 port 1 name
power xps 6 port 2 name
power xps 6 port 3 name
power xps 6 port 4 name
power xps 6 port 5 name
power xps 6 port 6 name
power xps 6 port 7 name
power xps 6 port 8 name
power xps 6 port 9 name
power xps 7 name
power xps 7 port 1 name
power xps 7 port 2 name
power xps 7 port 3 name
power xps 7 port 4 name
power xps 7 port 5 name
power xps 7 port 6 name
power xps 7 port 7 name
power xps 7 port 8 name
power xps 7 port 9 name
power xps 8 name
power xps 8 port 1 name
power xps 8 port 2 name
power xps 8 port 3 name
power xps 8 port 4 name
power xps 8 port 5 name
power xps 8 port 6 name
power xps 8 port 7 name
power xps 8 port 8 name
power xps 8 port 9 name
power xps 9 name
power xps 9 port 1 name
power xps 9 port 2 name
power xps 9 port 3 name
power xps 9 port 4 name
power xps 9 port 5 name
power xps 9 port 6 name
power xps 9 port 7 name
power xps 9 port 8 name
power xps 9 port 9 name
!
no software auto-upgrade source url
!
no software auto-upgrade enable
!
mvrp global
mvrp mac-learning auto
mvrp vlan create
no cisp enable
rep admin vlan 1
!
!
!
!
call-home
alert-group configuration
alert-group crash
alert-group diagnostic
alert-group environment
alert-group inventory
alert-group snapshot
alert-group syslog
no contact-email-addr
rate-limit 20
aaa-authorization username "callhome"
no aaa-authorization
alert-group-config snapshot
data-privacy level normal
http secure server-identity-check
syslog-throttling
profile "CiscoTAC-1"
no active
no anonymous-reporting-only
reporting smart-call-home-data
reporting smart-licensing-data
destination preferred-msg-format xml
destination message-size-limit 3145728
no destination transport-method http
destination transport-method email
destination address email callhome@cisco.com
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
subscribe-to-alert-group crash
subscribe-to-alert-group diagnostic severity minor
subscribe-to-alert-group environment severity warning
subscribe-to-alert-group inventory
subscribe-to-alert-group syslog severity warning pattern APF-.-WLC_.*
subscribe-to-alert-group syslog severity major pattern .*
subscribe-to-alert-group configuration periodic monthly 1 9:15
subscribe-to-alert-group inventory periodic monthly 1 9:00
diagnostic-signature
active
profile "CiscoTAC-1"
standby redirect
standby bfd all-interfaces
standby sso
ip subnet-zero
ip source-route
ip routing protocol purge interface
ip routing
no ip arp proxy disable
ip arp queue 512
ip arp incomplete retry 20
ip arp incomplete entries 5000
ip arp incomplete enable
ip sticky-arp
ip gratuitous-arps non-local
ip icmp rate-limit unreachable 500
ip icmp redirect subnet
ip spd queue max-threshold 74
ip spd queue min-threshold 73
ip verify drop-rate compute window 300
ip verify drop-rate compute interval 30
ip verify drop-rate notify hold-down 300
!
no ip nbar disable-custom-async
ip nbar resources system 0 0 0
ip admission ratelimit 100
no ip admission watch-list enable
ip admission watch-list expiry-time 10
ip admission max-login-attempts 5
ip admission init-state-time 2
no ip admission auth-proxy-audit
ip admission inactivity-timer 60
ip admission absolute-timer 0
ip sap cache-timeout 1440
ip multicast redundancy routeflush maxtime 30
ip multicast route-limit 2147483647
ip bootp server
no ip hostname strict
no ip domain round-robin
ip domain retry 2
ip domain timeout 3
no ip domain lookup recursive
ip domain lookup
ip domain lookup nsap
ip domain name aaota.org
ip domain multicast in-addr.arpa
ip domain recursive retry 10
no ip domain recursive allow-soa
ip dhcp-server query lease retries 2
ip dhcp-server query lease timeout 10
ip dhcp-client broadcast-flag
ip dhcp-client default-router distance 254
ip accounting-threshold 512
ip cef optimize neighbor resolution
no ip cef accounting
ip cef load-sharing algorithm universal B3D18D86
ip dhcp relay information policy replace
ip dhcp relay information check
ip dhcp use class
ip dhcp use vrf connected
ip dhcp binding cleanup interval 120
ip dhcp compatibility suboption link-selection cisco
ip dhcp conflict logging
ip dhcp ping packets 2
ip dhcp ping timeout 500
!
!
!
ip dhcp auto-broadcast
ip dhcp snooping information option
ip dhcp snooping database write-delay 300
ip dhcp snooping database timeout 300
ip dhcp snooping verify mac-address
ip dhcp snooping verify no-relay-agent-address
no ip dhcp snooping wireless bootp-broadcast enable
ip arp inspection log-buffer entries 32
ip arp inspection log-buffer logs 5 interval 1
ip igmp ssm-map query dns
ip igmp snooping report-suppression
no ip igmp snooping tcn query solicit
ip igmp snooping tcn flood query count 2
ip igmp snooping robustness-variable 2
ip igmp snooping last-member-query-count 2
ip igmp snooping last-member-query-interval 1000
ip igmp snooping querier version 2
ip igmp snooping querier query-interval 60
ip igmp snooping querier max-response-time 10
ip igmp snooping querier timer expiry 120
ip igmp snooping querier tcn query count 2
ip igmp snooping querier tcn query interval 10
no ip igmp snooping querier
ip igmp snooping
no login delay
ipv6 hop-limit 64
ipv6 icmp error-interval 100 10
ipv6 nd cache expire
no ipv6 nd ra solicited unicast
ipv6 nd nsf convergence 120
ipv6 nd nsf throttle 512
ipv6 nd nsf dad suppress 60
ipv6 nd nud limit 256 refresh 10
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd resolution data limit 16
ipv6 nd default-route vrf Mgmt-vrf limit 4
ipv6 nd default-route limit 4
ipv6 nd dad time 0
ipv6 nd dad loopback detect
ipv6 nsf-converge 10
ipv6 traffic interface-statistics
ipv6 mld snooping listener-message-suppression
no ipv6 mld snooping tcn query solicit
ipv6 mld snooping tcn flood query count 2
ipv6 mld snooping robustness-variable 2
ipv6 mld snooping last-listener-query-count 2
ipv6 mld snooping last-listener-query-interval 1000
no ipv6 mld snooping
ipv6 dhcp-relay trust-all
no ipv6 dhcp-relay option vpn
ipv6 dhcp ping packets 0
ipv6 dhcp iapd-route-add
no ipv6 dhcp iana-route-add
ipv6 dhcp ppp terminate
ipv6 dhcp ppp framed-prefix cache
no ipv6 dhcp server vrf enable
ipv6 rip vrf-mode enable
ipv6 multicast multipath
ipv6 multicast rpf use-bgp
ipv6 spd queue max-threshold 74
ipv6 spd queue min-threshold 73
ipv6 cef optimize neighbor resolution
no ipv6 cef accounting
ipv6 cef load-sharing algorithm universal B3D18D86
location prefer static weight 0
location prefer lldp-med weight 2
!
!
!
!
!
ntp max-associations 100
device-sensor notify new-tlvs
routing-default-optimize
xdr multicast-group mode individual
xdr multicast-group internal split threshold 7000
xdr multicast-group internal issu-slots-split
authentication mac-move deny
no authentication logging verbose
authentication command bounce-port ignore
authentication command disable-port ignore
authentication critical recovery delay 100
no access-session interface-template sticky
no mab request format attribute 1
no mab request format attribute 2
no mab request format attribute 32
no mab logging verbose
l2 traceroute
glbp sso
no device-tracking logging packet drop
no device-tracking logging theft
no device-tracking logging resolution-veto
no device-tracking tracking
clns configuration-time 60
clns holding-time 300
clns packet-lifetime 64
clns security pass-through
no clns want-erpdu
isis display delimiter return 1
scripting tcl low-memory 164452380
!
crypto pki trustpoint TP-self-signed-939288410
enrollment retry count 999
enrollment retry period 1
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-939288410
revocation-check none
rsakeypair TP-self-signed-939288410
hash sha1
!
!
crypto pki certificate chain TP-self-signed-939288410
certificate self-signed 01
3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 39333932 38383431 30301E17 0D313930 37313331 35343833
325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3933 39323838
34313030 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02
82010100 A7FCDC70 84E7934A B3D886DB F1612417 E42544AB CD5839A5 9FF3B7A7
A480EE69 A8F469B6 020C6F78 3E8E1807 43520507 44DF14AC 2089EEC9 DBACFDA1
F33315DA 05589C8D 3BA4BB9F 512C44F6 5942F470 4DB9806A D54FDEF8 529BD048
00D5686F 078DE502 93C39BF5 BC288842 09BD80D1 75F3EB26 E4254051 C0367E35
5D4D800E A7D9E983 3D14D6E1 443CF078 13AA7B91 77B2A4C0 4A333D9C 85DD2FB2
3224D402 10B94A5C 75DE3ED8 3774F2FE CD488793 C2E3377A A030D4E5 134AF03C
0C47481A 154F014A 23D05A96 C7A420A3 7B5A09C2 1FBBE17D D746E8A9 FE286927
0B7F46B0 50265A78 D908ECD7 428D90BF D23F50B4 1F83BE39 B1A59900 04C8A7D8
D1FA47F7 02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F
0603551D 23041830 1680148D 3439C885 D45B5C8B 6F713387 41F9D835 7DA20230
1D060355 1D0E0416 04148D34 39C885D4 5B5C8B6F 71338741 F9D8357D A202300D
06092A86 4886F70D 01010505 00038201 01000D6F ECF5B693 B5DA0639 84EE873D
A0330382 51A15961 ADEDF762 5B9C7D3C 258A2449 57728223 DB46F06A EEBF7AD0
1026490B 61CE1EF8 CBAC5A22 D17A56D4 24545EA3 F7DC11B9 9F84838D B0E7505F
7AEE4B8A 97D0F760 0C69C5BD AD6D3FBC 6DF24B79 6AFD055A DB71C213 1C8AD48B
38585973 72056AD0 21D7F202 5B239F34 52D07FD2 7FB12608 657048F5 D68E5AB7
81E27C46 8F80E15C A9140CB9 E073AE28 33D8B98A A6CEDFF3 C207C856 3AB38462
4C8FF69E E4CBBF3A 0CF337A5 072CD7B1 475F95D8 A575DBD2 F38137E7 09F7CF12
E05CFFCE E896E468 4002A883 2FFCD759 C6A55350 212238BA 97652244 0B605C17
9AA4EF81 4CCA0B6E 13D1BB20 9778D3AA BE82
quit
!
crypto pki crl download schedule prepublish 0
crypto pki crl download schedule retries 5
crypto pki crl download schedule retries interval 30
crypto pki crl cache size 64
cts server deadtime 20
cts server test all enable
cts server test all idle-time 60
cts server test all deadtime 20
no cts server key-wrap enable
no cts logging verbose
no cts sxp enable
cts sxp retry period 120
cts sxp reconciliation period 120
no cts sxp log binding-changes
cts sxp mapping network-map 0

cts sxp speaker hold-time 120


cts sxp listener hold-time 90 180

cts sxp node-id 0
no cts sxp filter-enable
port-channel load-balance src-mac
port-channel auto
no dot1x logging verbose
no dot1x auth-fail eapol
dot1x guest-vlan supplicant
no dot1x critical eapol
no dot1x critical eapol block
dot1x supplicant force-multicast
dot1x supplicant controlled transient
no device classifier
!
!
diagnostic event-log size 500
diagnostic bootup level minimal
no diagnostic monitor syslog
diagnostic monitor interval switch 1 test DiagThermalTest 00:01:30 0 0 cardindex 3
diagnostic monitor interval switch 1 test DiagFanTest 00:01:30 0 0 cardindex 3
diagnostic monitor interval switch 1 test DiagScratchRegisterTest 00:01:30 0 0 cardindex 3
diagnostic monitor threshold switch 1 test DiagThermalTest failure count 5 cardindex 3
diagnostic monitor threshold switch 1 test DiagFanTest failure count 5 cardindex 3
diagnostic monitor threshold switch 1 test DiagScratchRegisterTest failure count 5 cardindex 3
diagnostic monitor switch 1 test DiagThermalTest cardindex 3
diagnostic monitor switch 1 test DiagFanTest cardindex 3
diagnostic monitor switch 1 test DiagScratchRegisterTest cardindex 3
spanning-tree mode rapid-pvst
no spanning-tree dispute
spanning-tree transmit hold-count 6
no spanning-tree optimize bpdu transmission
spanning-tree queue maxsize 12288
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree uplinkfast max-update-rate 0
spanning-tree pathcost method short
memory check-interval 60
memory statistics history table 24
memory validate-checksum 60
memory lite
memory chunk siblings threshold 10000
file privilege 15
file prompt alert
no file verify auto
issu set rollback-timer 2700
netconf-yang cisco-ia snmp-trap-control global-forwarding
netconf-yang cisco-ia auto-sync without-defaults
no netconf-yang cisco-ia blocking cli-blocking-enabled
netconf-yang cisco-ia blocking confd-cfg-blocking-enabled
netconf-yang cisco-ia config-change-delay 0
netconf-yang cisco-ia init-sync without-defaults
netconf-yang cisco-ia intelligent-sync
netconf-yang cisco-ia logging ciaauthd-log-level error
netconf-yang cisco-ia logging confd-log-level error
netconf-yang cisco-ia logging nes-log-level error
netconf-yang cisco-ia logging odm-log-level error
netconf-yang cisco-ia logging onep-log-level error
netconf-yang cisco-ia logging sync-log-level error
netconf-yang cisco-ia max-diag-messages-saved 30
netconf-yang cisco-ia message-diag-level 0
netconf-yang cisco-ia post-sync-acl-process
no netconf-yang cisco-ia preserve-paths-enabled
netconf-yang cisco-ia process-missing-prc
netconf-yang cisco-ia snmp-community-string private
netconf-yang cisco-odm on-demand-default-time 30000
no netconf-yang cisco-odm on-demand-enable
no netconf-yang cisco-odm polling-enable
netconf-yang ssh port 830
no netconf-yang
!
no restconf
lacp system-priority 32768
!
username admin password 7 08751E1A5D4B5C46
!
redundancy
mode sso
no policy config-sync lbl prc reload
no policy config-sync bulk prc reload
main-cpu
no standby console enable
no standby console lock
crypto engine software ipsec
no crypto engine software isakmp
!
process-max-time 50
!
transceiver type all
monitoring
!
cdp advertise-v2
cdp timer 60
cdp holdtime 180
cdp run
cdp tlv location
cdp tlv app
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description DHCP Snooping, EWLC control, EWCL data
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold
!
policy-map system-cpp-policy
!
!
crypto ikev2 authorization policy default
route set interface
route accept any
!
crypto ikev2 proposal default
encryption aes-cbc-256
integrity sha512 sha384
group 19 14 21 5
!
crypto ikev2 policy default
match fvrf any
proposal default
!
crypto ikev2 nat keepalive 0
crypto ikev2 diagnose error 50
crypto ikev2 dpd 0 0 periodic
crypto ikev2 limit max-in-negotation-sa 400 outgoing
crypto ikev2 limit max-in-negotation-sa 40
crypto ikev2 limit max-sa 0
crypto ikev2 limit queue sa-init 5000
crypto ikev2 window 5
crypto ikev2 fragmentation mtu 576
!
crypto isakmp diagnose error 50
crypto ipsec optional retry 300
!
crypto ipsec security-association lifetime kilobytes 4608000
crypto ipsec security-association lifetime seconds 3600
no crypto ipsec security-association replay disable
crypto ipsec security-association replay window-size 64
crypto ipsec security-association dummy
crypto ipsec security-association ecn discard
!
crypto ipsec transform-set default esp-aes esp-sha-hmac
mode transport
crypto ipsec nat-transparency udp-encapsulation
!
crypto ipsec profile default
no set security-association dfbit
set security-association lifetime kilobytes 4608000
set security-association lifetime seconds 3600
no set security-association idle-time
no set security-association replay window-size
set security-association dummy
set security-association ecn
!
!
crypto call admission limit ike sa 0
crypto call admission limit ike in-negotiation-sa 1000
crypto call admission limit ipsec sa 0
crypto mib ipsec flowmib history tunnel size 200
crypto mib ipsec flowmib history failure size 200
buffers element permanent 1000
buffers element minimum 100
buffers header permanent 256
buffers header max-free 512
buffers header min-free 10
buffers header initial 0
buffers fastswitching permanent 384
buffers fastswitching max-free 1024
buffers fastswitching min-free 128
buffers fastswitching initial 0
buffers small permanent 1200
buffers small max-free 2500
buffers small min-free 200
buffers small initial 0
buffers middle permanent 900
buffers middle max-free 2000
buffers middle min-free 100
buffers middle initial 0
buffers big permanent 900
buffers big max-free 1800
buffers big min-free 50
buffers big initial 0
buffers verybig permanent 100
buffers verybig max-free 300
buffers verybig min-free 0
buffers verybig initial 0
buffers large permanent 100
buffers large max-free 300
buffers large min-free 0
buffers large initial 0
buffers huge permanent 20
buffers huge max-free 33
buffers huge min-free 0
buffers huge size 18024
buffers huge initial 0
no buffers tune automatic
buffers VeryLarge permanent 100
buffers VeryLarge max-free 300
buffers VeryLarge min-free 0
buffers VeryLarge initial 0
!
!
!
no autoconf enable
!
interface GigabitEthernet0/0
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
vrf forwarding Mgmt-vrf
no ip address
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
shutdown
speed 1000
negotiation auto
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
arp arpa
arp timeout 14400
clns route-cache
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 75 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/1
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/2
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/3
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/4
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/5
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/6
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/7
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/8
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/9
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/10
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/11
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/12
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport trunk native vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode trunk
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/13
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode access
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
switchport port-security maximum 65535 vlan voice
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/14
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/15
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode access
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
switchport port-security maximum 65535 vlan voice
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/16
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/17
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/18
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/19
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/20
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/21
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode access
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
switchport port-security maximum 65535 vlan voice
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/22
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode access
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
switchport port-security maximum 65535 vlan voice
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/23
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode access
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
switchport port-security maximum 65535 vlan voice
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/0/24
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 10
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
switchport mode access
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
switchport port-security maximum 65535 vlan voice
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
power inline port priority low
power inline auto max 30000
power inline static
power inline never
power inline police
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/1/1
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/1/2
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/1/3
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface GigabitEthernet1/1/4
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface TenGigabitEthernet1/1/1
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface TenGigabitEthernet1/1/2
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface TenGigabitEthernet1/1/3
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface TenGigabitEthernet1/1/4
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
switchport
switchport access vlan 1
switchport private-vlan trunk encapsulation dot1q
switchport private-vlan trunk native vlan tag
no switchport nonegotiate
no switchport protected
no switchport block multicast
no switchport block unicast
no switchport port-security mac-address sticky
no ip arp inspection trust
ip arp inspection limit rate 15 burst interval 1
ip arp inspection limit rate 15
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
cdp tlv location
cdp tlv server-location
cdp tlv app
ipv6 mld snooping tcn flood
snmp trap mac-notification change added
snmp trap mac-notification change removed
snmp trap link-status
cts role-based enforcement
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
channel-group auto
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 2000 in
hold-queue 40 out
ip igmp snooping tcn flood
no ip dhcp snooping information option allow-untrusted
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan1
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
no ip address
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan10
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.0.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan100
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.10.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan110
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.12.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan200
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.20.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan210
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.22.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan300
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.30.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan310
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.32.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
interface Vlan600
mvrp timer leave-all 1000
mvrp timer leave 60
mvrp timer join 20
no mvrp timer periodic
no mvrp
ip address 172.16.60.254 255.255.255.0
ip helper-address global 172.16.0.5
ip redirects
ip unreachables
ip proxy-arp
ip mtu 1500
ip pim join-prune-interval 60
ip pim dr-priority 1
ip pim query-interval 30
ip mfib forwarding input
ip mfib forwarding output
ip mfib cef input
ip mfib cef output
ip cef accounting non-recursive internal
ip load-sharing per-destination
ip route-cache cef
ip route-cache
ip split-horizon
ip igmp last-member-query-interval 1000
ip igmp last-member-query-count 2
ip igmp query-max-response-time 10
ip igmp v3-query-max-response-time 10
ip igmp version 2
ip igmp query-interval 60
ip igmp tcn query count 2
ip igmp tcn query interval 10
load-interval 300
carrier-delay 2
no shutdown
no medium p2p
no macsec replay-protection
no macsec
ipv6 nd reachable-time 0
ipv6 nd ns-interval 0
ipv6 nd dad attempts 1
ipv6 nd dad loopback detect
ipv6 nd prefix framed-ipv6-prefix
ipv6 nd nud igp
no ipv6 nd ra solicited unicast
ipv6 nd ra lifetime 1800
ipv6 nd ra interval 200
ipv6 redirects
ipv6 unreachables
ipv6 mfib forwarding input
ipv6 mfib forwarding output
ipv6 mfib cef input
ipv6 mfib cef output
snmp trap link-status
no mka pre-shared-key
mka default-policy
autonomic
arp arpa
arp timeout 14400
clns route-cache
spanning-tree port-priority 128
spanning-tree cost 0
ethernet oam max-rate 10
ethernet oam min-rate 1
ethernet oam remote-loopback timeout 2
ethernet oam timeout 5
hold-queue 375 in
hold-queue 40 out
no bgp-policy accounting input
no bgp-policy accounting output
no bgp-policy accounting input source
no bgp-policy accounting output source
no bgp-policy source ip-prec-map
no bgp-policy source ip-qos-map
no bgp-policy destination ip-prec-map
no bgp-policy destination ip-qos-map
!
ip classless
ip nsf-converge 10
ip forward-protocol nd
ip pim dm-fallback
ip pim autorp
ip pim bidir-offer-interval 100 msec
ip pim bidir-offer-limit 3
ip pim v1-rp-reachability
ip pim log-neighbor-changes
ip msdp timer 30
no ip finger
no ip tcp ecn
no ip tcp selective-ack
no ip tcp timestamp
ip tcp delayed-ack
ip tcp chunk-size 0
ip tcp mss 0
ip tcp keepalive retries 4
ip tcp keepalive interval 60
ip tcp window-size 4128
ip tcp queuemax 20
ip tcp synwait-time 30
no ip tcp path-mtu-discovery
no ip tcp async-mobility server
ip tcp RST-count 10 RST-window 5000
ip telnet tos C0
no ip telnet quiet
no ip telnet hidden hostnames
no ip telnet hidden addresses
ip telnet comport enable
ip telnet comport flow level 16
ip telnet comport receive window 4128
ip telnet comport disconnect delay 0
ip http server
ip http port 80
no ip http upload overwrite
ip http authentication local
ip http secure-server
ip http HSTS-Header
ip http secure-port 443
ip http secure-active-session-modules all
ip http max-connections 50
ip http timeout-policy idle 180 life 180 requests 25
ip http timeout-policy linger 60
ip http session-idle-timeout 180
ip http active-session-modules all
ip http digest algorithm md5
ip http client cache memory pool 100
ip http client cache memory file 2
ip http client cache ager interval 5
ip http client connection timeout 10
ip http client connection retry 1
ip http client connection pipeline-length 5
ip http client connection idle timeout 30
ip http client response timeout 30
ip http path
ip rsvp authentication type md5
ip rsvp authentication lifetime 00:30:00
ip rsvp pq-profile 12288 592 110
ip rsvp signalling initial-retransmit-delay 1000
ip rsvp signalling refresh reduction ack-delay 250
ip rsvp signalling refresh interval 30000
ip rsvp signalling refresh misses 4
ip ftp passive
no ip tftp claim-netascii
ip tftp blocksize 8192
ip route static adjust-time 60
ip route static inter-vrf
ip route 0.0.0.0 0.0.0.0 172.16.0.1
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh window-size 8192
ip ssh break-string ~break
ip ssh version 2
ip ssh dh min size 2048
no ip ssh rekey time
no ip ssh rekey volume
ip ssh server authenticate user publickey
ip ssh server authenticate user keyboard
ip ssh server authenticate user password
no ip ssh server peruser session limit
ip ssh server certificate profile
server
no ocsp-response include
user
no ocsp-response required
!
ip ssh server algorithm mac hmac-sha2-256 hmac-sha2-512 hmac-sha1 hmac-sha1-96
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh server algorithm kex diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1
ip ssh server algorithm hostkey x509v3-ssh-rsa ssh-rsa
ip ssh server algorithm authentication publickey keyboard password
ip ssh server algorithm publickey x509v3-ssh-rsa ssh-rsa
ip ssh client algorithm mac hmac-sha2-256 hmac-sha2-512 hmac-sha1 hmac-sha1-96
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm kex diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1
!
no ip access-list helper egress check
!
ip prefix-list sequence-number
timeout 900
ip sla low-memory 147109770
ip sla server twamp
port 862
timer inactivity 900
no ip access-list persistent
service-routing capabilities-manager
logging esm config
logging history size 1
logging history warnings
logging trap informational
logging delimiter tcp
no logging origin-id
logging facility local7
no logging source-interface
logging server-arp
ethernet cfm mep crosscheck start-delay 30
!
ipv6 prefix-list sequence-number
no route-tag notation dotted-decimal
!
no snmp-server dbal cache
snmp monitor response 5000
snmp mib event sample minimum 60
snmp mib event sample instance maximum 0
snmp mib expression delta minimum 1
snmp mib expression delta wildcard maximum 0
snmp mib flowmon alarmhistorysize 500
snmp mib notification-log globalsize 500
snmp mib notification-log globalageout 15
tacacs-server cache expiry 24 enforce hours
ipv6 access-list log-update threshold 2147483647
!
control-plane
service-policy input system-cpp-policy
!
alias exec h help
alias exec lo logout
alias exec p ping
alias exec r resume
alias exec s show
alias exec u undebug
alias exec un undebug
alias exec w where
no configuration mode exclusive
parser cache
parser config partition
parser command serializer
parser maximum utilization 100
parser maximum latency 40
default-value exec-character-bits 7
default-value special-character-bits 7
default-value data-character-bits 8
!
line con 0
motd-banner
exec-banner
exec-timeout 10 0
timeout login response 30
privilege level 1
password 7 1443405F5856737A
no media-type rj45 switch 1
no media-type rj45 switch 2
no media-type rj45 switch 3
no media-type rj45 switch 4
no media-type rj45 switch 5
no media-type rj45 switch 6
no media-type rj45 switch 7
no media-type rj45 switch 8
no media-type rj45 switch 9
logging synchronous
login
data-character-bits 8
exec-character-bits 7
special-character-bits 7
domain-lookup
exec
length 24
width 80
history size 10
history
editing
monitor
escape-character soft DEFAULT
escape-character DEFAULT
databits 8
stopbits 1
start-character 17
stop-character 19
speed 9600
line aux 0
motd-banner
exec-banner
exec-timeout 10 0
timeout login response 30
privilege level 1
password 7 1443405F5856737A
login
modem answer-timeout 15
modem dtr-delay 5
data-character-bits 8
exec-character-bits 7
special-character-bits 7
domain-lookup
exec
length 24
width 80
history size 10
history
editing
monitor
escape-character soft DEFAULT
escape-character DEFAULT
databits 8
stopbits 1
start-character 17
stop-character 19
speed 9600
line vty 0 4
motd-banner
exec-banner
exec-timeout 10 0
timeout login response 30
privilege level 1
password 7 135145465F5E5D7B
logging synchronous
login local
data-character-bits 8
exec-character-bits 7
special-character-bits 7
domain-lookup
exec
length 24
width 80
history size 10
history
editing
monitor
transport input all
escape-character soft DEFAULT
escape-character DEFAULT
start-character 17
stop-character 19
line vty 5 15
motd-banner
exec-banner
exec-timeout 10 0
timeout login response 30
privilege level 1
password 7 135145465F5E5D7B
logging synchronous
login local
data-character-bits 8
exec-character-bits 7
special-character-bits 7
domain-lookup
exec
length 24
width 80
history size 10
history
editing
monitor
transport input all
escape-character soft DEFAULT
escape-character DEFAULT
start-character 17
stop-character 19
!
exception data-corruption buffer truncate
exception data-corruption buffer log
exception crashinfo file crashinfo:crashinfo_RP_00_00
exception crashinfo buffersize 32
exception crashinfo maximum files 1
no exception crashinfo dump garbage-detector
no transport type console 0 input
no transport type persistent telnet input
monitor event-trace stacktrace
no monitor event-trace sequence-number
monitor event-trace timestamps datetime msec
monitor event-trace eigrp perf-events rate-limiting 1
scheduler max-task-time 2000
scheduler process-watchdog normal
ntp allow mode control 0
ntp leap-handle
ntp mindistance 1
ntp maxdistance 8
device-tracking binding reachable-lifetime 300 stale-lifetime 86400 down-lifetime 86400
no device-tracking binding logging
no device-tracking binding max-entries
!
cns id hostname
cns id hostname event
cns id hostname image
cns image retry 60
mac address-table notification change interval 1
mac address-table notification change history-size 1
mac address-table notification change
mac address-table notification mac-move
netconf max-sessions 4
netconf lock-time 10
netconf max-message 0
wsma id hostname
!
!
!
!
xmpp id hostname
bulkstat resource limit memory 95
event manager scheduler script thread class default number 1
event manager scheduler applet thread class default number 5
event manager scheduler call-home thread class default number 32
event manager scheduler shell thread class default number 1
event manager scheduler shell thread class Z number 1
!
event manager history size events 10
event manager history size traps 10
event manager detector rpc max-sessions 4
event manager detector routing bootup-delay 0
end

VIP Expert

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not workin

I may have missed it, but excluding trunk ports you only appear to have ports assigned to VLAN 1 (which doesn't have an active SVI) and VLAN 10. To route, you need different active networks. With the information provided, we don't know what VLANs are configured on devices on the other side of the trunk ports.
Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not workin

Here are the requested outputs

 

Core-Switch#sh vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/2, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8, Gi1/0/9, Gi1/0/10
Gi1/0/11, Gi1/0/14, Gi1/0/16, Gi1/0/17, Gi1/0/18, Gi1/0/19, Gi1/0/20
Gi1/1/1, Gi1/1/2, Gi1/1/3, Gi1/1/4
10 Wired active Gi1/0/1, Gi1/0/13, Gi1/0/15, Gi1/0/21, Gi1/0/22, Gi1/0/23, Gi1/0/24
100 Primary active
110 Pri-Mobile active
200 Intermediate active
210 Im-Mobile active
300 MiddleSchool active
310 MS-Mobile active
600 Admin active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

 

Core-Switch#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM administratively down down
Vlan10 172.16.0.254 YES NVRAM up up
Vlan100 172.16.10.254 YES NVRAM up up
Vlan110 172.16.12.254 YES NVRAM up up
Vlan200 172.16.20.254 YES NVRAM up up
Vlan210 172.16.22.254 YES NVRAM up up
Vlan300 172.16.30.254 YES NVRAM up up
Vlan310 172.16.32.254 YES NVRAM up up
Vlan600 172.16.60.254 YES NVRAM up up
GigabitEthernet0/0 unassigned YES NVRAM administratively down down
GigabitEthernet1/0/1 unassigned YES unset down down
GigabitEthernet1/0/2 unassigned YES unset down down
GigabitEthernet1/0/3 unassigned YES unset up up
GigabitEthernet1/0/4 unassigned YES unset down down
GigabitEthernet1/0/5 unassigned YES unset down down
GigabitEthernet1/0/6 unassigned YES unset down down
GigabitEthernet1/0/7 unassigned YES unset down down
GigabitEthernet1/0/8 unassigned YES unset down down
GigabitEthernet1/0/9 unassigned YES unset down down
GigabitEthernet1/0/10 unassigned YES unset down down
GigabitEthernet1/0/11 unassigned YES unset down down
GigabitEthernet1/0/12 unassigned YES unset up up
GigabitEthernet1/0/13 unassigned YES unset down down
GigabitEthernet1/0/14 unassigned YES unset down down
GigabitEthernet1/0/15 unassigned YES unset down down
GigabitEthernet1/0/16 unassigned YES unset down down
GigabitEthernet1/0/17 unassigned YES unset up up
GigabitEthernet1/0/18 unassigned YES unset down down
GigabitEthernet1/0/19 unassigned YES unset down down
GigabitEthernet1/0/20 unassigned YES unset down down
GigabitEthernet1/0/21 unassigned YES unset down down
GigabitEthernet1/0/22 unassigned YES unset up up
GigabitEthernet1/0/23 unassigned YES unset up up
GigabitEthernet1/0/24 unassigned YES unset up up
GigabitEthernet1/1/1 unassigned YES unset down down
GigabitEthernet1/1/2 unassigned YES unset down down
GigabitEthernet1/1/3 unassigned YES unset down down
GigabitEthernet1/1/4 unassigned YES unset down down
Te1/1/1 unassigned YES unset down down
Te1/1/2 unassigned YES unset down down
Te1/1/3 unassigned YES unset down down
Te1/1/4 unassigned YES unset down down
Core-Switch#

 

Core-Switch#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is 172.16.0.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 172.16.0.1
172.16.0.0/16 is variably subnetted, 16 subnets, 2 masks
C 172.16.0.0/24 is directly connected, Vlan10
L 172.16.0.254/32 is directly connected, Vlan10
C 172.16.10.0/24 is directly connected, Vlan100
L 172.16.10.254/32 is directly connected, Vlan100
C 172.16.12.0/24 is directly connected, Vlan110
L 172.16.12.254/32 is directly connected, Vlan110
C 172.16.20.0/24 is directly connected, Vlan200
L 172.16.20.254/32 is directly connected, Vlan200
C 172.16.22.0/24 is directly connected, Vlan210
L 172.16.22.254/32 is directly connected, Vlan210
C 172.16.30.0/24 is directly connected, Vlan300
L 172.16.30.254/32 is directly connected, Vlan300
C 172.16.32.0/24 is directly connected, Vlan310
L 172.16.32.254/32 is directly connected, Vlan310
C 172.16.60.0/24 is directly connected, Vlan600
L 172.16.60.254/32 is directly connected, Vlan600
Core-Switch#

 

Core-Switch#sh ip cef
Prefix Next Hop Interface
0.0.0.0/0 172.16.0.1 Vlan10
0.0.0.0/8 drop
0.0.0.0/32 receive
127.0.0.0/8 drop
172.16.0.0/24 attached Vlan10
172.16.0.0/32 receive Vlan10
172.16.0.1/32 attached Vlan10
172.16.0.5/32 attached Vlan10
172.16.0.173/32 attached Vlan10
172.16.0.176/32 attached Vlan10
172.16.0.254/32 receive Vlan10
172.16.0.255/32 receive Vlan10
172.16.10.0/24 attached Vlan100
172.16.10.0/32 receive Vlan100
172.16.10.254/32 receive Vlan100
172.16.10.255/32 receive Vlan100
172.16.12.0/24 attached Vlan110
172.16.12.0/32 receive Vlan110
172.16.12.254/32 receive Vlan110
172.16.12.255/32 receive Vlan110
172.16.20.0/24 attached Vlan200
172.16.20.0/32 receive Vlan200
172.16.20.254/32 receive Vlan200
172.16.20.255/32 receive Vlan200
172.16.22.0/24 attached Vlan210
172.16.22.0/32 receive Vlan210
172.16.22.254/32 receive Vlan210
172.16.22.255/32 receive Vlan210
Prefix Next Hop Interface
172.16.30.0/24 attached Vlan300
172.16.30.0/32 receive Vlan300
172.16.30.254/32 receive Vlan300
172.16.30.255/32 receive Vlan300
172.16.32.0/24 attached Vlan310
172.16.32.0/32 receive Vlan310
172.16.32.254/32 receive Vlan310
172.16.32.255/32 receive Vlan310
172.16.60.0/24 attached Vlan600
172.16.60.0/32 receive Vlan600
172.16.60.254/32 receive Vlan600
172.16.60.255/32 receive Vlan600
224.0.0.0/4 drop
224.0.0.0/24 receive
240.0.0.0/4 drop
255.255.255.255/32 receive
Core-Switch#

Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Hi Peter.. I tested the routing in several ways:  I have trunk ports (Gi1/0/1 - 12) and connected an Wireless AP to it, defied the vlans that I wanted on the AP with the correct settings and was unable for any of the SSID's (set to different vlans) to get an IP Address via IP-Helper which is defined on all SVI's.  Also, I assigned a few Switchports to a particular VLAN (for instance VLAN 200 and connected a PC to that port (static addr and dhcp) and nothing, no pinging anywhere except that when statically assigned I can ping the VLAN gateway, but no other gateway or the default route (which is our internet router).  The AP does however get a DHCP IP Address from the server (connected to Gi1/0/22) on the Native Vlan 10.  Also, the Switch can ping all of the SVI's that are assigned.  Thanks for you help with this!  - Bill

Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

UPDATE:  I configured a client tagged with VLAN 200, connected it to a trunk port on the switch and I was able to ping the VLAN200 gateway (172.16.20.254) also I CAN ping all of the other SVI's that are defined.  However I cannot ping the Windows Server (172.16.0.5) or the Internet Router (172.16.0.1), but CAN ping these if I'm on the Native VLAN 10.. no others.  So, maybe the InterVlan routing is working??  Not entirely sure, but some how I cannot get to the Windows Server for DHCP or the Internet.  I have checked all of my settings, but obviously I am missing something.  Thanks again for ANY Help!

 

Bill

Hall of Fame Master

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Bill

 

Thanks for the update. If the client can ping all of the other SVIs then it does sound like inter vlan routing is configured and working. If the client can not ping the server 172.16.0.5 or the Internet router 172.16.0.1 I would suggest that you check both of them. In the case of the server you probably should start with what is its default gateway. Depending on how the server is configured you might also want to check a route print and verify whether it has route entries for any of your subnets and if so how it thinks it is getting to those remote subnets. On the Internet router you should check its routing table. It probably has a default route pointing upstream and so would also need to have routing information (probably from static routes) for the networks/subnets connected to your new core switch.

 

Another good test would be from the server and from the Internet router are they able to ping the various SVIs configured on your new core switch.

 

HTH

 

Rick

VIP Expert

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

"Another good test would be from the server and from the Internet router are they able to ping the various SVIs configured on your new core switch."

You might also try pinging those hosts from your switch using an extended ping using a source interface or source IP from a SVI that they do not reside on. If your Windows (DHCP) server cannot communicate with the other SVIs, it won't be able to give out DHCP addresses.

As Rick notes, if a host can ping other SVIs, likely the L3 switch is routing correctly, and the problem is likely with the other hosts, most commonly, again as Rick notes, an issue with the default gateway. (For your DHCP server, also don't forget to provide your DHCP clients with their correct default gateway settings.)

Also BTW, on many Cisco switches, if there isn't any "up" port on a VLAN for a SVI, the SVI will be "down". If a SVI is down, of course, you won't be able to ping it.

Rick mentions the need for the Internet router to have routes to internal networks. He's correct. This might be accomplished by running a routing protocol between that router and your L3 switch, or using static routes. If the latter, also keep in mind you might be able to just use a summary prefix or prefixes. For example, rather than having all internal networks defined on your Internet router, you might just have 172.16.0.0/16. If the former, you can also be able to "source" the default route on the Internet router so that the L3 switch doesn't need a static for it.
Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Hi.. thanks for your replies.. I'm just very perplexed as to why this is not working.  I have a server (windows 2019) connected to a switchport on VLAN 10.  I have an internet router connected to a switchport on VLAN 10 also.  I have 2 computers that are connected to switchports which are also VLAN 10.  On the 2 computers I can ping everything and get on the internet on VLAN 10.  (I can ping all of the SVI's.. everything).  When I remote into the server I can ping the router, I can ping the gateway (172.16.0.254) and that's IT??  When I connect into the router I can ping the same as the Server.. nothing else just.  So.. I unplug the server and the router from their respective switchports and connect the PC into either of those two ports and guess what.. I can ping everything?  My question.. is there something particular about the server and router ports that should be configured?  I'm really stumped.  I have a working Cisco Switch at another location using a very similar setup and everything works.  I have never used the 3850 switches before.. could there be something inherent here that I don't know.  

 

Thanks for your continued help.. sorry if I sound frustrated, but I am trying to work through this. - Bill

Hall of Fame Expert

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Hello Bill,

you have been provided several good suggestions by Rick and Joseph and by Peter.

 

The first important key point is the default gateway settings on PCs that should be the new switch C3850 SVI interface IP address in all cases.

What is special about vlan 10?

Not the fact the vlan 10 is the native vlan in your trunk ports, this is an OSI layer 2 concept.

You have issues at OSI layer 3 IP routing level ( if any)

In vlan 10 subnet 172.16.0.0/24 you have:

the external internet facing router with IP address 172.16.0.1

the DHCP server with IP address 172.16.0.X

 a pair of hosts in same IP subnet.

 

Verify on the windows DHCP server what default gateway it has. If the DHCP server was already installed before introducing the new L3 switch, it is likely pointing to 172.16.0.1 instead of 172.16.0.254 (new switch).

Of course it can ping the directly connected 172.16.0.254 it is just a question of ARP resolution.

If the DHCP server cannot ping the other SVI interfaces on the new switch the possible issues are:

DHCP server has default gateway pointing to 172.16.0.1

the router at 172.16.0.1 has no knowledge of the new Vlans behind the new switch.

 

Check the ip routing table on the router.

If needed you should add static routes like

ip route 172.16.30.0 255.255.255.0 172.16.0.254.

 

This should fix your network about intervlan routing and capability to ping the router from different Vlans then vlan 10.

 

The question of the ip helper-address has to be troubleshooted later when inter Vlan routing is working as desired.

 

Hope to help

Giuseppe

 

 

Hall of Fame Master

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Bill

 

The symptom that you describe with the server strongly suggest that its default gateway is not set correctly to be the switch SVI. The symptom with the Internet router suggest that it does not have routes for the networks configured on the switch. At this point it sounds like the switch is configured pretty well and the issue is not on the switch but with the devices connected to the switch.

 

HTH

 

Rick

Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Thanks to Everyone's help.. I am making progress..  the resolution (as most of your responded) was indeed the Server Gateway was pointing to the Internet Router and not the CoreSwitch.  I did in fact have all of the SVI's configured correctly and they are now able to get an IP Address in their respective vlans.  The reason that I didn't spot this, I think, is that VLAN 10 (Native VLAN) was properly configuring the DHCP clients and therefore I could "ping" everything when connected there.  When I tried to connect to a different VLAN it was not receiving any DHCP Assignments and even a static IP address would not improve the situation due to the mis-configured server gateway.  The Inter-Vlan routing was working all along, but I was not testing it properly it seems.  The only thing left to resolve is the routing (which I'm a novice at, but plugging along) for the SVI's.  Thank you Everyone.  I will post when this is done.  - Bill

Beginner

Re: Newly configured Catalyst 3850 L3 Switch not routing, Ip-helper not working

Hallelujah.. It is working! - I set a static route in our internet gateway to one of the SVI's and it is now connected and on the internet through our AP connected to a trunking port.  I was originally trying this route 172.16.0.0 255.255.255.0 172.16.0.254, thinking that it would cover ALL of the SVI's, but for some reason this never worked.  So as "Giuseppe" mentioned I used the specific route 172.16.10.0 255.255.255.0 172.16.0.254 and it worked.  Now I will create the routes for the others as well.  THANK You Everyone.  I sincerely appreciate all of your responses. 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards