KB.15.15

the switch when DHCP/Bootp is first configured, the switch may not immediately receive the desired

configuration.

After verifying that the server has become accessible to the switch, reboot the switch to re-start the

process.

802.1Q Prioritization problems

Ports configured for non-default prioritization (level 1 to 7) are not performing the specified action

If the ports were placed in a trunk group after being configured for nondefault prioritization, the

priority setting was automatically reset to zero (the default.) Ports in a trunk group operate only at

the default priority setting.

Addressing ACL problems

ACLs are properly configured and assigned to VLANs, but the switch is not using the ACLs to filter

IP layer 3 packets

1. The switch may be running with IP routing disabled. To ensure that IP routing is enabled,

execute show running and look for the IP routing statement in the resulting listing. For

example:

Figure 194 Indication that routing is enabled

NOTE: If an ACL assigned to a VLAN includes an ACE referencing an IP address on the

switch itself as a packet source or destination, the ACE screens traffic to or from this switch

address regardless of whether IP routing is enabled. This is a security measure designed to

help protect the switch from unauthorized management access.

If you need to configure IP routing, execute the ip routing command.

2. ACL filtering on the switches applies only to routed packets and packets having a destination

IP address (DA) on the switch itself.

Also, the switch applies assigned ACLs only at the point where traffic enters or leaves the

switch on a VLAN. Ensure that you have correctly applied your ACLs ("in" and/or "out") to

the appropriate VLANs.

Unusual network activity 371