Cisco Web Interface/ DHCP Problems

[Strawhidy]

Hello people,

I thought I'd give these forums a shot and see if anyone could help me. I own a CyberCafe/PC Game Centerv with 37 PC's. I rebuild my PCs on a weekly basis using Symantec's Ghost Solution Suite (mucho multicasting). About a year ago I started receiving IP address conflicts after upgrading from my Gb Linksys switches to my new Cisco Catayst 2948G-GE-TX switch. My PC's have been showing the following error in the event viewer after Ghosting my PC's:

(Event ID: 1003 which shows the following error Your computer was not able to renew its address from the network(from the DHCP Server) for the Network Card with network address 00301BB74492. The following error occurred:
The semaphore timeout period has expired. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

I believe this problem may have something to do with STP. I would like to enable the web interface on my switch so I can change the settings myself. Can someone please help me enable the web interface on my switch?

Cisco 2948G-GE-TX
version 8.3(2)GLX
Windows 2003 Server/DHCP server

 

[KiscoKid]

I think you're right regarding STP. I would hazard a guess you need to enable portfast on ports of the switch that connects to your machines.

The command is "set spantree portfast mod_num/port_num enable" from the command line

So for your switch, this would be: set spantree portfast 1-48 enable

Oh and to answer your question about enabling the web interface on the switch, this command is "set ip http server enable

 

[vipergg]

Or "set port host 2/1-48 " will also turn portfast on . To turn on the web interface you have to have ciscoview adp code running on the switch , it would look something like this cat4000-cv.8-4-1-GLX.bin . Notice the CV in the middle , this means it supports the web interface , if you don't have this code you can't use the web interface , most people don't use it anyway they just use the CLI.

 

[vipergg]

The other question is why would they drop from just ghosting the pc ? where are they trying to pull an address from ????

 

[Strawhidy]

Since all my PC's are indentical and I use one main image for the entire center, I believe the Ghost PC's still think they are the orginal PC from which the image was created. It appears the Ghosted PC's are attempting to contact my Windows 2003 DHCP server and are failing due to spanning tree's untimely learning period. Activating portfast on the switch should stop STP from doing this.

I also have a Cisco 1721 router, and wireless gateway connected to this switch. I was told to leave STP active on the ports they occupy. Is this true?

 

[Strawhidy]

Sorry guys but I have one more question. One of my ports (port 44) was configured to be on it's own VLAN. I would like to remove this second VLAN and have port 44 rejoin the original VLAN. What command would I use to accomplish this?

 

[chieftan]

Portfast IS required for multicast ghosting. STP will cause problems due to the learning states.
This is similar to PXE loading on linux.

 

[KiscoKid]

You should disable portfast on ports that connect to other networking devices like routers as they can be configured to act as a bridge and thus could cause a bridging loop.

To configured port 44 to become a member of a different VLAN, use the following command:

set vlan x 2/44

where x is the VLAN you want to allocate instead.

 

[Strawhidy]

I found the following line after pulling up my config:

"set port channel 2/1-43,2/45-46 mode off"

My PC's and server's which I Ghost/Multicast occupy ports 2/1-45. My router and switches occupy ports 2/46-48. I've enabled configured my switch as follows:

set spantree portfast 2/46-48 disable
set spantree portfast 2/1-45 enable
set spantree bpdu-guard 2/46-48 enable

From my research I believe this is correct or not?

I also see the following lines listed for all my ports in my config which im not familar with such as:

set spantree portinstancecost mod/all ports cost 19999 mst
set spantree portvlancost mod/all ports cost 3003

Is this normal?

 

[KiscoKid]

BPDU Guard need only be enabled for ports where Portfast is configured. If you therefore configure BPDU Guard globally, it will only apply this to the ports where Portfast has been previously configured. You can do this as follows:

set spantree portfast bpdu-guard enable

This command: set spantree portinstancecost mod/all ports cost 19999 mst

is used whenever MST (Multiple Spanning Tree) is deployed and essentially assigns a port cost to the MST instance.

This command: set spantree portvlancost mod/all ports cost 3003

is used to assign a port cost to a VLAN(s) on the port in question

Both the commands above are to manipulate the behaviour of STP.

You can confirm what kind of STP you are running using the 'show spantree' command. The default is PVST+.

 

[Strawhidy]

I would like to thank all of you for taking the time to help. The help you provided solved a problem i've had for over a year.

FYI.
I believe the DHCP problem was caused by either my wireless gateway which issues DHCP address to WiFi customers, a misconfigured switch, or corruption of my DHCP server. I disconnected the WiFi Gateway, reconfigured the switch based on your tips, and designated a new DHCP all which solved the problems.

Thank You for your help folks!