Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

3 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

LinkedIn
Newsletter
Instagram
YouTube

Virtual switching system (VSS) Configuration For Cisco 4500 series switches
Document
Jan 24, 2013 1:11 PM

ashirkar 2 years ago

Table of Contents [hide]

Introduction
Some key point to be remembered for Cisco 4500 VSS
Prerequisite
Configuration Steps
Verification
Reference

Introduction
The Cisco Virtual Switching System is a clustering technology that pools two Cisco Catalyst 4500-E Series Switches
with Cisco Catalyst Supervisor Engine 7-E or 7-LE or two Catalyst 4500-X Series Switches into a single virtual
switch. In a VSS, the data plane of both clustered switches is active at the same time in both chassis. VSS members
are connected by virtual switch links (VSLs) using standard Gigabit or 10 Gigabit Ethernet connections between the
VSS members. VSLs can carry regular user traffic in addition to the control plane communication between the VSS
members.
Physical vs Logical Topology in a VSS Configuration

This document describes how to configure a virtual switching system (VSS) for the Catalyst 4500 series switch
(Supervisor Engine 7-E, Supervisor Engine 7L-E).

Some key point to be remembered for Cisco 4500 VSS

1) Configuration/Capability Supported supervisors on Catalyst 4500-E: VSS support Supervisor Engine 7-E or 7-LE
(identical pairs).For more information about hardware to support please refer 4500 VSS Hardware requirement
2) Software requirement: Cisco IOS XE 3.4.0SG and ROMMON IOS Version 15.0(1r) SG7 later released support VSS.(Also
refer How to Upgrade Cisco 4500 SUP7-E & Sup7L-E ROMMON To support VSS).

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

4 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

3)license requirement :
To know more on license requirement refer "Release Notes for the Catalyst 4500E Series Switch"

Feature

LAN
Base

IP Base

Enterprise
Service

Yes

Virtual Switching System (VSS

No

(SUP7E

Yes

only)

Support for Layer 3 MECVSS with

Layer 3 Multichassis EtherChannel
(MEC) at the aggregation layer
Support for VSLP Fast HelloWith

Yes

VSLP Fast Hello, the Catalyst

(SUP7E)

4500-X configured for VSS can now

No

connect Access Switches that do not

No

support the ePAgP protocol.

(SUP7LE)

Yes (SUP7E)
Yes
(SUP7LE)

Support for VSL Encryption

Support for Asymmetrix chassis

For information about Software Activation Licensing please refer Cisco Catalyst 4500E Supervisor 7-E and 7L-E and
Cisco Catalyst 4500-X Series Software Activation Licensing Deployment Guide.
4) Single-sup cross-chassis VSS support: Yes.
5) Quad-sup VSS configuration with in-chassis redundant sups: In-chassis redundant sups in rommon mode with active
uplinks.
6) It also supports 10 Gigabit Ethernet Virtual Switch Link (VSL) and 1 Gigabit Ethernet VSL.
7) SSO and nonstop forwarding (NSF) must be configured on each switch. If a VSS does not meet the requirements for
SSO redundancy; it will be incapable of establishing a relationship with the peer switch. Catalyst 4500/4500-X
series switches' VSS does not support route processor redundancy (RPR) mode.

Prerequisite
Before configuring VSS on Cisco 4500 please verify hardware and software requirement.
SW1#sh ver | in IOS
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)
Cisco IOS-XE software, Copyright (c) 2005-2010, 2012 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
SW1#sh ver | in ROM
ROM: 15.0(1r)SG7
System returned to ROM by power-on
SW1#sh license image levels
Module name
Image level Priority Configured Valid license
-------------------------------------------------------------------WS-X45-SUP7-E
entservices 1
YES
entservices
ipbase
2
NO
ipbase
lanbase
3
NO
lanbase
Module Name
Role
Current Level
Reboot Level
-------------------------------------------------------------------WS-X45-SUP7-E Active
entservices
entservices

SW2#sh ver | in IOS

Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)
Cisco IOS-XE software, Copyright (c) 2005-2010, 2012 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
SW2#sh ver | in ROM
ROM: 15.0(1r)SG7
System returned to ROM by power-on
SW2#sh license image levels
Module name
Image level Priority Configured Valid license
--------------------------------------------------------------------

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

5 of 25

WS-X45-SUP7-E

entservices
ipbase
lanbase

1
2
3

YES
NO
NO

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

entservices
ipbase
lanbase

Module Name
Role
Current Level
Reboot Level
-------------------------------------------------------------------WS-X45-SUP7-E
Active
entservices
entservices

Configuration Steps
STEP1: Assigning Virtual Switch Domain and Switch Numbers
First you have to configure the same virtual switch domain number on both switches of the VSS. The virtual switch
domain is a number between 1 and 255.After domain number you must configure one switch to be switch number 1 and the
other switch to be switch number 2.
SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#switch virtual domain 10
Domain ID 10 config will take effect only
after the exec command 'switch convert mode virtual' is issued
SW1(config-vs-domain)#switch 1
SW1(config-vs-domain)#exit
SW1(config)#

SW2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#switch virtual domain 10
Domain ID 10 config will take effect only
after the exec command 'switch convert mode virtual' is issued
SW2(config-vs-domain)#switch 2
SW2(config-vs-domain)#exit
SW2(config)#

STEP2: Configuring VSL Port Channel

Then you need to configure VSL with a unique port channel on each switch. During the conversion, the VSS configures
both port channels on the VSS Active switch. If the VSS Standby switch VSL port channel number has been configured
for another use, the VSS comes up in RPR mode. To avoid this situation, check that both port channel numbers are
available on both of the switches.
SW1(config)#int port-channel 5
SW1(config-if)#switchport
SW1(config-if)#switch virtual link 1
SW1(config-if)#no shut
SW1(config-if)#exit
*Jan 24 05:19:57.092: %SPANTREE-6-PORTDEL_ALL_VLANS: Port-channel5 deleted from all Vlans

SW2(config)#int port-channel 10
SW2(config-if)#switchport
SW2(config-if)#switch virtual link 2
SW2(config-if)#no shut
SW2(config-if)#exit
SW2(config)#
*Jan 24 05:14:17.273: %SPANTREE-6-PORTDEL_ALL_VLANS: Port-channel10 deleted from all Vlans

STEP3: configure the VSL ports

You need to add the VSL physical ports to the port channel. In the following example, interfaces Gigabit Ethernet
7/3 and 7/4 on Switch 1 are connected to interfaces Gigabit Ethernet 4/45 and 4/46 on Switch 2.
SW1(config)#int range gig7/3 - 4
SW1(config-if-range)#switchport mode trunk
SW1(config-if-range)#channel-group 5 mode on
WARNING: Interface GigabitEthernet7/3 placed in restricted config mode. All extraneous configs removed!
WARNING: Interface GigabitEthernet7/4 placed in restricted config mode. All extraneous configs removed!
SW1(config-if-range)#exit

SW2(config)#int range gig4/45 - 46

SW2(config-if-range)#switchport mode trunk
SW2(config-if-range)#channel-group 10 mode on
WARNING: Interface GigabitEthernet4/45 placed in restricted config mode. All extraneous configs removed!
WARNING: Interface GigabitEthernet4/46 placed in restricted config mode. All extraneous configs removed!
SW2(config-if-range)#exit

Note: Once the interfaces are put into VSL port-channel with channel-group" command, then the interfaces goes into

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

6 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

notconnect status. Interface status will show UP, but the line protocol will be down. The interface will be in
UP/down (not connect) status, till the switch is rebooted in step 4.
STEP4: Converting the Switch to Virtual Switch Mode:
You need to enter the switch convert mode virtual command on Switch 1 for Converting to Virtual Switch Mode .After
you enter this command it will prompted to confirm the action. Enter yes. The system creates a converted
configuration file, and saves the file to the bootflash:
SW1#switch convert mode virtual
This command will convert all interface names
to naming convention "interface-type switch-number/slot/port",
save the running config to startup-config and
reload the switch.
Do you want to proceed? [yes/no]: yes
Converting interface names
Building configuration...
Compressed configuration from 6551 bytes to 2893 bytes[OK]
Saving converted configuration to bootflash: ...
Destination filename [startup-config.converted_vs-20130124-062921]?
Please stand by while rebooting the system...
Restarting system.
Rommon (G) Signature verification PASSED
Rommon (P) Signature verification PASSED
FPGA
(P) Signature verification PASSED

Similarly you need to enter the switch convert mode virtual command on Switch 2 for converting to Virtual Switch
Mode.

SW2#switch convert mode virtual

This command will convert all interface names
to naming convention "interface-type switch-number/slot/port",
save the running config to startup-config and
reload the switch.
Do you want to proceed? [yes/no]: yes
Converting interface names
Building configuration...
Compressed configuration from 6027 bytes to 2774 bytes[OK]
Saving converted configuration to bootflash: ...
Destination filename [startup-config.converted_vs-20130124-052526]?
Please stand by while rebooting the system...
Restarting system.
Rommon (G) Signature verification PASSED
Rommon (P) Signature verification PASSED
FPGA

(P) Signature verification PASSED

************************************************************
*
*
* Welcome to Rom Monitor for
WS-X45-SUP7-E System.
*
* Copyright (c) 2008-2012 by Cisco Systems, Inc.
*
* All rights reserved.
*
*
*
************************************************************

After you confirm the above commands on both switches, the running configuration is automatically saved as the
startup configuration and the switch reboots. After the reboot, the switch is in virtual switch mode, so you must
specify interfaces with three identifiers (switch/module/port).
When switches are being converted to VSS, you should not set them to ignore startup-config. If done, the switch can
be enabled to parse the startup-config at the rommon prompt. Ignoring startup-config in VSS mode causes a switch to
boot in a semi-VSS mode, which can only be corrected by a reboot and by enabling the parsing of startup-config.

Verification
1) To displays the virtual switch domain number, and the switch number and role for each of the switches you can use
show switch virtual command.
SW1#sh switch virtual
Executing the command on VSS member switch role = VSS Active, id = 1
Switch mode
:
Virtual switch domain number :
Local switch number
:
Local switch operational role:
Peer switch number
:
Peer switch operational role :

Virtual Switch
10
1
Virtual Switch Active
2
Virtual Switch Standby

Executing the command on VSS member switch role = VSS Standby, id = 2

Switch mode
: Virtual Switch
Virtual switch domain number : 10

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

7 of 25

Local switch number

:
Local switch operational role:
Peer switch number
:
Peer switch operational role :

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

2
Virtual Switch Standby
1
Virtual Switch Active

2) Once both switches cluster in single virtual switch, you will only have Active switch console and your Standby
switch console appears as follow:
SW2-standby>
Standby console disabled

3) To displays the role, switch number, and priority for each of the switch in the VSS use show switch virtual
role command.
SW1#sh switch virtual role
Executing the command on VSS member switch role = VSS Active, id = 1
RRP information for Instance 1
-------------------------------------------------------------------Valid Flags
Peer
Preferred Reserved
Count
Peer
Peer
-------------------------------------------------------------------TRUE
V
1
1
1
Switch Switch Status Preempt
Priority Role
Local
Remote
Number
Oper(Conf)
Oper(Conf)
SID
SID
-------------------------------------------------------------------LOCAL
1
UP
FALSE(N )
100(100) ACTIVE
0
0
REMOTE 2
UP
FALSE(N )
100(100) STANDBY 6834
6152
Peer 0 represents the local switch
Flags : V - Valid
In dual-active recovery mode: No
Executing the command on VSS member switch role = VSS Standby, id = 2
RRP information for Instance 2
-------------------------------------------------------------------Valid Flags
Peer
Preferred Reserved
Count
Peer
Peer
-------------------------------------------------------------------TRUE
V
1
1
1
Switch Switch Status Preempt
Priority Role
Local
Remote
Number
Oper(Conf)
Oper(Conf)
SID
SID
-------------------------------------------------------------------LOCAL
2
UP
FALSE(N )
100(100) STANDBY 0
0
REMOTE 1
UP
FALSE(N )
100(100) ACTIVE
6152
6834
Peer 0 represents the local switch
Flags : V - Valid
In dual-active recovery mode: No

4) To Displays information about the VSL use show switch virtual link command.
SW1#sh switch virtual link
Executing the command on VSS member switch role = VSS Active, id = 1
VSL Status : UP
VSL Uptime : 3 minutes
VSL Control Link : Gi1/7/4
Executing the command on VSS member switch role = VSS Standby, id = 2
VSL Status : UP
VSL Uptime : 3 minutes
VSL Control Link : Gi2/4/45

5) You can also verify information about the VSL port channel using show switch virtual link port-channelcommand.
SW1#sh switch virtual link port-channel
Executing the command on VSS member switch role = VSS Active, id = 1
Flags: D
I
H
R
U
f

down
P - bundled in port-channel
stand-alone s - suspended
Hot-standby (LACP only)
Layer3
S - Layer2
in use
N - not in use, no aggregation
failed to allocate aggregator

M - not in use, no aggregation due to minimum links not met

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

8 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
d - default port
w - waiting to be aggregated
Group Port-channel Protocol
Ports
------+-------------+-----------+------------------5
Po5(SU)
Gi1/7/3(P) Gi1/7/4(P)
10
Po10(SU)
Gi2/4/45(P) Gi2/4/46(P)
Executing the command on VSS member switch role = VSS Standby, id = 2
Flags: D
I
H
R
U
f

down
P - bundled in port-channel
stand-alone s - suspended
Hot-standby (LACP only)
Layer3
S - Layer2
in use
N - not in use, no aggregation
failed to allocate aggregator

M
m
u
d

not in use, no aggregation due to minimum links not met

not in use, port not aggregated due to minimum links not met
unsuitable for bundling
default port

w - waiting to be aggregated
Group Port-channel Protocol
Ports
------+-------------+-----------+------------------5
Po5(SU)
Gi1/7/3(P) Gi1/7/4(P)
10
Po10(SU)
Gi2/4/45(P) Gi2/4/46(P)
SW1#

Catalyst 4500 Series Switch Software Configuration Guide, Release IOS XE 3.4.0SG and IOS 15.1(2)SG
Catalyst Confidence: VSS on the 4500

Rating

Average Rating: 4.7 (7 ratings)

Log in or register to post comments

Share:

Comments
Collapse all
Recent replies first

sepideh.ta 2 years ago

Hi
Is it possiable to define three switch 4500 for VSS technology?
tanks
See More
Log in or register to post comments

ashirkar 2 years ago

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

9 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

Hello Sisily
Up to two physical Cisco switches allow operating as a VSS. You can also go through Virtual Switching System (VSS) Q&A for 6500.
Regards
Ashish Shirkar
See More
Log in or register to post comments

Steven112 5 months ago

Hi All,
i have an issue for 4500x VSS when o perform this command gave me authorization faild:

show switch virtual

Executing the command on VSS member switch role = VSS Active, id = 1
Switch mode
: Virtual Switch
Virtual switch domain number : 1
Local switch number
:1
Local switch operational role: Virtual Switch Active
Peer switch number
:2
Peer switch operational role : Virtual Switch Standby% Authorization failed.

only this happened on 4500x VSS and the same configuration on 6500VSS i didn't see it?
Thanks
See More
Log in or register to post comments

marek.golha 5 months ago

I have the same "Authorization" issues with 4500-X. Is there a bug opened for this?
When I remove my authorization configuration then it is working fine - but this should not be the solution...
Any ideas?

Marek
See More
Log in or register to post comments

sepideh.ta 2 years ago

hi Ashish
tanks alot for quick response.
Sisily

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

10 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

See More
Log in or register to post comments

Tobias Feichtinger 2 years ago

Hi Ashish
I have got a question to:
5) Quad-sup VSS configuration with in-chassis redundant sups: In-chassis redundant sups in rommon mode with active uplinks.
I have got running 2x 4510R+E with 4x SUP7. But wen the active or standy sup failes the second sup in the chasis boots in standalone mode but not in the vss mode .
Is there anywhere a manual how to config a 4500 VSS with Quad Sup?
Kind Regards
Tobias
See More
Log in or register to post comments

ashirkar 2 years ago

Hello Tobias,
Thanks for your feedback ,
Please refer Quad-Supervisor (In-chassis Standby Supervisor Engine) Support section of VSS configuration guide of 4500 .
Hope it help
Regrads,
Ashish Shirkar
(Community Manager-NI)
See More
Log in or register to post comments

Shahid Mohsin 2 years ago

Hi
we have vrrp,hsrp,glbp redundancy protocol then why we use VSS.
See More
Log in or register to post comments

ashirkar 2 years ago

Hello Shahid,

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

11 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

Please check Virtual Switching System (VSS) Q&A for your question and let me know if you have any doubt
Regards,
Ashish Shirkar
(Community Manager-NI)
See More
Log in or register to post comments

Shahid Mohsin 2 years ago

Hi
Thanks for your support but tellme this vss run for one instance for all vlan (or) single instance for single vlan,And vss does support loadbalancing.
And I want BGP study meterial hope you help me..
Once again Thank you,
See More
Log in or register to post comments

ashirkar 2 years ago

Hello Shahid,
Please refer Fundamentals of Cisco Virtual Switching System video to understand about VSS.
Hope it will clear you about VSS
Regrads,
Ashish Shirkar
(Community Manager-NI)
See More
Log in or register to post comments

aurio.tenorio 2 years ago

My implementation, which is identical, is crashing. Not recommended.
4510R+E, Sup 7-e IOS 3.4.0 15.1.2, ROM SG7 (SG10).
Some ideas?
See More
Log in or register to post comments

ashirkar 2 years ago

Hello Aurio,

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

12 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

Thanks for your feedback,

To run VSS on 4500 not only Software requirement must match also hardware should be check.
Older generation line cards are not supported in the 3.4.0SG release with the VSS feature. These include all line cards starting with the 'WS-X45xy' id, and lower.
'WS-X44xy' and 'WS-X42xy' are some other examples of unsupported line cards. Please remove these line cards from your system when converting from standalone to
VSS mode.
Please also refer this document for your hardward requirement before configuring VSS on your 4500 .
Configuring VSS
Regrads,
Ashish Shirkar
(Community Manager-NI)
See More
Log in or register to post comments

aurio.tenorio 2 years ago

Dear Ashish,
There is a bug in one variant of implementation, which causes the crashes of the switch 2. If you want, we can talk more about it.
I tried two variants, one always crashes. The other one, which is similar to the one described here, really works.
In the crashing implementation, parameters different are:
- priority configured in switch 1 to 200
- supervisor 10 gig ports used. This combination crashes. Try it.
This version crashed many, many times.
I then changed. Removed priority of switch 1, and moved the port-channels to gig ports, then, as magical, it worked.
There is a bug for sure, wanting Cisco admit or not.
I still recommend caution.
See More
Log in or register to post comments

ashirkar 2 years ago

Hello Aurio,
Thanks for your valuable feedback,
I have used 1 Gigabit Ethernet port for VSL.I will tried to setup lab and test it on 10 Gig port ,also will check with internal team on this and add outcome to above
document. You can also open TAC case to solve and notify this problem.
Thanks and Regards,
Ashish Shirkar
Technical Community Manager-NI
See More
Log in or register to post comments

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

13 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

giovanni.costantini 2 years ago

Dear Sirs,
I need a clarification about that:
We have 2x 4503, with this configuration:
1x ws-x45-sup7l-e
1x ws-x4748-rj45-e
Can I use 10/100/1000 ports on the 4748 line card to create the VSL instead of the supervisor card ports?
this is because I want to use the supervisor port to perform optical fiber uplinks toward a couple of switch.
thanks you very much,
Giovanni
See More
Log in or register to post comments

zulfiquar.l 2 years ago

Hey Ashish.
Nice & usefull document. Will be a good reference during my implementation.
Cheers,
Zulfiquar.
See More
Log in or register to post comments

ashirkar 2 years ago

Dear Zulfiquar,
"Thank you for your positive feedback."
Thanks and Regards,
Ashish Shirkar
(Technical community manager-NI)
See More
Log in or register to post comments

s.ranjane 2 years ago

Hi Ashish,
Good reference for deployment of VSS...
way to go...
Regards,

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

14 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

Sachin Ranjane
See More
Log in or register to post comments

ashirkar 2 years ago

Hello Sachin,
Thanks for your valuable feedback
Thanks and Regards,
Ashish Shirkar
(Technical community manager-NI)
See More
Log in or register to post comments

anil.gupta3 2 years ago

Hi Ashish,
I need information on minimum license requirement or special license for sup 7-LE.
I have following boq with me. Please let me know, whether vss will be supported or not?
WS-C4506-E

Cat4500 E-Series 6-Slot Chassis fan no ps

S45UK9-32-1502XO

CAT4500e SUP7le Universal Crypto Image

WS-X45-SUP7L-E

Catalyst 4500 E-Series Supervisor 7L-E 520Gbps

C4500E-IP-ES

Paper IP to Ent Services License

3) Minimum license : IP Base or higher (7-E) or special license (7-LE and Catalyst 4500-X).For information about Software Activation Licensing please refer

Cisco Catalyst 4500E Supervisor 7-E and 7L-E and Cisco Catalyst 4500-X Series Software Activation Licensing Deployment Guide
.
regards, anil
See More
Log in or register to post comments

Tobias Feichtinger 2 years ago

Hi
Ashish Shirkar
We have a problem with AAA Authorization.
We have got 2x 4510R+E with the VSS with the software 03.04.00.SG.
We have got also two ACS Server for AAA with the software Version 5.3.0.40.8.
Now AAA works on the most thinks and commands. But when you type
show power or

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

15 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

show switch virtual role

you get the output for the switch 1 and then you get the error % Authorization failed.
So you dont get the output for switch 2.
In the ACS Server we dont see any informations that the command is not allowed.
When you disable AAA it works fine.
Here the AAA config we made on the Switch.
aaa new-model
aaa authentication login default group tacacs+ local enable
aaa authentication login http group tacacs+ local enable
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group tacacs+ local if-authenticated
aaa authorization commands 0 default group tacacs+ local if-authenticated
aaa authorization commands 1 default group tacacs+ local if-authenticated
aaa authorization commands 2 default group tacacs+ local if-authenticated
aaa authorization commands 3 default group tacacs+ local if-authenticated
aaa authorization commands 4 default group tacacs+ local if-authenticated
aaa authorization commands 5 default group tacacs+ local if-authenticated
aaa authorization commands 6 default group tacacs+ local if-authenticated
aaa authorization commands 7 default group tacacs+ local if-authenticated
aaa authorization commands 8 default group tacacs+ local if-authenticated
aaa authorization commands 9 default group tacacs+ local if-authenticated
aaa authorization commands 10 default group tacacs+ local if-authenticated
aaa authorization commands 11 default group tacacs+ local if-authenticated
aaa authorization commands 12 default group tacacs+ local if-authenticated
aaa authorization commands 13 default group tacacs+ local if-authenticated
aaa authorization commands 14 default group tacacs+ local if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
aaa authorization network default local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 2 default start-stop group tacacs+
aaa accounting commands 3 default start-stop group tacacs+
aaa accounting commands 4 default start-stop group tacacs+
aaa accounting commands 5 default start-stop group tacacs+
aaa accounting commands 6 default start-stop group tacacs+
aaa accounting commands 7 default start-stop group tacacs+
aaa accounting commands 8 default start-stop group tacacs+
aaa accounting commands 9 default start-stop group tacacs+
aaa accounting commands 10 default start-stop group tacacs+

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

16 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

aaa accounting commands 11 default start-stop group tacacs+

aaa accounting commands 12 default start-stop group tacacs+
aaa accounting commands 13 default start-stop group tacacs+
aaa accounting commands 14 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
ip tacacs source-interface Vlan999
tacacs-server host Server-IP1 7 password
tacacs-server host Server-IP2 7 password
tacacs-server directed-request
radius-server host Server-IP1 7 password
radius-server host Server-IP2 7 password
Hostname#show power
Executing the command on VSS member switch role = VSS Active, id = 2
Power

Fan

Supply Model No

Type

Inline

Status

Sensor Status

------ ---------------- --------- ----------- ------- ------PS1

PWR-C45-4200ACV AC 4200W good

PS1-1

220V good

PS1-2

220V good

PS2

PWR-C45-4200ACV AC 4200W good

PS2-1

220V good

PS2-2

220V good

good

good

good

good

Power supplies needed by system : 2 Maximum Inputs = 3

Power supplies currently available : 2
Power Summary
(in Watts)

Maximum
Used

---------------------- ----

Available
---------

System Power (12V)

770

Inline Power (-50V)

Backplane Power (3.3V)

---------------------- ---Total

4690
40

40

---------

810 (not to exceed Total Maximum Available = 5500)

Power Measurement
(in Watts)

2200

Inline Power (-50V)

(+/- 50Watts)

------------------ ------------------PS1

PS2

------------------ ------------------Total

% Authorization failed.
It would be also good if you can say

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

17 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

show power switch 1 or

show power switch 2
like on the VSS on the 6500 Series.
or
show interfaces status switch 1 mod 2
show interfaces status switch 2 mod 2
Kind Regards
Tobias
See More
Log in or register to post comments

pmicovicisco 2 years ago

Tobias,
I had the same problem a few weeks ago with my 4500x stack. Once I removed all 'aaa authorization' statements, every command worked fine and parameters for both
switches were displayed. Keep in mind that failover DID NOT happen when I rebooted the switch 1 - switch 2 was stuck on waiting for a handshake/handoff, therefore
my whole system crashed...
HTH
Plamen
See More
Log in or register to post comments

mshatkus1 2 years ago

I've seen it before but cannot remember the command. How do I enable both console ports in a VSS pair?
See More
Log in or register to post comments

ollylolly 2 years ago

2x C4506-E Licence ipbase!
Hi,
I learned, that in Step 2 and 3 it is very important to use "no switchport". So I should use L3.
int port-channel 1
no switchport
switch virtual link 1
!
int ten 1/1
no switchport
channel-group 1 mode on
After switch convert mode virtual the switch 1 works fine, but the switch 2 has an error for the vsl-link.
It seems the C4506-E +Sub7E on the last IOS 03.04.00.SG can't config VSS with L3. Configure the dual-activ detection bfd is not possible to.

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

18 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

Need I the L2 config?

Days later:
I tested the new IOS IOS 03.04.1.SG1 from 07/2013. And I tested the L2 config too. I gat allways the same result. The VSL-Link dosn't work. so I have 2 active switches.
See More
Log in or register to post comments

w.schieffer about a year ago

FYI:
The Sup 7-LE requires Enterprise services to support VSS please review the release notes. Most the documents are very unclear on this fact except for the release notes.
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/release/note/OL_29985-01.html#wp2560650
Thanks
See More
Log in or register to post comments

Jan.Ferre 11 months ago

The instruction sheet seems easy to understand and to follow. I do have a too low version rommon - .6 instead of .7 - wonders if that's a problem.
Much worse though: This sheet says VSS requires IP Base or IP Enterprise. My switch was equipped with IP Base and the local gold-partner said I needed to upgrade to
IP Enterprise in order to do VSS - price somewhat like $5.000 - each switch. Now it looks like this is not needed at all. Wonders if this is a task for the crime squad or if
Cisco will refund the unneeded upgrade.

Jan Ferr
See More
Log in or register to post comments

John Eze 10 months ago

Can u have VSS running at the core of your network and both VSS switches on Active Active mode. My question is that can the both VSS enable switches keep separate
routing table?
See More
Log in or register to post comments

noisey_uk 10 months ago

VSS essentially binds both chassis into a single logical switch. You can then virtualise this single logical switch using VRFs just like you would a single physical chassis. So
to achieve what you've asked you'd just create VRF_A (for physical chassis A) and VRF_B (for physical chassis B) then assign all physical ports on physical chassis A to
VRF_A and all physical ports on physical chassis B to VRF_B.
See More
Log in or register to post comments

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

19 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

tranminhc 6 months ago

Hi all,
I have 2 Cat4506E switches with Sup 8E universal, and ip base license. it includes WS-X4748-RJ45V+E line card and WS-X4624-SFP-E line card in each switch chassis.
Both are 1 Gbit port
My question is can I create a VSL link between two switch chassis in port-channel with one port from RJ45 line card, and the another port from SFP line card? Please
confirm.
Thanks
See More
Log in or register to post comments

prodamgit 6 months ago

Sure you can. Considering both are the same type (gigabits for example), vsl is going to come up.
See More
Log in or register to post comments

tranminhc 6 months ago

Hi,
My Switches use iOS cat4500es8-universalk9.SPA.03.03.01.XO.151-1.XO1. But it doesn't have command "switch virtual domain xx"
I download the iOS cat4500es8-universal.SPA.03.06.00.E.152-2.E.bin, but it cannot boot.
It said the boot file failed.
I'm sure that I check the md5 for the iOS file before reboot, but it still fail
So what iOS I need to load into my Cat4500e sup8e
Please advice
See More
Log in or register to post comments

tranminhc 6 months ago

Hi,

I resolved my problem by upgrade the rommon from 15.1(1r)-SG1 to 15.1(1r)-SG4

My switches now can boot to the new OS 03.06.00 and can cofigure the VSS.
Thanks
See More
Log in or register to post comments

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

20 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

da.rivera 4 months ago

Hi Ashirkar, i have 2 catalyst WS-C4503E with supervisor WS-X45-SUP7L-E and Versin 03.04.04.SGEnterpriseservices
Iread you post, and the configuration guide for VSS on 4500 switches.and all configuration about VSS is working fine. But when I try to actvate dual-active

detection with the fast-hello mode, the VSS domain do not support the commands for it.

The question is. Do you know if fast-hello is or not supported on those switches.

Thanks in advance.

Best regards.
See More
Log in or register to post comments

Stefan Engel 4 months ago

you need to run 3.5.x to support fast hello.
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_29985-01.html#pgfId-2657932

See More
Log in or register to post comments

da.rivera 4 months ago

Hi Stefan, many thanks by your support.
Im going to do the software upgrade for the switches a try again.

Best regards
See More
Log in or register to post comments

jobin_joe 4 months ago

On 2 4500x with VSS will both the switches communicate or will one remain in a permanent stand-by mode ?

See More
Log in or register to post comments

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

21 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

darren.yong 3 months ago

For the Cisco IOS XE 3.5.0E, I've found out that they support older generation line cards, namely:
WS-X4148-RJ
WS-X4148-RJ
WS-X4148-FX-MT
WS-X4306-GB
WS-X4548-RJ45V+
WS-X4448-GB-SFP
WS-X4248-FE-SFP
WS-X4248-RJ45V
Could you please confirm that they are and there are no special requirements besides the need for that 3.5.0 IOS to support them?

See More
Log in or register to post comments

papadjibrilsy 3 months ago

Hi all,
I have 2 WS-C4507R+E switches in VSS virtual domain 30 and 2 WS-C4503-E switches in VSS virtuel domain 40 , Catalyst 4500 L3 Switch with Software (cat4500e-UNIVERSALK9-M),
Version 03.04.02.SG RELEASE SOFTWARE (fc1)
I have issues in dot1q trunk between the two VSS even with an point to point L3 ping on management adress wich is is the native vlan doesn't work
Thanks
Djibril

See More
Log in or register to post comments

huu hieu about a month ago

Hi all,
I have two switch: WS-C4500X-16SFP+ and WS-C4500X-32SFP+ , with IP base license on both.
Can I configure VSS with two switch above and What license or hardware that I need for VSS ?

Thanks you very much,

See More
Log in or register to post comments

marek.golha about a month ago

No you can not. From what I know in the VSS pair you must have 4500-X with the same hardware configuration.

Marek
See More
Log in or register to post comments

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

22 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

huu hieu about a month ago

Hi marek,
But Cisco 4500-x can support Asymmetric chassis "The chassis must contain the same number of slots, even if their linecards differ or their slots are empty"
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1-2/XE_340/configuration/guide/config/vss.html#wp1062785
Maybe I misunderstood, can you please check for me again..

Thank you very much,

See More
Log in or register to post comments

marek.golha about a month ago

Hi,
the information that i provided is from the Cisco Live presentation (BRKCRS-2468). Maybe this information is old already?
Marek
Attachment:
screenshot.2313.jpg
See More
Log in or register to post comments

huu hieu about a month ago

Hi marek,
Thanks for your replying, you can read following content:

Asymmetric chassis support

Catalyst 4500 and Catalyst 4500-X VSS require the same supervisor engine type in both chassis. The chassis must contain the same number of slots, even if their
linecards differ or their slots are empty. Provided the number of slots in the two chassis match, the chassis can differ in type (that is, +E and -E chassis can be in a single
VSS)"
We understood that 4500-X can mix (model 16 with 32 port) or no...
Thanks & best regards,

See More
Log in or register to post comments

marek.golha about a month ago

Hi,
I read the section in configuration guide - but as you already stated it is not so clear (from my point of view)... In the presentation slide there is specifically stated that you
must use the same base model 16 or 32 for 4500-X to configure VSS. I didnt tested the combination of 16 and 32 4500-X models in one VSS pair - maybe some people

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

23 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

did (please comment)?

It could be that it works, but another question is: Is this supported? (I dont know...)

Marek
See More
Log in or register to post comments

David Delas Llagas about a month ago

Hi,

I have a question, when my both cores on VSS below is the one I saw on my console.
Console on Core1 (Core1#)
Console on Core2 (Core1-standby#)

Can someone explain why it was different on the sample above w/c should be Core2-standby#

See More
Log in or register to post comments

Kin Tak Lau 14 days ago

Hi,

I want to know if i can use the rest of twelve 10giga uplink ports on Sup 8E in VSS mode(Total sixteen 10giga ports four used for vss).

Thanks
See More
Log in or register to post comments

Actions
Login or Register to take actions

This Document
Posted January 24, 2013 at 1:11 PM
By ashirkar
Stats:
Comments: 47
Avg. Rating: 4.7
Views:
94116 Contributors: 28
Shares:
61
Tags: configuration, switches, switching, for, virtual, 4500, series, system, (vss), cisco, Network_Infrastructur, lan, routing, ios, vlan, isl, catos, trunking, ip_routing, design, ospf, gre,
+

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

24 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

Follow
Shortcut
Abuse
Save

Related Content
Show

Video
VIP Webcast Recording: Troubleshooting SIP in Cisco Unified communications deployments
Ayodeji oladipo Okanlawon
1 month 4 days ago
765 views
Discussion
Intervlan Routing on Catalyst 4506 - Not Reaching Internet from Hosts
Ty Gadberry
1 month 6 days ago
107 views
Discussion
Ask the Cisco VIP: Troubleshooting SIP in Cisco Unified communications
ciscomoderator
1 month 1 week ago
627 views
Event
Ask the Cisco VIP: Troubleshooting SIP in Cisco Unified communications
Lisa Latour
1 month 1 week ago
317 views
Document
Expert VIP Webcast Slides: Troubleshooting SIP in Cisco Unified communications deployments
Ayodeji oladipo Okanlawon
1 month 1 week ago
574 views

Documents Leaderboard
All Time Monthly
Rank

Username

TCC_2

Points

233

2/20/2015 8:52 PM

Virtual switching system (VSS) Configuration For Cisco 4500 series swit...

25 of 25

https://supportforums.cisco.com/document/124626/virtual-switching-syst...

View Full Leaderboards

Trending Topics - LAN
Cisco gre tunnel
Cisco vlan issues
Cisco usb console driver
spanning-tree extend system-id
span rspan erspan
Cisco bpdu guard
Cisco bgp backdoor
Cisco no ip redirects
srr-queue bandwidth share

Information For
Small Business
Midsize Business
Executives
Home
Service Provider
Industries
Contacts
Contact Cisco
News & Alerts
Newsroom
Blogs
Field Notices
Security Advisories
Technology Trends
Cloud
IPv6
Mobility
Open Network Environment
Trustworthy Systems
Support
Downloads
Documentation
Communities
Developer Network
Learning Network
Support Community
Video Portal
About Cisco
Investor Relations
Corporate Social Responsibility
Environmental Sustainability
Tomorrow Starts Here
Career Opportunities
Programs
Cisco Designated VIP Program
Cisco Powerered
Financing Options
Terms & Conditions
Privacy Statement
Cookie Policy
Trademarks of Cisco Systems, Inc.

2/20/2015 8:52 PM